Test
The Root of Trust for Payment Card and Payment Transaction Processing Use Cases

PaymentServer

Designed for the Payment Card and Payment Transaction Industry

Test
  • Provides certified hardware meeting strict compliance requirements for payment industry use cases
  • Specifically designed for cashless payment transaction processing, PIN transaction, card personalization and card issuance use cases
  • Includes a software simulator for evaluation and integration testing
Key Benefits

Key Benefits

Icon

Strong Compliance

PaymentServer meets the compliance requirements of PCI HSM, DK and is FIPS 140-2 Level 3 certified.

Icon

Specifically designed for Payment Card and Payment Transaction Processing

Targeted use in payment card schemes programs such as Visa, MasterCard, Amex and UnionPay.

Icon

Highly Customizable

PaymentServer provides a market-unique range of customization options, ranging from bespoke developments to certification services in order to obtain the necessary certification/ compliance for additional function requirements.

Details

Details

PaymentServer - The Root of Trust for Payment Card and Payment Transaction Processing Use Cases

Payment systems have evolved to keep pace with a changing economy. Keeping up with technology developments whilst meeting regulations and compliance standards are continuous challenges.

PaymentServer provides the ideal solution to meet these challenges. It is a highly secure and flexible HSM designed for transaction processing, PIN translation, card personalization and issuance, dedicated to its utilization in payment card schemes programs such as Visa, MasterCard, Amex and UnionPay.

PaymentServer has a high level of self-customization options, allowing the user to create their own unique and secret algorithms as well as customized service and support, in order to remain flexible and prepared for future certifications and compliance requirements . Before firmware integration, the integrated simulator with all HSM functionalities enables evaluation, development, and integration testing.

The high flexibility is also reflected in the capability to support both secure key storage inside the HSM and external encrypted key storage at a location of choice. Additionally, PaymentServer Includes API convergence enabling the user to utilize payment APIs as well as general purpose APIs such as a full set of PKCS #11 on the same HSM.

PaymentServer is available as SeGen 2 and CSe series.

High Security

  • True random number generator providing best-in-class entropy and high-quality keys
  • Strong cryptographic algorithms
  • 2FA and “n of n” quorum authentication
  • 2-factor authentication with smartcards    

Supports ePayment Specific Cryptographic Interfaces (APIs)

  • ByteBuffer Interface allowing to build the communication library and scripting C-API libraries for Windows and Linux independent from operating system
  • C-API as source code available for rapid integration on other operating systems (OS)    

Supported General Purpose Cryptographic Interfaces (APIs)

  • PKCS #11
  • JCE
  • CSP
  • CNG
  • SQLEKM
  • Utimaco‘s high performance interface Cryptographic eXtended services Interface (CXI)

Supported Cryptographic Algorithms

  • Triple-DES, DES, AES
  • RSA
  • MAC, CMAC, HMAC
  • SHA-1, SHA2-Family, SHA3, RIPEMD
  • Hash-based deterministic random number generator
  • (DRG.4 acc. AIS 31)
  • DSA, ECDSA with NIST and Brainpool curves
  • DH, ECDH with NIST and Brainpool curves    

High Speed

  • Provides a speed of up to 2,600 PIN translations per second    


Broad range of functionalities

  • UKPT
  • EMV, Visa, MasterCard
  • Full TR-31 support
  • ISO Pin Block Formats 1, 2, 3, 4 (AES PIN Block)
  • Support for ARPC, ARQC and ARC
  • On behalf key management
  • 25 key derivations supported

Highly customizable

  • Possibility to integrate additional functions and modifications through professional services
  • Certification services from Utimaco in order to obtain the necessary certification/ compliance for any additional function requirements
  • Customizable architecture to easily add new key derivation methods    

Software simulator included

  • HSM Simulator with all PaymentServer functionalities
  • Fully functional runtime including all administration and configuration tools
  • For evaluation, development and integration testing of functionalities prior to integration in the firmware of the PaymentServer HSM    

Fulfills various security and compliance mandates

  • PCI PTS HSM V3
  • DK
  • FIPS 140-2 Level 3 (hardware and base firmware)

Environmental compliance

  • CE, FCC Class B
  • RoHS III, WEEE
  • UL, IEC/EN 60950-1
  • CB certificate   

On-premise

Our on-premise options allow hosting the product directly on-site in your own network or data center.

  • LAN Appliance
  • PCIe Card

u.trust 360

u.trust 360 Hub and Spoke Model

 

Your Centralized Management and Monitoring Platform

Utimaco u.trust 360 is a unified platform that enables centralized administration, monitoring and provisioning of multiple Atalla AT1000 and CryptoServer HSM appliances. It provides an easy-to-use GUI with natural event and decision flow to manage 100s of cryptographic resources more effectively.

  • Centrally manage and monitor your Atalla and CryptoServer LAN V5 HSMs
  • Remotely access your Atalla and CryptoServer LAN V5 HSMs
  • Benefit from real-time monitoring, configuration, and reporting - on premise or in the cloud

Find more details


CryptoServer SDK

The professional development environment for customized HSM solutions enabling the self-customization of PaymentServer to handle proprietary and secret algorithms.

Find more details

Downloads

Downloads

PaymentServer Se Gen2
Data sheet

PaymentServer Se Gen2 Datasheet
PaymentServer Cse Datasheet
Data sheet

PaymentServer Cse Datasheet
Axfood Case Study
Case study

Axfood – One of Scandinavia’s Largest Food Retailers, Turns to Hardware to Secure Payment Data
Preview whitepaper download
White paper

Security for the Automotive Industry
The Critical Importance of Security and Compliance in the Digital Payments World (recording)
Webinar recording

The Critical Importance of Security and Compliance in the Digital Payments World
PCI Regulations and compliance deadlines Webinar
Webinar recording

PCI Regulations and Compliance Deadlines - Are you Prepared?
Technologies

Technologies

Data Protection & Compliance

What is a Data Breach?
Hardware Security Modules

What is a Hardware Security Module (HSM)?
Global Compliance

What is ISO 14001 Certification?
Global Compliance

What is ISO 9001 Certification?
EMEA Compliance

What is PCI DSS?

Contact us

We look forward to answering your questions.
financial-service-hsm-atalla-at1000

Atalla AT1000
Cryptosec Banking

Cryptosec Banking

How can we help you?

Talk to one of our specialists and find out how Utimaco can support you today.