Strong cryptography and key management requirements for EMV and PCI DSS compliance

EMV chips on payment cards contain cryptographic co-processors and dual interfaces that allow for contact and contactless payment options. When issuing an EMV card, the customer’s information is extracted from the bank or financial institution’s database. The customer's information is then fed into a data preparation system where additional data is used to securely encrypt the customer’s information. This data includes digital certificates and cryptographic keys. The final step is the personalization process where this data is written to the EMV chip on the payment card.

Read more

Cloud encryption: Bring Your Own Key is no longer enough

Encryption key management systems are now essential for all companies needing to lockdown data in the cloud, says Matt Landrock, CEO, Cryptomathic Inc.

Read more

A summary of the revised NIST standards for Key Management

Cryptography is the foundation of protecting electronic data and cyber security. Encryption can effectively prevent breaches while also protecting both consumer privacy and sensitive data.

Read more

Generating Cryptographic Keys: Will Your Random Number Generators (PRNGs) Do The Job?

Conversations about cryptography are common place in the cyber-security world.  One can find security professionals discussing everything from PKI to issues with RSA. 

Read more

Simplifying the Complex Process of Auditing a Key Management System for Compliance

This article explains some of the cryptographic key management tasks involved in demonstrating and proving compliance to acceptable standards, and how this process can be simplified by centralization, automation, and adequate preparation.

Read more

Key Management Interoperability Protocol (KMIP): achievements and challenges

The Key Management Interoperability Protocol standard intends to provide interoperability across various key management environments and hence to reduce costs and increase efficiency of heterogenious cryptographic applications.

Read more

What is Key Management? a CISO Perspective

Key management refers to managing cryptographic keys within a cryptosystem. It deals with generating, exchanging, storing, using and replacing keys as needed at the user level.

Read more

How to Deploy and Manage Cryptography in a Project the Right Way

With the ever increasing number of online services and electronic transactions, business owners are becoming ever more dependent on the use cryptography to prevent sensitive information from cyber attackers.

Read more

Using a Centralized Key Management System to Enforce Information Security Policies

A Key Management System (KMS) must be designed in a manner that supports the goals of each organization using the KMS. The aim of a security policy is to provide a secure working environment for the organization by establishing required security measures, protocols and controls. 

Read more