Cryptomathic Blog

The European Digital Identity Wallet (EUDI Wallet) is at the forefront of the European Commission's eIDAS initiative to establish a secure and user-friendly digital identity framework for citizens across the European Union, in order to securely store and manage various digital identity data such as driving license, permits, health cards, diplomas, etc. Beyond identity management, the EUDI Wallet also offers a secure payment solution that leverages the Payment Services Directive 2 (PSD2) and Single Euro Payments Area Credit Transfer (SCT) method. This article explores the features of EUDI Wallet, the process of PSD2 payments, and the stringent security measures employed by wallet providers to protect user funds and data. Discover how EUDI Wallet combines digital identity and payment services to provide a comprehensive and secure user experience.

The European Digital Identity Wallet (EUDIW) has the potential to serve as a comprehensive identity gateway, enabling individuals to manage their personal data and decide when and with whom to share it. A single digital ID can store personal credentials, including social, financial, medical, and professional data, as well as contacts and other information.

Hardware security modules (HSMs) are physical devices that provide cryptographic functions such as encryption/decryption and digital signing. They are used in many industries where strong security is necessary, including finance, banking, government, military and healthcare. In banking in particular, HSMs are used to validate all payment card transactions.

HSMs are typically installed in a secure rack in private bank datacenters around the globe. For evident security reasons, accessing these datacenters is strictly controlled and in nature, accessing these HSMs inside the datacenter is inconvenient even for the security teams responsible for this infrastructure.

There is a need to remotely administer these HSMs once provisioned and to manage and to load the cryptographic keys required for payment processing. This is what we call “remote key loading”.

EMV Personalization of a payment card is the process of writing data to the card in order to make it ready for use. This includes loading the card with information such as account numbers, expiration dates, and other customer-specific data. It also refers to the process of loading cryptographic algorithms and keys onto credit cards using hardware or software tools. This ensures all personal data can be safeguarded against theft or misuse.

The “Four Corners” model, also called the “Four Party Scheme”, is utilized in almost all standard card payment systems across the globe. Here, we talk about that model and explain what kind of hardware security module (HSM) is needed for each of its components involved in the cryptographic process.

This article proposes a few answers to a series of frequently asked questions (FAQs) about key blocks and their use with PCI.

In the “four corner model”, acquirers are apparently the less active party as their role seems ‘only’ to forward the transaction flow originating from the merchant to and from the issuer. In the model, the acquirer is the merchant’s bank.

Merchants are one of the corners of the ‘four corner’ model in the payment world. In what follows, we will explain some of the security mechanisms for Merchants to prevent unauthorized transactions and payment card fraud.

An issuer is one of the corners in the ‘four corner’ model. An issuer is a financial organization (e.g. a bank) that produces payment cards and allows the cardholders to use them.