Cryptomathic Blog

Hardware security modules (HSMs) are physical devices that provide cryptographic functions such as encryption/decryption and digital signing. They are used in many industries where strong security is necessary, including finance, banking, government, military and healthcare. In banking in particular, HSMs are used to validate all payment card transactions.

HSMs are typically installed in a secure rack in private bank datacenters around the globe. For evident security reasons, accessing these datacenters is strictly controlled and in nature, accessing these HSMs inside the datacenter is inconvenient even for the security teams responsible for this infrastructure.

There is a need to remotely administer these HSMs once provisioned and to manage and to load the cryptographic keys required for payment processing. This is what we call “remote key loading”.

Cloud storage via AWS Storage Services is a simple, reliable, and scalable way to store, retrieve and share data. As a third-party cloud vendor, AWS manages and operates the data storage as a service. Because the data is delivered on demand using JIT capacity and costs, it eliminates having to buy and manage your own infrastructure for storing data. This service supplies anytime, anywhere data access which gives agility, durability, and global scalability for users. To maintain compliance with major industry standards like GDPR, HIPAA, PCI-DSS while harnessing the advantages of cloud storage, this article suggests a bring your own key solution with automated audit features.

Today's businesses rely heavily on cryptography to authenticate people and processes, secure communications, and safeguard critical data.

This article discusses the various issues around key management and presents Cryptomathic’s approach to central key and crypto management that has been adopted by major banks.

The payment card industry data security standard (PCI DSS) calls for all financial institutions and merchants to protect their client's sensitive data, typically including strong cryptography as dictated by PCI DSS requirement 3. Most organizations empty this burden on the IT department or IT management teams and hope that all compliance requirements are met. However, in most cases when a data breach occurs, the burden lies on the shoulders of the C-level management, who are left to answer the difficult questions.

An issuer is one of the corners in the ‘four corner’ model. An issuer is a financial organization (e.g. a bank) that produces payment cards and allows the cardholders to use them.

With the ever increasing number of online services and electronic transactions, business owners are becoming ever more dependent on the use cryptography to prevent sensitive information from cyber attackers.

This article addresses some of the challenges of symmetric cryptography as applied in banks, describing how it works and what are its unbeaten advantages as opposed to asymmetric cryptography.

Part 2 – Accelerating Time-to-Market

With the increase in e-commerce and electronic communications on the one hand and the growing challenges of cybercrime and data protection regulation, on the other hand, cryptography is becoming an increasingly important business enabler.