The best recipe for crypto infrastructure design
What is the best recipe for designing, developing, and certifying the right cryptographic infrastructure? The answer is, it depends. If you’re a financial services organization, the critical ingredients are security, robustness, high availability, and compliance. Hardware security modules (HSMs) are the “secret sauce,” the most critical ingredient for cryptographic security in any industry that requires robust encryption.
Financial services organizations require their HSMs to do everything a general-purpose HSM can handle — data encryption, key management, with standards-based APIs — plus more. Merchants, payment processors, and acquiring banks, for example, also require their HSMs to secure payment processing in order to meet compliance regulations. This includes an HSM that can handle proprietary APIs and interfaces, such as those that have gone through PA DSS review.
Why is payment security so challenging? First off, payment processing requires hardware and firmware to meet compliance. The most certifications required for cryptographic payment environments are PCI HSM and FIPS 140-2 Level 3 certification. Security architects designing payment processing environments require that their security hardware meet PCI standards and are current with the ever-evolving compliance mandates.
Algorithms, DUKPT, and Key Blocks, Oh My!
To meet industry needs, payment cryptography also relies on algorithms not commonly used in general-purpose environments (3DES) and uses unique wrapping methods (TR-31).
For example, DUKPT, or Derived Key Per Transaction, is an encryption key generation method to safeguard cardholder data for point-of-sale (POS) devices. For every transaction, a new, non-reusable key is made that cannot lead back to the original base key, keeping all the POS devices in the organization safe if a device is compromised. Read more about how the DUKPT process works.
Adam Cason, Vice President, Global and Strategic Alliances at Futurex, addressed top crypto questions and outlined best practices for payment security and financial encryption in his presentation at this year’s ICMC20 (International Cryptographic Module Conference). He outlined these best practices:
- People, process, and technology should have equal weight
- Before you begin, determine what type of environment you need now, and what type you’ll need in the long term
- Application-specific crypto stack
- Multi-application crypto-as-a-service
- Hybrid on-premises and financial cloud HSM
- Full cloud financial HSM
- Infrastructure resiliency is critical for payments, both from a module design and an end-user deployment perspective
- Don’t forget about crypto infrastructure ROI
- Keep the future in mind, specifically crypto agility
- DES —> 3DES —> AES —> ?
- Post-quantum cryptography
8 Key Questions to Ask Yourself
Whether you decide on an on-premises hardware solution, crypto-as-a-service, cloud, or hybrid, there are solutions available to address every financial service need. Questions to ask yourself:
- Do I have time to configure HSMs?
- What are your scalability needs?
- How big is your ecosystem?
- Do I need disaster recovery options?
- Do I need clustering and peering?
- How important are monitoring and analytics?
- Do I need outside expertise?
- Do I want to leverage the cloud?