1 min read
Edlyn Teske: 07. December 2023
Over the course of a month in May/June 2023, hundreds of thousands of emails belonging to Microsoft customers were exposed to a hacker labelled...
4 min read
In today's digital landscape, ensuring the security of your mobile applications is paramount. Cryptomathic's Mobile App Security Core (MASC) is at...
2 min read
Laurent Lafargue: 01. November 2023
A note from Laurent Lafargue, Global CEO If you’re reading this, you may have noticed a new look to the Cryptomathic website today! We’re very...
2 min read
PCI have recently released the new standard and compliance program for Mobile Payments on Commercial off-the-shelf devices (MPoC). This blog is the...
2 min read
Edlyn Teske: 02. August 2023
The European eIDAS regulation, short for the Electronic IDentification, Authentication and Trust Services Regulation, was created in 2014 to ensure...
2 min read
What is Mobile Application Hardening? Mobile application hardening refers to the process of securing mobile applications against various threats and...
2 min read
Edlyn Teske: 19. July 2023
On July 17, 2023, the National Institute of Standards and Technology (NIST) announced a new set of 40 candidates to compete in their Post-Quantum...
3 min read
In today's digital era, banks are increasingly leveraging cloud and multi-cloud environments to drive operational efficiency. However, the security...
2 min read
Edlyn Teske: 28. June 2023
The European Commission, as part of the eIDAS 2.0 proposal promotes the European Digital Identity Wallet (EUDI Wallet) as an app that enables...
3 min read
Glen Leonhard: 22. June 2023
AWS Key Management Service (KMS) has long provided cryptographic services to safeguard your AWS resources. This involves generating and managing keys...
3 min read
Stefan Hansen: 02. June 2023
Believing that more cybersecurity solutions increase safety is a common misconception. An overload of security measures can ironically generate more...
4 min read
Glen Leonhard: 01. June 2023
When organizations make the strategic decision to shift their applications and infrastructure onto the cloud, they face a myriad of challenges. These...
7 min read
The ubiquity of mobile applications has made them part of our day-to-day lives, but with the increased use comes the risk of potential security...
2 min read
Chris Allen: 23. May 2023
For decades, cars have been equipped with multiple connected electronic control units (ECUs) that manage various functions like entertainment, route...
7 min read
Francis Richards: 18. May 2023
Were I to ask you what a handwritten signature looks like, with an air of confidence will you grab a pen and scrawl your name on a piece of paper,...
4 min read
The European Digital Identity Wallet (EUDI Wallet) is at the forefront of the European Commission's eIDAS initiative to establish a secure and...
4 min read
Johannes “Jo” Lintzen: 16. May 2023
Quantum computers offer potential transformational power for organizations dealing with complex computational problems in various industries such as...
4 min read
Harriet Taylor: 11. May 2023
Along with the increased convenience and security offered by digital payment technology, many consumers are now showing greater interest in...
5 min read
Chris Allen: 10. May 2023
The zero-trust approach to enterprise cybersecurity assumes that no connections to corporate systems and networks should be trusted. It requires...
4 min read
Cryptomathic Mobile App Security Core (MASC) is a comprehensive security software solution for the European Digital Identity (EUDI) wallet, eID apps,...
2 min read
Johannes “Jo” Lintzen: 04. May 2023
The National Cybersecurity Center of Excellence (NCCoE) has released a preliminary guide on practices for migrating from legacy cryptography to...
1 min read
The European Digital Identity Wallet (EUDIW) has the potential to serve as a comprehensive identity gateway, enabling individuals to manage their...
3 min read
Chris Allen: 02. May 2023
The adoption of cloud computing has altered the approach organizations take toward security. Rather than concentrating on securing the perimeter of a...
4 min read
Francis Richards: 27. April 2023
Organizations responsible for the development of an EUDI wallet (or other apps with highly sensitive data), will be acutely aware of the importance...
3 min read
Stefan Hansen: 26. April 2023
Following its introduction in January 2018, the Open Banking regulation mandates UK banks to provide their data in a standardized format,...
