Key Injection gives every Device an Identity
Security by Design – the route to secure identity. The number of connected devices in the Internet of Things (IoT) is growing exponentially, increasing the risk of manipulation of these devices. As a result, the authenticity, integrity and confidentiality of the device or the data needs to be guaranteed.
Key injection is the starting point for securely managing an IoT device over its product lifetime. To make sure that device identities are not hacked, keys need to be generated by an HSM.
Business value
Root of Trust for IoT
- Ensuring that each device has a unique electronic identity that can be trusted and managed throughout the complete device life-cycle from manufacturing (key injection) through device operation (PKI) to end-of-operation (key termination). Secures key storage and processing inside the secure boundary of the HSM
- Extensive key management with key authorization
Device & Data Security
- Providing each device with a trusted ‘key injected’ identity using digital certificates
- Ensuring secure communication and software updates over the lifetime of the device
- Secures storage of data obtained and shared by devices in a database using encryption and secure key storage in an HSM
- Device auditing & tracking
- If a device demonstrates unusual behaviour, administrators can revoke privileges or decommission the device
Scalable and flexible
- Seamless integration – supplying a key injection solution for establishing a secure, authenticated network of devices
- Performs periodic key rotations in the instance of suspected or known key compromise by quickly and efficiently replacing terminal keys in the field
- Multiple integrations with PKI applications, database encryption
- PKI can be managed on-premise or cloud-based.
- Supports the requirements of Verifone Remote Key (VRK), allowing customers with their own Terminal Management Systems to build a remote keying facility.
Remote Access
Remote Key Delivery- Supporting the remote distribution of keys to deployed (POI) terminals
Software Simulator included
Included simulator allowing for evaluation and integration testing to benchmark the best possible solution for each specific case
Deployment options
On Premise
- Useful for centralized use cases without a requirement of scalability or remote accessibility and existing legacy infrastructure
- Defined total cost of ownership
- Complete control on hardware and software, including configuration and upgrades
- Secured uptime in areas with insatiable internet connectivity
- Preferred choice in industry-segments where regulation imposes restrictions
In the Cloud
- Strategic architectural fit & risk management for your high value assets
- Provides flexibility, scalability and availability of HSM-as-a-service
- Ideal for a multi-cloud strategy, supporting multi-cloud deployments & allows for migration flexibility
- Allows you to seamlessly work with any Cloud Service Provider
- Easy-to-use remote management and on-site key ceremony service option
- Full control over data through encryption key life-cycle and key administration
- Secured data privacy through Bring-Your-Own-Key procedures