node-746
Key & Secrets Management
- What is Encryption Key Management?
- What is a Centralized Key Management System?
- What is Bring Your Own Key (BYOK)?
- What is FIPS 140-2?
- What is DNSSEC?
- What is a Credentials Management System?
- What is Key Management Interoperability Protocol (KMIP)?
- What is an Asymmetric Key or Asymmetric Key Cryptography?
- What is a Symmetric Key?
- What is the Encryption Key Management Lifecycle?
Encryption
- What is Storage Encryption?
- What is Network Encryption?
- What is Transparent Encryption?
- What is End-to-End Encryption?
- What is Point-to-Point Encryption?
- What is Application Layer Encryption?
- What is Tokenization?
- What is Dynamic Masking?
- What is Data at Rest?
- What is Full-Disk Encryption (FDE) and What are Self-Encrypting Drives (SED)?
- What is data center interconnect (DCI) layer 2 encryption?
Hardware Security Modules
Signing, Certificates and Stamping
Public Key Infrastructure (PKI)
Data Protection & Security Regulations
PCI DSS Compliance
- Why Does PCI DSS Matter?
- Why Should My Organization Maintain a Universal Data Security Standard, If It Is Subject to PCI DSS?
- What Are the Core Requirements of PCI DSS?
- Can I Use PCI DSS Principles to Protect Other Data?
- How Can I Protect Stored Payment Cardholder Data (PCI DSS Requirement 3)?
- How Can I Encrypt Account Data in Transit (PCI DSS Requirement 4)?
- How Can I Restrict Access to Cardholder Data (PCI DSS Requirement 7)?
- How Can I Authenticate Access to System Components (PCI DSS Requirement 8)?
- How Can I Monitor Access to Cardholder Data (PCI DSS Requirement 10)?
- How Can I Make Stored PAN Information Unreadable?
Data Security in the Cloud
- How Do I Extend my Existing Security and Data Controls to the Cloud?
- How Do I Protect Data as I Move and Store it in the Cloud?
- How Do I Ensure the Cloud Provider Does Not Access my Data?
- Can I Use my own Encryption Keys in the Cloud?
- How Do I Enforce Data Residency Policies in the Cloud and, Specifically, Comply with GDPR?
- How Do I Track and Monitor Data Access and Usage in the Cloud?
- Can I Secure Containers in the Cloud or across Different Clouds?
- How Do I Secure my Data in a Multi-Tenant Cloud Environment?
- What is the Shared Security Model?
- What is the Cloud Security Alliance?
- What is the Cloud Controls Matrix?
- What is the Consensus Assessment Initiative Questionnaire?
- What is SalesForce Shield Platform Encryption?
- What is Multi-Cloud Key Management?
Internet of Things (IoT)
- What Are the Key Requirements of IoT Security?
- What Do Connected Devices Require to Participate in the IoT Securely?
- Are There Security Guidelines for the IoT?
- Why Is Device Authentication Necessary for the IoT?
- Why Is Secure Manufacturing Necessary for IoT Devices?
- Why Is Code Signing Necessary for IoT Devices?
- What is IoT PKI?
Thales Special Reports
APAC Compliance
Americas Compliance
- What is New York State’s Cybersecurity Requirements for Financial Services Companies Compliance?
- What is FISMA Compliance?
- What is FIPS 199 and FIPS 200 Compliance?
- What is FIPS 140-2 Certification?
- What is NCUA Regulatory Compliance?
- What is Sarbanes-Oxley (SOX) Act Data-at-Rest Security Compliance?
- What is NAIC Insurance Data Security Model Law Compliance?
- What is FedRAMP?
- What is GLBA Compliance?
- What is HIPAA HITECH?
- What is FDA/DEA EPCS Compliance?
- What is NIST 800-53, Revision 4?
Global Compliance
What is a Payment Hardware Security Module (HSM)?
A payment HSM is a hardened, tamper-resistant hardware device that is used primarily by the retail banking industry to provide high levels of protection for cryptographic keys and customer PINs used during the issuance of magnetic stripe and EMV chip cards (and their mobile application equivalents) and the subsequent processing of credit and debit card payment transactions. Payment HSMs normally provide native cryptographic support for all the major card scheme payment applications and undergo rigorous independent hardware certification under global schemes such as FIPS 140-2, PCI HSM and other additional regional security requirements such as MEPS in France and APCA in Australia for example.
Some of their common use cases in the payments ecosystem include:
- PIN generation, management and validation
- PIN block translation during the network switching of ATM and POS transactions
- Card, user and cryptogram validation during payment transaction processing
- Payment credential issuing for payment cards and mobile applications
- Point-to-point encryption (P2PE) key management and secure data decryption
- Sharing keys securely with third parties to facilitate secure communications
