Hardware Security Modules

Hardware security modules (HSMs) from Thales e-Security provide a hardened, tamper-resistant environment for secure cryptographic processing, key protection, and key management. With these devices you can deploy high assurance security solutions that satisfy widely established and emerging standards of due care for cryptographic systems and practices—while also maintaining high levels of operational efficiency. Use our HSMs with a wide variety of commercial software products and in-house or custom developed software systems. For virtually any system that employs cryptography in the form of encryption and digital signatures, a Thales HSM will enable you to overcome the security vulnerabilities and performance challenges typically associated with software-only cryptography. With HSMs from Thales, you buy only the capacity you need and can scale your solution easily as your requirements evolve. 

All Thales HSMs are certified by independent authorities, establishing quantifiable security benchmarks that give you confidence in your ability to support compliance mandates and internal policies. These HSMs are available in multiple form factors to support all common deployment scenarios ranging from portable devices to high-performance data center appliances. Turn to nShield HSMs for general-purpose security, and payShield 9000 for leading payment system security. Whichever HSMs you choose, you will gain confidence in system security, streamlined administration, and regulatory compliance.

The nShield™ Family of Multi-Purpose HSMs  

Thales introduces the new XC series to the nShield family of multi-purpose HSMs, supporting the world’s fastest cryptographic algorithms and safeguarding high-volume sensitive data transactions. The Thales family of nShield HSMs support a wide array of APIs and operating systems, enabling use with virtually any business application—from identity management, web services and database encryption to tokenization, PKI services and strong authentication. nShield HSMs are pre-tested to integrate with a wide range of commercial security solutions from partners such as Microsoft, F5, and Citrix.

All nShield HSMs feature Thales’ market-leading Security World key management architecture—proven technology that protects application keys within the safe confines of the HSM, yet allows them to be managed in a straightforward and convenient manner, delivering an ideal combination of high assurance and operational ease. nShield HSMs substantially reduce the risk of human administrative error by automating tasks such as back-ups and compliance reporting, while guaranteeing key recovery and eliminating single points of failure. Most nShield HSMs also support the unique ability to host critical applications within the hardened security boundary, so you can establish tamper-resistant business processes in addition to protecting cryptographic operations.

Benefits of nShield HSMs

  • Powerful Thales Security World architecture automates administrative tasks, such as compliance reporting and back-ups, minimizing operational costs and reducing human error
  • Run security-critical code protected within the HSM boundary (CodeSafe option for Connect and Solo)
  • Wide range of APIs to support various applications
  • Flexibility and scalability among nShield HSM product family enable mixed deployments and easy expansion as your operations grow
  • Certified to FIPS 140-2 to comply with your organization’s stringent security needs

Uses for nShield HSMs

nShield Connect performs key management and cryptographic operations, such as encryption and digital signing, on behalf of a wide range of commercial and custom business applications and critical security systems including:

  • Public key infrastructures (PKIs)
  • Identity management systems
  • Databases
  • Encryption and tokenization
  • Code signing and time stamping

The payShield Family of Payment HSMs

payShield 9000 from Thales is a proven HSM that is dedicated to the payment industry for transaction processing and key management. Thales payment HSMs are the most widely deployed in the world, used in an estimated 80% of payment card transactions. payShield 9000 provides features to support the latest card scheme payment applications for contact chip, contactless chip, and mobile secure elements and to support evolving standards from leading industry organizations including PCI SSC, Global Platform, and Multos International. The Key Management Device (KMD) and payShield Manager are valuable companion products to the payShield 9000. The KMD for payment HSMs is a compact tamper-resistant security module (TRSM) that enables keys to be formed securely from separate components. Enabling this critical task to be carried out without any physical connection to a production HSM, KMD increases flexibility while streamlining operations. payShield Manager supports secure remote monitoring and management of Thales payment HSMs, enabling organizations to reduce operating costs by streamlining and centralizing their administration.

  • nShield Connect nShield Connect XC & Connect

    • High-performance network-attached HSM
    • Delivers secure cryptographic services as a shared resource for distributed application instances and virtual machines
    • Features redundant hardware and is suitable for high-availability data centers.

    Product Detail
  • nShield Solo XC nShield Solo XC & Solo+

    • Embedded form factor for dedicated performance enhancement
    • Isolates critical security functions and minimizes IT interdependencies
    • Provides FIPS 140-2 certification for appliance vendors with high assurance requirements

    Product Detail
  • Remote Admin nShield Remote Administration

    • Cuts travel costs and saves time
    • Offers 24 x 7 convenience
    • Safeguards transactions using multiple layers of security
    • Works with Connect and Solo nShield HSMs

    Product Detail
  • Edge nShield Edge

    • Small, portable form factor suits any deployment scenario
    • Convenient tool for use in a development environment
    • Economic, fully scalable entry point for HSM deployment

    Product Detail
  • payShield9000 payShield 9000

    • Proven HSM specifically designed for card issuing and payment processing
    • Supports all major payment applications
    • Maximizes business continuity
    • Streamlines deployment and maintenance and reduces the cost of compliance

    Product Detail
  • payShield Manager payShield Manager

    • Reduces operating costs by eliminating the need for physical presence for HSM management.
    • Provides 24 x 7 management even when local physical access to HSMs is not available.
    • Supports a large number of HSMs deployed across multiple locations.
    • Operates seamlessly with VPNs and firewalls.
    • Adapts rapidly to evolving organizational needs through support of a management port white list for device access     

    Product Detail
  • Device Key Management Device

    • Reduces operating costs by streamlining key management
    • Works with payShield 9000 and other Thales payment HSMs
    • Complies with ANSI/ISO key management standards to simplify security audits
    • Maximizes flexibility by managing keys for multiple HSMs

    Product Detail