4 min read
Stefan Hansen: 25. April 2023
Zero Trust security is a concept that has been discussed extensively. However, there are many different interpretations of what it means. Some...
2 min read
Harriet Taylor: 24. April 2023
Cryptomathic is excited to announce that we have partnered with fidentity, an expert in online identity verification, to enable automated identity...
6 min read
Edlyn Teske: 20. April 2023
Itemizing the potential risks of the European Digital Identity (EUDl) Wallet scheme is a complex task that involves assessing the attack surface of...
3 min read
Johannes “Jo” Lintzen: 19. April 2023
The recent U.S. Department of the Treasury report highlights potential benefits and challenges associated with a growing trend amongst financial...
3 min read
Francis Richards: 18. April 2023
The European Digital Identity wallet (EUDI wallet) is proposed by the European Commission to provide a secure, safe and standardized digital identity...
5 min read
Francis Richards: 14. April 2023
Following a Recommendation by the European Commission, from the end of 2023 each EU Member State will gradually offer the European Digital Identity...
3 min read
Chris Allen: 13. April 2023
Artificial intelligence is becoming more involved in cybersecurity, with both positive and negative implications. Companies can utilize AI tools to...
5 min read
Stefan Hansen: 11. April 2023
Merchants must remain vigilant against fraud and ensure they have the necessary tools to combat it. Failure to do so may render their fraud detection...
4 min read
Stefan Hansen: 06. April 2023
The recent instability of a major bank that catered to US tech startups caused concern for several prominent tech companies and venture capitalists,...
5 min read
Chris Allen: 05. April 2023
Under the GDPR, organizations must take appropriate measures to protect personal data from unauthorized access, use, disclosure, or destruction. One...
6 min read
Harriet Taylor: 04. April 2023
The European Digital Identity (EUDI) Wallet aims to offer digital wallets to all EU citizens and businesses for identification purposes and document...
5 min read
Edlyn Teske: 28. March 2023
Mobile apps and mobile software components are rarely stand-alone as they frequently perform their most important operations on various backend...
4 min read
Stefan Hansen: 24. March 2023
Large-scale quantum computing is coming soon, and with that comes new cybersecurity threats. One of these threats is "steal now, decrypt later,"...
3 min read
It is not a question of if, but when quantum computing will arrive and be used for malicious purposes, as the expectation is that this new technology...
2 min read
Hardware security modules (HSMs) are physical devices that provide cryptographic functions such as encryption/decryption and digital signing. They...
5 min read
Stefan Hansen: 14. March 2023
Each year, various events within the cybersecurity industry have a significant impact on the industry, leading experts to predict an increase in the...
2 min read
Johannes “Jo” Lintzen: 09. March 2023
With post-quantum technology having the potential to trigger a new wave of cyber threats, we identify 10 steps that organizations should take to...
4 min read
Guillaume Forget: 07. March 2023
The UK's relationship with the EU has been tumultuous in recent years, especially in the wake of Brexit. With regards to digital identities, former...
2 min read
Stefan Hansen: 02. March 2023
Cloud computing brings many benefits to enterprise businesses; easily scalable, cost-effective and resilient, cloud computing enables rapid...
4 min read
EMV Personalization of a payment card is the process of writing data to the card in order to make it ready for use. This includes loading the card...
5 min read
Edlyn Teske: 27. February 2023
The European Commission promotes the European Digital Identity wallet (EUDI wallet) as part of its effort to digitize the economy and help foster...
4 min read
Christian Bollich: 24. February 2023
Companies who use Amazon Web Services (AWS) often choose to do so because of its scalability, ease of use and lower costs than other services or...
3 min read
Johannes “Jo” Lintzen: 21. February 2023
2022 was a big year in the cryptographic security community. If you don’t have news alerts set up for the latest updates on Post-Quantum Cryptography...
4 min read
Stefan Hansen: 17. February 2023
The threat of quantum computers is real and it could mean the end of encryption as we know it. Quantum computers are capable of performing...
2 min read
Stefan Hansen: 13. February 2023
Security experts from the National Institute of Standards and Technology (NIST) have declared Ascon - a group of cryptographic algorithms - as the...
