Encryption | Key Management and Payments Security Blog - Thales e-Security

Data Security and Key Management - Thales e-Security

  • Consumer Awareness Of Mobile Payments Security Is Growing

    By | October 19, 2011

    This latest survey from Intersperience shows how aware consumers are and how much importance they are placing on security. The survey focuses on the more often talked about side of mobile payments security – the possibility of data being compromised on the phone or intercepted mid-transaction. However, as my colleague has talked about in previous posts, there are a number of other security considerations that are not as widely reported.

    Continue Reading
  • New Year’s Regulations

    By | December 23, 2010

    As 2010 draws to a close, it seems an appropriate time to consider the changes that have taken place over the last twelve months and look ahead to the coming year.

    Continue Reading
  • 100 Gbps Layer 2 Encryption: Data In Motion Security and The Need For Speed

    By | August 14, 2014

    Today, the big buzz words in government high speed network security are “100Gbps” and “ESS” (Ethernet Security Specification).  With the realization that IPsec and HAIPE are just not efficient at high speeds, and as government inquiries for 100Gbps Ethernet Encryption Devices (EEDs) increase, chatter among vendors and integrators alike has grown exponentially.  Although EEDs have been around for many, many years, they are only now gaining widespread visibility and scrutiny.  Speed and bandwidth are merely natural progressions of technology whereas data in motion security as a solution requires experience and techniques that solve the bigger problem…high levels of security at high levels of performance.

    Continue Reading
  • Mediyes Trojan Shines Spotlight on Mismanaged Signature Keys

    By | March 21, 2012

    Just last week a new example of the consequences of inadequately protected signature keys came to light. As reported in Network World , Kaspersky Lab discovered that a recently distributed Trojan, Mediyes, was digitally signed using a stolen private signature key whose digital certificate was owned by Swiss firm Conpavi AG.

    Continue Reading
  • How Many POS Security Documents Does One Need?

    By | August 11, 2010

    As the old joke goes, “the great thing about standards is that there are so many to choose from.” This certainly seems to be the case with point-of-sale (POS) devices, where there are now a number of overlapping initiatives aimed at improving payment card security. While this may seem to be unnecessarily redundant, it is important that POS vendors, retailers/merchants and financial services organizations understand how each of these initiatives relate to one another and how they can help keep sensitive information safe.

    Continue Reading
  • From the Device to the Server: Google Wallet Simplifies Approach to Mobile Payments

    By | August 22, 2012

    Earlier this month, Google announced that consumers would have the ability to enlist their own financial card information onto their Google Wallet instead of waiting for their bank to board their card credentials. This approach supports the ‘consumer centric’ model for mobile payments vs. having interested parties such as banks, mobile network operators, etc. in control.

    Continue Reading
  • No skeleton key – protecting your organisation on the web

    By | February 22, 2012

    Weaknesses in the SSL protocol (the protocol for encrypting information over the internet) or the public certificate authority (CA) ecosystem that underpin it have received a lot of coverage recently and the last couple of weeks have been no exception.

    Continue Reading
  • Where Do You Hide the Keys to Your Safe?

    By | October 10, 2012

    Richard Moulds, VP Product Strategy at Thales e-Security, discusses the biggest challenges found with the encryption process and how organizations can adopt hardware security modules (HSMs) to hide encryption keys to ensure the protection of sensitive data.

    Continue Reading
  • The death of the password?

    By | June 12, 2012

    Last week was a terrible week for password breaches. First LinkedIn revealed that ~6.5 million password hashes were posted online. Hot on the heels came the news that online dating website eHarmony and streaming music site Last.fm have suffered similar breaches.

    Continue Reading
  • Will encryption combat the end of anonymity?

    By | February 13, 2014

    What will the year 2013 be remembered for? Once twerking and selfies have long been forgotten, the Edward Snowden leaks that began to be revealed to the general public from June 2013 onwards are likely to be etched into the public consciousness for years to come.

    Continue Reading
View more