payShield 9000

La familia payShield de los HSM de pago

Los HSM payShield están diseñados para la industria de pagos y constituyen soluciones probadas que brindan capacidades para emitir credenciales, procesar transacciones y administrar claves.

QQué hacen los HSM payShield

Los payShield 9000 son compatibles con aplicaciones de pago para chip de contacto, chip sin contacto y elementos móviles seguros. La solución admite los estándares en evolución de EMVCo, PCI SSC, GlobalPlatform y Multos International.

Aproveche las soluciones probadas

Los HSM de pago de Thales e-Security son los que más se implementan en todo el mundo, y se emplean en aproximadamente el 80 % de las transacciones de tarjetas de pago.

Reduzca los costos operativos

Saque provecho de las soluciones que permiten la administración centralizada y simplificada de implementaciones de HSM distribuidos.

Establezca una seguridad estricta

Use módulos de seguridad inviolables para generar y almacenar claves.

Diseñado específicamente para pagos

Aproveche un conjunto de soluciones diseñadas exclusivamente para emisión de tarjetas, aprovisionamiento móvil y procesamiento de pagos.

Admisión integral según casos de uso

LAdmite todos los estándares y las aplicaciones principales de la industria de pagos, incluido el chip de contacto, el chip sin contacto y elementos móviles.

Administración remota eficiente

LRacionalice la administración, incluso en implementaciones con ubicaciones numerosas y una gran cantidad de HSM.

payShield 9000

Designed specifically for payment applications, payShield 9000 from Thales e-Security is a proven hardware security module (HSM) that performs such tasks as PIN protection and validation, transaction processing, mobile and payment card issuance, and key management. The payShield 9000 payment HSM solution delivers high assurance protection for automated teller machine (ATM) and point of sale (POS) credit and debit card transactions.

Ideal for low-volume transaction environments

Suits off-line key generation and development environments, while delivering complete algorithm and API support.

Highly portable

Small, lightweight design with convenient USB interface supports a wide variety of host platforms, including laptops and other portable devices.

Cost effective

The most economical HSM in the nShield family, nShield Edge gives you an entry-point HSM, while letting you scale your environment with other nShield models as needed.

Certified hardware solutions

Thales e-Security has earned a broad set of certifications for nShield products. These certifications help our customers to demonstrate compliance while also giving them the assurance that their nShield HSMs meet stringent industry standards.

nShield Edge HSMs are certified to FIPS 140-2 Level 2 and Level 3.

Safety and environmental standards compliance:

  • UL, CE, FCC, C-TICK, Canada ICES
  • RoHS2, WEEE
Wide support for APIs and cryptographic algorithms

Supported APIs

  • PKCS#11, OpenSSL, Java (JCE), Microsoft CAPI and CNG

Supported Cryptographic Algorithms

  • Asymmetric public key algorithms: RSA, Diffie-Hellman, ECMQV, DSA, KCDSA, ECDSA, ECDH
  • Symmetric algorithms: AES, AES-GCM, ARIA, Camellia, CAST, RIPEMD160 HMAC, SEED, Triple DES
  • Hash/message digest: SHA-1, SHA-2 (224, 256, 384, 512 bit), HAS-160
  • Full Suite B implementation with fully licensed ECC, including Brainpool and custom curves

nShield HSMs offers the majority of these cryptographic algorithms as part of the standard feature set. For organizations wishing to use ECC or South Korean algorithms, optional activation licenses are needed.

Operating Systems

  • Windows and Linux
CipherTools Developer Toolkit

The CipherTools Developer Toolkit is a set of tutorials, reference documentation, sample programs and additional libraries. With this toolkit, developers can take full advantage of the advanced integration capabilities of nShield HSMs. In addition to offering support for standard APIs, the toolkit enables you to run custom applications with nShield HSMs.

Elliptic Curve Cryptography (ECC) activation

The ECC activation license enables EC-DH, EC-DSA and EC-MQV to be used on an nShield HSM.

KCDSA activation

With the KCDSA activation license, you can use the Korean Certificate-based Digital Signature Algorithm (KCSDA) as well as HAS-160, SEED and ARIA algorithms on an nShield HSM.

FIPS certification options

The nShield Edge is available in FIPS 140-2 Level 2 and Level 3 variants. A non-FIPS developer edition is also offered.