mPOS Security: Thales e-Security Solutions

Thales hardware security modules (HSMs), both payShield 9000 and nShield, are already helping PSPs to deliver secure mobile point-of-sale (mPOS) solutions to large numbers of merchants, some accepting card payments for the first time. The HSM performs three critical functions for PSPs – managing keys for the card readers, decrypting the encrypted transaction data received from the merchants and translating the PIN blocks for online PIN-based transactions. payShield 9000 meets all the relevant payment security certification standards (FIPS 140-2 Level 3 and PCI HSM) in addition to supporting various algorithms and key management methods used in mPOS transactions –  with the ability to add custom functions to meet individual PSP requirements if necessary. Working in conjunction with numerous partners in the mPOS ecosystem, Thales enables all PSPs to choose from a wide range of card readers, providing a fast, efficient and proven security solution with minimum integration risk.

PATTON - IP Telephony for the Enterprise

SIP-powered telephony is paving the way to the new
world of Unified Communications. For traditional PBX
systems as well as state-of-the-art all-IP telephony
implementations, SIP trunking connects today’s enterprises
to the cost-savings, streamlined operations and
rich-featured communication that voice-over-IP offers.

SIP-powered telephony is paving the way to the new world of Unified Communications. For traditional PBX systems as well as state-of-the-art all-IP telephony implementations, SIP trunking connects today’s enterprises to the cost-savings, streamlined operations and rich-featured communication that voice-over-IP offers.

THALES - Key Management System (KMS)

This module is also deployed in the U.S. facility, and its purpose is to verify the signed MAC address list submitted by the MAC authorization module. Once the digital signature on the MAC address list is successfully validated, the MDC (Manufacturing Device Certificate) module will generate the required number of RSA key pairs along with their corresponding certificate signing request. All RSA private key object will be generated and stored in a pre-configured secure key management (KMS). The server running the MDC certificate injection system must have an HSM (nShield or payShield 9000) installed and pre-configured to share the same KMS use by other sub-systems.

SOPHOS - Achieving PCI compliance with Sophos

High-profile data losses have led to increasingly complex and evolving regulations. Any organization or retailer that accepts payment card transactions, or collects, processes or stores credit card transaction information must comply with Payment Card Industry Data Security Standard (PCI DSS). Protecting your data is enough of a headache without having to keep up with regulations and quickly prove compliance during audits. Furthermore, failure to comply with PCI risks fines, unwanted press and loss of business. Sophos integrates all the protection you need to keep your data safe and help your business be PCI compliant. You can manage Sophos solutions simply and quickly, enabling you to focus on what’s important. The following document explains how Sophos helps organizations comply with requirements specific to the Payment Card Industry Data Security Standard (PCI DSS) v1.2.

SOPHOS - Protection for Mac and Linux computers

The current risk to computers running non-Windows platforms is small but growing. As Mac and Linux computers become more prevalent within organizations, they are likely to become more of a target for hackers as a way in to the rest of the network and a means of infecting websites. This paper investigates the real threat from non-Windows platforms. It discusses the dangers of them distributing Windows viruses, examines the implications of their growing popularity, and highlights regulatory pressure to protect them.

SOPHOS - Assessing endpoint security solutions

Evaluating the performance of competing endpoint security products is a time-consuming and daunting task. Enterprise decision-makers have to rely on independent competitive comparisons, performance benchmarks, and detection certifications, all covering different solutions and criteria, providing conflicting results. This paper highlights the pitfalls of simply looking at virus detection rates and investigates the effect of the rapidly developing IT environment and fast-moving threat landscape on assessment criteria. It gives the six critical questions businesses need to ask to ensure the most successful outcome to their evaluations.

SOPHOS - Stopping data leakage

Organizations are increasingly aware of the acute need to control the information that flows into, through and out of their networks. This paper demonstrates the need for a high-profile acceptable use policy to prevent data leakage, gives practical guidance on how to use your security budget effectively to protect data at the gateway and endpoint, and highlights the benefits of encryption in securing data in the event that it does get stolen or lost.

News & Events

News - Mar 9, 2017

HSM User Forum 2017

Read more »

News - Aug 10, 2016

PCI-DSS Vormetric

Read more »

Product Highlight

payShield 9000

Read more »

nShield Connect+

Read more »