Thales announced its payShield 10K technology is helping to deliver Microsoft Azure Payment Hardware Security Module (HSM), a new service that provides cryptographic key operations to protect real-time, critical payment transactions in Azure.
The solution is in public preview and allows service providers and financial institutions to accelerate the digital transformation of their cloud-based payment systems confidently.
Integration of Thales payShield 10K with Microsoft Azure Payment HSM helps deliver a cloud-based solution that enables a broad range of use case including payment processing, payment credential issuing, securing keys and authentication data and sensitive data protection.
“The Digital transformation of payments to the cloud promises to deliver substantial benefits to financial institutions and payment providers,” said Todd Moore, Vice President of Encryption products at Thales. “Integrating Thales’ payment HSM technology offers financial institutions the same highest levels of payment application security, but with compelling new features, including scalability, consumption based pricing and remote management.”
“Microsoft Azure Payment HSM will make it significantly easier for businesses to pursue cloud adoption and accelerate the secure transformation of their payment systems,” said Devendra Tiwari, senior director, Azure Security at Microsoft. “Integrating Thales’ payShield 10K allows us to meet the demands of our customers while simultaneously ensuring the security and integrity of every payment.”
Data protection and security for payment HSM users
The Microsoft Azure Payment HSM delivered through Thales payShield provides clear advantages for payment HSM users with on-premises HSMs and new payment ecosystem entrants who may opt for a cloud-native approach from the outset. These advantages include:
- Enhanced security and compliance: The Azure Payment HSM solution can be deployed as part of a validated PCI P2PE/PCI PIN component or solution, helping to simplify ongoing security audit compliance. Thales’s payShield 10K HSMs are certified to FIPS 140-2 Level 3 and PCI HSM v3;
- Customer-managed HSM in Azure: The Azure Payment HSM is part of a subscription service that offers single-tenant HSMs and total customer control as well as exclusive access to the HSM. Once the HSM is allocated, Microsoft has no access to customer data. Likewise, when the HSM is no longer required, customer data is erased as soon as the HSM is released to ensure complete privacy and security is maintained; and,
- Remote management of payShield HSMs: Users of the service will utilise Thales payShield Manager for secure remote access to the HSMs as part of their service. Multiple subscription options are available to satisfy a broad range of performance and application requirements that can be upgraded quickly in line with end-user business growth.