NOTICE
Verisec International AB uses cookies to provide necessary website functionality, improve your experience and analyze our traffic. By using our website, you agree to our Privacy Policy and our cookies usage.



Encryption is at the Core of Modern Life and at Verisec International we build and deliver services used by Banks, Governments and other types of organizations to protect their data, transactions and online communications.

To meet our Customers' evolving requirements for new business and delivery models, we have made the transition from a product-based, to a Services-first company.

Our Services portfolio ranges from highly specialized Support & Maintenance for our customers' encryption infrastructure, Key Management as a Service and Fully Managed Infrastructure services. And coming up (in 2022) we will offer our Banking and Payment processing customers a fully outsourced Cloud Encryption Infrastructure, compliant with relevant industry standards, to be used to secure payments, as well as other related Encryption Services.

Our Encryption Services are mainly applied in the following areas:

  • USER ONBOARDING
    DATA
    PROTECTION

    The surge in Data Breaches and more strict regulations make encrypting databases, file servers and other data repositories an urgent requirement for many organizations.

  • USER AUTHENTICATION
    PAYMENTS
    VALIDATION

    Secure validation for Card, Mobile and other emerging payment technologies, in line with most relevant regulations, such as PCI, to prevent fraud and cybercrime.

  • TRANSACTION VALIDATION
    LEGAL
    PROCEDURES

    The digitalization of many legal and fiscal processes often require integrity checks and digital signatures that rely on secure Encryption functionality.

  • DIGITAL SIGNATURE
    COMMUNICATIONS
    SECURITY

    The confidentiality and integrity of communications across insecure networks like the Internet, relies on Encryption that is anchored on secure hardware.

 

 

 

 

 

VERISEC IN THE NEW ERA OF PAYMENT SECURITY: 10XTRUST IS NEEDED
 
 
 
 

AN ACCELERATED REVOLUTION IN DIGITAL PAYMENTS

Payments are going through a revolution in most parts of the world. The Pandemic has fast-forwarded the adoption of all kinds of new digital payment schemes, while the use of traditional payment methods, such as debit/credit cards and electronic transfers, has continued to expand at an accelerated pace, fueled partly by the explosion in e-commerce transactions. Electronic wallets, dedicated payment Applications and P2P payment platforms, among others, have also seen their number of users and transactions grow exponentially. The era of cash could finally be over in many parts of the world and digital payments have become a central part in the lives of most human beings. And all of this is based around the trust in digital payment schemes.

 

COMES TOGETHER WITH AN EXPANSION IN DIGITAL FRAUD

Unfortunately, this accelerated expansion in digital payments has come in tandem with an equally expansive growth in the number and type of digital fraud attacks, that are seriously affecting the bottom line of many financial and retail organizations of all sizes, and more importantly: eroding the ever more vital trust of many users. Therefore, the Security Infrastructure that underpins Digital Payments musts adapt to the technology schemes that accommodate the type of growth needed to deal with this expanded fraud threat, and join the Cloud Computing paradigm that is already powering many other key elements in payment technology.

WITH THE EXPECTED AND REQUIRED ADAPTATION IN REGULATIONS THAT HELP CURB DIGITAL FRAUD

In light of this required paradigm shift, industry regulators are expected to formally approve and certify the first Cloud Computing Service designs for Payment Security infrastructure (Encryption and Key Management) very soon. Until now, a space that has consisted strictly of “in-premise deployments”, where each financial institution managed their own payment security infrastructure. However these new regulations still consider that financial institutions must retain control over their cryptographic key material.

 

 
 

ENTER VERISEC 10XTRUST, SPECIFICALLY DESIGNED FOR THE NEW ERA OF PAYMENT SECURITY

In this new era, Financial institutions require a Cloud Payment Security Infrastructure Service that will require minimum changes to their current application environments, while still delivering high performance with no extra latency, together with advanced AI-powered real-time fraud detection capabilities. All based around a cost model tailored for their on-demand usage needs. With simplified key management processes and full compliance with all relevant standards, such as PCI.



In summary: what is required is a Payment Security Infrastructure platform that can be 10 times more scalable, 10 times more secure, 10 times more flexible and 10 times simpler to use.

This is what we are developing at Verisec, and we call it  Verisec 10XTRUST 


 

10xtrust


 Verisec 10XTRUST  technology, in combination with our experienced and field-proven professional services and diligent 24x7 support scheme, will ensure that our financial customers have the confidence that the security of the payments they process for their users is in the best hands. We are already working with some early adopter organizations and by mid-2023 we expect  Verisec 10XTRUST  to be adopted by the majority of the dozens of banks, payment processors and other financial institutions we currently work with worldwide.

To learn more about  Verisec 10XTRUST  technology get in touch with us.


