is blockchain fit for the post-quantum future?

Cryptography is one of the cornerstones of all blockchain infrastructures. Hashes link blocks together and public-private key cryptography helps secure data and verify transactions. A major advantage of blockchain is that its cryptography man es it virtually untamperable, with changes in the crypto being virtually impossible.

Read more

Qualified Signature Creation Devices (QSCD) under eIDAS – The example of the Bank-Verlag Signature Activation Module (SAM)

In our recent blog post series about the eIDAS regulation, we have addressed local signing and the difference with remote signing (or server signing), which relies on a Trust Service Provider (TSP) to remotely generate and manage the signing keys on the signatory’s behalf. eIDAS requires a Qualified Signature (or Seal) Creation Devices (QSCD) for issuing and using qualified certificates for the generation of electronic signatures and seals. Today we would like to look into how the CC-certified and eIDAS-compliant Utimaco HSM integrates with the Bank-Verlag Signature Activation Module (SAM) and helps Bank-Verlag become a TSP.

Read more

Key generation and distribution considerations for PCI DSS Compliance

Payment Cards Industry Data Security Standard (PCI-DSS) compliance protects vulnerable customers who are unaware of the complex technologies behind the scenes.

Read more

PCI DSS technological requirements for Certified Devices

The Payment Card Industry Data Security Standard (PCI DSS) was created by the major credit card companies to serve as a guide for merchants who save, process, and transmit credit card data towards initiating more sophisticated security measures.

Read more

HSMs in Banks - A Case for a Multi-sourcing Strategy for Critical Tech Infrastructure

Supply chain optimization has been one of the primary ways to squeeze a bit more efficiency out of a business process for some time now. Over time, companies have perfected various such strategies like Just in time inventory management and co-locating vendors in the same industrial park as themselves. However, an excessive push towards supply chain and vendor optimization has increased risks as the logical conclusion of such unabated cost optimization is often a single sourcing strategy.

Read more

Utimaco Applied Crypto Symposium in the US 2018

Quantum computers will revolutionize many industries and will be powerful enough to break all commonly used public key cryptographic algorithms.

Read more

HSM as a Service – meeting PCI data security standards (Part 1 of 2)

The Payment Card Industry’s Data Security Standards (PCI DSS) mandate that all entities transmitting, storing or processing cardholder data must meet certain security criteria to ensure compliance. Noncompliance with these standards can lead to a fine or even a termination of service for the offending organization. These is plenty of information in the public domain on how to ensure compliance. However, for many FinTech start-ups, the real challenge is to ensure compliance while minimizing the cost of compliance.

Read more

PSD2 and HSM-as-a-Service - part 3 - the opportunity for banks

This series on PSD2 and HSM as a Service explores the endless possibilities created by a level playing field in the payments industry in the EU. Part 1 explored how PSD2 and HSM as a Service enable this level playing field while Part 2  looked at just a few of the truly endless possibilities that exist for FinTech firms and other third-party entities that can act as AISPs and PISPs.

Read more

PSD2 and HSM-as-a-Service - part 2: FinTech opportunities

In Part 1  of our series on PSD2 and HSM as a Service, we had a brief look at how these tools can together create a more level playing field in the payment services sector. While PSD2 entitles third party entities access to certain data from banks, HSM as a Service can allow companies to offer industry leading security solutions at a reasonable cost.
In this article, we look at the potential opportunities that this creates for FinTech companies and other Third-Party Partners (TPPs).

Read more

Ready to take off?

Download our HSM simulator!

Register for free