PKI for EMV cards compliant to PCI DSS

Payment Card Industry Data Security Standard

The Payment Card Industry Data Security Standard (PCI DSS) is an information security standard to prevent credit card scams and numerous additional security threats & vulnerabilities.

Read more

Manual vs. Automated Key Management

This article evaluates and compares manual and automated cryptographic key management. It looks at security-related issues as well as organizational and economic aspects.

Read more

Harmonizing digitally signed data between Russia and the EU - a Russian Perspective

This article discusses why cryptographically protected data exchange between the EU and Russia (and other countries) is still difficult to implement.

Read more

Digital Identity - How Social Media Is Changing How We Authenticate Our Identity

Throughout the last decade, social media has played a vital part in our lives and has significantly shaped the younger generations. It has been the catalyst for extended usage of internet services, as well as  served the role as the “great advertiser” in trying to persuade us to use the services of partner sites, and connect across applications.

Read more

Why Remote Signing Solutions Offer Superior Security than Keys Generated in the Browser

The recent article published by Ebbe Skak Larsen, KMD (hereafter "the Article") on hacking signatures from signature servers, describes a simplified setup of a remote signature (RS) solution and mounts an attack on that. The article then concludes that the only mitigation to the attack is to strengthen the script in the browser using obfuscation techniques.

Read more

Blending eIDAS and AML to fight against money laundering and terror funding

"Cutting off the funds " is one of the most effective weapons in the arsenal of authorities trying to deal with terrorists and other organized criminals. The international nature of such criminal organizations forces them to move money between various countries and requires international transfers and currency swaps.

Read more

Understanding Hardware Security Modules (HSMs)

 Some time ago, I consulted a bank about their cryptography and security processing system, which was painstakingly slow. After one week of trying to find the problem, I looked at the cryptographic subsystem, which used Windows Crypto API and a certified CSP.

Read more

Case Study – Fully digital trade transactions

Great strides have been made in the retail banking and payments space via innovative financial technology products. However, in the corporate banking space, the developments and transformation into a truly digital platform have been more muted. This small case study provides a mock-up of how a fully digital, secure, and authenticated transaction can take place using a single one-stop application.

Read more

The Digital Trade Initiative - Introduction

In spite of some recent protectionist headwinds, international trade had been chugging along and growing at a decent pace. However, this does not mean business as usual. Firstly, high growth markets are continuously shifting, motivating companies to access emerging markets that they have not done business in before. Secondly, even in their local markets companies are facing stiff competition which is driving them to seek new business relationships in their regions (like in the EU for example).

Read more