Home > Products & Services > Identity Management > payShield Cardholder Authentication for nShield

payShield Cardholder Authentication for nShield

Products & Services
payShield Cardholder Authentication for nShield   

payShield Cardholder Authentication for nShield

Strengthen authentication for payments and online banking using general purpose HSMs

payShield Cardholder Authentication for nShield, an add-on software package for nShield hardware security modules (HSMs), allows card issuers to reduce phishing fraud in online banking and allows payment processors to reduce online payment fraud by deploying high assurance cardholder authentication on commercial, off-the-shelf nShield Solo or nShield Connect HSMs. Using the payShield Cardholder Authentication for nShield, organizations can easily add EMV-based authentication (based on MasterCard's Chip Authentication Program (CAP) or Visa’s Dynamic Passcode Authentication (DPA)) to their existing processes to improve security of online banking. They can also secure online credit and debit card payments using industry-standard 3-D Secure technology, better known by its major implementations, Verified by Visa and MasterCard SecureCode. The payShield Cardholder Authentication for nShield is designed for easy and secure integration with your applications. Because it runs on general purpose HSMs, organizations that choose this route for their EMV or 3-D Secure authentication can also take advantage of standard HSM functionality for non-payment applications.

Benefits of payShield Cardholder Authentication for nShield

  • Enables higher levels of security and reduces fraud.
  • Authenticates EMV cardholders for online banking (CAP/DPA).
  • Enables 3-D Secure online payments.
  • Integrates easily and securely with online applications, Interactive Voice Recognition systems, and many off-the-shelf cardholder authentication solutions.
  • Runs on FIPS and Common Criteria validated nShield HSMs.

payShield Cardholder Authentication for nShield Features

Security Features

  • nShield hardware security modules (HSMs) are validated to both FIPS and Common Criteria, providing a high assurance hardware platform.
  • EMV authentication support enables issuers to incorporate Visa/MasterCard approved strong customer authentication for online banking connections, reducing phishing fraud. 
  • 3-D Secure support enables issuers to provide strong customer authentication to online merchants during e-commerce- payment transactions, reducing card not present (CNP) fraud.
  • Security codes and account numbers used in Interactive Voice Recognition (IVR) systems are protected, creating a cost effective call center option for issuers.
  • Keys created externally are easily transferred to the HSM using a secure import process.

Operational Features 

  • High-level C and Java APIs enable easy integration with a wide range of web server platforms.
  • nShield Connect provides high resilience features to maximize authentication system availability.
  • payShield Cardholder Authentication can be added to an existing nShield deployment, enabling organizations to maximize return on their investment.
  • A standards-based approach facilitates off-the-shelf integration with numerous third party authentication solutions.
  • Support for both Windows and UNIX operating systems increases flexibility and allows organizations to employ a single solution across heterogeneous server environments.

payShield Cardholder Authentication for nShield: Options

Key Loading Device

Some organizations rely on importing key components to securely exchange sensitive data between partners or systems from different vendors. The nShield Key Loading Device, used in conjunction with Cardholder Authentication Pack for nShield, enables organizations to load symmetric encryption key fragments into nShield HSMs through the use of a dedicated secure PIN pad. 

payShield Cardholder Authentication for nShield: Specifications

Operating systems supported:

  • Windows 2008/2003/Vista/XP
  • Solaris
  • AIX
  • Linux

APIs (Commands) supported:

  • Chip Card Authentication commands
  • PIN/ PIN Verification Value Operation commands
  • Key-management commands
  • Administrative commands
  • Automatic Key Exchange commands
  • ARPC/ARQC Operation commands
  • Card Security Codes (CSC) commands
  • Card Validation Codes (CVC) Operation commands
  • Card Validation Values (CVV) Operation commands
  • Retail MAC commands
  • Secure Message Integrity (SMI) operation commands
  • Secure Messaging for Confidentiality (SMC) operation commands

Compatible cardholder authentication vendors:

  • ActivIdentity
  • Arcot
  • Bell ID
  • Gemalto
CONTACT US

Cardholder Authentication for nShield Data Sheet

payShield Cardholder Auth Pack nShield

Related Product

  • nShield Connect

    • High-performance network-attached HSM
    • Delivers secure cryptographic services as a shared resource for distributed application instances and virtual machines
    • Features redundant hardware and is suitable for high-availability data centers

    Learn More

  • nShield Solo

    • Server-embedded HSM, provided as a PCI or PCIe card
    • Delivers dedicated cryptographic offload and acceleration capability to satisfy the highest performance requirements
    • Ideal for use within security appliances to achieve FIPS grade security hardening

    Learn More
© 2013 Thales e-Security, Inc., all rights reserved.
Solutions
Products and Services