Utimaco’s Payment Hardware Security Module as a Service - hosted in a Secure, Certified Datacenter
- Reduced Costs
- Fully Managed Service
- PCI certified
Product Type:
As-a-serviceDelivery Time:
Key Benefits
Details
Payment HSM as a Service
Our Payment HSM as a Service offers a suite of fully managed services as an alternative to operating an own estate of Payment HSMs in your own data centers. The service removes the need to invest in hardware, secure facilities, and management resources and reduces the burden of PCI compliance, audit, and support.
Utilizing our Payment HSM as a Service solution reduces your total cost of ownership by eliminating hardware and staff costs, provides flexible deployment and scalability and enables most robust security for your digital infrastructure.
Supported Use Cases
- Processing Transaction Data
- Data Encryption/Decryption
- EMV Transaction Processing
- Payment Card Verification
- PIN Processing
- Card/User Verification
- PIN Translations and Authorization
- Realtime Payment Messaging
- SoftPOS Transaction Processing
- Issuer and Acquirer Payment Processing
Reduced Costs
Offering a service based on a dynamic subscription model to access the Payment HSM capability required, eliminating the need to buy on-premise devices. This approach minimizes costs associated with staff, infrastructure, and skills needed for deployment, managing, designing, and operating your Payment HSM infrastructure, as well as maintaining its PCI certification.
Fully Managed Service
Providing access to Payment HSMs hosted in our certified datacenters including compliance, maintenance, and hosting.
PCI Certified
Releasing you from the burden of maintaining PCI-DSS and PCI-PIN compliance for your Payment HSMs, enabling full evidence readily available to your auditors.
Multi-Cloud
Seamlessly integrates with both public or private cloud providers, maximizing your business flexibility and leveraging multi-cloud strategies to their fullest potential.
High Availability
Access to a group of Payment HSMs distributing their workload and provide resilience against equipment failure, network, or data center outages, offering 99.999% availability.
Certification and Compliance
- FIPS 140-2 Level 3 certified HSM
- PCI PTS HSM V3
- PCI DSS
- PCI PIN
- TR-31 Key Block Support
Payment Standard
- ANSI X3.92, X9.52, X9.97, X9.8, X9.24, X9.17, TR31, TR34, TR39
- APACS 40 and 70
- ISO 9797, ISO 10126, ISO 9807, ISO 16609, ISO 9564
- NIST security standards SP800-90 (RBG), SP800-38A, SP800-67
- DUKPT X9.24, (DUKPT 2018)
- VISA, MASTERCARD, AMEX, CHINA UNION PAY, JCB, DISCOVER
Supported Cryptographic Algorithms
- Symmetric algorithms: DES, 3DES, AES
- Asymmetric algorithms: RSA 1024 to 4096
- Hashing algorithms: SHA-1 to SHA512
- MAC / sealing algorithms: MAC and HMAC, CMAC
Cryptographic Interfaces (APIs) and Communication Protocol
- API and Communication Protocol
- PTCP/IP sockets
- TLS sockets
- REST API
Technical Documentation
If you are interested in the Payment HSM as a Service and require more information on the technical specifications, please complete the form below to receive access to our portal where you will be able to view all documentation on the service we provide including our Service Details document.
An example of what’s included in the Service Details document include:
- Full Service Description
Includes information on HSM groups, local master keys etc. - Service Types
A comprehensive overview of the Beta Test, Shared and Dedicated Services - Responsibilities
Defining MYHSM and the customer's responsibilities - Operations
Outlining the onboarding process, operations, customer portal etc. - Performance
Provides information on latency - Plus More
Pricing, availability, networks and service level expectations
Please note in order to access our documentations, an electronic NDA will need to be signed. We will send you this via email once you have submitted the request form below.