The PCI PTS HSM v1 expires - Guidelines for the Transition Towards v3

Corporate organizations and banks have expanded their businesses around the world by using e-commerce which is secured by various security services such as encryption, decryption and strong authentication between identities and applications. Main cryptographic security control for the protection of business transactions is the Hardware Security Module (HSM).

Read more

Beyond just Payments - PSD2’s impact beyond the Payments Industry

PSD2 is being touted as the biggest game changer to ever hit the payments industry in Europe. And not without good reason. PSD2 mandates banks to share customer account data with third parties (ones authorised by the customer), so that they can offer services to the customers while using the bank’s core systems as a backend. It gives the customer more control over her data and more options to choose from various service providers. 

Read more

Making Blockchain Technology Secure and Auditable

Modern society and commerce are based on trust and digital identities. Companies and organizations build a reputation for being trustworthy. Consequently, the trust in their products is based on the trust in the organization.

Read more

“Ability” – Best Practices For Encryption Key Management

Data encryption is a significant component of an organization’s response to emerging security threats and regulatory compliance mandates. Most of the organizations have already implemented controls by encrypting data, but find that managing the associated encryption keys throughout their lifecycle quickly becomes a problem.

Read more

Key generation and distribution considerations for PCI DSS Compliance

Payment Cards Industry Data Security Standard (PCI-DSS) compliance protects vulnerable customers who are unaware of the complex technologies behind the scenes.

Read more

HSMs in banks - A case for a multi-sourcing strategy for critical tech infrastructure

Supply chain optimization has been one of the primary ways to squeeze a bit more efficiency out of a business process for some time now. Over time, companies have perfected various such strategies like Just in time inventory management and co-locating vendors in the same industrial park as themselves. However, an excessive push towards supply chain and vendor optimization has increased risks as the logical conclusion of such unabated cost optimization is often a single sourcing strategy.

Read more

HSM as a Service – meeting PCI data security standards (Part 1 of 2)

The Payment Card Industry’s Data Security Standards (PCI DSS) mandate that all entities transmitting, storing or processing cardholder data must meet certain security criteria to ensure compliance. Noncompliance with these standards can lead to a fine or even a termination of service for the offending organization. These is plenty of information in the public domain on how to ensure compliance. However, for many FinTech start-ups, the real challenge is to ensure compliance while minimizing the cost of compliance.

Read more

How to select an HSM

As the choice of Hardware Security Module is dependent on the specific application it is used for, I would like to make some general recommendations by providing a list of potential criteria to take into account, irrespective of what you intend to use it for.

Read more

What are the common criteria for hardware security modules (HSMs)?

All the critical banking and payment systems incorporate Hardware Security Modules (HSMs) for the protection of user information and business transactions. HSMs deliver secure management of crypto keys along with encryption/decryption, digital signatures and authentication mechanisms which are frequently used for the security of corporate business applications.

Read more

Ready to take off?

Download our HSM simulator!

Register for free