Gemalto Safenet Solution for Payments and Transactions
Click Here to jump to pricing!
Overview:
Transaction and Payment Security Solutions
Payment processing is the lifeblood of all financial service providers and merchants. Ensuring the security of consumer data is essential to the integrity of intra-bank network payments, ACH transfers, check clearing, mobile payments, and credit card transactions. Regardless of the processing method, payments and transfers must be handled securely and quickly—especially when transactions are of high monetary value.
Fortunately organizations can address these critical use cases with SafeNet Hardware Security Modules (HSMs) from Gemalto, trusted transaction and payment security solutions used to protect over $1 trillion worldwide every day.
As a leading provider of financial and payment HSMs, our transaction security solutions are designed to support the needs of payment processing environments for credit, debit, e-purse and chip cards, internet payment applications, web-based personal identification number (PIN) delivery, and more.
Our Transaction and Payment Security HSMs:
SafeNet Payment HSM
The SafeNet Payment HSM is a high performance, network-attached Hardware Security Module (HSM) designed to secure financial transactions.
SafeNet PIN Delivery
Gemalto’s award-winning PIN management platform, SafeNet PIN Delivery is designed to securely deliver PINs and lower the risk of fraud that occurs when PIN mailer letters are intercepted en route to customers.
Transaction and Payment Security Use Cases:
Build Point to Point Encryption (P2PE) Solutions
With a Point to Point Encryption solution, merchants can dramatically reduce the scope and cost of PCI DSS compliance. HSMs are a required component of a P2PE compliant solution, and SafeNet Payment HSMs are used by some of the leading P2PE application providers.
Securely Deliver Personal Identification Numbers
Banks and card issuers have always struggled to find a secure and cost effective way to deliver PINs. Paper-based mailers are slow and easy to intercept by fraudsters, and voiced-based systems cannot be effectively secured. With SafeNet HSMs PINs can be delivered digitally via a secure end-to-end encrypted tunnel between the cardholder and the card issuer.
Protect Electronic Invoices' Digital Signatures
Digital signatures establish trust and lend validity to electronic invoicing. If the certificates used to sign the electronic invoice are compromised, sensitive data is put in jeopardy. SafeNet Hardware Security Modules secure the cryptographic keys and certificates at the heart of digital signatures, ensuring the integrity of the invoice.
Ensure SSL Viability
The Secure Sockets Layer (SSL) protocol offers privacy and security for sensitive online activities – including web-based transactions. However, this makes the SSL digital certificates used to authenticate the identity of a web server a target of cyber criminals. Hardware security modules can help overcome this vulnerability and prevent cyber criminals from obtaining SSL certificates and cryptographic keys.
Secure Mobile Payments
Mobile devices are everywhere and consumers are increasingly demanding new ways to make retail payments that leverage these technologies. From peer-to-peer applications to contactless payment cards, SafeNet HSMs support and enhance the expanding payment ecosystem.
Adhere to the EMV Security Standard
SafeNet HSMs specifically meet the needs of payment processors, card issuers, acquirers, merchants, and e-payment solution providers who need to adhere to EMV security standards and offer comprehensive EMV support from transaction processing to card issuance capabilities.
"In developing the Solve DataShield offering, it was vital that we effectively comply with all the relevant PCI P2PE standards, including robust key management policies. Gemalto SafeNet Luna EFT HSMs delivered all the security capabilities that were required, while providing a platform that we could deploy quickly and manage efficiently."
- Nick Stacey, Dir. of Business & Market Operations at The Logic Group
Point-to-Point Encryption (P2PE) for Cost Effective PCI DSS Compliance
For years now, the Payment Card Industry Security Standards Council (PCI SSC) has been the driving force behind the definition, articulation, and enforcement of security requirements for the payments industry. The PCI SSC has developed several standards, including the PCI Data Security Standard (PCI DSS), Payment Application Data Security Standard (PA-DSS), and PIN Transaction Security (PTS) requirements.
The same organization also defined PCI Point-to-Point Encryption (P2PE) standards. Through these standards, the PCI SSC details how providers of P2PE solutions can validate their solutions, and how, by leveraging these validated solutions, merchants can reduce the scope of their PCI DSS assessments.
Reducing the Cost of PCI DSS
Larger merchants may have hundreds or thousands of stores, which will mean there are thousands of point-of-sale (POS) systems and PIN entry devices (PEDs) that will be in scope and must be brought into compliance. Achieving and maintaining compliance is a complex, time consuming and costly process.
Simply by deploying a P2PE-compliant PED devices, merchants can effectively remove their stores from the scope of PCI DSS compliance. Consequently, for the vendors that serve the merchant community, delivering P2PE-compliant offerings to market can present a massive opportunity.
