The art of designing crypto infrastructure for payments
When it comes to protecting PCI data, the payment ecosystem’s cryptographic infrastructure has unique challenges and requirements around security, robustness, high availability, and compliance. Think about every transaction, every validation, every authentication. Compliance considerations notwithstanding, designing, developing, and certifying these cryptographic modules and their infrastructure is far from a defined recipe — it’s an art. Within a series of established best practices, there is room for customization and improvisation.
Tune in September 22 for The Art of Designing Crypto Infrastructure for Payments, presented by Adam Cason, Vice President, Global and Strategic Alliances at Futurex, at this year’s ICMC20 (International Cryptographic Module Conference). At this virtual event, Cason will address top crypto questions and best practices for payment security and financial encryption.
By registering & attending this session, attendees will learn how to self-assess their cryptographic infrastructure —designs, certification plans, and deployment architecture — implement new and battle-tested encryption techniques and best practices implemented by top financial services organizations for protecting some of the world’s most sensitive payment data. Register for ICMC20
Top 5 Payment Security Questions
Here are five common questions that banks, payment processors, and credit unions often have around payment security:
1. What standards are most applicable to payments-focused cryptographic modules?
2. What is necessary in order for cryptographic modules to operate in compliance with both PCI HSM and FIPS 140-2 standards simultaneously?
3. How does the Derived Unique Key Per Transaction (DUKPT) key management scheme work?
4. What are TR-31 key blocks and can they share any benefits to general-purpose environments?
5. How are transitions, such as the move from 3DES to AES and the move from SHA-1 to SHA-2, affecting the financial services industry?
At ICMC20, Cason will address these questions and discuss the state of cryptographic infrastructure for digital payments, focusing on common ecosystem designs and use cases. These designs include traditional application-constrained silos, internal crypto-as-a-service deployments, and hardware security models (HSMs) on-premises and in the cloud.
Schedule a meeting
Whatever your cryptographic infrastructure mix is currently or in the future — on-premises or in the cloud, or a combination, Futurex can help support you through the designing, development, and certification process.