Retail businesses no longer have to rely on software-based encryption for their on-site encryption of sensitive data. The superior security of hardware-based encryption is now available in mass, embeddable, small-form factor devices. The REM1000 is designed to integrate into retail environments with ease; multiple connectivity and enclosure options allow the REM1000 to be embedded directly into retail payment stations, POS terminals, and more.
Capable of communication through a versatile API, retail encryption tasks can be programmatically automated, which will considerably simplify the process of maintaining a large network of embeddable HSMs within your retail stores. Multiple protocols and APIs, including PKCS #11, ensures the REM1000 can be implemented into production environments with minimal integration work.
An all-in-one solution, the REM1000 has support for all major key types, algorithms, and protocols, providing your retail stores with the functionality they need while simultaneously significantly decreasing the scope of PCI DSS compliance. From EMV to RSA, the REM1000 allows for retailers to perform all of the encryption tasks that are necessary for their environments. Both symmetric and asymmetric key management is possible with the REM1000, enabling the establishment of a public key infrastructure for trusted and authenticated communication between endpoints.
The REM1000 is FIPS 140-2 level 3-compliant, meeting the standards for robust physical security. A tamper-evident and responsive design keeps data secure in the event of a physical intrusion attempt, and an optional self-contained enclosure is built to withstand the rigors of everyday retail environments. The REM1000 also meets compliance standards for RoHS and FCC Class B - Part 15.
Optimized SWaP-C (size, weight, power, and cooling) characteristics give your retail environment the encryption functionality it needs without the constraints of high power usage or spacing requirements. With scalable cryptographic architecture, the REM1000 is capable of automatically adjusting to diverse power inputs, and centralized management offered by the Guardian9000 allows for multiple REM1000 devices to be configured and managed simultaneously.
- The REM1000 supports all common key types and protocols, including DES, Triple DES, DUKPT, X.509 v3, AES, RSA, EMVCo, and PKCS #11
- AKB and TR-31 (including custom optional fields) key block formats are available for use
- Supports mutual authentication under a trusted root certificate to establish a trusted public key infrastructure (PKI)
- Small form-factor device
- Tamper evident and resistant design
- Optimized size, weight, power, and cooling characteristics
- Automatic adjustment to power inputs
- Embeddable into existing devices
- External self-contained enclosure
- Compliant with emerging and current compliance standards such as FIPS 140-2 Level 3, EMVCo, PCI DSS, RoHS, and FCC Class B - Part 15
- Automatically transmit data logs to a remote syslog server for internal and external audits
- Mass product of devices for total on-site integration
- Simple installation and management procedures, resulting in minimal training for administrative personnel
- Intuitive GUI for simple configuration and device network management
- Centralized management of all REM1000 devices through the Guardian9000
Industry Compliance Standards Met
- FIPS 140-2 Level 3
- PCI DSS
- FCC Class B - Part 15
- Applicable future compliance mandates
Supported Key Types and Protocols
- Triple DES
- X.509 v3
- PKCS #11
- External DC power supply
- Tamper-responsive and evident design
- Integrated Ethernet and USB ports
- Optional self-contained enclosure