3 min read
Keeping data safe in the Cloud has always been a concern for users, hence the need for encrypting data. With more businesses taking advantage of what...
4 min read
Martin Rupp (guest): 10. February 2023
The “Four Corners” model, also called the “Four Party Scheme”, is utilized in almost all standard card payment systems across the globe. Here, we...
3 min read
When it comes to preparing for post-quantum computing, the legacy mechanisms for effective implementation, integration, and management of...
4 min read
Stefan Hansen: 06. February 2023
Digital transformation has been a critical focus for businesses and institutions prior to the pandemic. Digital documents and e-signatures are a...
3 min read
Ulrich Scholten (guest) & Stefan Hansen: 01. February 2023
The AWS cloud is enjoying increasing popularity with its very high levels of scalability, durability, and availability. It releases companies from...
8 min read
Stefan Hansen: 31. January 2023
Vehicles today come with an array of convenience and safety features driven by software. This means that the cybersecurity of these vehicles must now...
3 min read
Martin Rupp (guest): 26. January 2023
EMV Personalization is a process used to get card data into cards, mobile phones, and wearables. The process includes a variety of complicated...
3 min read
In today’s dynamic business landscape, companies need to be agile with their cloud processes to remain competitive. But at the same time, they must...
2 min read
Many industries, including banking, finance and healthcare are required to comply with data security standards under regulations like SOC, NIST, PCI,...
3 min read
Cloud storage via AWS Storage Services is a simple, reliable, and scalable way to store, retrieve and share data. As a third-party cloud vendor, AWS...
3 min read
This article discusses Accenture’s insights on crypto-agility that were derived from its recent research report on preparing for post-quantum...
3 min read
The 2020 Oracle and KPMG Cloud Threat Report focuses on the key risks and challenges organizations face as they implement and maintain cloud...
3 min read
This article discusses how prepared companies are for quantum computing cybersecurity risks based on a recent Deloitte poll and what the current...
5 min read
Martin Rupp (guest): 20. December 2022
Here we explain why additional security mechanisms, beyond the mobile OS security features, are needed to protect mobile banking applications from...
3 min read
Ulrich Scholten (guest) & Stefan Hansen: 16. December 2022
In this article we will discuss why shortfalls in U.S. President Joe Biden’s recent Executive Order do not meet the requirements of the EU’s Charter...
2 min read
This article discusses how Cryptomathic’s AWS BYOK Service delivers expanded security to protect cryptographic keys while using AWS cloud...
5 min read
Ulrich Scholten (guest) & Stefan Hansen: 13. December 2022
Changing customer behaviour and expectations are driving the transformation of the new banking security architecture. While customers want more...
3 min read
Martin Rupp (guest): 02. December 2022
As the use of mobile phones for mobile banking and payment applications increases, corresponding security threats are increasing as well. The...
2 min read
In this article we will explain what AWS DynamoDB does and how Cryptomathic's AWS BYOK Service is an option for providing secure key management as a...
4 min read
Martin Rupp (guest): 01. December 2022
Among all the various key block formats, the TR-34 format is undoubtedly one of the most sophisticated. The TR-34 norm is an implementation of the...
3 min read
This article sheds light on the intersection of legal and technical aspects when hosting data on AWS as a European company.
3 min read
This article discusses using Cryptomathic’s BYOK and key management service for securely managing cryptographic keys used in AWS applications.
3 min read
Dawn Illing: 23. November 2022
As certain industries are moving ahead with digital transformation projects, online signing processes are a step forward in optimizing business...
3 min read
Edlyn Teske: 12. November 2022
On April 19, 2022, information about a severe vulnerability in recent versions of Java shook up the security community.
3 min read
Martin Rupp (guest): 05. November 2022
This article proposes a few answers to a series of frequently asked questions (FAQs) about key blocks and their use with PCI.
3 min read
As defined by Regulation (EU) No 910/2014 (eIDAS), which took effect on 1 July 2016, an electronic signature creation device is software or hardware...
5 min read
Edlyn Teske: 29. October 2022
Today's businesses rely heavily on cryptography to authenticate people and processes, secure communications, and safeguard critical data.
