HSM remote key loading using CKMS and PCI-certified KLD

HSM remote key loading using CKMS and PCI-certified KLD

Hardware security modules (HSMs) are physical devices that provide cryptographic functions such as encryption/decryption and digital signing. They are used in many industries where strong security is necessary, including finance, banking, government, military and healthcare. In banking in particular, HSMs are used to validate all payment card transactions.

HSMs are typically installed in a secure rack in private bank datacenters around the globe. For evident security reasons, accessing these datacenters is strictly controlled and in nature, accessing these HSMs inside the datacenter is inconvenient even for the security teams responsible for this infrastructure.

There is a need to remotely administer these HSMs once provisioned and to manage and to load the cryptographic keys required for payment processing. This is what we call “remote key loading”.

Secure BYOK for AWS Simple Storage Services (S3)

Secure BYOK for AWS Simple Storage Services (S3)

Cloud storage via AWS Storage Services is a simple, reliable, and scalable way to store, retrieve and share data. As a third-party cloud vendor, AWS manages and operates the data storage as a service. Because the data is delivered on demand using JIT capacity and costs, it eliminates having to buy and manage your own infrastructure for storing data. This service supplies anytime, anywhere data access which gives agility, durability, and global scalability for users. To maintain compliance with major industry standards like GDPR, HIPAA, PCI-DSS while harnessing the advantages of cloud storage, this article suggests a bring your own key solution with automated audit features.

EMV Payment Security - Issuers

EMV Payment Security - Issuers

An issuer is one of the corners in the ‘four corner’ model. An issuer is a financial organization (e.g. a bank) that produces payment cards and allows the cardholders to use them.

Symmetric Cryptography in Financial Institutions: Key Management Challenges

Symmetric Cryptography in Financial Institutions: Key Management Challenges

This article addresses some of the challenges of symmetric cryptography as applied in banks, describing how it works and what are its unbeaten advantages as opposed to asymmetric cryptography.

Cryptomathic Signer - The Most Advanced eIDAS Compliant Remote Signature Solution

Cryptomathic Signer - The Most Advanced eIDAS Compliant Remote Signature Solution

As part of the global drive for digital transformation, legally binding digital signatures are at the forefront of many businesses’ ambitions to provide an enhanced and complete digital customer journey. Even though most people can understand the general concept of digital signatures, reaching the highest level of assurance with a Qualified Electronic Signature contains quite a few things to consider.

Here we provide a high-level comparison between Cryptomathic Signer and other eIDAS remote signing solutions available in the market.

Payment & Banking: Why IBM z/OS Needs a Banking-grade KMS for the Hybrid Cloud

Payment & Banking: Why IBM z/OS Needs a Banking-grade KMS for the Hybrid Cloud

The IBM mainframe series (“z-series”) has become a backbone for security, privacy and resilience in a large share of payment and banking related applications across the globe. This article explains why a cryptographic key management system (KMS) that supports the hybrid-cloud is a prerequisite to effective and compliant security management of these mainframes.

How to use Thales Key Blocks in payShield HSMs

How to use Thales Key Blocks in payShield HSMs

Thales Key Blocks are an essential cryptographic key wrapping format. In comparison to other key block formats, they are proprietary and only work with Thales payShield HSMs. In what follows, we delve into detail about this key block format.

Cryptomathic CKMS: Centralized & Automated Key Management for payShield HSMs

Cryptomathic CKMS: Centralized & Automated Key Management for payShield HSMs

Banks and financial institutions must adhere to a rigorous set of security and regulatory practices to protect data, communications, and processes.

Payment Security and Key Blocks: Why are key blocks so secure?

Payment Security and Key Blocks: Why are key blocks so secure?

How can keys be securely exchanged over potentially unprotected channels? The answer to this question is “key blocks”. A key block is an essential cryptographic key format that allows users to securely exchange and utilize keys over various environments.