GlobalSign’s cloud-based PKI solution enables Cayan to deliver SSL certificates

Get a copy of the upcoming book "Secure Operations Technology"

GMO GlobalSign announced that Cayan is integrating GlobalSign’s scalable, cloud-based Public Key Infrastructure (PKI) service to improve ease-of-use and reduce the support costs of its Genius payment processing platform.

The Genius platform is a cloud-based payment processing platform that works on Internet connected mobile devices. The integration with GlobalSign’s PKI service, capable of issuing more than 3,000 digital certificates per second, allows Cayan to issue SSL certificates on all devices to establish encryption, mutual authentication and trust.

Previously, Cayan relied upon a private root to issue certificates for the Genius platform. However, because this model required custom trust configurations, it resulted in user support overhead for installation, configuration and management of the certificates.

GlobalSign’s scalable cloud-based PKI service, which offers REST APIs, enables integration and is cost effective while providing the elasticity and automation that Cayan is seeking for their customers to grow into high volume deployments.

“We were quickly able to reduce cost for support and product configuration, while providing best in class security for our Genius payments platform by integrating with GlobalSign’s PKI-based technology. We now have automation to both issue and revoke certificates,” said Dominic Lachowicz, Senior Vice President of Engineering, Cayan.

“If in the unusual case a terminal were stolen or tampered with, by revoking the certificate any intrusion would be limited to that one device.”

Another benefit of the integration to Cayan is combining GlobalSign’s IoT certificates with the Domain Name System services that Cayan currently uses. This makes it easier for the company’s payment terminals to work in Dynamic Host Configuration Protocol environments.

Prior to this, it would be necessary for Cayan to re-issue certificates that were valid for a terminal’s LAN IP address. Now, the company can use the terminal’s serial number as part of the Fully Qualified Domain Name, improving the ability to address the terminals while allowing Cayan to not have to re-issue certificates when the terminal’s LAN IP address changes.

In addition, merchants are no longer required to plug a LAN IP address into their Point of Sale configuration, which can occur when a router or terminal reboots if they’re not set up to issue IP addresses.

“We are thrilled to work with a leading payment technology provider such as Cayan,” said Lancen LaChance, Vice President, IoT, GlobalSign.

“GlobalSign’s technology is enabling Cayan to improve ease-of-use at both a reasonable cost, and at a large scale. The Cayan team are forward thinkers, demonstrating it’s possible to both maintain high levels of security while improving their product’s value proposition. It’s a win-win situation for them.”