2 min read
PCI Key Blocks: Phases & Key Management Explained
In June 2019, the PCI Security Standards Council issued an information supplement titled PCI PIN Security Requirement 18-3 – Key Blocks, which...
2 min read
SHA-1 is Practical and Cost-Effective to Crack Now
This article discusses recent warnings that a chosen-prefix collision attack on SHA-1 is now practical and cost-effective for attackers.
3 min read
A Guide to FIPS 140-3 Compliance Standards
FIPS 140 (“Federal Information Processing Standard”) is a series of security standards published by the U.S. government that specify security...
4 min read
Symmetric Key Encryption - why, where and how it’s used in banking
In today’s cyber-world there is an ever-present risk of unauthorized access to all forms of data. Most at risk is financial and payment system data...
6 min read
A NIST-Based Summary of Cryptographic Algorithms
A system's cryptographic protection against attacks and malicious penetration is determined by two factors: (1) the strength of the keys and the...
3 min read
PCI PTS HSM: The Origin, Evaluation Criteria, and Updates
PCI PTS HSM compliance is mandated on banks, acquirers, processors and all other players involved in payment card systems. This article explores the...
4 min read
Hash Functions & Algorithms: What Are The Differences
Cryptographic algorithms can be categorized into three classes: hash functions, symmetric, and asymmetric algorithms. This article sheds light on...
5 min read
IST Key Management: Crypto-Periods & Key Type Guide
This article introduces and classifies cryptographic key types and crypto-periods as suggested by NIST, based on proven best practices for key...
3 min read
EBA on PSD2 Customer Authentication: Possession & Knowledge
Financial institutions and solution providers are busy implementing the requirements of Strong Customer Authentication (SCA) under the Revised...