Thales e-Security News

  • WidePoint’s ORC Provides Federal Grade Secured Cloud Services with Thales Hardware Security Modules

    March 18,2014

    Thales, leader in information systems and communications security, announces that Operational Research Consultants, Inc. (ORC), a subsidiary of WidePoint Corporation (NYSE Mkt: WYY) and pioneer in Federal identity management, has deployed Thales nShield hardware security modules (HSMs) to provide high levels of assurance for Federal cloud services and prove that the cloud really can be as safe, or even safer, than on-premise deployments – even for organizations as security-focused as the U.S. Federal Government.

    The ORC PIVotal™ ID cloud-based federated identity solution uses Thales nShield HSMs to underpin the strong identity credentials that are trusted across the federal government as well as being federated globally. Thales HSMs are designed specifically to protect the critical root and issuing certificate authority keys that form the basis of trust in all modern PKIs, and are of critical importance in the overall assurance level of the system and when meeting stringent security requirements such as those demanded by NIST.

    Daniel Turissini,  CTO of WidePoint and Founder of ORC, Inc., a WidePoint company, said:
    “In our line of work, creating trusted, compliant credentials is often a matter of national security. We needed a solution that delivers high assurance and absolute trust, enabling secure transactions for U.S. Federal Agencies (Civilian and Defense), their employees, the global contracting community, trading partners, Veterans and citizens who need to conduct business with any facet of the government. Thales HSMs offer the most cost-effective way to establish the appropriate levels of physical and logical controls where the security offered by software-based cryptography would be considered to be inadequate. The Thales nShield family of HSMs offers superior protection and cryptographic acceleration capabilities as well as the flexibility and scalability to protect and manage root keys and all subordinate keys within a secure cloud service infrastructure.”


    Cindy Provin, president Thales e-Security Inc. said:
    “We are pleased to have worked with ORC in providing federal grade secured cloud services for their customers.  For many organizations thinking about moving sensitive data to the cloud, both government and enterprise, security issues remain a significant concern. By integrating the Thales nShield HSM to your Public Key Infrastructure, you are deploying a high assurance, independently certified, tamper-resistant device that is used to secure the most sensitive keys and business processes within governments and organizations around the world.”

    Click here to read the case study

    About WidePoint and ORC

    WidePoint (NYSE Mkt: WYY) is a leading provider of secure, cloud-delivered, enterprise-wide mobile and information technology-based solutions that can enable enterprises and agencies to deploy fully compliant IT services in accordance with government mandated regulations and advanced system requirements. ORC, a WidePoint company, is a trusted partner to the U.S. Federal Government, delivering information security solutions to government and enterprise customers, ensuring the fully compliant and trusted exchange and assurance of information. For more information, visit www.widepoint.com


  • Thales keyAuthority Recognized as Best Encryption Product in 2014 InfoSecurity Products Guide Global Excellence Awards

    February 25,2014

    Thales, leader in information systems and communications security, announces that InfoSecurity Products Guide has recognized Thales keyAuthority® as Best Encryption Product in its 2014 Global Excellence Awards. The prestigious award recognizes Thales as a global leader in the IT security industry with advanced, ground-breaking data protection solutions.

    Enterprises today understand the importance of cryptography to ensure the security of critical data – both on premise and in the cloud. However this creates significant key management challenges, particularly as the number of applications and devices, often from different vendors, increases. To combat complexity, unnecessary operational costs and to ease compliance, valuable operational efficiencies can be gained by centralizing and automating key management. The value of separating key management tasks from the applications that use the keys is further increased in virtualized and cloud environments, where organizations can retain in-house control of keys and still take advantage of cloud-based encryption and data storage. 

      • keyAuthority is a high assurance appliance that provides centralized key management to lower the risk of security breaches and facilitate compliance with stringent regulations and policies while also ensuring that critical data remains available to the organization. 
      • keyAuthority is a security-hardened appliance that manages encryption keys on behalf of multiple classes of encryption devices, providing a single, unified key management system to achieve a consistent security policy, simplified administration, auditing and economies of scale.
      • keyAuthority delivers market-proven enterprise capabilities, such as the automation of key lifecycle management controls, high scalability, redundancy, support for multi-tenant environments and sophisticated administrative role separation and key segregation.
      • keyAuthority offers the broadest and most complete support for the latest Key Management Interoperability Protocol (KMIP) version 1.2 developed by the OASIS standards body, providing KMIP-enabled interoperability for encryption-enabled products from leading vendors including Brocade and Quantum.
      • Delivered in a tamper-resistant and tamper-evident hardware platform certified to the stringent FIPS 140-2 Level 3 standard for the entire chassis, keyAuthority offers long-term reliable protection of keys on behalf of an organization’s most critical applications and sensitive data.
    Cindy Provin, president, Thales e-Security, Inc., says: 
    “Thales keyAuthority is deployed in some of the most demanding environments, including financial services and government, where high levels of assurance and reliability are critical.  Building on our history of developing trusted hardware security modules (HSMs) and key management solutions, Thales is ideally positioned to satisfy partner and customer requirements for key management that ultimately supports the entire organization. This award further recognizes our commitment to delivering innovative and high quality data protection solutions that enable our customers to protect their most valuable assets.  We are pleased and honored to receive such an award.”

