Market Need
In today’s world, securing payment transactions with a Hardware Security Module (HSM) is a requirement for financial institutions. Not only is this necessary to meet PCI-DSS for PIN transactions, but it’s also a security best practice. Key generation/management/export pose unique market challenges, as activities related to encryption keys often take significant planning and managing access to secure geographically isolated data centers, all while ensuring that the numerous financial standards are all met.
Solution Overview
The GEOBRIDGE KeyBRIDGE KMS integrates with the Fortanix Data Security Manager to offer a truly centralized key management solution with HSM-grade security as well as seamless integration for any payment device.
Solution Highlights
As the need for reliable key management in the financial market increases, the number of keys used to protect that data increases. Consequently, an organization's security team faces numerous challenges.
- How are PIN Transaction & User Data Encryption keys generated, stored, & backed-up?
- Who is authorized to manage & access those keys?
- How can keys be securely conveyed between geographically dispersed regions?
- Are you using an HSM as a root of trust to thwart against the insider threat?
The combined Fortanix + GEOBRIDGE solution provides full lifecycle key management, compliance enforcement, and audit logging for the keys. Financial institutions can now manage key generation and key export activities through the KeyBRIDGE user interface, giving users better control and better access to complete key generation and key management functions. Once a key has been generated in KeyBRIDGE, it can be exported as a cryptogram, encrypted under Fortanix DSM's Local Master Keys (LMK), encrypted under a different Key Encryption Key (KEK) / ZMK, or even as a TR-31 key block.
Fortanix Data Security Manager
Secured with Intel® SGX, Fortanix Data Security Manager delivers HSM-grade security with software-defined simplicity. Fortanix Data Security Manager provides flexible consumption options — a hardened appliance, HSM as a service, or software running on commodity x86 servers.
Fortanix Data Security Manager offers central management, tamper-proof logging, rich access control, REST APIs and massive scalability. Organizations use Fortanix Data Security Manager to secure their sensitive cloud and traditional applications, including digital payments, PKI systems, IOT applications, silicon manufacturing, and remote TLS terminations — all while drastically reducing integration complexities and expenses.
GEOBRIDGE KeyBridge KMS
GEOBRIDGE has maintained support for dozens of technology manufacturers that realize the value of a centralized system that allows for them maintain their own proprietary key handling techniques thereby eliminating the need for new development and increased costs.
GEOBRIDGE is continuing to add support for new technology manufacturers on a continual basis as a result of customer demand. So, if additional endpoints require integration the GEOBRIDGE KeyBridge KMS system can easily accommodate additional key management requirements.
Fortanix Data Security Manager Datasheet