Leveraging HSMs for P2PE Compliance
The P2PE standard includes a number of requirements relating to the use of Hardware Security Modules (HSM) for encryption, decryption, and key management. Only a small number of vendors have the ability to offer P2PE-compliant solutions, and the SafeNet Payment HSM has played a key role in helping these vendors bringing their P2PE solutions to market.
SafeNet Payment HSM
SafeNet Payment HSM (formerly Luna EFT) is a network-attached hardware security module (HSM) designed for retail payment system processing environments for credit, debit, e-purse and chip cards, as well as internet payment applications.
"In developing the Solve DataShield offering, it was vital that we effectively comply with all the relevant PCI P2PE standards, including robust key management policies. Gemalto SafeNet Luna EFT HSMs delivered all the security capabilities that were required, while providing a platform that we could deploy quickly and manage efficiently."
- Nick Stacey, Dir. of Business & Market Operations at The Logic Group
Secure Digital Signatures
Companies from around the world and various industries are moving towards digital signing to comply with regulations, expedite business processes, and reduce operational costs.
By adopting digital signature processes, companies are able to reduce waiting time, save money, provide copies to all parties, create archives, increase security through digital encryption, and meet compliance requirements.
SafeNet Solutions for Secure Digital Signing
In conjunction with leading partners, SafeNet solutions guarantee signer authenticity and the data integrity of electronic documents in a manner that is secure and easy to deploy and manage.
The combination of this solution enables the strongest utilization of digital signatures and provides the advantages of:
- Streamlined Business Processes
- Paperless Office
- Non-Repudiation
- High Assurance
- Compliance
Digital Signing with Hardware Security Modules
Protecting digital signatures from compromise requires mechanism to secure the cryptographic keys at the heart of the digital signatures themselves. If the cryptographic keys associated with the digital signatures are in any way compromised, the entire Bankline Direct infrastructure will be compromised. For this reason, many organizations use hardware security modules (HSMs) to protect the private keys used for digital signatures.
Digital Signing Use Cases
SafeNet Digital Signing solutions are often used to secure:
DNS Server Security
To ensure the validity of DNS services, DNSSEC employs public key cryptography to digitally sign DNS messages. Therefore, to realize the security required, robust protection of private signing keys is vital.
Smart Grid Security
Building a trusted smart grid requires robust security solutions that can be easily deployed at the communication and application layers of the smart grid infrastructure.
Code Signing Security
Today, many software marketplaces, including mobile app stores, require code to be compliant with specific digital signing requirements. In order to effectively secure private keys used in code signing, it is vital for organizations to leverage hardware security modules (HSMs).
Electronic Invoicing Security
Digital signatures, powered by encryption and public key infrastructure (PKI), represent the means for establishing trust in electronic invoices.
Document Signing with PKI Smart Cards and Tokens
As organizations move from paper toward digital business processes and initiatives, Gemalto PKI solutions are secure, portable, and simple-to-use solution that streamlines business processes and reduces the time and costs associated with traditional paper-based document signing. Gemalto users can digitally sign documents, files, forms, and transactions anywhere using SafeNet eTokens or IDPrime smart cards as the Secure Signature Creation Device (SSCD) to ensure compliance with regulatory requirements, and seamlessly transition towards a paperless office environment.
Partner Spotlight: Adobe LiveCycle Document Security
SafeNet Hardware Security Modules provide industry-based best practices hardware to enhance protection of the signing and encryption digital certificates used by Adobe® LiveCycle™ Document Security. By securing the certificates that protect corporate identities, SafeNet HSMs ensure that the digital identity of documents is secure throughout the corporate workflow.
Benefits of Digital Signatures with SafeNet HSMs:
- Ensure integrity of documents
- Secure electronic tracking and storage
- Scale to accommodate high volumes of documents
- Enhance security and ensure compliance
- Reduce costs
- FIPS validated and Common Criteria Certified
"Security is so important to our clients. We needed a solution that would provide the level of trust our customers were demanding. Gemalto solutions not only provided the security we were looking for but did so in a way that won’t hinder the development and expansion of our business. Our overall experience was very positive."
Maxim Shelemekh
Head of IT Risk and Control
ProminvestBank
Bring Trust to Blockchain with Gemalto
Within a permissioned blockchain transactions are validated and processed by participants that are already recognized by the ledger. Even though this is the case, there is still a challenge and issue of trust. How can one ensure the blockchain is secure and trustworthy in order to avoid the substantial impact of a cyberattack? The answer is by building security into your blockchain technology from the start, through strong authentication and cryptography key vaulting.