    Visit Thales at booth #909 South Expo, RSA Conference, Moscone Center, San Francisco, February 24-28, 2014

    See demonstrations of Thales keyAuthority in the OASIS KMIP interoperability showcase booth #1909 South Expo.

    Supporting Resources:
    For more information on keyAuthority, visit: http://www.thales-esecurity.com/products-and-services/products-and-services/key-management-systems/keyauthority

    About Thales e-Security
    Thales e-Security is a leading global provider of data encryption and cyber security solutions to the financial services, high technology, manufacturing, government and technology sectors.  With a 40-year track record of protecting corporate and government information, Thales solutions are used by four of the five largest energy and aerospace companies, 22 NATO countries, and secure more than 80 percent of worldwide payment transactions.  Thales e-Security has offices in Australia, France, Hong Kong, Norway, United States and the United Kingdom. 

    About Thales
    Thales is a global technology leader for the Aerospace & Transportation and the Defence & Security markets. In 2013, the company generated revenues of €14.2 billion ($18.3 billion) with 65,000 employees in 56 countries. With its 25,000 engineers and researchers, Thales has a unique capability to design, develop and deploy equipment, systems and services that meet the most complex security requirements. Thales has an exceptional international footprint, with operations around the world working with customers and local partners. www.thalesgroup.com

    Positioned as a value-added systems integrator, equipment supplier and service provider, Thales is one of Europe’s leading players in the security market. The Group’s security teams work with government agencies, local authorities and enterprise customers to develop and deploy integrated, resilient solutions to protect citizens, sensitive data and critical infrastructure. 

    Drawing on its strong cryptographic capabilities, Thales is one of the world leaders in cybersecurity products and solutions for critical state and military infrastructures, satellite networks and industrial and financial companies. With a presence throughout the entire security chain, Thales offers a comprehensive range of services and solutions ranging from security consulting, intrusion detection and architecture design to system certification, development and through-life management of products and services, and security supervision with Security Operation Centres in France and the United Kingdom.

    Contact: 
    Dorothée Bonneil                                                   Liz Harris                                            
    Thales Media Relations – Security                      Thales e-Security Media Relations
    +33 (0)1 57 77 90 89                                            +44 (0)1223 723612
    dorothee.bonneil@thalesgroup.com                    liz.harris@thales-esecurity.com            


  • Thales announces support for F5 Synthesis Architecture

    F5 BIG-IP support for Thales hardware security modules offers customers highest levels of security and reduces risk

    February 24,2014

    Thales, leader in information systems and communications security announces F5’s support for Thales nShield hardware security modules (HSMs) through F5 Synthesis’ High Performance Services Fabric. F5’s support for the Thales nShield hardware security module, within the BIG-IP Application Delivery Controller (ADC), offers security-conscious customers an additional layer of security for their SSL keys to comply with corporate security requirements and government mandates as they encrypt their network and application traffic.

    Any device handling SSL encrypted traffic is a point of risk within a network infrastructure, representing a target for hackers and cyber-criminals. Customers are therefore looking for solutions that provide high levels of protection for the cryptographic keys that are stored within each device.

    Thales nShield HSMs provide certified tamper-resistant cryptographic key generation and management and integrate seamlessly with F5 BIG-IP ADC. By ensuring the cryptographic keys and certificates are used only for their authorized purposes, operational risk is reduced. The robust key management, storage and redundancy features offered by nShield guarantee availability of critical keys, and increase the service velocity to support the increasingly demanding transaction rates of the BIG-IP ADC.

    Deploying a Thales nShield HSM with an F5 BIG-IP ADC delivers the following benefits:

      • Strong isolation of key material and crypto processes from host environment
      • Anti-tamper techniques for physical protection
      • Strong authentication for administrators
      • Strongly segregated administration domains
      • Strongly enforced dual controls for mutual supervision
      • High integrity random number generation
      • Processing offload to boost capacity
      • SSL performance and intelligence

    Siva Mandalam, Senior Director, Product Management, F5 Networks says:
    “Organizations looking to deploy applications in the cloud are often impeded by corporate requirements around security, compliance and performance. With the F5 Synthesis architecture, application services can be deployed in cloud environments and managed centrally alongside services deployed in the data center, enabling consistent deployment and enforcement of the policies governing security and performance. F5’s support for the Thales nShield HSMs provides the highest level of physical protection for cryptographic keys, enabling organizations to establish and prove compliance with the latest government legislation and security frameworks.”

