Definition: PCI standards are developed by the Payment Card Industry. PCI HSM (PCI Hardware Security Module) is a set of logical and physical security requirement standards for securing Hardware Security Modules (HSMs), specifically within the payment industry. Compliance with PCI standards is enforced by the payment card brands: Visa, MasterCard, American Express, JCB International, and Discover.
PCI HSM explained
The card brands mentioned above work with the PCI Security Standards Council to develop the PCI standards. PCI HSM is one of the latest to be developed.
Users, particularly organizations in the banking and finance industries, place a high value on compliance with the PCI-HSM standard. There are two primary reasons why customers value this certification:
- Compliance is increasingly becoming mandatory
- The PCI-HSM requirements make your system more secure
HSMs play a critical role in security payment transactions and therefore, it is critical that they are kept secure throughout their lifecycle - from manufacturing through to decommissioning and finally to end-of-life.
Using a non-certified payment HSM is just as risky as using an HSM that is certified according to an out-of-date security profile. It puts an organization at a heightened risk of a cyber attack, which could lead to a costly data breach. As outlined in the processes covered by the PCI HSM certification, this risk exists anywhere along the payment chain.
By investing in PCI HSM compliant hardware, this can be seen as an investment into the future of the business.