Hardware Security Modules
Hardware security modules (HSMs) from Thales e-Security provide a hardened, tamper-resistant environment for secure cryptographic processing, key protection, and key management. With these devices you can deploy high assurance security solutions that satisfy widely established and emerging standards of due care for cryptographic systems and practices—while also maintaining high levels of operational efficiency. Use our HSMs with a wide variety of commercial software products and in-house or custom developed software systems. For virtually any system that employs cryptography in the form of encryption and digital signatures, a Thales HSM will enable you to overcome the security vulnerabilities and performance challenges typically associated with software-only cryptography. With HSMs from Thales, you buy only the capacity you need and can scale your solution easily as your requirements evolve.
All Thales HSMs are certified by independent authorities, establishing quantifiable security benchmarks that give you confidence in your ability to support compliance mandates and internal policies. These HSMs are available in multiple form factors to support all common deployment scenarios ranging from portable devices to high-performance data center appliances. Turn to nShield HSMs for general-purpose security, and payShield 9000 for leading payment system security. Whichever HSMs you choose, you will gain confidence in system security, streamlined administration, and regulatory compliance.
The nShield™ Family of Multi-Purpose HSMs
nShield multi-purpose HSMs from Thales provide support for the widest range of cryptographic algorithms, application programming interfaces (APIs) and host operating systems, enabling use with virtually any business application—from identity management, web services and database encryption to tokenization, PKI services and strong authentication. The nShield HSM product line is pre-tested to integrate with a wide range of commercial security solutions from partners such as Microsoft, F5, and Citrix.
All nShield HSMs feature Thales’ market-leading Security World key management architecture—proven technology that protects application keys within the safe confines of the HSM, yet allows them to be managed in a straightforward and convenient manner, delivering an ideal combination of high assurance and operational ease. nShield HSMs substantially reduce the risk of human administrative error by automating tasks such as back-ups and compliance reporting, while guaranteeing key recovery and eliminating single points of failure. Most nShield HSMs also support the unique ability to host critical applications within the hardened security boundary, so you can establish tamper-resistant business processes in addition to protecting cryptographic operations.
Benefits of nShield HSMs
- Powerful Thales Security World architecture automates administrative tasks, such as compliance reporting and back-ups, minimizing operational costs and reducing human error
- Run security-critical code protected within the HSM boundary (CodeSafe option for Connect and Solo)
- Wide range of APIs to support various applications
- Flexibility and scalability among nShield HSM product family enable mixed deployments and easy expansion as your operations grow
- Certified to FIPS 140-2 to comply with your organization’s stringent security needs
Uses for nShield HSMs
nShield Connect performs key management and cryptographic operations, such as encryption and digital signing, on behalf of a wide range of commercial and custom business applications and critical security systems including:
- Public key infrastructures (PKIs)
- Identity management systems
- Encryption and tokenization
- Code signing and time stamping
The payShield Family of Payment HSMs
payShield 9000 from Thales is a proven HSM that is dedicated to the payment industry for transaction processing and key management. Thales payment HSMs are the most widely deployed in the world, used in an estimated 80% of payment card transactions. payShield 9000 provides features to support the latest card scheme payment applications for contact chip, contactless chip, and mobile secure elements and to support evolving standards from leading industry organizations including PCI SSC, Global Platform, and Multos International. The Key Management Device (KMD) and payShield Manager are valuable companion products to the payShield 9000. The KMD for payment HSMs is a compact tamper-resistant security module (TRSM) that enables keys to be formed securely from separate components. Enabling this critical task to be carried out without any physical connection to a production HSM, KMD increases flexibility while streamlining operations. payShield Manager supports secure remote monitoring and management of Thales payment HSMs, enabling organizations to reduce operating costs by streamlining and centralizing their administration.