3 min read
Gaurav Sharma (guest): 28. October 2022
The last few years have been exciting for all stakeholders involved in the implementation and use of the eIDAS toolbox. Some important milestones...
2 min read
Harriet Taylor: 20. October 2022
As a leader in qualified remote signing, Cryptomathic is pleased to announce that it has joined the Cloud Signature Consortium (CSC), a global group...
4 min read
Ulrich Scholten (guest) & Stefan Hansen: 20. October 2022
In response to changing and more dynamic market demands, banks and financial institutions are turning into financial service platforms. They increase...
4 min read
Martin Rupp (guest): 19. October 2022
In the “four corner model”, acquirers are apparently the less active party as their role seems ‘only’ to forward the transaction flow originating...
2 min read
Ashiq JA (guest): 19. October 2022
This article discusses the various issues around key management and presents Cryptomathic’s approach to central key and crypto management that has...
3 min read
Dawn Illing: 18. October 2022
Mortgage fraud is a serious crime. Once executed and signed, a mortgage deed is a legally binding contract. The responsibility of trying to prove...
5 min read
Ulrich Scholten (guest) & Stefan Hansen: 13. October 2022
Going forward, it is imperative for existing banks to develop a strategy for sustaining their current operations and expanding in a digitized,...
3 min read
For over two years, the Schrems II decision from the European Court of Justice has caused tremors in IT departments across EU countries, such as...
5 min read
Edlyn Teske: 11. October 2022
For trustworthy remote identity verification, a proof of the authenticity of the identity card and of the integrity of its contents is needed, along...
5 min read
Ulrich Scholten (guest) & Stefan Hansen: 09. October 2022
The need for certain encryption technology features can vary from company to company, depending on their individual needs for securing their data.
3 min read
These days everyone has a stake in Chip and PIN security - it can be the topic of the over-the-counter conversation as you pay, of the boardroom...
5 min read
Achieve Non-Repudiation of Origin (NRO) and Non-Repudiation of Emission (NRE)
4 min read
Ulrich Scholten (guest) & Stefan Hansen: 04. October 2022
In rethinking their strategies, traditional banks have eight digital business model options to consider in order to remain competitive against...
3 min read
Gaurav Sharma (guest): 28. September 2022
International trade is based on the concept of trust. In situations where there isn’t some established trust, the trading parties get their...
4 min read
The payment card industry data security standard (PCI DSS) calls for all financial institutions and merchants to protect their client's sensitive...
3 min read
Martin Rupp (guest): 25. September 2022
Merchants are one of the corners of the ‘four corner’ model in the payment world. In what follows, we will explain some of the security mechanisms...
5 min read
Rob Stubbs: 24. September 2022
This article is meant to be an introduction to the different types of cryptographic keys that are used to protect digital applications.
3 min read
Rob Stubbs: 23. September 2022
Cryptomathic's Crypto Service Gateway (CSG) helps you realize business-agile and efficient crypto services, with central control of security policy...
3 min read
Martin Rupp (guest): 22. September 2022
An issuer is one of the corners in the ‘four corner’ model. An issuer is a financial organization (e.g. a bank) that produces payment cards and...
3 min read
Martin Rupp (guest): 20. September 2022
The EMV personalization data processing in itself is not the topic of this article, we will instead focus on the cryptographic schemes involved in...
4 min read
Martin Rupp (guest): 16. September 2022
Here we provide a short overview of why strong authentication is seriously needed to provide security for mobile banking and payment applications.
3 min read
Gaurav Sharma (guest): 15. September 2022
Small and Medium Enterprises (SMEs) form the backbone of any economy. In the European Union (EU), SMEs represent 99% of all businesses and account...
2 min read
Martin Rupp (guest): 10. September 2022
A key block is a unique piece of cryptography that is used to protect cryptographic keys while they are being sent over networks that might not be...
4 min read
Martin Rupp (guest): 10. September 2022
IBM’s mainframe computers have been a rock-steady part of banks’ security infrastructure for many years. Originating from the local data-center...
3 min read
This article explains the digital Signature Activation Protocol (SAP) in the context of eIDAS-compliant central signing. It sheds light on its...
