Azure Payment HSM Receives PCI PIN Certification, Offering Customers Secure…


This blog post was co-authored by Darius Ryals, General Manager of Partner Promises and Azure Chief Information Security Officer.

Today we announce Azure Payments HSM received the Payment Card Industry Personal Identification Number (PCI PIN), making Azure the first hyperscale cloud service provider to receive this certification.

Financial technology has rapidly revolutionized the payments industry and securing payment transactions is paramount. Azure helps customers secure their critical payment infrastructure in the cloud and streamline global payment security compliance. Azure remains committed to helping customers achieve compliance with the payment card industry’s leading compliance certifications.

Improved security and compliance through Azure Payment HSM

Azure Payment HSM is a bare metal infrastructure as a service (IaaS) that provides key cryptographic operations for real-time payment transactions in Azure. The service enables financial institutions and service providers to accelerate their digital payment strategy via the cloud. Azure Payment HSM is certified to strict PCI Security Standards Council (PCI SSC) security and compliance requirements, including PCI DSS, PCI 3DS, and PCI PIN, and offers HSMs that are FIPS 140-2 Level 3 and PCI HSM v3 certified are.

Azure Payment HSM enables a variety of use cases. These include payment processing for card and mobile payment authorization and 3D Secure authentication; issuance of proof of payment for cards, wearables and connected devices; Securing keys and authentication data for POS, mPOS, remote key loading, PIN generation and PIN routing; Protection of sensitive data for point-to-point encryption, security tokenization and EMV payment tokenization.

Azure Payment HSM is designed to meet the low-latency, high-performance requirements for mission-critical payment applications. The service consists of single-tenant HSMs that offer customers full remote administrative control and exclusive access. HSMs are deployed and connected directly to users’ virtual networks, and HSMs are under users’ sole administrative control. HSMs can be easily deployed as a pair of devices and configured for high availability.

Azure Payment HSM offers great benefits for both payment HSM users with a legacy on-premises HSM footprint and those new to the payments ecosystem who choose a cloud-native approach from the start. The customer could be a payment service provider acting on behalf of multiple financial institutions, or a financial institution that wants to access the Azure Payments HSM directly.

Leverage Azure Payment HSM PCI PIN certification

PINs are used to verify cardholder identity in online and offline payment card transactions.

That PCI PIN security standard contains requirements for the secure management, processing and transmission of PIN data and applies to merchants and service providers who store, process, transmit or compromise the security of PIN data.

Azure Payment HSM customers can reduce their compliance burden by taking advantage Azure PCI PIN compliance attestation (AOC), which covers Azure’s area of ​​responsibility for each PCI PIN requirement and includes the list of certified Azure regions. That Azure Payment HSM shared responsibility matrix is also available to help customers significantly reduce time, effort and cost during their own PCI PIN assessments by simplifying the compliance process.

Learn more

When moving payment systems to the cloud, payment security must flawlessly comply with the mandate of the payment industry. Financial institutions and service providers in the payments ecosystem, including issuers, service providers, acquirers, processors, and payment networks, would benefit from Azure Payment HSM. To learn how Microsoft Azure Functions can help, check out the following resources:

Source link

Leave a Reply