Banking & Financial Services

Payment Security & Compliance

The vast majority of payments over the last few years have been cashless. Digital payment solutions are continually evolving in line with customer expectations and market demand. ATMs and POIs as established starting points in the transaction chain are being complemented by non-card based payment methods such as smartphones or IoT devices.

In this highly regulated industry, the complexity and potential exposure to security vulnerabilities are of increasing concern.

Utimaco offers modular, proven and compliant applications to secure the whole heterogeneous transaction processing chain, from points of departure to the end - in full compliance with PCI DSS and FIPS 140 regulations.

Trusted Processes

Applications for Trusted Digital End-to-End Processes


PCI Compliant Payment Card Processing

From Merchant’s Points of Sales, mobile devices and ATMs, Utimaco covers the complete chain of PIN encryption, authorization, PIN translation and Key Management through Acquirers, Switches and Issuers. Utimaco’s Atalla Division invented encrypted PIN and ATM messages in the 1970s and has led the evolution of standards and innovation ever since.


Tokenization of Payment Data

With widespread adoption of tokenization for multiple purposes, it’s no longer “good enough” to encrypt clear data and offer a surrogate. Utimaco provides tokens produced from FIPS 140-2 Level 3 certified RNGs with AES-256 encrypted keys.


Key Injection for Points of Interaction

PCI compliant attested devices are the starting point in the secure payment processing chain, initiating a non-repudiable and tamper-protected transaction. To make sure device identities can not be hacked, the keys need to be generated by an HSM.


5G Security

With 5G networks being built on software based models, ensuring security from the infrastructure layer to the application layer is an essential factor for consideration. HSM-protected 5G creates secure channels between devices and the bank.



The integration of HSMs into a blockchain solution secures the privacy and security that may be lost by distributing proprietary software to an untrusted network of blockchain operators. By storing private keys and data within the HSM, data integrity and user authentication can be dramatically improved. Proprietary code can even be stored and run fully within an HSM to protect intellectual property.


Post Quantum Crypto Agility (Future Proofs and PQC)

At this time, no quantum computer can run quantum algorithms, however once they are able to, these computers will decimate the security infrastructure of the digital economy. Post-quantum crypto-agility is a necessity for the financial services infrastructure to be able to evolve in the advent of a new generation of attacks and consequently evolving cryptographic standards and algorithms.


Payment HSMs as a Service

Alleviate the need for investment in hardware, secure facilities, management, ongoing PCI compliance, audit and support. MYHSM by Utimaco offers an alternative to operating and managing your own estate of Payment HSMs with a fully managed, PCI PIN compliant, cloud-based service.

Contact us

We look forward to answering your questions.

How can we help you?

Talk to one of our specialists and find out how Utimaco can support you today.
You have selected two different types of downloads, so you need to submit different forms which you can select via the two tabs.

Your download request(s):

    By submitting below form you will receive links for your selected downloads.

    Your download request(s):

      For this type of documents, your e-mail address needs to be verified. You will receive the links for your selected downloads via e-mail after submitting below form.

      About Utimaco's Downloads

      Visit our Downloads section and select from resources such as brochures, data sheets, white papers and much more. You can view and save almost all of them directly (by clicking the download button).

      For some documents, your e-mail address needs to be verified. The button contains an e-mail icon.

      Download via e-mail


      A click on such a button opens an online form which we kindly ask you to fill and submit. You can collect several downloads of this type and receive the links via e-mail by simply submitting one form for all of them. Your current collection is empty.