Hardware Security Modules (HSMs) are used in all card payment systems (as well as various other applications that require strong security) to protect business transactions and sensitive information. HSMs allow authentication, encryption/decryption and management of cryptographic keys to occur with the highest level of security. The globally-recognized HSM certification, Common Criteria (CC), guarantees the assurance level of an HSM. This article explores how CC helps in choosing the right HSM for your business needs.

In Part 1 of our series, we covered some simple case studies from the financial services sector and the logistics and trade sector. We looked at possible implementations of some eIDAS enabled tools and how companies can get the most mileage out of their investments into those tools. Today, we look at eCommerce – a sector that is no stranger to digital tools – and the professional services sector.

The eIDAS Regulation has been designed with an aim to optimize digital business practices while simultaneously enhancing security for all users. It allows for better cross border operational compatibility and improves the flow of information which makes the modern economy tick. We have discussed many such aspects of eIDAS in previous articles, but in this two-part series we explore some real-world applications through a few case studies. Here we look at how businesses in the finance and logistics sectors can benefit from the various tools that eIDAS provides.

The aim of this article is inform you on how to implement proper key management and to answer 3 important questions regarding centralized and automated key management:

1. What is Centralized Key Management?
2. How can a centralized system help meet regulatory compliance?
3. How can automation further improve the life cycle management of keys?

The payment card industry data security standard (PCI DSS) calls for all financial institutions and merchants to protect their clients’ sensitive data, which typically includes the use of strong cryptography as dictated by PCI DSS requirement 3. Most organisations empty this burden on the IT department or IT management teams and hope all their compliance is covered. However, in most cases when there is a data breach, the burden lies on the shoulders of the C-level management, who are left to answer to the difficult questions.

The financial services sector has always been an early adopter of technology. This is not surprising considering the nature of the industry with high volumes, the need to complete transactions as quickly as possible, mountains of data, minimum tolerance for errors and multiple points of failure. A zero-tolerance compliance/regulatory environment, coupled with considerable inertia in the banking system further necessitates the need to use tech tools to their full potential. This reliance on technology by the financial services sector is perhaps why the FinTech start-ups are in so much demand.

Trade is the lifeblood of the global economy. And Trade Finance is what greases the cogs of international trade. The last few decades of globalization have meant that supply chains have become global.

Small and Medium Enterprises form the backbone of any economy. In the European Union, SMEs represent 99% of all businesses and account for an astounding 85% of job growth. Providing the best environment for these SMEs to thrive and prosper thus becomes pivotal for any country. The EU has a tradition of promoting entrepreneurship and leads the pack when it comes to ease of doing business, access to finance, having a strong legal framework, a robust regulatory environment and a variety of other support structures. 

In this final part of the series, we look at how cloud computing will impact the use of cryptography and at the future of HSMs; and finally, we reflect on what you can do to be ready for the advances in cryptography that lie ahead.