4 min read
Martin Rupp (guest): 07. September 2022
The use of mobile payments is expected to continue to rise and become the second most popular payment method after debit cards by 2022. In 2017,...
4 min read
Guillaume Forget: 15. August 2022
National digital signature schemes that utilize remote electronic signature technology can achieve very high usage rates, whereas Trust Service...
3 min read
Martin Rupp (guest): 12. August 2022
The IBM Common Cryptographic Architecture (CCA) is a cryptographic platform providing several functions of special interest for securing financial...
2 min read
Dawn Illing: 12. August 2022
The Conveyancing Association (CA) in the UK has revealed the findings of its 2022 Lender Survey, which it strongly believes will assist in...
2 min read
Edlyn Teske: 09. August 2022
Just a month ago, NIST announced its selection of three digital signature algorithms and one key establishment mechanism (KEM) for future use in...
3 min read
Ashiq JA (guest): 07. August 2022
Traditionally, end-to-end lifecycle key management was achieved through inefficient paper-based procedures and highly resource intensive tasks...
3 min read
Ashiq JA (guest): 05. August 2022
Encryption has become the most essential part of securing data online. The biggest headache to the Cybersecurity industry is a data breach. The last...
3 min read
Ashiq JA (guest): 04. August 2022
With the ever increasing number of online services and electronic transactions, business owners are becoming ever more dependent on the use...
2 min read
Edlyn Teske: 25. July 2022
In this article, we proposeWhat-You-See-Is-What-You-Timestamp (WYSIWYT) as an attractive alternative to Qualified Electronic Signatures, for certain...
5 min read
Dawn Illing: 22. July 2022
Certain industries have a necessity to protect confidential information as well as a requirement for authentication - proving that a document was...
3 min read
Edlyn Teske: 22. July 2022
An over five-year-long process has come to a preliminary end: On July 5, 2022, NIST issued the long-awaited announcement of the winners of Round 3 of...
2 min read
Martin Rupp (guest): 15. July 2022
There are several types of key block formats used in different industries, especially the retail banking industry. The systems that use these key...
3 min read
Johannes “Jo” Lintzen: 14. July 2022
Java’s recent Elliptic Curve Digital Signature Algorithm (ECDSA) vulnerability underscores the fact that organizations cannot rely solely on outside...
5 min read
Ulrich Scholten (guest) & Stefan Hansen: 09. July 2022
This article explores the concept of financial service platforms and aligns resulting business (process) goals with the necessary crypto...
3 min read
With the introduction of PSD2, banks are forced to provide third party payment service providers (PSPs) with access to the bank’s customers’ account...
5 min read
Ulrich Scholten (guest) & Stefan Hansen: 16. June 2022
Many organizations struggle with cryptographic key management for multiple reasons. However, these pain points can be resolved with the right tools.
4 min read
Martin Rupp (guest): 16. June 2022
Cardholders (or consumers) are one of the corners of the ‘four corner’ model in the payment card world. Here we take a brief look at the payment...
2 min read
Ulrich Scholten (guest) & Stefan Hansen: 15. June 2022
For traditional banks to rise above the competition they face from big tech, neobanks, and fintech, they need to add new digital skills to their...
3 min read
Gaurav Sharma (guest): 13. June 2022
The healthcare market in Europe is valued at more than USD 2 trillion and is projected to increase due to the aging population not just in the EU but...
2 min read
Michal Tabor (guest): 11. June 2022
This article describes a model that could enable an electronically signed document to be printed out and used as an original in legal proceedings, in...
3 min read
Martin Rupp (guest): 05. June 2022
When developing an application for mobile banking, application hardening using code obfuscation is one possible way of protecting sensitive data....
5 min read
Dawn Illing: 01. June 2022
This article aims to demystify electronic signature UK law and explain how it supports all types of electronic transactions in accordance with UK...
5 min read
Here we look at what it means to “bring your own key”, “control your own key” and “hold your own key” and what the differences are between these...
2 min read
eIDAS will not only usher in a new era of innovation and transparency in how organizations do business, but this regulation is also paving the way...