    Richard Moulds, Vice President Strategy, Thales e-Security says:
    “As organizations increasingly rely on cryptography as part of their data protection strategy and to protect their application delivery systems, the trustworthiness of these crypto systems becomes paramount. This is particularly relevant in light of recent concerns over back doors, poorly implemented crypto systems, out of date algorithms, weak key management systems and the increasing burdens arising from privacy mandates. F5 BIG-IP products have leveraged Thales hardware security and key management technology for many years. This latest integration with F5’s Synthesis High Performance Services Fabric allows F5 customers to take advantage of best-in-class cryptographic hardware protection and key management, adding a further layer of security and reducing their operational risk”

    Visit Thales at booth #909 South Expo, RSA Conference, Moscone Center, San Francisco, February 24-28, 2014

    See demonstrations of Thales keyAuthority in the OASIS KMIP interoperability showcase booth #1909 South Expo.

    For industry insight and views on the latest key management trends check out our blog www.thales-esecurity.com/blogs

    Follow Thales e-Security on Twitter @Thalesesecurity, LinkedIn, Facebook and YouTube

    >
  • Thales announces PKI consultancy services

    Assisting customers design, deploy and manage world-class public key infrastructures protected by Thales hardware security modules

    February 18,2014

    Thales, leader in information systems and communications security, announces a public key infrastructure (PKI) consultancy service, designed to take risk and cost out of deploying, upgrading or refreshing an organization’s self-managed PKI.

    Public key infrastructures are a critical piece of almost every IT infrastructure, helping establish the identity of data, people, devices and services. The number of applications in an enterprise that rely on a PKI for their basis of trust is ever increasing. A PKI plays a vital role in enabling organizations to implement, for example, an enterprise ‘bring your own device’ (BYOD) strategy, certificate and key injection into devices such as set top boxes, mobile phones and printers, and feature enablement for cars, construction equipment, and other ‘intelligent’ high value assets. 

    Thales Advanced Solutions Group (ASG) assists organizations in the design and deployment of self-managed PKIs customized to meet their specific needs. Working predominantly with Microsoft Active Directory Certificate Services, but also with open source and other applications, Thales offers customers expert advice and assistance together with a range of services – from a turnkey solution through specialized components of a customer driven PKI implementation. 

    Thales bases its PKI practice on the deployment of hardware security modules (HSMs). The use of HSMs to protect both root and issuing certificate authority (CA) private keys is an industry accepted best practice. It is of crucial importance that the chain of trust leading back to the root CA along with its signing keys is protected with the utmost security, implemented using an HSM to protect against both logical and physical attacks. The higher the value of the applications that depend on a PKI, the more critical it is to protect that PKI with an HSM. The Thales nShield family of high assurance HSMs are designed specifically to protect the private keys that form the basis of trust in all modern PKIs. Thales PKI services are designed to assist its customers in designing, deploying and managing world class PKIs that utilize Thales HSMs to protect their root of trust. 

    Peter DiToro, Vice President Customer Services at Thales e-Security says:
    "Recent concerns over back doors, poorly implemented crypto systems, out of date algorithms and weak key management systems have led organizations to re-assess and re-evaluate their security infrastructure, and particularly their PKIs as they come under strain to do more. Planning, documenting, implementing and maintaining a PKI is a specialist skill – and it’s rare. The Thales ASG team have decades of experience, know-how and talent in deploying, refreshing and upgrading PKIs, taking risk and cost out of the processes of planning and implementing a self-managed PKI."

    Thales PKI Consultancy Services is currently available in North America. Click here to learn more.

    Read how Thales PKI Consultancy Services helped these companies implement their PKI:

    Polycom

    QuoVadis

    Finland e-Passport

    Fortune 500 utility company

    For industry insight and views on the latest key management trends check out our blog www.thales-esecurity.com/blogs  

  • Thales and Ponemon Institute study shows the use of encryption increasing and key management emerging as a prominent pain point

    February 11,2014

    Thales, leader in information systems and communications security, announces the publication of its latest 2013 Global Encryption Trends Study. The report, based on independent research by the Ponemon Institute and sponsored by Thales, reveals that use of encryption continues to grow in response to consumer concerns, privacy compliance regulations and on-going cyber-attacks and yet there are still major challenges in executing data encryption policy.

    More than 4,800 business and IT managers were surveyed in the US, UK, Germany, France, Australia, Japan, Brazil and for the first time this year Russia, examining global encryption trends and regional differences in encryption usage. Results from the Russian survey showed adoption of encryption in the region to be very much in line with the rest of the countries surveyed. The report is now in its ninth year since its launch in 2005. 

    News facts:
      • Steady increase in the deployment of encryption with 35% of organizations having an enterprise wide encryption strategy
      • Most organizations deploy encryption to lessen the impact of data breaches
      • The number one perceived threat to sensitive data is employee mistakes rather than external attack
      • Two biggest challenges faced by organizations executing a data encryption policy are knowing where sensitive data resides and managing the actual technology
      • Key management identified as a major issue by more than half of organizations
      • Organizations with the highest security posture are now three times more likely to have a formal encryption strategy than those with the lowest security posture

    The results of the study show there has been a steady increase in the deployment of encryption solutions used by organizations over the past nine years, with 35% of organizations now having an encryption strategy applied consistently across the entire enterprise compared with 29% last year.  The survey also indicated that only 14% of organizations surveyed do not have any encryption strategy compared with 22% last year.

