Cryptomathic Blog

This article explains some of the cryptographic key management tasks involved in demonstrating and proving compliance to acceptable standards, and how this process can be simplified by centralization, automation, and adequate preparation.

This article gives an insight into the EMV chip technology, which is being rolled out on a world-wide scale to increase the level of fraud protection in credit card transactions. It presents and discusses legal incentives for migration, security benefits, a detailed view of the sequence of steps in a transaction and a concluding discussion.

This article discusses how the security protection of payment card data used in a transaction can be maximized by integrating PCI DSS with EMV technology. 

This article discusses how various factors and related controls can affect the effectiveness and strength of the security protection for a cryptographic system.

It gives particular consideration to the requirements of the Payment Card Industry (PCI)

This article discusses methods of restoring secure systems, such as payment card processing, to normal cryptographic operation after an attack or adverse event is detected and recovering access to critical information.

This article discusses the necessary exchange of information between entities within a security domain and other entities outside of the security domain, including recommendations to regulate and secure this flow through the Domain Security Policy.

This article discusses the functions and use of hierarchical layers when establishing a cryptographic key management policy, and how the policy layers interact.

This paper discusses the various phases in the life cycle of a cryptographic key, and how the operational life-time and key strength can be determined.

This article discusses key management strategies for the SaaS cloud model, and unique security problems to be dealt with because of lack of user control.