8 min read
Peter Smirnoff & Ulrich Scholten (guests): 25. May 2022
PSD2 breaks up the ways in which banks do their business, by forcing them to open up their APIs. By doing so, PSD2 challenges the way in which data...
3 min read
Johannes “Jo” Lintzen: 24. May 2022
Cryptography is the backbone of data security technology. In this article, Jo Lintzen, MD at Cryptomathic Inc. explains the preparations for...
4 min read
Encryption key management systems are now essential for all companies needing to lockdown data in the cloud, says Matt Landrock, CEO, Cryptomathic...
3 min read
The demand for remote digital signatures to enhance security and customer experience continues to grow across the EU, as the banking and financial...
2 min read
Martin Rupp (guest): 10. May 2022
One aspect of key management is dealing with what happens when a symmetric cryptographic key is no longer needed. The section ‘Key Replacement,...
2 min read
Guillaume Forget: 03. May 2022
This article describes from a CISO perspective how to manage and protect security assets in large organisations, i.e. the cryptographic keys and...
3 min read
Gaurav Sharma (guest): 24. April 2022
The eIDAS regulation sets the standard for electronic identification, electronic signatures, and trust services. It paves the way for delivering...
2 min read
Stefan Hansen: 20. April 2022
With the advent of comprehensive regulatory standards for digital signatures, remote electronic signatures within the EU is now possible for...
4 min read
Guillaume Forget: 14. April 2022
Following the revised Payment Service Directive (PSD2), banks in the EEA are required to enable their customers (users) to grant third party...
2 min read
Dawn Illing: 11. April 2022
In the last few years, a number of digital mortgage lenders have entered the market. These lenders have been described as ‘disruptive’ - entering...
3 min read
Gaurav Sharma (guest): 04. April 2022
The eIDAS Regulation lays the groundwork for creating a robust digital identity framework. The idea is to provide EU citizens with a secure, robust...
3 min read
Peter Smirnoff (guest): 04. April 2022
This article addresses some of the challenges of symmetric cryptography as applied in banks, describing how it works and what are its unbeaten...
3 min read
Ulrich Scholten (guest) & Stefan Hansen: 03. April 2022
In this article, we will look at integration points and explain why it is important that a key management system is able to integrate with a number...
2 min read
Martin Rupp (guest): 31. March 2022
The ANSI X9.24-1-2017 standard defines the requirements for the loading of key components or shares, and the loading of cleartext keys. The loading...
4 min read
Edlyn Teske: 26. March 2022
Last month, one of the three NIST finalists for post-quantum signature schemes received its final nail in the coffin: Ward Beullens, a PostDoc at IBM...
4 min read
For years, there has been persistent chatter that quantum computing is coming and that organizations should be prepared for its arrival. But what...
3 min read
Johannes “Jo” Lintzen: 17. March 2022
The phrase “…Software is eating the world.” was famously used by Marc Andreessen in a WSJ article in 2011. No one could argue that software has...
2 min read
Dawn Illing: 28. February 2022
The eIDAS Regulation (No 910/2014) (EU eIDAS) came into force in 2016. It created a Europe-wide legal framework for electronic identification,...
5 min read
There is no question that quantum computing is coming. However, organizations need to question themselves as to whether they will be vulnerable to...
3 min read
Most current public-key cryptography (asymmetric) algorithms are vulnerable to attack from large-scale quantum computers. In its efforts to...
2 min read
Maybe you have wondered where our logo comes from and what it actually means. If you have, we hope the following will answer these questions. Just as...
3 min read
Terry Anton (guest): 30. January 2022
As the scientific community continues to push towards achieving quantum computing on a mass scale, smart companies are busy making preparations for...
2 min read
Martin Rupp (guest): 28. January 2022
Attacks on mobile banking and payment applications frequently begin with the use of an emulator for the mobile operating system, where the targeted...
6 min read
Stefan Hansen: 27. January 2022
The ever-growing number of applications and uses for mobile devices has long been a hot topic. Using mobiles to electronically sign transactions and...
2 min read
Gaurav Sharma (guest): 26. January 2022
The European Union is leading the way in the move towards the creation of a single digital market. There are many advantages a digital business has...