    For the first time the primary driver for deploying encryption in most organizations is to lessen the impact of data breaches, whereas in previous years the primary concern was protecting the organization’s brand or reputation. Of those organizations that believe they have an obligation to disclose data breaches nearly half believe that encrypting their data provides a safe harbour that avoids the need to disclose that the actual breach occurred. The fastest growing reason as to why organizations are deploying encryption is to ensure they meet their commitments to their customers’ privacy with 42% of organizations focussing on their customer’s interests rather than for their own benefit, which has increased by 5% compared with last year.

    The number one perceived threat to the exposure of sensitive or confidential data remains employee mistakes, according to 27% of respondents. When employee mistakes are combined with accidental system or process malfunctions, concerns over inadvertent exposure outweigh concerns over actual malicious attacks by more than 2 to1. Furthermore, forced disclosures triggered by e-discovery requests now represent the second highest perceived threat to the loss of sensitive data.

    When asked about where encryption is used, organizations ranked backup tapes and databases as most important followed by network encryption and laptop encryption. Cloud encryption had a relatively low ranking compared with other encryption use cases ranking outside the top 10.

    The two biggest challenges facing organizations executing a data encryption policy were discovering where sensitive data actually resides, reported by 61% of respondents, and the ability to deploy encryption technology effectively, reported by 50% of respondents. Key management was identified as a major issue with more than half of organizations surveyed rating the overall challenge associated with management of keys or certificates more than 7 on a scale of 1-10 (10 being highest) and 30% of organizations rated the challenge at 9 or 10. Whilst three quarters of organizations identified key management as a formal discipline within their organization, more than 70% of those organizations failed to allocate dedicated staff or tools to the task of managing keys.  

    The Key Management Interoperability Protocol (KMIP) standard that allows organizations to deploy centralized key management systems that span multiple use cases and equipment vendors, has already established a relatively high level of awareness among IT and IT security practitioners. KMIP is perceived to be of increasing importance and is expected to contribute to encryption and key management strategies specifically around cloud, storage and application-level encryption. More than half of those surveyed said that the KMIP standard was important in cloud encryption compared with 42% last year.

    Hardware security modules (HSMs) are increasingly considered a critical component of a key management strategy. These devices are used to protect critical data processing activities and high value keys and can be used to strongly enforce security polices and access controls.

    Dr Larry Ponemon, chairman and founder of The Ponemon Institute, says:

    “Encryption usage continues to be a clear indicator of a strong security posture but there appears to be emerging evidence that concerns over key management are becoming a barrier to its more widespread adoption. For the first time in this study we drilled down into the issue of key management and found it emerging as a huge operational challenge. But questions are and should be asked about the broader topics of policy issues and choice of encryption algorithms – especially in the light of recent concerns over back doors, poorly implemented crypto systems and weak key management systems.”

    Richard Moulds, vice president strategy at Thales e-Security says:

    “Whilst key management may be emerging as a barrier to encryption deployment, it is not a new issue. The challenges associated with key management have already been addressed in heavily regulated industries such as payments processing, where best practices are well proven and could translate easily to a variety of other verticals. With more than 40 years’ experience providing key management solutions. Thales is ideally positioned to help organizations re-assess and re-evaluate their crypto security and key management infrastructure and deliver solutions that ensure their integrity and trustworthiness.”

    Download your copy of the new Global Encryption Trends Study 

    Visit Thales at booth #909, RSA Conference, Moscone Center, San Francisco, February 24-28, 2014.

    See demonstrations of Thales keyAuthority in the OASIS KMIP interoperability showcase booth #1909

    For industry insight and view on the latest key management trends check out our blog at www.thales-esecurity.com/blog 

    Follow Thales e-Security on Twitter @Thalesesecurity, LinkedIn, Facebook and YouTube

    About the Ponemon Institute 
    The Ponemon Institute© is dedicated to advancing responsible information and privacy management practices in business and government.  To achieve this objective, the Institute conducts independent research, educates leaders from the private and public sectors and verifies the privacy and data protection practices of organizations in a variety of industries.

    About Thales e-Security
    Thales e-Security is a leading global provider of data encryption and cyber security solutions to the financial services, high technology manufacturing, government and technology sectors.  With a 40-year track record of protecting corporate and government information, Thales solutions are used by four of the five largest energy and aerospace companies, 22 NATO countries, and they secure more than 80 percent of worldwide payment transactions.  Thales e-Security has offices in Australia, France, Hong Kong, Norway, United States and the United Kingdom. www.thales-esecurity.com  

    About Thales
    Thales is a global technology leader for the Aerospace & Transportation and the Defence & Security markets. In 2012, the company generated revenues of €14.2 billion ($18.3 billion) with 65,000 employees in 56 countries. With its 25,000 engineers and researchers, Thales has a unique capability to design, develop and deploy equipment, systems and services that meet the most complex security requirements. Thales has an exceptional international footprint, with operations around the world working with customers and local partners. www.thalesgroup.com
     
    Positioned as a value-added systems integrator, equipment supplier and service provider, Thales is one of Europe’s leading players in the security market. The Group’s security teams work with government agencies, local authorities and enterprise customers to develop and deploy integrated, resilient solutions to protect citizens, sensitive data and critical infrastructure. 

