VirtuCrypt Cloud

Improve security while reducing overhead

Provision and deploy hardware security modules (HSMs) and key management servers through Futurex’s VirtuCrypt cloud service:

  • Access unlimited cryptographic functionality
  • Protect data in different PCI zones
  • Reduce compliance scope
  • Increase system redundancy
Sales brochureTalk to a pro

Geographically diverse data centers

Accessible from virtually anywhere, the VirtuCrypt cloud enables you to scale to global operations. If a disaster occurs, your critical infrastructure remains highly available with full redundancy and no downtime.

Data center information

Compliant, flexible, and scalable

Deploy complete infrastructures or spin up individual cryptographic functions as needed–all with the same high performance and security of physical hardware, and at a more efficient cost. VirtuCrypt cloud HSMs are validated under FIPS 140-2 Level 3 and PCI HSM standards.

See our architecture

VirtuCrypt cloud HSM solutions

The power of the cloud is its flexibility. The Futurex cloud services are not a template to which you conform: they are a canvas on which you create and deploy your ideal cryptographic infrastructure. Our HSMs include vendor-neutral APIs to simplify integration and minimize the impact on existing infrastructure while laying the foundation for further cryptographic development.

VirtuCrypt Cloud HSM
A fully-managed cloud HSM service using FIPS 140-2 Level 3-validated hardware in data centers around the world. Visit page
VirtuCrypt Cloud Payment HSM
The world’s first cloud payment HSM service, serving customers worldwide with native public cloud integration. Visit page
Schedule a demo

Native integration with public clouds

Integrating on-premises hardware with cloud-based applications or connecting Software-as-a-Service (SaaS) solutions to separate cloud applications has enabled sharing and unifying data and improved connectivity and visibility.

  • VirtuCrypt access point (VAP): Use a single set of cloud HSMs across multiple regions within a single public cloud provider
  • Connect applications spanning multiple public cloud platforms to a single VirtuCrypt cloud HSM estate
  • CryptoTunnels: Turnkey connection security between on-premises apps, cloud-hosted applications, and cloud HSMs
  • Public cloud integration allows account management, invoicing, and billing to be handled from a single interface
  • See it on AWS Marketplace!

Payment services and cloud HSMs

Financial acquiring

  • PIN translation and verification
  • EMV validation
  • Message Authentication Code (MAC) generation and verification
  • Financial key management and derivation
  • CVV generation and validation
  • Mobile payment acceptance

Financial issuing

  • PIN and offset generation
  • Mobile and web PIN management
  • EMV key generation and derivation
  • Mobile payment token issuance

Point-to-Point Encryption (P2PE)

  • Cardholder data decryption (FPE & DUKPT)
  • Cardholder data translation
  • P2PE key management

Key management methods

Secure encryption key loading is crucial to building a secure environment. Administrators can securely load major keys into cloud payment HSMs by using several methods, including Bring Your Own Key (BYOK), key agent services, and HSM-generated keys.

Bring Your Own Key (BYOK)

Organizations requiring self-management of encryption keys to protect their most sensitive data can use bring your own key (BYOK) services to manage their keys in VirtuCrypt cloud payment HSMs. The Excrypt Touch is the Futurex FIPS 140-2 Level 3 and PCI HSM-validated tablet that allows organizations to manage their own encryption keys from anywhere in the world. With the Excrypt Touch, administrators can establish a remote TLS connection with mutual authentication and load clear master keys to VirtuCrypt cloud payment HSMs.

Transferring keys to VirtuCrypt cloud payment HSMs with the Excrypt Touch uses double encipherment for key components. Double encipherment adds additional security by requiring the components to be encrypted by two separate keys.

Key agent service

For organizations requiring key management assistance, the Futurex key agent team can load keys into VirtuCrypt cloud payment HSMs. With this service, VirtuCrypt handles the loading and storing of key components. The ownership of the keys remains with the customer throughout this process.

HSM-generated keys

Administrators can randomly generate major keys by using the FIPS 140-2 Level-certified random number generator (RNG) of their cloud HSMs.

Service structure

VirtuCrypt cloud HSMs come in different models. Organizations can choose a model depending on what level of functionality and power they need.

Functionality

You can customize a financial HSM to include any hardware encryption function. Use VirtuCrypt’s cloud payment HSM service with your choice of profiles: transaction acquiring or card and mobile issuing.

Redundancy

Organizations can choose from different redundancy options. Having a single HSM at one site offers no redundancy. With site redundancy, two HSMs are active at one site, increasing the dependability of the system. A step up from that is full redundancy: with four HSMs at two different sites, the system is completely protected against hardware failures and data loss due to a lack of backup.

High availability

High availability goes beyond redundancy, and you can achieve this only by
eliminating single points of failure, having reliable crossover or failover points, and reacting to failures in real-time. Configure your infrastructure to be highly available by configuring and automating redundant cloud HSMs with SLA-backed uptime.

In the cloud, on-premises, or a hybrid of both: Futurex delivers tailored cryptographic solutions to fit your business needs.

 

Any cryptographic function. Any size. Any scale. Any location.

Learn more

Direct integration with major public cloud providers

Amazon Web Services

Sign up now

Microsoft Azure

Sign up now

Google Cloud Platform

Request consultation

Direct integration with other services and applications housed outside the public cloud itself is an increasingly popular choice for public cloud usage. Cloud Payment HSMs offer direct integration with public clouds,  and you can rapidly provision services through the public cloud marketplace.

Want to learn more?

Contact a Solutions Architect today.

Give us a call