6 min read
Rob Stubbs: 21. January 2022
With the growing need for cryptography to protect digital assets and communications, the ever-present security holes in modern computer systems, and...
3 min read
Microsoft’s Azure Key Vault Managed HSM allows customers to safeguard their cryptographic keys for their cloud applications and be...
5 min read
Rob Stubbs: 15. January 2022
Part 2 – Accelerating Time-to-Market With the increase in e-commerce and electronic communications on the one hand and the growing challenges of...
4 min read
This article looks at some reasons for popularity of the IBM mainframe platform in the banking sector and touches upon its limitation for...
2 min read
Rob Stubbs: 10. January 2022
A number of serious security vulnerabilities, collectively known under the names of “Meltdown” and “Spectre” [1][2], have recently been discovered in...
3 min read
Gaurav Sharma (guest): 09. January 2022
The European Interoperability Framework (EIF) adopted in 2017 is the primary thrust in the EU’s effort to improve the efficiency of public service...
3 min read
The eIDAS regulation provides both the technical and legal framework for electronic identification and digital signatures that the banking sector...
2 min read
Ashiq JA (guest): 11. December 2021
Malware infections have become more evolved and sophisticated. Similarly, the technologies for preventing malware threats and attacks have evolved to...
2 min read
Ashiq JA (guest): 01. December 2021
A Key Management System (KMS) must be designed in a manner that supports the goals of each organization using the KMS. The aim of a security policy...
5 min read
This article explains the four primary cloud KMS pattern combinations and which are best suited for use with Cryptomathic’s Key Management System...
2 min read
Terry Anton (guest): 29. November 2021
The use of cryptography is the foundation for the secure processing of financial and other electronic transactions. On the other hand, the management...
3 min read
Gaurav Sharma (guest): 27. November 2021
A study published in early 2018 by the European Union Agency for Network and Information Security (ENISA), revealed that 90% of the respondents...
3 min read
Martin Rupp (guest): 26. November 2021
The PCI Council requires most actors of payment networks to implement ANSI X9.24/TR-31-compliant key blocks to wrap and securely transmit, transfer,...
5 min read
Peter Landrock: 26. November 2021
RSA, a short recap In a public key scheme, and for the sake of simplicity, assume a public scheme based on encryption-decryption (as opposed to e.g....
2 min read
Ashiq JA (guest): 20. November 2021
User interface design and usability are the deciding factors in attaining a good user experience for most IT deployments, including key management...
3 min read
Bring your own key (BYOK) is a popular term relating to key management for cloud applications. However, a lack of standardization makes it confusing...
4 min read
Ulrich Scholten (guest) & Stefan Hansen: 17. November 2021
Banks continue to feel the profound transformational effects that digital technologies have on their business. This can be seen in the creation and...
4 min read
Edlyn Teske: 10. November 2021
There is no silver bullet when it comes to securing “the” Internet of Things; instead, a careful analysis of the individual application is needed. In...
3 min read
Terry Anton (guest): 08. November 2021
The modern world of cybersecurity can be a confusing place. There are tons of data, regulations, and mandates in addition to the complex technical...
4 min read
Martin Rupp (guest): 05. November 2021
This article discusses how tokenization may reduce false declines with credit card transactions that could negatively impact merchants.
3 min read
Gaurav Sharma (guest): 27. October 2021
In Part 1 of our series exploring the wide footprint of the eIDAS regulation, we looked at things like PSD2, the European Citizen’s Initiative, and...
3 min read
Chris Allen: 23. October 2021
A crypto-abstraction layer (CAL) is, in its most general sense, an application programming interface (API) - also known as a library- that hides...
2 min read
Rob Stubbs: 22. October 2021
In this article, we will explore some of the reasons why HSMs can be difficult to use and look at a novel solution that helps to overcome these...
2 min read
Martin Rupp (guest): 21. October 2021
This article proposes answers to a series of frequently asked questions (FAQs) about key blocks.
3 min read
A. M. Parker (guest): 19. October 2021
Hardware Security Modules (HSMs) are used in all card payment systems (as well as various other applications that require strong security) to protect...
