An Introduction to Common Data Encryption Terms
Are you just getting started in the data security industry? Maybe you’ve decided it’s time to find a more secure way to protect your organization’s most sensitive data. Or maybe you’re just curious about what “data security” really means. Data security is a vital and ever-growing field in the corporate landscape. Customers requiring cryptographic solutions range from healthcare professionals to business executives, and more organizations are turning to dedicated cryptographic solutions providers each day. Still, when it comes to the common terms and topics utilized in the industry, the learning curve can be dauntingly steep. Where can someone who’s new to the field turn for information?
At Futurex, our mission is to be the leading provider of cryptographic solutions in the world. Part of being the leading provider is supplying individuals with quality education and training materials so that potential customers and industry professionals can stay informed and up to date in the wide world of data security. This list of basic terms and acronyms used regularly by cryptographic solutions providers like Futurex will help get you started in your learning process.
Let’s start by decoding some of the most common acronyms.
Hardware Security Module (HSM)
A hardware security module, or HSM, is a dedicated, standards-compliant cryptographic appliance designed to protect sensitive data in transit, in use, and at rest using physical, tamper-proof security measures, logical security controls, and strong encryption.
Secure Cryptographic Device (SCD)
A secure cryptographic device, or SCD, is any device, hardware, or software that securely stores and protects cryptographic data, like an HSM.
Base Architecture Model (BAM)
A base architecture model, or BAM, is a secure, robust, and streamlined common code base that provides an efficient foundation for a data security infrastructure. A BAM provides organizations with stability across extended periods of time and gives them the ability to update all their devices at one time, greatly reducing the time needed for system updates.
Quantum-Resistant Cryptography (QRC)
Quantum-resistant cryptography, or QRC, is a cryptographic method that is resistant to attacks from a quantum computer. While such attacks are unlikely to happen any time soon, QRC allows for security and peace-of-mind going into the future of data security threats.
Public Key Infrastructure (PKI)
Public key infrastructure, or PKI, is a secure method for establishing and maintaining trusted connections across endpoints such as banks and ATMs. It involves asymmetric encryption, meaning that certificates comprised of public and private keys are used for both the encryption and decryption of information. Because the public key cannot decrypt data, only encrypt it, it can be widely distributed to anyone without fear of exposing sensitive data. The private key is kept highly secure by an individual organization and can be used to decrypt data safely.
Transactions per Second (TPS)
Transactions per second, or TPS, refers to the average amount of transactions any business carries out per any given second of their business hours. TPS amounts vary widely per company, but Futurex’s Excrypt SSP Enterprise v.2, the fastest in the industry, can handle over 20,000 TPS.
Payment Card Industry Data Security Standard (PCI-DSS)
The Payment Card Industry Data Security Standard, or PCI-DSS, is one of a set of standards that organizations who process, store, or transmit payment information must meet in order to continue operations. The Data Security Standard is a broad set of rules meant to protect consumer payment information from all means of malicious and unintended use.
Internet of Things (IoT)
The Internet of Things, or IoT, refers to the rapidly growing network of small smart devices that create a network of communications between one another, such as cell phones, computers, self-driving cars, cameras, urban sensors, ATMs, and more. As the IoT expands, the need for comprehensive data solutions grows.
Point of Sale (POS)
Point of Sale devices, or POS, are transaction devices capable of processing paid transactions using credit card information. They are used at most businesses around the world. They typically safeguard data using encryption key generation.
Point-to-Point Encryption (P2PE)
Point-to-point encryption, or P2PE, is a technology Futurex deploys to encrypt cardholder data (also known as CHD) at the point-of-contact when processed at a payment terminal. It’s meant to encrypt data as it moves between points, without transmitting it “in-the-clear.” It is ideal for those who want a reduction in their scope of compliance because it ensures data is encrypted from start to finish.
Europay, MasterCard, and Visa (EMV)
Europay, MasterCard, and Visa, or EMV, stands for a popular global standard for payment card fraud prevention. More and more major card brands and payment processors are implementing technology into their systems under this standard. EMV is designed to increase the security of cardholder data by making it more difficult to skim information from payment cards.
Remote Key Loading (RKL)
Remote key loading, or RKL, is a method of establishing a secure, PKI-authenticated connection to any POS or ATM device to remotely distribute encryption keys without having to physically access the device. RKL allows organizations to manage keys for an entire infrastructure by sending cryptographically secure key exchanges from a centralized location.
Now that we’ve covered the most common acronyms used in data security, let’s go over some other key terms:
Encryption is the foundation of data security. In virtually any business or organization, government or private, encryption is what keeps sensitive information safe. Encryption is the process of altering the form of a set of information for the purpose of hiding its meaning. In data security, this often means creating a set of codes that can only be cracked by people with the key to decrypt them.
“The cloud” refers to an online database that holds information for increasingly wide-ranging services such as email, storage, web development, and analytics. VirtuCrypt, Futurex’s sister company, offers their own cloud capable of securing an enterprise organization's cloud services through a remote user interface. This keeps sensitive data safe from the wrong eyes.
Solutions Architects are cryptographic solutions service and support providers unique to Futurex. They are experts with years of cryptographic solutions experience. They provide customized solutions and 24x7x365 support for Futurex customers.
Tokenization is a process that protects cardholder data in all locations, even when it is not in use. It uses randomly generated substitute characters as placeholder data. These random characters, known as tokens, have no intrinsic value, but they allow authorized users to retrieve the sensitive data when needed. Stolen tokenized data is useless to cybercriminals, because the real information is securely stored within the cryptographic boundary of an HSM.
Asymmetric encryption refers to the process in which certificates comprised of public and private keys are used for both the encryption and decryption of information. Because the public key cannot decrypt data, only encrypt it, it can be widely distributed to anyone without fear of exposing sensitive data. The private key is kept highly secure by an individual organization and can be used to decrypt data safely.
Symmetric encryption refers to the process in which public and the private keyholders both hold the same key for the encryption and decryption of information. Symmetric keys should only be distributed to trusted and need-to-know individuals to prevent a security breach.
Scope of Compliance
A company’s scope of compliance refers to the standards and regulations they must meet in order to pass a compliance audit. It is vitally important to verify that every aspect of a business’ infrastructure meets compliance standards prior to the audit. At Futurex, our expert Solutions Architects are trained to make sure you are always prepared and up to date with the latest compliance standards.
With these terms and acronyms in your technical arsenal, you’re well on your way to developing a general understanding of data security and the data solutions industry. To learn more about encryption solutions or about implementing a unique data solution for your organization, reach out to our Solutions Architects. We would be happy to help you craft an individualized, comprehensive, and compliant infrastructure for your data security needs.