Stopping Breaches and Staying Compliant. OpenText and Utimaco Work Together to Secure Financial Data and Transactions

Press Release Date: 10 Mar 2026 10 Mar 2026
Table of Contents

The number of cyberattacks and data breaches continues to rise. Attackers target sensitive financial data, particularly credit card details and transaction information. A successful breach can disrupt operations and damage an organization’s credibility and customer trust. Businesses, to mitigate these risks, must operate a secure and compliant infrastructure while meeting intensifying regulatory pressures.


However, what can be observed in the financial services industry is that attackers are becoming more advanced and technically sophisticated, using new methods and approaches.


Challenges in Protecting Sensitive Data 

One emerging tactic used by the attackers is to target the cryptographic keys that protect encrypted data. While encryption is essential for safeguarding sensitive information, encryption alone is not sufficient without strong protection of the keys themselves.
 

This means that protecting master keys becomes critical. If attackers obtain the keys, encryption offers little protection. Another issue that organizations need to be aware of is that audit scope grows when sensitive data and keys are widely distributed, which adds complexity to regulatory obligations.


Companies face a straightforward challenge: they must develop strategies to protect sensitive data and master keys against modern attacks, minimize audit scope while remaining fully compliant.


Watch a webinar with two industry leaders, Manish Upasani and Tim Sedlack, discussing how organizations can respond to this challenge. 


Strengthening Payment Security with OpenText and Utimaco


This is why OpenText and Utimaco join forces to enable organizations to obtain a more secure infrastructure with reduced PCI audit scope.


OpenText Data Privacy and Protection platform ensures that sensitive data including payment card information remains protected across critical use cases such as point-of-sale transactions, mobile payments, and downstream data storage or analytics environments.


By applying tokenization and encryption, organizations can eliminate the exposure of clear-text cardholder data during transaction processing. This significantly reduces the risk of data breaches and fraud while maintaining secure access to payment information when needed.


The Atalla AT1000 Payment HSM integrates natively with OpenText Data Privacy and Protection to strengthen this protection layer. The HSM safeguards the most sensitive cryptographic assets, particularly master keys, while enabling secure tokenization and encryption processes. This ensures that the root of trust in the payment infrastructure remains protected within dedicated hardware security boundaries.


Enhancing Key Management with Secure Key Derivation


A key capability supported by the integration is secure key derivation. In payment systems, key derivation refers to the process of generating new cryptographic keys from an existing master or base key using a defined algorithm. These operations are performed inside the HSM to ensure the master key never leaves the secure hardware environment.
This approach provides several important advantages:

  • Derivation on demand                                     
    Keys are derived on demand rather than permanently stored
  • Consistent encryption and access
    The same input derives the same key for consistent encryption and access
  • Master key protection
    Master key remains protected inside the HSM at all times


Key Derivation Helping to Reduce Audit Scope


Because derived keys are generated when needed, instead of being stored and managed individually, organizations can significantly reduce the number of cryptographic keys that must be audited and controlled. This helps simplify compliance processes and reduce PCI audit scope.


For security officers and auditors, this architecture provides clear assurance that master keys never leave the HSM boundary, maintaining strict control over the most critical cryptographic assets. At the same time, organizations retain full ownership and control of their HSM environment, enabling them to securely perform key derivation whenever required.


High Performance for Large Payment Volumes


Key derivation requires a high-performance Payment HSM to support all of these transactions. Therefore, the Atalla AT1000 Payment HSM plays a central role. With the capability to process up to 10,000 transactions per second, the HSM can therefore support more than 10,000 key derivation operations per second.


How This Integration Translates into Real-Life Benefits


Enhanced Security and Trust

The integration reduces your risks of key exposure or compromise and ensures that master encryption keys are protected within the Atalla AT1000 Payment HSM. This hardware-based protection strengthens the overall security posture for payment data and financial transactions, mitigating the risk of breaches.


Future-Proof Compliance


The Atalla AT1000 Payment HSM delivers a FIPS 140-3 Level 3 hardware security environment and meets the highest PCI PTS HSM requirements. Integrated with OpenText, it also helps reduce PCI audit scope, lowering compliance complexity while maintaining robust security.


Scalable Performance for Payment Processing


The Atalla AT1000 Payment HSM delivers high-performance cryptographic processing, capable of handling the most demanding high-volume payment transactions with ease.


Learn more about the OpenText and Utimaco integration here.


Building a Secure and Scalable Payment Infrastructure


The integration of OpenText Data Privacy and Protection with Utimaco’s Atalla AT1000 Payment HSM provides a powerful foundation for modern payment security. By combining advanced data protection technologies with hardware-based cryptographic key management, organizations can enhance security, simplify compliance, and build resilient infrastructures ready for the future of digital payments.


Would you like to get more details from top experts at Utimaco and OpenText? Manish Upasani, Head of Product Management at Utimaco, and Tim Sedlack, Director of Product Management at OpenText, have explained this integration in detail and shared practical, real-life scenarios during our recent webinar.

 

Learn More About Utimaco’s High-Performance Payment HSM 


Utimaco's Atalla AT1000 Payment HSM is a high-performance Payment HSM capable of processing up to 10,000 transactions per second, using multi-tenant architecture. It is compliant with FIPS 140-3 Level 3 and FIPS 140-2 Level 4 (physical design) as well as PCI PTS HSM v4 (application submitted). 
 

About the Author

Peter Czempas

Peter Czempas

Product Marketing Manager, Utimaco

Related Blogs

Banking & Financial Services
Aug 27, 2024
PSD3 and the Future of Digital Finance
The digital finance landscape has evolved rapidly, largely driven by regulatory advancements such as the Payment Services Directive 2 (PSD2).
Read More
PCI Compliance
Oct 11, 2023
Visa PIN Security Program Update
In the ever-evolving landscape of cybersecurity and data protection, Visa has recently announced a significant shift in its approach to PCI PIN.
Read More
Banking & Financial Services
Jul 18, 2022
Open Banking + Open Finance = Big & Wide Data
As Open Finance is the next step in the Open Banking journey, we look at how this acceleration could reshape the financial services ecosystem, revolutionizing the way financial service providers operate and the significant benefits of big and wide data.
Read More
Trust as a Service
Mar 16, 2022
An Introduction to Payments as a Service
Explaining Payments as a Service and how PSD2 is paving the way to make payments easier and enhancing protections for consumers.
Read More

Ready to Secure Your Digital Future?

Join over 500 global enterprises and government institutions who trust Utimaco for their critical security infrastructure.

Contact Sales

How can we help you?

Talk to one of our specialists and find out how Utimaco can support you today.
You have selected two different types of downloads, so you need to submit different forms which you can select via the two tabs.

Your download request(s):

    By submitting below form you will receive links for your selected downloads.

    Your download request(s):

      For this type of documents, your e-mail address needs to be verified. You will receive the links for your selected downloads via e-mail after submitting below form.

      About Utimaco's Downloads

      Visit our Downloads section and select from resources such as brochures, data sheets, white papers and much more. You can view and save almost all of them directly (by clicking the download button).

      For some documents, your e-mail address needs to be verified. The button contains an e-mail icon.

      Download via e-mail

       

      A click on such a button opens an online form which we kindly ask you to fill and submit. You can collect several downloads of this type and receive the links via e-mail by simply submitting one form for all of them. Your current collection is empty.

       

      How can we help you futher?