Skip to main content

XUMI chooses nCipher Security to reduce mobile payments fraud




News Room Media Inquiry

News Room Media Inquiry

Man and woman talking

nCipher nShield® HSMs provide root of trust for new NFC payment security solution

nCipher Security, an Entrust Datacard company and provider of trust, integrity and control for business-critical information and applications, announces that XUMI, a secure payments provider, is using nCipher nShield Connect hardware security modules (HSMs) to help strengthen the security embedded in its mobile payments solution and reduce fraud for both merchants and consumers.

XUMI is a global organization that enables secure payments between cardholders and merchants. As mobile wallets and tap-to-pay become mainstream, fraud rates for these types of payments will rise. And every fraudulent purchase means lost goods and costly chargeback fees for merchants. Xumi uses technology that goes beyond current data security standards to stop fraudulent transactions before they happen and ensure every transaction is legitimate, every time.

“The payments industry is fractured,” says Juliana Cafik, principal at XUMI. “There's a systemic divide between the consumer product, which is a card or account of some sort, and merchant applications, which receive the transactions and are provisioned by a completely different set of parties with completely different sets of technologies. This gap creates an opportunity for fraud.”

XUMI has set out to bridge the divide and establish trust between consumers and merchants by developing one technology that safely handles both ends of a transaction. The nCipher nShield HSM provides a root of trust that allows XUMI to create a seamless security architecture for both the consumer and merchant sides of the transaction.

“The nShield HSM helps us to create structures that can be used to verify trust on both sides and to be independent of consumer mobile devices,” said Cafik. “It allows us to satisfy all the Payment Card Industry Data Security Standard (PCI DSS) security requirements for encrypting stored personal and payment information and is a key element of the security of the overall operational environment.”

“We are in a time of rapid technological innovation that is disrupting how commerce and payments are conducted,” says Peter Galvin, chief strategy officer at nCipher Security. “While digital payments are much faster and more convenient, those benefits will quickly erode if strong security measures are not an integral part of this innovation. It is clear XUMI takes security very seriously and is committed to preventing fraud, underlined by its choice to deploy our nShield HSMs as the root of trust for its mobile payment solution.”

nShield Connect HSMs are hardened, tamper-resistant hardware devices that strengthen cryptographic processes by generating and protecting the keys used to encrypt and decrypt data and to create digital signatures and certificates. In addition to delivering some of the highest cryptographic transaction rates in the industry, nShield HSMs are validated to FIPS 140-2 level 3 and Common Criteria EAL4+ allowing organizations to meet critical regulatory audit and compliance requirements.

Please click here to access the full case study with Xumi.