Utimaco hardware security modules achieve payment card industry compliance
Utimaco has achieved Payment Card Industry PIN Transaction Security Hardware Security Module Version 2 (PCI PTS HSM V2) compliance for uncontrolled environments for its CryptoServer CSe HSM platform from the PCI Standards Security Council, giving the payment card industry and consumers confidence that their data will be secure throughout the transaction process when using Utimaco’s HSM.
Utimaco’s CryptoServer CSe HSM was designed to secure card payment systems as a high-performance security platform with active tamper resistance, protecting cryptographic keys and other sensitive information such as customer PINs and cardholder data. The PCI HSM certification for the updated CryptoServer hardware platform demonstrates Utimaco’s ability to deliver innovative and high-quality security solutions, even in the most rigorous and demanding environments.
Utimaco also offers open-payment APIs, empowering vendors with a fully customisable HSM that can adapt to changing industry needs, and can help certify customised firmware solutions.
“The sensitive nature of payment transactions requires a high level of security, and as breaches and exploits rise, financial institutions need a secure solution to protect their customers and themselves from costly attacks,” said Matthias Pankert, Utimaco senior vice president. “With this new compliance standard from the PCI Standards Security Council, a respected and independent organisation, Utimaco guarantees the highest level of security to meet the needs of enterprises and consumers alike.”
HSMs are a fundamental tool for securing payment transactions and ensuring the highest standards of security. Now, banks and credit card companies using an Utimaco HSM when issuing EMV chip technology payment cards or implementing payment processes like PIN processing, card verification, card production, ATM interchange and more, will have the benefit of completing these transactions securely and efficiently, while adhering to PCI SSC mandates.
Pankert continued, “We are particularly proud that we received a PCI HSM certification for the most demanding requirement profile, focusing on physical security if used in controlled and uncontrolled environments like non-ISO certified data centres. This demonstrates our commitment to achieving internationally recognised standards and compliance requirements, while delivering innovative, high quality security solutions. Our next step will be the launch of our first HSM PaymentServer in Q4 2017.”
The PCI SSC created practical security compliance standards for HSMs in the payments industry. Current mandates and encryption standards issued by the PCI SSC require a PCI HSM for all payment-related HSMs, and it is expected to become the default standard for future systems. The qualification will ultimately create a higher-level of security for card holder information within the global payments network and merchant facilities worldwide.
For more information on Utimaco’s PCI HSM certification, and to be one of the first to know about the upcoming launch of the HSM PaymentServer, click here.