PSD2 Compliance

Thales e-Security can help your organization keep sensitive data secure in the PSD2 environment.

PSD2 Compliance

The data security requirements for the revised EU Payment Services Directive PSD2 are still evolving. However, they will certainly call for a suite of industry best-practice solutions, as organizations work to increase security while maintaining high user experience satisfaction levels. Thales e-Security best-practice data security solutions for the PSD2 environment include:

  • Vormetric Transparent Encryption
  • Vormetric Tokenization with Dynamic Masking
  • Vormetric Data Security Platform for user access control
  • Vormetric Data Security Intelligence
  • Datacryptor 5000
  • payShield and nShield hardware security modules (HSMs)
  • SafeSign
EU's Payment Services Directive

According to the European Commission:

The [current] Payment Services Directive (PSD) was adopted in 2007. This legislation provides the legal foundation for an EU single market for payments, to establish safer and more innovative payment services across the EU. The objective is to make cross-border payments as easy, efficient and secure as 'national' payments within a Member State.

PSD2

Also according to the European Commission:

The Commission proposed to review the PSD to modernise it to take account of new types of payment services, such as payment initiation services ....

....

[PSD2's] main objectives are to:

  • Contribute to a more integrated and efficient European payments market
  • Improve the level playing field for payment service providers (including new players)
  • Make payments safer and more secure
  • Protect consumers
  • Encourage lower prices for payments
....

To make electronic payments safer and more secure, PSD2 introduces enhanced security measures to be implemented by all payment service providers, including banks. The EBA will develop specific and objective security standards to that end.

PSD2 Security directives and regulations are written at a high level and the detailed implementation is being left to the industry. However, data security regulations related to PSD2 will almost certainly be subject to the same stringency as the General Data Protection Regulation (GDPR).

The inherent data-security challenge industry observers see in PSD2 is that of strengthening security to reduce fraud while not causing too much disruption to the end user experience.

Thales e-Security has a comprehensive set of solutions that can help organizations prepare for and comply with PSD2 across all areas where data needs to be protected -- at rest, in motion and in use.

Vormetric Transparent Encryption

Vormetric Transparent Encryption from Thales e-Security provides file and volume level data-at-rest encryption, secure key management and access controls required by regulation and compliance regimes.

Vormetric Tokenization with Dynamic Masking

Vormetric Tokenization with Dynamic Masking from Thales e-Security lets administrators establish policies to return an entire field tokenized or dynamically mask parts of a field. With the solution’s format-preserving tokenization capabilities, managers can restrict access to sensitive assets, yet, at the same time, format the protected data in a way that enables many users to do their jobs.

Vormetric Data Security Platform for User Access Control

Encryption falls short when defending data, if cyber criminals gain access to the tools for decrypting the data. The Vormetric Data Security Platform from Thales e-Security provides the following best practice safeguards:

  • Separation of privileged access users and sensitive data
  • Separation of administrative duties
  • Granular privileged access controls
Vormetric Data Security Intelligence

Vormetric Data Security Intelligence from Thales e-Security provides another level of protection from malicious insiders, privileged users, APTs and other attacks that compromise data by delivering the access pattern information that can identify an incident in progress.

Datacryptor 5000

Datacryptor systems use strong hardware-based encryption technology to help secure data in motion for business-critical applications. The solution features traffic flow security capabilities that completely mask traffic patterns to prevent surreptitious traffic analysis. Datacryptor 5000 can traverse Layer 2, IPv4, and IPv6 networks and secure data in motion with little to no impact on network performance and bandwidth. With this solution, businesses and government agencies can establish secure, affordable high-performance connectivity.

payShield and nShield Hardware Security Modules (HSMs)

Designed specifically for payments applications, payShield 9000 from Thales e-Security is a proven hardware security module (HSM) that performs tasks such as PIN protection and validation, transaction processing, payment card issuance, and key management. The payShield 9000 design benefits from over 25 years of Thales experience with payment system security. It is a state-of-the-art solution that delivers an ideal combination of security and operational ease.

The nShield Connect series delivers cryptographic services as a shared network resource for distributed applications and virtual machines. This gives organizations a highly secure solution for establishing physical and logical controls for server-based systems. Fully supporting the Thales Security World architecture, the Connect series provides an ideal combination of high assurance and operational ease. The solution makes it easier for organizations to define and enforce security policies, such as access control and separation of duties, while automating burdensome and risk-prone administrative tasks including back-ups and compliance reporting.

SafeSign

SafeSign is a scalable server application for Thales nShield HSMs. It facilitates quick and secure deployment of digital signature solutions and helps ensure that digital signing processes are implemented in accordance with the latest industry standards. The strong key partitioning functionality of nShield HSMs is used in conjunction with the secure client connection capability of SafeSign to reduce the risk of fraudulent use of the digital signature capability. SafeSign provides high levels of flexibility by supporting a wide range of server platforms while simplifying integration with leading PKIs and offering a choice of implementation options to suit a variety of digital signing requirements.

Brochures : Thales nShield Family Brochure

The Thales nShield family of general purpose hardware security modules (HSMs) enhances the security and performance of server-based applications that handle your most sensitive data. nShield HSMs protect the keys...

Download

Video : Vormetric Transparent Encryption Demo

Watch this short demo to learn how Vormetric Transparent Encryption makes it easy to deploy file and database encryption with privileged user access controls and security intelligence log collection across all your server environments (physical, virtual, big data and cloud) with centralized policy and key management. This demo includes an animated demonstration, policy configuration, insider abuse demonstration, and review of the actual audit logs produced.

Play

Mire nuestra demostración interactiva Explorar
Programe una demostración en vivo Programar
Comuníquese con un especialista Contacto