Beyond just Payments - PSD2’s impact beyond the Payments Industry

PSD2 is being touted as the biggest game changer to ever hit the payments industry in Europe. And not without good reason. PSD2 mandates banks to share customer account data with third parties (ones authorised by the customer), so that they can offer services to the customers while using the bank’s core systems as a backend. It gives the customer more control over her data and more options to choose from various service providers. 

Read more

Making Blockchain Technology Secure and Auditable

Modern society and commerce are based on trust and digital identities. Companies and organizations build a reputation for being trustworthy. Consequently, the trust in their products is based on the trust in the organization.

Read more

“Ability” – Best Practices For Encryption Key Management

Data encryption is a significant component of an organization’s response to emerging security threats and regulatory compliance mandates. Most of the organizations have already implemented controls by encrypting data, but find that managing the associated encryption keys throughout their lifecycle quickly becomes a problem.

Read more

Key generation and distribution considerations for PCI DSS Compliance

Payment Cards Industry Data Security Standard (PCI-DSS) compliance protects vulnerable customers who are unaware of the complex technologies behind the scenes.

Read more

HSMs in banks - A case for a multi-sourcing strategy for critical tech infrastructure

Supply chain optimization has been one of the primary ways to squeeze a bit more efficiency out of a business process for some time now. Over time, companies have perfected various such strategies like Just in time inventory management and co-locating vendors in the same industrial park as themselves. However, an excessive push towards supply chain and vendor optimization has increased risks as the logical conclusion of such unabated cost optimization is often a single sourcing strategy.

Read more

HSM as a Service – meeting PCI data security standards (Part 1 of 2)

The Payment Card Industry’s Data Security Standards (PCI DSS) mandate that all entities transmitting, storing or processing cardholder data must meet certain security criteria to ensure compliance. Noncompliance with these standards can lead to a fine or even a termination of service for the offending organization. These is plenty of information in the public domain on how to ensure compliance. However, for many FinTech start-ups, the real challenge is to ensure compliance while minimizing the cost of compliance.

Read more

How to select an HSM

As the choice of Hardware Security Module is dependent on the specific application it is used for, I would like to make some general recommendations by providing a list of potential criteria to take into account, irrespective of what you intend to use it for.

Read more

What are the common criteria for hardware security modules (HSMs)?

All the critical banking and payment systems incorporate Hardware Security Modules (HSMs) for the protection of user information and business transactions. HSMs deliver secure management of crypto keys along with encryption/decryption, digital signatures and authentication mechanisms which are frequently used for the security of corporate business applications.

Read more

PCI DSS requirements for building and maintaining a secure network and systems

When building and then subsequently maintaining a secure payment network, the Payment Card Industry Data Security Standard (PCI DSS) recommends that 12 security requirements be met to secure payment data.

Read more

Ready to take off?

Download our HSM simulator!

Register for free