SafeNet's Hardware Security Modules (HSMs) and Authentication services can help you secure blockchain in the following three areas:
- Provide strong identities and authentication to gain access to the blockchain;
- Secure core blockchain technologies; and
- Secure communications across the blockchain network.
Gemalto Blockchain Solutions
As many as 90% of enterprise blockchain projects launched this year will meet a premature end within 18 to 24 months. Don’t get caught in the same situation. Ensure you build security into your solution from the ground up, always storing your keys in hardware.
SafeNet Luna Network HSMs are designed to store the private keys used by blockchain members to sign all transactions in a FIPS 140-2 Level 3 dedicated cryptographic processor. Keys are stored throughout their lifecycle, ensuring cryptographic keys cannot be used by unauthorized devices or people. Cryptographic keys kept in software are at risk of theft which compromises the entire blockchain ledger.
SafeNet ProtectServer HSMs, like the SafeNet Luna Network HSMs, are designed to protect cryptographic keys against compromise while providing encryption, signing, and authentication services. Execute your own blockchain Functionality Modules (FMs) within the secure confines of the FIPS 140-2 Level 3 certified hardware.
SafeNet Authentication Service (SAS) will substantially reduce your total cost of operation and tailor authentication to meet your unique needs with this fully automated, highly-secure authentication-as-a service with flexible token options.
About Blockchain
- Blockchain is a distributed database that provides a secure, yet transparent way to make, record and verify any type of transaction.
- Transaction does not have to be financial; it is simply any type of transfer between two parties that typically would require a third party to authenticate each party and broker the exchange.
- Blockchain eliminates the need for centralized control – instead all transactions are decentralized, and verified by the blockchain database itself in the distributed ledger.
- Contrary to the most popular use case, blockchain technologies don’t only secure financial transactions – in fact they can be used to track and verify any kind of digital asset, as well as code or smart contracts.
Benefits of Blockchain
- Eliminate the need for centralized control and the additional costs
- Trust is distributed between blockchain members
- Transactions are digitally signed using an asset owner public/private key pair
- Once recorded, data in a block cannot be altered retroactively
- Open, distributed ledgers record transactions between two parties efficiently and in a verifiable and permanent way
- Transactions don’t have to be just data – they can also be code or smart contracts
Top 3 Popular Blockchain Use Cases
#1 Cryptocurrency
Risk: Encrypted digital currencies identify the currency itself, but not its owner. Whoever holds the coin's encryption key owns the currency. This means that when a coin is stolen, it's gone—and you have no way of getting it back.
Solution: Storing your encryption keys in a FIPS-validated root of trust is critical to ensuring you own your keys and ultimately your cryptocurrency.
#2 Smart Contracts
Risk: A smart contract is a computer program that describes an agreement with the ability to self-execute and enforce the terms of a contract. If the blockchain is breached, a smart contract can be altered, breaking the trust of the blockchain and removing the ability for two parties to conduct business without the need for a middleman.
Solution: Securely self-execute the terms of a contract with anonymous parties through strong authentication and storing your encryption keys in a hardware root of trust, ensuring the parties are properly identified and that no one can access your data.
#3 Internet of Things (IoT)
Risk: The restrictions imposed by a traditional central-authority trust model have helped make the IoT vulnerable. Most notably Mirai-style botnets, which recently allowed hackers to easily take over thousands of IoT devices. Only protecting the IoT devices with default passwords allowed hackers to launch Distributed Denial of Service (DDoS) attacks.
Solution: Blockchain helps secure the IoT by providing a distributed trust model. The blockchain removes the single-point-of-failure, in turn enabling device networks to protect themselves in other ways, for example by allowing the nodes within a given network to quarantine any nodes that start behaving unusually.
Gemalto Blockchain Partners:
Gemalto has partnered with industry-leading blockchain and cryptocurrency partners to provide enterprise-grade solutions for securing transactions. Together with partners such as Ledger, BitGo, and Symbiont, Gemalto is protecting the way industries are conducting business, bringing efficiency and establishing trust. Gemalto also supports multiple blockchain applications including Bitcoin, Hyperledger, Ethereum, Altcoins, Monero, and more.
Let us help
With all of the uncertainty about blockchain, the abundance of standards and protocols, and moving from a centralized to decentralized platform, getting started with Blockchain is challenging and intimidating at best. Avoid joining the myriad of blockchain organizations that are failing at implementing blockchain technology. Contact Gemalto to determine how you too can benefit from Blockchain, and learn how Gemalto’s HSM and SAS solutions can keep your transactions secure.
In our webinar, “Blockchain for payments: Experience on the ground”, we speak to some of the leading operators in the blockchain payments space to learn more about their experience to date and what they see for the future of blockchain payments.
Pricing Notes:
- Pricing and product availability subject to change without notice.