Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Mobile

12/1/2015
09:00 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Gemalto Payment HSM supports cloud tokenization requirements for secure mobile payment transactions and digitization of credit card credentials

AMSTERDAM, Dec. 1st, 2015 ─ Gemalto (Euronext NL0000400653 GTO), the world leader in digital security, today announced that its SafeNet Luna EFT (Electronic Funds Transfer) Payment HSM (Hardware Security Module) supports new standards from the major credit card networks for secure implementations of contactless payments via mobile phones. The SafeNet Luna EFT device is able to deliver on highly secure cloud tokenization requirements in order to protect the processing of payment transactions and digitization of credit card credentials.

With the growing popularity of mobile payments and the emergence of new technology such as Host Card Emulation (HCE), new software-based standards have been developed by major payment players to digitize card credentials and enable secure, device-based payment transactions. Banks, card issuers and payment service providers can now deploy the SafeNet Luna EFT Payment HSM and offer customers contactless payment applications that are compliant with these specifications. The SafeNet Luna EFT Payment HSM plays a central role in protecting payment data by managing the entire cryptographic process that secures the enrollment, provisioning, and tokenization of payment card credentials and payment operations.

Given the disruptive nature of being able to use your phone to pay for goods and services, it’s important that we recognize the role that security will play in making it a reality,” said Todd Moore, Vice President Data Encryption at Gemalto. “For any bank or service provider that wants to offer cloud-based payments they must deploy an HSM, and our SafeNet Luna EFT Payments HSM is certified to deliver the specific functionality required by major payment players.”

The convenience of paying with a mobile device is becoming clearer for consumers as more products hit the market,” said James Wester, Research Director for IDC Financial Insights. “Although previous strategies to provision cards into these devices have presented challenges for card issuers, merchants and payment vendors, many of these challenges can be avoided by storing payment data in the cloud with host card emulation (HCE). By adding tokenization to HCE, every stakeholder has confidence that mobile payments are not only convenient but also a very secure form of electronic payment method.”

The SafeNet Luna EFT adheres to the highest level of data protection in the industry, providing FIPS 140-2 Level 3 security and meeting the PCI-HSM 2.0 standard for physical and logical protection to cryptographic keys which are used to secure financial transactions. Furthermore, it features a Graphical User Interface (GUI) that simplifies the process of configuring and managing cryptographic and key component settings.

Related Resources

·         Learn more about Hardware Security Modules

·         Learn more about SafeNet Luna EFT

·         Download Complying with the Payment Card Industry Data Security Standard whitepaper

 

 

 

 

 

 

 

About Gemalto

Gemalto (Euronext NL0000400653 GTO) is the world leader in digital security, with 2014 annual revenues of €2.5 billion and blue-chip customers in over 180 countries.

 

Gemalto helps people trust one another in an increasingly connected digital world. Billions of people want better lifestyles, smarter living environments, and the freedom to communicate, shop, travel, bank, entertain and work – anytime, everywhere – in ways that are enjoyable and safe. In this fast moving mobile and digital environment, we enable companies and administrations to offer a wide range of trusted and convenient services by securing financial transactions, mobile services, public and private clouds, eHealthcare systems, access to eGovernment services, the Internet and internet-of-things and transport ticketing systems.

 

Gemalto’s unique technology portfolio - from advanced cryptographic software embedded in a variety of familiar objects, to highly robust and scalable back-office platforms for authentication, encryption and digital credential management - is delivered by our world-class service teams. Our 14,000 employees operate out of 99 offices, 34 personalization and data centers, and 24 research and software development centers located in 46 countries.

 

For more information visit www.gemalto.com, www.justaskgemalto.com, blog.gemalto.com, or follow @gemalto on Twitter.

 

 

 

Gemalto media contacts:

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
US Formally Attributes SolarWinds Attack to Russian Intelligence Agency
Jai Vijayan, Contributing Writer,  4/15/2021
News
Dependency Problems Increase for Open Source Components
Robert Lemos, Contributing Writer,  4/14/2021
News
FBI Operation Remotely Removes Web Shells From Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/14/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-7856
PUBLISHED: 2021-04-20
A vulnerability of Helpcom could allow an unauthenticated attacker to execute arbitrary command. This vulnerability exists due to insufficient authentication validation.
CVE-2021-28793
PUBLISHED: 2021-04-20
vscode-restructuredtext before 146.0.0 contains an incorrect access control vulnerability, where a crafted project folder could execute arbitrary binaries via crafted workspace configuration.
CVE-2021-25679
PUBLISHED: 2021-04-20
** UNSUPPORTED WHEN ASSIGNED ** The AdTran Personal Phone Manager software is vulnerable to an authenticated stored cross-site scripting (XSS) issues. These issues impact at minimum versions 10.8.1 and below but potentially impact later versions as well since they have not previously been disclosed....
CVE-2021-25680
PUBLISHED: 2021-04-20
** UNSUPPORTED WHEN ASSIGNED ** The AdTran Personal Phone Manager software is vulnerable to multiple reflected cross-site scripting (XSS) issues. These issues impact at minimum versions 10.8.1 and below but potentially impact later versions as well since they have not previously been disclosed. Only...
CVE-2021-25681
PUBLISHED: 2021-04-20
** UNSUPPORTED WHEN ASSIGNED ** AdTran Personal Phone Manager 10.8.1 software is vulnerable to an issue that allows for exfiltration of data over DNS. This could allow for exposed AdTran Personal Phone Manager web servers to be used as DNS redirectors to tunnel arbitrary data over DNS. NOTE: The aff...