    Drawing on its strong cryptographic capabilities, Thales is one of the world leaders in cybersecurity products and solutions for critical state and military infrastructures, satellite networks and industrial and financial companies. With a presence throughout the entire security chain, Thales offers a comprehensive range of services and solutions ranging from security consulting, intrusion detection and architecture design to system certification, development and through-life management of products and services, and security supervision with Security Operation Centres in France and the United Kingdom.


    Contact:
    Dorothée Bonneil                                                   Liz Harris                                                   

    Thales Media Relations – Security                      Thales e-Security Media Relations

    +33 (0)1 57 77 90 89                                          +44 (0)1223 723612

    dorothee.bonneil@thalesgroup.com                   liz.harris@thales-esecurity.com             

  • Thales ensures your crypto systems can be trusted at RSA Conference 2014

    February 04,2014

    Thales, leader in information systems and communications security, will be showcasing its high assurance cryptographic solutions for protecting big data, public key infrastructures (PKIs), cloud and mobile payments at this year’s RSA Conference, San Francisco, February 24 – 28, 2014.

    As organizations increasingly rely on cryptography as part of their data protection strategy and to protect their critical systems, the trustworthiness of these crypto systems becomes paramount. This is particularly relevant in light of recent concerns over back doors, poorly implemented crypto systems, out of date algorithms, weak key management systems and the increasing burdens arising from privacy mandates. Thales can help organizations re-assess and re-evaluate their crypto security and key management infrastructure and deliver solutions that ensure their integrity and trustworthiness.
    ,
    Can you secure Big Data?
    Massive scale data collection and high-velocity decision making challenges traditional security models and forces an approach that is fundamentally data centric. Encryption infrastructure and access control systems protected by Thales key management solutions not only help protect sensitive data in big data analytical systems, but also ensure it remains accessible to meet your business needs.

    Is your PKI secure enough for your business applications?
    The number of applications in an enterprise that rely on a PKI for their basis of trust is ever increasing. Under strain to do more and more, does your PKI make the grade? It is of crucial importance that the chain of trust leading back the root certificate authority (CA) along with its signing keys is protected with the utmost security implemented using a hardware security module (HSM) such as Thales nShield to protect against both logical and physical attacks.

    Do you trust your path to the cloud?
    Strong encryption and key management are recognized as the most secure and effective way of protecting data and that applies equally to the cloud as it does across the enterprise. In order for organizations to take up cloud services and migrate sensitive and high-value data to virtualized and cloud deployments, they need a high assurance, reliable key management solution that ensures they retain control of their keys, and therefore their data. The Thales portfolio protects critical data assets throughout their lifecycle – when in storage, passing over communications networks and while in use by business applications – all of which are vital aspects of a cloud security strategy.

    Microsoft Azure RMS – a case study
    To highlight the potential of the cloud to deliver trusted services without compromising security Thales and Microsoft will jointly present a case study detailing how they utilize Thales HSMs to help secure the new Microsoft Azure RMS and the “Bring Your Own Key” capability that puts customers firmly in control of their data within a cloud environment:

    ‘Securing your transition to the cloud – how can you trust the man behind the curtain?’
    4.20pm, Wednesday, February 26, 2014 – Briefing Centre, North Expo Hall, RSA Conference
    Dan Plastina, Microsoft and Richard Moulds, Thales

    Are your payments systems ready to go mobile?
    The proliferation of mobile devices such as smartphones and tablets has dramatically expanded the payments ecosystem, creating new security challenges and new business models. Thales technology can help you incorporate mobile payments into your business while maintaining the highest levels of performance and security. Thales payShield 9000 and nShield deliver secure solutions for mobile point-of-sale (mPOS) solutions as well as enabling secure mobile issuance and provisioning of payments credentials to NFC and other contactless devices coupled with host security for cloud based wallets and peer-to-peer payments.

    Enterprise class key management
    Thales is again participating in the OASIS showcase, highlighting the Key Management Interoperability Protocol (KMIP) standard, with its high assurance enterprise-class key management solution – keyAuthority. The demonstration highlights the comprehensive capabilities of the Thales solution in the context of a variety of encryption devices from other participants in the KMIP interoperability booth. In addition, Thales key management experts will be available to discuss the evolution of the KMIP standard and the contribution of Thales as an originating author of the KMIP specification.

    New Global Encryption Trends Study
    Thales is releasing the ninth edition of its annual research report - the Global Encryption Trends Study. The study, which is produced in conjunction with the Ponemon Institute, is based on a survey of more than 4,000 business and IT managers from around the world regarding the use of encryption, how it has evolved and its effect on the security posture of an organization. It focuses on the compliance pressures and cyber-attacks targeting sensitive data and how and where different types of organizations are deploying encryption and key management as a result. Come along to our booth to collect your copy.

