SafeNet Luna EFT Hardware Security Module (HSM)

The hardware security of SafeNet Luna EFT payment systems of Gemalto company is one of the most scalable solutions of data encryption in the market and helps banks:

• reduce need of accomplishment of regulatory requirements of PCI-DSS using inter-subscriber enciphering of payment data which are stored in network are fixed at the time of sale or move to the database of financial institution or from it;
• to manage at the same time a large number of cryptographic safety features for ensuring the growing number of online transactions, mobile payments and payments in the peer-to-peer networks (P2P);
• take advantages of contactless payments via payment applications (HCE), having provided process of registration, preparation and tokenization of credentials and transactions of the payment card;
• get access and interface to a large number of terminals using the developed partner network of Gemalto company;
• scale transaction processing for faster authorization in a cloud and confirmations of the credits, outputs, e-wallets and the chip cards at observance of the standards FIPS 140-2 Level 3 and PCI-HSM 2.0.

2017

Sectioning function

Today banks and financial firms use enciphering for protection of the growing number of digital services and new transaction types, such as cloud payments and payments in the peer-to-peer networks (P2P). As a rule, these organizations used individual hardware security (HSM) for protection of each separate payment transaction or the application through which transaction is executed. Despite need of observance of strict security requirements, adding of bigger quantity of hardware modules of protection (HSM) can complicate cryptographic infrastructure and transactions. The new feature of sectioning in hardware security of SafeNet Luna EFT payment systems of Gemalto company solves this problem with the help of a single platform of HSM which can be separated into several virtual HSM to provide scaling which is so necessary for the companies working in the field of financial services already today.

Each section functions as separate hardware security (HSM) that means that financial institutions can cipher more data and protect broader spectrum of financial transactions without involvement of several HSM. Sectioning provides to financial institutions extreme flexibility for moving of keys to a cloud environment and from it, for control and ownership of cryptographic keys and start of bigger number of applications of cloud payments with one HSM.

Integration of SafeNet Luna HSM with the HYOK Azure Information Protection functions

The hardware security (HSM) of Gemalto company allows users of the application of Microsoft Azure Information Protection to retain full control over encryption keys

In March Gemalto announced that now users of the application of Microsoft Azure Information Protection can use new features of "Hold Your Own Key" (HYOK), working with hardware securities (HSM) of SafeNet Luna from Gemalto company. Such integration allows the organizations with strict regulatory requirements to data protection to manage, own and store the encryption keys in the local modules HSM and it is safe to exchange data, completely controlling the keys. Thanks to this solution of the company can easily approve policy of data protection and business processes without prejudice to integrity and security of the data.

The module SafeNet Luna HSM allows to use functionality of HYOK using the built-in support of Services of management of the rights of the Active Directory (AD RMS) of Microsoft corporation. The companies can use policy of protection of AD RMS for data of high privacy, and to politician of protection of Azure RMS ─ for confidential information. To provide the reliable security level in internal and external interactions, the organizations can use Azure Information Protection technology. Integration of the module SafeNet Luna HSM with the HYOK Azure Information Protection functions does not require any changes in a user interface or process of deployment. Users manage access to confidential data, setting policy of protection and the right to use. All other functions of data protection, such as tracking of the document and response, remain.

SafeNet Luna HSM 7

On February 14, 2017 the Gemalto company announced release of SafeNet Luna HSM 7. The module provides the speed, performance, security during data encryption in cloud and corporate applicaions, high-speed corporate networks.

The hardware security of SafeNet Luna HSM 7 offers the scalable platform intended for accomplishment of the maximum number of cryptographic transactions, including enciphering, decoding, authentication and the digital signature, providing at the same time a comprehensive protection of cryptographic keys from unauthorized intervention. New opportunities allow the organizations to support enciphering in mass scale and to ensure functioning of a bigger quantity of the encryption keys protecting confidential information and applications in cloud and^[1].

SafeNet Luna HSM, (2016)

As the organizations even more often make the choice for benefit of Internet of Things (IOT) and cloud applicaions, the level of their requirements to processing of data bulks increases. The optimized control of data security becomes the vital requirement designed to ensure data security during data exchange between the enterprises in multi-cloud environments, between networks and devices. And it, in turn, demands from the organizations of implementation of a large number of cryptographic transactions at the same time or for shorter time. It means that the organizations need an easy and scalable way of security of transmitted data for their protection during transmission of and at storage. Todd Moore, the senior vice president of division of Gemalto for products for enciphering

Hardware security of SafeNet Luna HSM 7 - the device with a performance up to 10 000 RSA-2048 protected from cracking or 20,000 ECC P-256 of operations per second. The device is scaled for support of requirements to execution of transactions in networks of Internet of Things, Blockchain and in the data encryption market.

2015: Gemalto upgraded support of standards of security in SafeNet Luna EFT

On December 1, 2015 the Gemalto company announced to support by the hardware security of SafeNet Luna EFT (Electronic Funds Transfer) of Payment HSM of the standards of security offered by the largest international card payment systems for implementation of the protected contactless payments using mobile phones developed by it.

In particular, the SafeNet Luna EFT device provides compliance to standards of safety of highly protected cloud tokenization for safe processing of payment transactions and data coding of credit cards.

Due to the growing popularity of mobile payments and emergence of new technologies, such as Host Card Emulation (HCE), the largest payment systems developed the upgraded program and implementable standards intended for data coding of credit cards and increase in safety of payment transactions using different mobile devices. Now banks, payment card issuers and payment systems had an opportunity to implement hardware securities of SafeNet Luna EFT Payment HSM and to offer customers of the application for implementation of contactless payments, in full accordance with the developed standards of security.

Hardware modules of SafeNet Luna EFT Payment HSM - a data protection basis about payment transactions as manage all process of enciphering by means of which the high level of security at registration is provided, processing and tokenization of these credit cards and these payment transactions. They provide the highest level of data protection, support of the FIPS 140-2 standard of Level 3 and conform to requirements of the PCI-HSM 2.0 standard. In modules support of the graphical user interface is implemented that facilitates process of configuring and management of settings of enciphering and basic elements.

2012: Certification of PCI HSM

On June 7, 2012 the SafeNet company announced that the hardware security of Luna EFT Hardware Security Module (HSM) underwent certification on compliance to the PCI HSM standard. The SafeNet company beforehand carried out certification, before entry into force of mandatory requirements of Council for standards of data security in the field of payment cards (Payment Card Industry Security Standards Council, PCI SSC) according to which all financial institutions and retailers will have to provide compliance to the Level 1-12 standards set in the industry of payment cards.

The Luna EFT system represents the solution for protection of encryption keys and other confidential information, highly productive, steady against cracking, such as PIN codes of customers and information on owners of payment cards. Thanks to certification PCI modules of security SafeNet Luna EFT HSM not only help customers to fulfill the main requirements of regulations, but also allow to use technologies for protection of other important assets of the business.

• The module of security SafeNet Luna EFT HSM received the certificate on compliance to the PCI HSM standard from Council for standards of data security in the field of payment cards (PCI SSC). Besides, the module Luna EFT underwent certification on compliance to requirements of the FIPS 140-2 standard of Level 3.
• SafeNet is a pioneer in development of HSM technology; the company since 1994 releases the protected modules HSM and has more than 25-year work experience in the field of protection of transactions in payment systems using non-cash transfer of means (Electronic Funds Transfer, EFT).
• The PCI SSC organization is the governing body created by the main card payment systems (American Express, Discover, JCB, MasterCard and Visa) for the purpose of gain of data protection about the card holder on the global payment area networks and on shopping facilities.

Notes