 
 
 
 
INFRASTRUCTURE OPTIONS

 

IN PREMISES

For organisations that choose to have their Encryption infrastructure on their own Datacenter, Verisec offers equipment from the leading Encryption vendors, delivered as par of a service model, with no Capex costs and including installation & setup, advanced maintenance and monitoring, among others. With a dedicated specialist team, 24x7 monitoring and assistance and same-day Hardware replacements. Our specialist team can also assis with the infrastructure setup so that all revelant regulations are fulfilled.

 

IN THE CLOUD

With all kinds of technologies moving to a Cloud model in order to reap all the benefits in scalability, reliability, and cost flexibility, among others. Encryption Infrastructure like HSMs are no exception, even though they do require some special conditions like secure key management and low latency response. Verisec is developing a CloudHSM environment that fulfills all the Performance, Security and Resilience requirements, while still being compatible with relevant regulations, such as PCI DSS for payments.

 
 
 
 
 
ALL SERVICES
 

tech-support

Installation & Setup
Encryption Infrastructure, such as Hardware Security Modules (HSMs), require very precise processes for their installation and setup, with some procedures being able to be performed remotely and others requiring onsite presence. Local Master and Working Key Loading, KeyBlock and partition variable definitions, among other tasks, need to be performed by specialist so they can abide with security best practices and in line with relevant regulations, such as PCI. Verisec’s team has plenty of experience performing these tasks, which also includes remote monitoring and management schemes.

tech-support

Planned Maintenance
Encryption Infrastructure is highly critical for many organizations’ 24/7 operations and any outage can have severe consequences. Lack of maintenance can often lead to outages but in such critical environments, maintenance windows are hard to come by. Verisec’s experienced staff can develop a detailed and personalized plan of preventive maintenance for our customers, which allows the reduction of planned downtime to a minimum, while mitigating the risk of any outage, using tried and tested strategies, specialist tools and spare equipment when needed.

tech-support

Advanced Support
Beyond the standard support provided by most Encryption equipment manufacturers, Verisec offers a range of extra benefits such as same-day onsite assistance and 4-hour hardware replacement in most of the markets we operate. This on top of the regular and premium support, which includes follow-the-sun 24x7x365 capabilities from our team of specialist engineers. Also, Verisec’s horizontal support organization allows experienced and highly skilled staff to be assigned to solve critical support events right away, without convoluted support hierarchies and escalation processes that can lead to longer response times.

tech-support

Migration Assistance
From time to time, Encryption Infrastructure needs to be replaced by newer versions from the same manufacturer, or also other formats such as Software and Cloud-based alternatives. Or even sometimes to schemes from a different manufacturer. Some migrations also involve key protection elements, such as Keyblock standards. Most of these migrations require the transfer of configurations and more importantly of multiple types of keys, including Local Master Keys. This often involves complex processes. Verisec’s experienced staff has performed many of these migrations for our customers, using specialist tools and strategies, gathered through many years of experience.

tech-support

Key Management
Keys are the core of Cryptography and handling them in critical application environments can be a very complex undertaking: they need to be generated, rotated and imported/exported in a secure way, with processes involving multiple key custodians and key ceremonies. And a lot of different regulations are involved too. Verisec can assist organizations that have up to a large number of keys to reduce the burden of Key Management processes by using specialist proprietary technologies and automation, as well as a plethora of experience with complex key management processes.

tech-support

Infrastructure Health Check
Critical Encryption infrastructure, such as Hardware Security Modules (HSMs), cannot tolerate outages that can lead to hefty operational and financial losses. Verisec’s specialist staff can visit a customer site & review the customers infrastructure for things like configuration settings, firmware versions, application logs, check the operational procedures to ensure they are being updated & followed correctly, verify that LMK cards & back up cards are accounted for & working. From this a report can then be provided back to the customer with recommendations.

tech-support

Training and Knowledge transfer
Verisec offers an overview of the Payment industry & then a specific manufacturer´s product line. This training is tailored to suit the customer requirements related to the payment products they consume and how they use it in their environment, whilst still covering off the industry requirements around key handling, basic procedures & application integration. Verisec also offers Custodian training: what is expected of them as related to key material. This training covers things like keys & component management, processes they should follow, what to do if a compromise is suspected, among other matters.

tech-support

Documentation
Regulations related to Encryption infrastructure often require a vast amount of detailed documentation, that needs to be developed and maintain in order to obtain and maintain the relevant certifications required to operate in various encryption-related markets. Verisec’s specialist team can provide a set of operational documentation and adapt them to a specific customer’s scenarios, in order to meet regulations such as PCI DSS. These documents range from HSM Management policies, all the way to Key Management procedures, including Key lifetime management and KeyBlock migrations.

