Utimaco hardware security modules achieve payment card industry compliance

Utimaco has achieved Payment Card Industry PIN Transaction Security Hardware Security Module Version 2 (PCI PTS HSM V2) compliance for uncontrolled environments for its CryptoServer CSe HSM platform from the PCI Standards Security Council, giving the payment card industry and consumers confidence that their data will be secure throughout the transaction process when using Utimaco’s HSM.

Utimaco’s CryptoServer CSe HSM was designed to secure card payment systems as a high-performance security platform with active tamper resistance, protecting cryptographic keys and other sensitive information such as customer PINs and cardholder data. The PCI HSM certification for the updated CryptoServer hardware platform demonstrates Utimaco’s ability to deliver innovative and high-quality security solutions, even in the most rigorous and demanding environments.

Utimaco also offers open-payment APIs, empowering vendors with a fully customisable HSM that can adapt to changing industry needs, and can help certify customised firmware solutions.

“The sensitive nature of payment transactions requires a high level of security, and as breaches and exploits rise, financial institutions need a secure solution to protect their customers and themselves from costly attacks,” said Matthias Pankert, Utimaco senior vice president. “With this new compliance standard from the PCI Standards Security Council, a respected and independent organisation, Utimaco guarantees the highest level of security to meet the needs of enterprises and consumers alike.”

Matthias Pankert

HSMs are a fundamental tool for securing payment transactions and ensuring the highest standards of security. Now, banks and credit card companies using an Utimaco HSM when issuing EMV chip technology payment cards or implementing payment processes like PIN processing, card verification, card production, ATM interchange and more, will have the benefit of completing these transactions securely and efficiently, while adhering to PCI SSC mandates.

Pankert continued, “We are particularly proud that we received a PCI HSM certification for the most demanding requirement profile, focusing on physical security if used in controlled and uncontrolled environments like non-ISO certified data centres. This demonstrates our commitment to achieving internationally recognised standards and compliance requirements, while delivering innovative, high quality security solutions. Our next step will be the launch of our first HSM PaymentServer in Q4 2017.”

The PCI SSC created practical security compliance standards for HSMs in the payments industry. Current mandates and encryption standards issued by the PCI SSC require a PCI HSM for all payment-related HSMs, and it is expected to become the default standard for future systems. The qualification will ultimately create a higher-level of security for card holder information within the global payments network and merchant facilities worldwide.

For more information on Utimaco’s PCI HSM certification, and to be one of the first to know about the upcoming launch of the HSM PaymentServer, click here.

Comment on this article below or via Twitter: @IoTNow OR @jcIoTnow

Recent Articles

Spike in use of cloud-based security to protect corporate data

Posted on: July 1, 2020

A new survey of UK security practitioners by Exabeam shows a marked increase in the adoption of cloud-based security tools compared to an earlier study carried out in March prior to the COVID-19 lockdown. The latest data shows 88% of recent respondents said the accelerated move to the cloud was driven by the need to

Read more

Telcos must be cautiously aggressive to ‘Roar out of Recession’

Posted on: June 30, 2020

As we approach four months since essentially the entire world went on lockdown, telcos have gone through a very mixed experience.

Read more