    Visit Thales at booth #909 South Expo, RSA Conference, Moscone Center, San Francisco, February 24-28, 2014

    See demonstrations of Thales keyAuthority in the OASIS KMIP interoperability showcase booth #1909 South Expo.

  • University of Malaya pioneers the first e-Scroll with Thales technology

    December 10,2013

    Thales, leader in information systems and communications security, announces that its nShield hardware security modules (HSMs) and Time Stamp Server have been deployed by University of Malaya, Kuala Lumpur, to generate digital degree certificates for their graduates and so reduce the instance of counterfeiting and fraud.

    Academic institutions around the world face challenges over the production of counterfeit degree certificates. University of Malaya decided to address the problem by issuing e-Scrolls or digital degree certificates to their graduates. These e-Scrolls are digitally signed and time stamped and can be authenticated online.

    Each e-Scroll is digitally signed by the university’s Registrar and Vice Chancellor using GlobalSign ® digital IDs. Thales high assurance, tamper-resistant HSMs provide strong protection for the digital identities of the two signatories, securely storing their private signing keys and preventing unauthorized access. As part of the process, each e-Scroll is issued a secure time stamp against the Malaysian National clock (located at SIRIM) by a Thales Time Stamp Server, providing an additional layer of security and indicating the exact time and date the credential was issued.

    Dr David Asirvatham, Director of IT Centre, University of Malaya says:

    “More than 7,000 students graduate from the University of Malaya each year, and we feel it is our duty to present them with a certificate that has strong credibility and integrity as it is widely associated with our university. Thales provided us with the technology to allow us to issue a digitally signed and time stamped e-Scroll in a solution that is quick and simple to deploy. Not only does the e-Scroll overcome the issues of counterfeit degrees, but in a world where a growing number of graduates apply for jobs online, employers are able to quickly and easily validate the authenticity of the certificates. Effective 2013, all students graduating from the University of Malaya will receive an e-Scroll at their graduation ceremony in addition to a printed certificate.”

    Richard Mallet, Managing Director, APAC, Thales e-Security says:

    “Organizations are increasingly moving from paper-based to electronic documents in order to reduce costs and increase productivity, but it is also essential that any such system provides the high levels of assurance necessary to ensure the authenticity and integrity of those documents. Thales has a wealth of experience and leading-edge products in the area of digital signatures and time stamping to protect digital signatures, making it practical for organizations, to implement these high-strength cryptographic techniques. We are particularly proud that University of Malaya chose Thales technology to deliver its innovative and secure e-Scroll.”


    Supporting resources:

    Case study: http://www.thales-esecurity.com/knowledge-base/case-studies/university-malaya

    For industry insight and views on the latest key management trends check out our blog www.thales-esecurity.com/blogs

    Follow Thales e-Security on Twitter @Thalesesecurity, LinkedIn, Facebook and YouTube

    About Thales e-Security

    Thales e-Security is a leading global provider of data encryption and cyber security solutions to the financial services, high technology, manufacturing, government and technology sectors. With a 40-year track record of protecting corporate and government information, Thales solutions are used by four of the five largest energy and aerospace companies, 22 NATO countries, and secure more than 80 percent of worldwide payment transactions. Thales e-Security has offices in Australia, France, Hong Kong, Norway, United States and the United Kingdom. www.thales-esecurity.com


    About Thales

    Thales is a global technology leader for the Aerospace & Transportation and the Defence & Security markets. In 2012, the company generated revenues of €14.2 billion ($18.3 billion) with 65,000 employees in 56 countries. With its 25,000 engineers and researchers, Thales has a unique capability to design, develop and deploy equipment, systems and services that meet the most complex security requirements. Thales has an exceptional international footprint, with operations around the world working with customers and local partners. www.thalesgroup.com

    Positioned as a value-added systems integrator, equipment supplier and service provider, Thales is one of Europe’s leading players in the security market. The Group’s security teams work with government agencies, local authorities and civil operators to develop and deploy integrated, resilient solutions to protect citizens, sensitive data and critical infrastructure.

    In the IT security market, the Group is one of the world leaders in cryptographic security solutions for critical government and military infrastructure, satellite constellations, enterprise customers and financial institutions. Thales’s unique positioning in the marketplace derives from its ability to address every link in the security chain and deliver end-to-end security and asset protection assurance.


  • Thales secures ROYALGATE’s revolutionary new mobile card acceptance solution

    End-to-end mPOS solution allows businesses to process payments for any card type

    November 19,2013

    Thales, leader in information systems and communications security, announces that ROYALGATE, a leader in payment solutions, has deployed Thales payShield 9000 hardware security modules (HSMs) to secure its PAYGATE mobile point of sale (mPOS) solution allowing businesses to easily process secure card payments for magnetic stripe and EMV-compliant contact and contactless payment cards.