2 min read
Gaurav Sharma (guest): 18. October 2021
The European Single Market has made it possible for large companies and small businesses to freely access one of the biggest unified markets in the...
3 min read
Thomas Pedersen: 14. October 2021
As part of the global drive for digital transformation, legally binding digital signatures are at the forefront of many businesses’ ambitions to...
4 min read
Gaurav Sharma (guest): 07. October 2021
In Part 1 of our series, we covered some simple case studies from the financial services sector and the logistics and trade sectors. We looked at...
6 min read
Guillaume Forget: 30. September 2021
Last week order for 186 double-decker trains was nullified due to a legal formality surrounding the Qualified Electronic Signature used to ink the...
5 min read
James H. Reinholm (guest): 29. September 2021
This article talks about how different factors and controls can affect the strength and effectiveness of a cryptographic system's security. It gives...
3 min read
Gaurav Sharma (guest): 25. September 2021
The financial service industry has always been innovator in technology adoption. This is not surprising considering the nature of the industry with...
3 min read
Gaurav Sharma (guest): 23. September 2021
Globalization has continued its inexorable march over the last decades. The movement of everything from capital, labor, ideas, goods, and services...
4 min read
Guillaume Forget: 19. September 2021
Under pressure from sophisticated attacks and rising fraud, many B2C organisations of the financial industry are currently enhancing the static...
3 min read
Martin Rupp (guest): 18. September 2021
This article briefly summarizes the symmetric cryptographic key utilization and storage requirements as described by the ANSI X9.24-1-2017 (part 1)...
2 min read
Gaurav Sharma (guest): 18. September 2021
Great strides have been made in the retail banking and payments space via innovative financial technology products. However, in the corporate banking...
3 min read
Gaurav Sharma (guest): 17. September 2021
In Part 2 of our series on the success of electronic IDs in the Nordic countries, we looked at what has made these schemes so successful with near...
6 min read
Ever since the EU mandated the introduction of biometric ePassports containing fingerprints there has been a flurry of technology development and...
4 min read
MULTOS cards are being deployed in steadily increasing numbers and Cryptomathic is delighted to be involved in MULTOS projects across the globe....
3 min read
Ulrich Scholten (guest) & Stefan Hansen: 07. September 2021
The IBM mainframe series (“z-series”) has become a backbone for security, privacy and resilience in a large share of payment and banking related...
3 min read
Martin Rupp (guest): 19. August 2021
Thales Key Blocks are an essential cryptographic key wrapping format. In comparison to other key block formats, they are proprietary and only work...
3 min read
Gaurav Sharma (guest): 18. August 2021
Banks and other financial institutions are playing a key role in countering global challenges like money laundering and terror financing.
3 min read
Gaurav Sharma (guest): 13. August 2021
In our previous article on eID schemes in Nordic countries, we looked at some data showcasing the remarkable adoption and engagement rates for such...
2 min read
Banks and financial institutions must adhere to a rigorous set of security and regulatory practices to protect data, communications, and processes.
3 min read
This article examines how federated signing can help banks overcome some of the obstacles they face when onboarding customers online in the era of...
3 min read
The protection and secure management of cryptographic keys is crucial for ensuring that cryptography is used in the most effective way to keep data...
3 min read
Gaurav Sharma (guest): 21. July 2021
In Part 1 of this series, we looked at the objectives or motives behind having an eIDAS-enabled digital onboarding process. In Part 2, we look at the...
3 min read
Thomas Pedersen: 20. July 2021
In May 2021, researchers published two attacks on certified PDFs, which enabled unintentional and fraudulent modifications to be applied to signed...
2 min read
Gaurav Sharma (guest): 18. July 2021
The EU single market produces an unmatched € 15trillion worth of goods and services annually. Such a large and unified market presents many...
4 min read
Ulrich Scholten (guest) & Stefan Hansen: 09. July 2021
This article explores how Cryptomathic CKMS combines BYOK for the MS Azure Key Vault with banking-grade key lifecycle management; to address the...
/Logo%202023.svg "Logo 2023"){kind=small}
/Group.svg "Group"){kind=small}