 
 
 
HARDWARE VENDORS OPTIONS

 

 

GENERAL PURPOSE HSMs

General purpose HSMs enable companies to add hardware security to critical applications such as PKIs, databases and web- and application servers. The use of standardized cryptographic interfaces makes either vendor’s general purpose HSM ranges easy to integrate with Microsoft Certificate Services (PKI), Entrust Authority Security Manager, RSA Certificate Manager, Oracle Database, Microsoft SQL Server, and several other applications.

 

PAYMENT HSMs

SECURE PAYMENTS AND TRANSACTIONS

Thales HSMs have long been a standard within the payment industry, and with more than 25 years of experience the company has reached a market leading position. The numbers speak for themselves: Thales payShield HSMs protect 80 percent of all card transactions in the world.

ENTRUST GENERAL PURPOSE HSMs

nShield hardware security modules (HSMs) provide a hardened, tamper-resistant environment for secure cryptographic processing, key generation and protection, encryption, HSM key management and more. nShield hardware security modules are available in three FIPS 2-140 certified form factors such as network, PCI Express and USB depending on needs and requirements supporting a variety of deployment scenarios.

Network attached nShield Connect HSMs provide shared services to multiple hosts, balancing workload and providing high availability.

disco

Embedding nShield Solo HSM within a host application server delivers dedicated performance and provides a tight binding between application and keys within the security module.

disco

The highly portable, direct USB attached nShield Edge HSMs suit scenarios where it is assigned to individual developers or used for off-line key generation. It is ideal for cryptographic key generation in Bring Your Own Key (BYOK) cloud deployments.

disco

Customer information

nCipher now part of Entrust

As of April 2019 nCipher is part of Entrust. Read more in the link below.

>>> Entrust Datacard completes purchase of nCipher Security from Thales

Connect and Solo end of sales

Thales has announced the end of sales and support for previous generation nShield Solo & Connect (non+) models. End of Sales was December 31st, 2015 and end of support December 31st, 2018. For more information regarding the Eos plans, please click on the link below.

>>> End of support for previous generation nShield Solo & Connect (non+) models


THALES GENERAL PURPOSE HSMs

Thales is a leading provider of general purpose hardware security modules (HSMs) worldwide. The Thales Luna HSM product family represents one the highest-performing, most secure, and easiest-to-integrate HSM solution available on the market today.

Luna HSM are available in multiple form factors such as network, PCI Express and USB depending on needs and requirements.

Luna HSMs are purposefully designed to provide a balance of security, high performance, and usability that makes them an ideal choice for enterprise, financial, and government organizations.

For further information regarding Thales general purpose HSMs, visit Thales website.

payShield 10k

disco

payShield 10K is an HSM designed to meet the needs and requirements of the payment industry. It’s the fifth generation of payment HSMs from Thales eSecurity and replaces the now end of sales payShield 9000. It performs tasks such as PIN protection and validation, transaction processing, key management and payment card issuance – capable of handling both chip cards (EMVs) and magnetic stripe cards. It delivers high assurance protection for ATMs, POS terminals and credit card transactions, while providing operational ease.

payShield 10K also supports the growth in global transaction volumes with a range of cryptographic performance options, including the highest performance figures in the industry – processing up to 10 000 calculations per second (CPS).

For more information on payShield 10K, please visit the Thales product page.

Customer Information from Thales

Thales announces product End of Life notice for payShield 9000
The last time to buy on hardware is 30th June 2020 and the

end-of-life for support will be 31st December 2022.

Key Dates:

No new orders for payShield 9000 hardware will be accepted after 30th June 2020

No new orders for payShield 9000 software customization services will be accepted after 31st December 2021

Accessories, spares and upgrades (packages/optional icenses/performance) can still be ordered until 31st December 2022

Please remember that support on payShield 9000 V2.x software expires on 31st December 2020 (as advised in an October 2017 notice) – migration to V3.x software should be completed before this date

Bug fixes and hardware repairs on base and custom payShield 9000 installations available until 31st December 2022 (subject to a valid maintenance support contract being in place)

Product end-of-life for support purposes on 31st December 2022 for payShield 9000

For further information: Product end of life notice.pdf

 

 
 
 
LEASING & SERVICE MODEL

Acquisition and/or replacement of Specialist Encryption Infrastructure often involves considerable CAPEX investments from organizations, and this sometimes limits the capabilities and the amount of equipment that an organization can acquire at a time, which can in turn hamper the application of best practice principles such as having equipment available at disaster recovery sites and running multiple test environments, to give a couple of examples. In order to alleviate this Verisec has partnered with some leading financial institutions to offer our customers accessible leasing and subscription-based schemes, with monthly, quarterly or yearly payments so they can have their ideal Encryption Infrastructure setup, regardless of initial CAPEX costs and within an OPEX-based model.