Bank Card Issuing

Securing consumer data and preventing fraud whilst ensuring compliance with government and industry data regulations

During the key issuing process of cards, considerations towards fraud and potential data interception vulnerabilities need to be taken into account - weaknesses within this process can place customers’ sensitive data at risk of interception, leading to exploitation of vulnerabilities resulting in threats and attacks.

Issuing cards requires the collection, exchanging and processing of sensitive and personally identifiable customer financial data, which needs to be shielded in adherence to strict cryptographic processes and in compliance with relevant regulations.

Utimaco HSMs assures protection of cryptographic keys and customer PINs used during the issuance of EMV chip cards.

Business value

Business value


Root of Trust for Card Issuance

  • Provides market-proven Hardware Security Modules for card schemes, banking-grade data protection, and audits
  • Offers professional services for integrating additional functions and modifications
  • Supports both secure key storage inside the HSM and external encrypted key storage

Scalable and flexible

  • Provides configurable role-based access control and separation of duties
  • Supports use of Payment APIs and General Purpose APIs like PKCS#11 on the same HSM

Regulatory Compliance Made Easy

Meets strict compliance requirements with PCI PTS HSM V3 and FIPS 140-2 Level 3


Remote Management

Provides efficient remote management capabilities


Automated Key Management

  • Manages the life cycle of all cryptographic keys needed in the issuing process and stores them centrally in dedicated HSMs.
  • Monitors the payment card keys throughout the whole card life cycle through

Software Development Kit and Simulator included

  • Provides a Software Development Kit (SDK) which allows for self-customisation for the purpose of handling proprietary and secret algorithms for further developments involving sensitive code, IP or algorithms or
  • Includes a simulator allowing for evaluation and integration testing to benchmark the best possible solution for each specific case
Deployment options

Deployment options


On Premise

  • Useful for centralized use cases without a requirement of scalability or remote accessibility and existing legacy infrastructure
  • Defined total cost of ownership
  • Complete control on hardware and software, including configuration and upgrades
  • Secured uptime in areas with insatiable internet connectivity
  • Preferred choice in industry-segments where regulation imposes restrictions

In the Cloud

  • Strategic architectural fit & risk management for your high value assets
  • Provides flexibility, scalability and availability of HSM-as-a-service
  • Ideal for a multi-cloud strategy, supporting multi-cloud deployments & allows for migration flexibility
  • Allows you to seamlessly work with any Cloud Service Provider
  • Easy-to-use remote management and on-site key ceremony service option
  • Full control over data through encryption key life-cycle and key administration
  • Secured data privacy through Bring-Your-Own-Key procedures

Contact us

We look forward to answering your questions.

How can we help you?

Talk to one of our specialists and find out how Utimaco can support you today.