Un HSM-as-a-Service de pago totalmente gestionado y basado en suscripciones
El HSM-as-a-Service de pago de Utimaco proporciona un conjunto completo de módulos de seguridad de hardware (HSM) de pago totalmente gestionados que cumplen con las normas PIN de la PCI. Aprovechando el Payment HSM AT1000 de Utimaco o el payShield 10K de Thales, este servicio elimina la necesidad de mantener los HSM en las instalaciones del cliente.
Este servicio elimina la necesidad de que los clientes inviertan en hardware, instalaciones seguras y recursos de gestión, y alivia la carga que suponen el cumplimiento de la normativa PCI, las auditorías y la asistencia.
Tipo de producto:
As-a-servicePlazo de entrega:
Principales ventajas
Detalles
HSM de pago como servicio
Payment HSM as a Service es compatible con las principales aplicaciones de pago, es multi-nube y proporciona una oferta de servicios única y accesible globalmente a todo el ecosistema de pagos.
Conéctese sin problemas a un grupo de Payment HSM de su elección para asegurar tareas como la protección y validación de PIN, el procesamiento de transacciones, la emisión de tarjetas móviles y de pago, y la Key management.
Reduced Costs
Offering a service based on a dynamic subscription model to access the Payment HSM capability required, eliminating the need to buy on-premise devices. This approach minimizes costs associated with staff, infrastructure, and skills needed for deployment, managing, designing, and operating your Payment HSM infrastructure, as well as maintaining its PCI certification.
Fully Managed Service
Providing access to Payment HSMs hosted in our certified datacenters including compliance, maintenance, and hosting.
PCI Certified
Releasing you from the burden of maintaining PCI-DSS and PCI-PIN compliance for your Payment HSMs, enabling full evidence readily available to your auditors.
Multi-Cloud
Seamlessly integrates with both public or private cloud providers, maximizing your business flexibility and leveraging multi-cloud strategies to their fullest potential.
High Availability
Access to a group of Payment HSMs distributing their workload and provide resilience against equipment failure, network, or data center outages, offering 99.999% availability.
Certification and Compliance
- FIPS 140-2 Level 3 certified HSM
- PCI PTS HSM V3
- PCI DSS
- PCI PIN
- TR-31 Key Block Support
Payment Standard
- ANSI X3.92, X9.52, X9.97, X9.8, X9.24, X9.17, TR31, TR34, TR39
- APACS 40 and 70
- ISO 9797, ISO 10126, ISO 9807, ISO 16609, ISO 9564
- NIST security standards SP800-90 (RBG), SP800-38A, SP800-67
- DUKPT X9.24, (DUKPT 2018)
- VISA, MASTERCARD, AMEX, CHINA UNION PAY, JCB, DISCOVER
Supported Cryptographic Algorithms
- Symmetric algorithms: DES, 3DES, AES
- Asymmetric algorithms: RSA 1024 to 4096
- Hashing algorithms: SHA-1 to SHA512
- MAC / sealing algorithms: MAC and HMAC, CMAC
Cryptographic Interfaces (APIs) and Communication Protocol
- API and Communication Protocol
- PTCP/IP sockets
- TLS sockets
- REST API
Technical Documentation
If you are interested in the Payment HSM as a Service and require more information on the technical specifications, please complete the form below to receive access to our portal where you will be able to view all documentation on the service we provide including our Service Details document.
An example of what’s included in the Service Details document include:
- Full Service Description
Includes information on HSM groups, local master keys etc. - Service Types
A comprehensive overview of the Beta Test, Shared and Dedicated Services - Responsibilities
Defining MYHSM and the customer's responsibilities - Operations
Outlining the onboarding process, operations, customer portal etc. - Performance
Provides information on latency - Plus More
Pricing, availability, networks and service level expectations
Please note in order to access our documentations, an electronic NDA will need to be signed. We will send you this via email once you have submitted the request form below.