    Micro-merchants, mobile businesses and tradesmen as well as larger business like restaurants, retail sites and event companies have been looking to take advantage of the explosion in card acceptance, leveraging cutting-edge mobile device technology. However, these businesses have lacked an easy-to-use, all-in-one solution that could convert any smartphone or tablet into a secure payment terminal. To solve this challenge ROYALGATE developed the PAYGATE card reader, which connects directly or wirelessly to any smart device and can read any type of card – magnetic stripe, contact chip or contactless chip.

    To address their significant security requirements around cryptographic key generation and overall management, ROYALGATE chose Thales payShield 9000, a hardware security module designed specifically for the payments market. payShield 9000 with its built-in Derived Unique Key Per Transaction (DUKPT) capabilities, enabled ROYALGATE to securely generate and inject encryption keys into PAYGATE readers before being shipped to, as well as providing device application and back-end payments processing. Thales HSMs provide the high assurance cryptographic security critical to creating a PCI DSS certified end-to-end mPOS solution.

    Keiji Umemura, CEO, ROYALGATE, says:

    “Thales provided us with the strong security, cryptographic functionality and superior key management necessary for an end-to-end solution. We knew from the outset that security would be a significant challenge, but by deploying payShield 9000’s robust and proven technology, we were able to develop the PAYGATE solution more quickly and therefore reduce time to market. As payShield 9000 has all the major certifications and validations, it also enabled us to more easily secure the approval of the relevant card associations”

    Ian Hermon, mobile payments specialist at Thales e-Security says:

    “Mobile point-of-sale (mPOS) presents a huge opportunity for payments services providers (PSPs) who want to expand their merchant base and generate more revenue while limiting their liability. Thales technology allows PSPs to create a secure infrastructure for mPOS by integrating hardware-based encryption and key management capabilities. We are committed to accelerating the growth of the mPOS market and enabling more merchants to reap the benefits of lower cost and more flexible card acceptance. To this end, we have created an mPOS ecosystem including leading end-to-end solution providers such as ROYALGATE.”

    Download the ROYALGATE case study

    Visit Thales on stand #4M 074 at Cartes 2013, Paris, to see mPOS in action and take part in live demos of our mPOS solution.

    Learn more about the Thales mPOS ecosystem in our whitepaper mPOS: Secure Mobile Card Acceptance: more cards, more volume, less cash. For industry insight and views on the latest key management trends check out our blog www.thales-esecurity.com/blogs

    Thales is a world-class expert in secure transaction solutions for payments including payment processing, EMV issuance, mobile provisioning, mobile payments, mobile payment applications security evaluations and PCI DSS compliance. Thales payShield 9000 has configurations optimized for the mPOS ecosystem, certified to the PCI HSM security standard, simplifying PCI compliance for PSPs.


  • Thales and MagTek deliver open source mobile point of sale (mPOS) solution for independent Payment Gateways

    Support for PIN based payment card transactions at mPOS lowers risk and transaction fees for mobile merchants moving away from cash

    November 12,2013

    Thales, leader in information systems and communications security, and MagTek, a leading provider of secure transaction technology to the payment card industry, announce an integrated open source mobile payment solution that turns a merchant smart phone or tablet into a highly secure mobile payment system, allowing acceptance of credit or debit card payments anywhere.

    The combined solution from MagTek and Thales delivers an easy to deploy, low cost, portable card acceptance solution with strong end-to-end security. Thales payShield 9000 hardware security modules (HSMs) deployed at the payment gateway integrate with MagTek’s DynaPro card acceptance device to establish high assurance point-to-point-encryption (P2PE). Payment Service Providers (PSPs) can now take advantage of the proven interoperability to develop their own mobile point of sale (mPOS) applications and provide merchants with a flexible, low cost mobile acceptance solution.

    News facts:

      • MagTek DynaPro Mini is a highly secure multi-functional handheld device supporting both magnetic stripe and EMV Chip and PIN card transactions, and is certified to the latest PCI PTS 3.1 specification
      • The mPOS solution works in a consistent way with other MagTek merchant solutions enabling all transactions to be routed via a single payment gateway
      • Thales payShield 9000 HSM is plug and play compatible with DynaPro data formats and reduces time to market for PSPs
      • The open source mPOS solution allows PSPs to develop their own mobile acceptance applications
      • The integrated mPOS solution meets PCI P2PE encryption requirements, bringing many operational, security and cost of ownership benefits both to merchants and PSPs
      • Merchants are able to sign multi-country acquirer contracts and deploy the terminals into any country safe in the knowledge that P2PE prevents scope increases for PCI DSS certification

     

    Steve Poulston, Managing Director, Europe at MagTek says:

    “The industry is migrating towards P2PE and PSPs are busy defining their roadmaps. Thales is a long-term partner and, like us, has extensive expertise in the payment industry making them an ideal partner to provide the high assurance payment processing at the payment gateway. MagTek’s next generation, Open Source P2PE hardware devices along with Thales payShield 9000, provide independent PSPs with a comprehensive proven P2PE solution on which to base their mPOS offering.”

