Advantageous Solutions That Simplify Regulatory Compliance
Futurex is able to provide the robust security needed to manage sensitive data through our unyielding dedication to the standards-based security of our enterprise-class solutions and our innovative leadership in support of emerging regulatory standards and technology. These security measures allow our customers to more easily and efficiently meet regulatory compliance mandates for their industry standards.
Payment Card Industry Data Security Standard (PCI DSS)
PCI DSS is a multifaceted set of comprehensive security requirements for enhancing payment data security. If your organization accepts, processes, or stores credit card information, you must comply with the standards set by the PCI DSS. It is also mandatory for you to validate your compliance every so often. Failure to comply with this standard can result in fines as well as risk your company’s ability to process credit card payments.
Futurex solutions are designed to encrypt and store all your sensitive data securely within our Secure Cryptographic Devices (SCD), which were created with robust security and compliance requirements in mind. They are continually updated to meet PCI compliance specifications.
Federal Information Processing Standards (FIPS 140-2 Level 3)
This U.S. government security standard accredits cryptographic modules used with a security system protecting sensitive information. The “Level 3” aspect adds requirements for physical tamper-resistance and identity-based authentication. It also has requirements for a physical or logical separation between the interfaces by which "critical security parameters" enter and leave the module and its other interfaces.
Selecting a data encryption device that does not meet this high-level security standard could leave you and your highly sensitive data vulnerable. As our products meet the FIPS 140-2 Level 3 standard, they are among the most secure data security devices in the industry.
All Futurex products also fully adhere to definition of being a Secure Cryptographic Device (SCD) and all sensitive data is stored within that cryptographic boundary. This guarantees that you are getting a protected, hardened encryption solution. An independent third party (NIST) has validated the capabilities of our devices, awarding them with a FIPS 140-2 Level 3 validation.
Payment Card Industry PIN Transaction Security: Hardware Security Module (PCI HSM)
PCI HSM requirements dictate the secure design and deployment of hardware security modules. To obtain PCI HSM approval, a cryptographic device must meet a set of strict criteria concerning the device’s physical and logical security. In addition, requirements regarding the integrity of the device during manufacturing and transit ensure that the device will not be compromised before its initial deployment.
The cryptographic modules contained within our devices are PCI HSM approved. The strength of the EXP9000 cryptographic module allows Futurex data security solutions to protect sensitive data through industry-leading security and speed.
TR-39 / Network Audits
TR-39 is an ANSI-based technical audit of PIN debit transactions within Automated Teller Machine (ATM) or Point of Sale (POS) environments. If your organization deals with PIN debit transactions within ATM or POS environments or maintains a processing network that connects directly to an online debit network for transaction processing then you must comply with TR-39. This bi-annual audit is now mandatory for members of all major Electronic Fund Transfer (EFT) networks such as Star, NYCE, and Pulse.
Our Solutions Architects and Xceptional Support team members are TR-39 certified and can help you fully prepare for your internal and external network audits. Having certified auditors on staff is just another way we strive to provide our customers with compliance-based solutions. Futurex is also a member of the ANSI X9.24 committee, which ensures that our data encryption solutions are not only compliant today, but also in the future.
Learn more about Futurex Xceptional Support and how our dedicated team can help you with your business needs.