Telefone +55 (11) 4810-7575 | 0800 591 2403
Categorias | HSM para Meios de Pagamento
KMD - Key Management Device
Gerenciamento Seguro, flexível e eficiente para HSM’s para meios de pagamento
The Thales e-Security Key Management Device (KMD) for payment HSMs is a compact tamper-resistant security module (TRSM) that enables keys to be formed securely from separate components in a manner that is compliant with relevant security standards including X9 TR-39, ANSI X9.24-1 and PCI PIN Security. Unlike the traditional approach, this critical key management task can be carried out without any physical connection to a production hardware security module (HSM), providing greater operational flexibility without compromising security. A single KMD can form keys for multiple payment HSMs using different local master keys (LMKs). With its touch screen graphical user interface, the KMD is simple and intuitive to operate, and is compatible with the full range of Thales payment HSMs including the award-winning payShield 9000 and legacy HSMs such as the HSM 8000
Benefits of Key Management Device (KMD)
- Reduces operating costs by streamlining key management tasks.
- Works with payShield 9000 and other Thales payment HSMs.
- Complies with ANSI/ISO key management standards to simplify security audits.
- Maximizes flexibility by managing keys for multiple HSMs and LMKs.
Security Features
-
Fully hardened and tamper-resistant device is fully PCI PED approved and provides high levels of protection against physical attack.
-
Method of forming keys from components using a tamper-resistant security module (TRSM) is compliant with the latest security requirements in the banking industry from ANSI, X9 and PCI.
-
HSM security officers also typically act as KMD Administrators and have complete control over functionality made available to KMD Operators, reducing the risk of a security breach.
Operational Features
- Portable form factor with touch screen interface is convenient for use in an office environment or for carrying into the field.
- Standalone operation enables personnel to import, export, and manage HSM keys without the need to interact with or visit transaction HSMs, saving time, reducing travel, and reducing operating costs.
- The ability to manage keys for multiple HSMs with multiple LMKs from a single KMD maximizes efficiency.
- Software upgrade capability provides a cost effective method of satisfying future key management requirements.
Key Management Device (KMD) Specifications:
Key management support
Compatible with variant local master keys (LMKs) used in Thales payment HSMsCompatible with Thales standard HSM LMK smart cards
- payShield 9000
- HSM 8000
- RG7000
- Support for multiple LMKs in a single KMD device
- Separate Administrator and Operator roles
Administration options
- Administrator roles created by LMK component holder
- Administrators assign roles to Operators\
- Dual control enforced for all Operator functions (including key management and system operations)
Physical security and certifications
- Tamper-resistant and responsive device proven under PCI PED certification scheme
- Two-factor authentication using ISO 7816 compliant smart cards
- Key component management compliant with the following security standards
- ANSI X9.24-1:2009
- X9 TR-39/TG-3:2009
- PCI PIN Security requirements V2.0:2008
Não há arquivos para este produto.