    Ian Hermon, mobile payments specialist at Thales e-Security says:
    “Not many people in the payments industry anticipated the tremendous growth globally that mobile card acceptance has seen over the past year.  A key enabler behind this innovation is the use of encryption. Although encryption has been used to protect PINs for many years it is now being deployed to ensure that payment data is protect right from the moment of capture. This opens up a new level of flexibility for both merchants and PSPs because data can now be routed through untrusted devices and across untrusted networks such as mobile phones. As a payment technology leader, Thales is working with innovators such as MagTek to deliver the same high levels of security to the mobile world as have become commonplace in the traditional in-store fixed terminal environment.”

    MagTek is a member of the Thales Alliance for Solution and Application Providers (ASAP) program. Thales partners with leading technology companies and systems integrators to meet the data security needs of security-conscious organizations around the globe. The ASAP program develops technical partnerships to ensure that Thales solutions integrate seamlessly with leading applications and hardware, making it easy to deploy best practice security solutions.

    Visit Thales on stand #4M 074 and MagTek on stand #3C 023 at Cartes 2013, Paris, to see mPOS in action and take part in live demos of our mPOS solutions.

    Learn more about the Thales mPOS ecosystem in our whitepaper mPOS: Secure Mobile Card Acceptance: more cards, more volume, less cash.For industry insight and views on the latest key management trends check out our blog www.thales-esecurity.com/blogs

  • Thales and Spire Payments deliver secure, trusted and reliable mobile payment solution

    Support for PIN based payment card transactions at mPOS lowers risk and transaction fees for mobile merchants moving away from cash

    November 12,2013

    Thales, leader in information systems and communications security, and Spire Payments announce a strategic relationship to deliver an integrated mobile payment solution enabling merchants to adopt mobile point of sale (mPOS) systems that fully support PIN based transactions, including the use of EMV chip cards.

    The combined solution from Spire and Thales delivers an easy to deploy, low cost, portable card acceptance solution with strong end-to-end security. Micro merchants such as market stall traders and home repair tradesmen, who have traditionally been forced to rely on cash only, can now accept card payments using their smartphone or tablet.

    Any payment system relies on end-to-end protection of the transaction from the customer terminal right through to the payment processing infrastructure. Thales and Spire have worked to protect that back-end infrastructure by delivering interoperability between the Spire PosMate™Smart and the Thales payShield 9000 hardware security module (HSM).

    News facts:

      • PosMate™Smart from Spire is a chip and PIN mPOS terminal that allows merchants to accept card payments securely in a mobile environment by connecting to any smartphone or tablet via Bluetooth. PosMate™Smart is certified to EMV level 1 and 2 and compliant to PCI PTS 2.0 SRED, delivering the same security as familiar in-store point of sale terminals

      • The Thales payShield HSM is specifically designed to support all forms of card based transactions and includes enhanced support for key management for mPOS terminals and encryption of cardholder data

      • With the Spire and Thales solution compliance with payment system rules is focused solely on the card reader – everything else in the communication path between the merchant and the PSP is out of scope for security audits, enabling PSPs to on-board new merchants at minimal cost
      • Through the integration work performed by Spire and Thales, merchants and PSPs are able to take advantage of proven interoperability and a rapid deployment toolkit to quickly and simply provide their customers with a wider range of payment options and take advantage of the lowest cost transaction model available

    Nigel Dean, International Product Marketing Manager at Spire Payments says:
    “Thales has extensive expertise and resources in the payments space and this makes them the perfect strategic partner to enable the provisioning of high assurance payment processing as required by Spire Payments’ mPOS solution. This integrated joint solution allows PSPs to provide a secure yet flexible and easily managed mPOS infrastructure that satisfies their own and card scheme compliance obligations.”

    Ian Hermon, mobile payments specialist at Thales e-Security says:
    “Mobile acceptance has seen tremendous growth globally over the past year, but there has remained a gap between the payment options available at fixed, in-store point of sale terminal and mobile devices. Furthermore, the fact that mobile acceptance devices have lacked the appropriate security technologies to qualify for lower fee structures has penalized smaller merchants that are accepting card payments for the first time. As a payment technology leader, Thales is working with innovators such as Spire to close that gap by delivering the same high levels of security to the mobile world as have become commonplace in the traditional in-store fixed terminal environment.”

    Spire Payments is a member of the Thales Alliance for Solution and Application Providers (ASAP) program. Thales partners with leading technology companies and systems integrators to meet the data security needs of security-conscious organizations around the globe. The ASAP program develops technical partnerships to ensure that Thales solutions integrate seamlessly with leading applications and hardware, making it easy to deploy best practice security solutions.

    Visit Thales on stand #4M 074 and Spire Payments on stand #3F 018, at Cartes 2013, Paris, to see mPOS in action and take part in live demos of our mPOS solutions.

    Learn more about the Thales mPOS ecosystem in our whitepaper mPOS: Secure Mobile Card Acceptance: more cards, more volume, less cash. For industry insight and views on the latest key management trends check out our blog www.thales-esecurity.com/blogs