Question 1

Does Futurex's VirtuCrypt Cloud HSM meet compliance requirements?

Futurex · Accepted Answer

HSM environments must meet a range of compliance requirements. Adherence to these requirements is typically the responsibility of the company or transaction processor, but when deploying cloud HSMs, the cloud services provider bears the responsibility.

VirtuCrypt Environment Certifications

VirtuCrypt services undergo annual audits to ensure that all environmental compliance and certification requirements are maintained. These standards include the Payment Card Industry Data Security Standard (PCI DSS) and PCI PIN Transaction Security requirements (PTS).

PCI DSS is a set of standards and requirements used to protect cardholder data at rest, in transit, and in use. It addresses both technical requirements and operational policies and procedures.
PCI PTS is a set of standards and requirements that must be followed in environments accepting PIN-based payment transactions. PCI HSM requirements are managed within the overall standard of PCI PTS.

Compliance with PCI standards is enforced by the five major payment card brands who established the Payment Card Industry Security Standards Council (PCI SSC), including American Express, Discover, JCB, Mastercard, and Visa. A full list of environment certifications and standards met by VirtuCrypt is listed here:

PCI P2PE – Decryption Management Component - Reference # 2017-01115.001
PCI DSS – Performed by External Assessor
PCI PIN – Performed by External Assessor
Visa Approved Service Provider – ESO, Merchant Servicer, TPS-PIN
Acquirer/issuer specific validations

Futurex Hardware Certifications

As previously mentioned, the VirtuCrypt cloud is powered by a vast array of Futurex HSMs, key management servers, and other technologies regionally distributed across highly secure data centers. All Futurex HSMs within VirtuCrypt services are FIPS 140-2 Level 3-validated secure cryptographic devices (SCDs) and are compliant with PCI, and ASC X9.24 Part 1 and 2 requirements.

FIPS 140-2 Level 3, certificate number 3373 for the GSP3000 cryptographic module
PCI HSM, approval number 4-10219 for the GSP3000 cryptographic module and 4-10230

Question 2

Does Futurex's VirtuCrypt Cloud HSM meet compliance requirements?

Futurex · Accepted Answer

HSM environments must meet a range of compliance requirements. Adherence to these requirements is typically the responsibility of the company or transaction processor, but when deploying cloud HSMs, the cloud services provider bears the responsibility.

VirtuCrypt Environment Certifications

VirtuCrypt services undergo annual audits to ensure that all environmental compliance and certification requirements are maintained. These standards include the Payment Card Industry Data Security Standard (PCI DSS) and PCI PIN Transaction Security requirements (PTS).

PCI DSS is a set of standards and requirements used to protect cardholder data at rest, in transit, and in use. It addresses both technical requirements and operational policies and procedures.
PCI PTS is a set of standards and requirements that must be followed in environments accepting PIN-based payment transactions. PCI HSM requirements are managed within the overall standard of PCI PTS.

Compliance with PCI standards is enforced by the five major payment card brands who established the Payment Card Industry Security Standards Council (PCI SSC), including American Express, Discover, JCB, Mastercard, and Visa. A full list of environment certifications and standards met by VirtuCrypt is listed here:

PCI P2PE – Decryption Management Component - Reference # 2017-01115.001
PCI DSS – Performed by External Assessor
PCI PIN – Performed by External Assessor
Visa Approved Service Provider – ESO, Merchant Servicer, TPS-PIN
Acquirer/issuer specific validations

Futurex Hardware Certifications

As previously mentioned, the VirtuCrypt cloud is powered by a vast array of Futurex HSMs, key management servers, and other technologies regionally distributed across highly secure data centers. All Futurex HSMs within VirtuCrypt services are FIPS 140-2 Level 3-validated secure cryptographic devices (SCDs) and are compliant with PCI, and ASC X9.24 Part 1 and 2 requirements.

FIPS 140-2 Level 3, certificate number 3373 for the GSP3000 cryptographic module
PCI HSM, approval number 4-10219 for the GSP3000 cryptographic module and 4-10230

Does Futurex’s VirtuCrypt Cloud HSM meet compliance requirements?

Does Futurex’s VirtuCrypt Cloud HSM meet compliance requirements?

VirtuCrypt Environment Certifications

Futurex Hardware Certifications

Products

Solutions

Follow us on social media

Contact us

Join our team

Stay in the know

Log in to the portal

Privacy & terms

Newsletter signup

Recent news