Designed for the Payment Card and Payment Transaction Industry
- Provides certified hardware meeting strict compliance requirements for payment industry use cases
- Specifically designed for cashless payment transaction processing, PIN transaction, card personalization and card issuance use cases
- Includes a software simulator for evaluation and integration testing
PaymentServer - The Root of Trust for Payment Card and Payment Transaction Processing Use Cases
Payment systems have evolved to keep pace with a changing economy. Keeping up with technology developments whilst meeting regulations and compliance standards are continuous challenges.
PaymentServer provides the ideal solution to meet these challenges. It is a highly secure and flexible HSM designed for transaction processing, PIN translation, card personalization and issuance, dedicated to its utilization in payment card schemes programs such as Visa, MasterCard, Amex and UnionPay.
PaymentServer has a high level of self-customization options, allowing the user to create their own unique and secret algorithms as well as customized service and support, in order to remain flexible and prepared for future certifications and compliance requirements . Before firmware integration, the integrated simulator with all HSM functionalities enables evaluation, development, and integration testing.
The high flexibility is also reflected in the capability to support both secure key storage inside the HSM and external encrypted key storage at a location of choice. Additionally, PaymentServer Includes API convergence enabling the user to utilize payment APIs as well as general purpose APIs such as a full set of PKCS #11 on the same HSM.
PaymentServer is available as SeGen 2 and CSe series.
- True random number generator providing best-in-class entropy and high-quality keys
- Strong cryptographic algorithms
- 2FA and “n of n” quorum authentication
- 2-factor authentication with smartcards
Supports ePayment Specific Cryptographic Interfaces (APIs)
- ByteBuffer Interface allowing to build the communication library and scripting C-API libraries for Windows and Linux independent from operating system
- C-API as source code available for rapid integration on other operating systems (OS)
Supported General Purpose Cryptographic Interfaces (APIs)
- PKCS #11
- Utimaco‘s high performance interface Cryptographic eXtended services Interface (CXI)
Supported Cryptographic Algorithms
- Triple-DES, DES, AES
- MAC, CMAC, HMAC
- SHA-1, SHA2-Family, SHA3, RIPEMD
- Hash-based deterministic random number generator
- (DRG.4 acc. AIS 31)
- DSA, ECDSA with NIST and Brainpool curves
- DH, ECDH with NIST and Brainpool curves
- Provides a speed of up to 2,600 PIN translations per second
Broad range of functionalities
- EMV, Visa, MasterCard
- Full TR-31 support
- ISO Pin Block Formats 1, 2, 3, 4 (AES PIN Block)
- Support for ARPC, ARQC and ARC
- On behalf key management
- 25 key derivations supported
- Possibility to integrate additional functions and modifications through professional services
- Certification services from Utimaco in order to obtain the necessary certification/ compliance for any additional function requirements
- Customizable architecture to easily add new key derivation methods
Software simulator included
- HSM Simulator with all PaymentServer functionalities
- Fully functional runtime including all administration and configuration tools
- For evaluation, development and integration testing of functionalities prior to integration in the firmware of the PaymentServer HSM
Fulfills various security and compliance mandates
- PCI PTS HSM V3
- FIPS 140-2 Level 3 (hardware and base firmware)
- CE, FCC Class B
- RoHS III, WEEE
- UL, IEC/EN 60950-1
- CB certificate
Your Centralized Management and Monitoring Platform
Utimaco u.trust 360 is a unified platform that enables centralized administration, monitoring and provisioning of multiple Atalla AT1000 and CryptoServer HSM appliances. It provides an easy-to-use GUI with natural event and decision flow to manage 100s of cryptographic resources more effectively.
- Centrally manage and monitor your Atalla and CryptoServer LAN V5 HSMs
- Remotely access your Atalla and CryptoServer LAN V5 HSMs
- Benefit from real-time monitoring, configuration, and reporting - on premise or in the cloud
The professional development environment for customized HSM solutions enabling the self-customization of PaymentServer to handle proprietary and secret algorithms.