Cryptographic key operations for critical real-time payment transactions
Thales announces that its payShield 10K technology is contributing to the deployment of the Microsoft Azure Payment Hardware Security Module (HSM), a new service that provides cryptographic key operations to protect critical real-time payment transactions in Azure. The solution is in the public pre-release version and enables service providers and financial institutions to facilitate the digital transformation of their cloud-based payment systems.
The integration of Thales payShield 10K with Microsoft Azure Payment HSM enables the provision of a cloud-based solution that covers a wide range of use cases, including payment processing, issuing proof of payment, securing keys and authentication data, and protecting sensitive data.
- Thales payShield 10K helps deploy the new Microsoft Azure Payment Hardware Security Module (HSM) service to securely run payment applications in Azure
- Provides financial institutions with a wide range of use cases, including payment processing, issuance of proof of payment and protection of sensitive data
Todd Moore, Vice President of Encryption Solutions at Thales
“The digital transformation of payment transactions into the cloud promises significant advantages for financial institutions and payment providers,” says Todd Moore, VP Encryption Products at Thales . “The integration of Thales’ HSM technology for payments offers financial institutions the same level of security for payment applications, but with compelling new features, including scalability, consumption-based pricing and remote management.“
“Microsoft Azure Payment HSM will make it much easier for companies to use the cloud and accelerate the secure transformation of their payment systems,” says Devendra Tiwari, Senior Director, Azure Security at Microsoft. “The integration of Thales payShield 10K allows us to meet the requirements of our customers while ensuring the security and integrity of each payment.“
Data protection and security for users of Payment HSM
The Microsoft Azure Payment HSM, which is provided via Thales payShield, offers clear advantages for Payment HSM users with local HSMs and for new participants in the payment ecosystem who opt for a cloud-native approach right from the start. These advantages include:
- Improved security and compliance: The Azure Payment HSM solution can be used as part of a validated PCI P2PE/PCI PIN component or solution, which simplifies compliance with ongoing security audits. The payShield 10K HSMs from Thales are FIPS 140-2 Level 3 and PCI HSM v3 certified.
- Customer-managed HSM in Azure: The Azure Payment HSM is part of a subscription service that provides single-tenant HSMs and full customer control as well as exclusive access to the HSM. Once the HSM is assigned, Microsoft does not have access to the customer data. If the HSM is no longer required, the customer data will be deleted as soon as the HSM is released to ensure that data protection and security are fully maintained.
- Remote management of payShield HSMs: The users of the Service will use the Thales payShield Manager for secure remote access to the HSMs as part of their service. Multiple subscription options are available to meet a wide range of performance and application requirements, which can be quickly upgraded according to the business growth of end users.
About payShield 10K
payShield 10K, the fifth generation of Thales payment HSMs, offers a range of payment security features that have proven themselves in critical environments, including processing transactions, protecting sensitive data, issuing payment cards, accepting mobile cards, and tokenizing payments. payShield 10K can be deployed across the global payment ecosystem of issuers, service providers, acquirers, processors and payment networks, meeting the latest mandated security requirements and best practices for a wide range of organizations, including EMVCo, PCI SSC, GlobalPlatform, Multos, ANSI and the various global and regional payment brands and networks.