HSM remote key loading using CKMS and PCI-certified KLD

HSM remote key loading using CKMS and PCI-certified KLD

Hardware security modules (HSMs) are physical devices that provide cryptographic functions such as encryption/decryption and digital signing. They are used in many industries where strong security is necessary, including finance, banking, government, military and healthcare. In banking in particular, HSMs are used to validate all payment card transactions.

HSMs are typically installed in a secure rack in private bank datacenters around the globe. For evident security reasons, accessing these datacenters is strictly controlled and in nature, accessing these HSMs inside the datacenter is inconvenient even for the security teams responsible for this infrastructure.

There is a need to remotely administer these HSMs once provisioned and to manage and to load the cryptographic keys required for payment processing. This is what we call “remote key loading”.

Good key management for financial services: protecting your digital assets from the inside out

Good key management for financial services: protecting your digital assets from the inside out

Java’s recent Elliptic Curve Digital Signature Algorithm (ECDSA) vulnerability underscores the fact that organizations cannot rely solely on outside vendors for effective cybersecurity. The financial services industry must evolve its encryption and key management strategies in line with its changing infrastructure models, advocating an inside-out approach that has proven itself over time.

Payment & Banking: Why IBM z/OS Needs a Banking-grade KMS for the Hybrid Cloud

Payment & Banking: Why IBM z/OS Needs a Banking-grade KMS for the Hybrid Cloud

The IBM mainframe series (“z-series”) has become a backbone for security, privacy and resilience in a large share of payment and banking related applications across the globe. This article explains why a cryptographic key management system (KMS) that supports the hybrid-cloud is a prerequisite to effective and compliant security management of these mainframes.

Selecting the Right Key Management System

Selecting the Right Key Management System

The protection and secure management of cryptographic keys is crucial for ensuring that cryptography is used in the most effective way to keep data secure. Picking the wrong key management system (KMS) can thwart all the efforts that have been made in using cryptography to protect information.

Managing Keys for ATM Remote Key Loading using CKMS

Managing Keys for ATM Remote Key Loading using CKMS

ATM Remote Key Loading has become a common practice in the industry. Yet managing the top-level keys to establish trust between the Host and the ATM units remains a challenge. This article describes how Cryptomathic CKMS addresses the challenges of key generation and distribution for ATM Remote Key Loading.

Key Meta-Data: Why It’s Important and How to Manage It

Key Meta-Data: Why It’s Important and How to Manage It

This article explains the concept of meta-data in the context of cryptographic keys, explaining why it is used and the necessity to manage it well.

Introducing a PCI DSS compliant Key Management System to a Bank

Introducing a PCI DSS compliant Key Management System to a Bank

A key management system is a critical component in achieving PCI DSS compliance for a banking institution. It involves implementing a crypto system that manages the secure creation, exchange, distribution, storage and use of cryptographic keys for the ultimate goal of protecting users’ or clients’ sensitive data.

How Third Party Testing Can Improve Key Management System Security

How Third Party Testing Can Improve Key Management System Security

For identifying, detecting, and eliminating flaws in a key management system, independent third-party testing is required (KMS). Third-party testing firms frequently have specialised facilities and expertise to conduct testing and provide objective testing reports. These activities should be carried out on each module, including its security functions and protective measures. This article discusses the advantages of third-party key management system testing.

Maximizing the Payment Card Industry (PCI) and Cryptographic System Security

Maximizing the Payment Card Industry (PCI) and Cryptographic System Security

This article talks about how different factors and controls can affect the strength and effectiveness of a cryptographic system's security. It gives particular consideration to the requirements of the Payment Card Industry (PCI).