Microsec chooses nCipher HSMs for PSD2 solution
nCipher Security, an Entrust Datacard company, and a world leader in hardware security modules (HSMs) that deliver trust, integrity and control for business-critical information and applications, announces that Microsec has chosen nShield® HSMs to underpin the security of Microsec’s qualified trust services, including its certificate and digital signature services. Microsec’s service helps financial institutions meet the requirements of the revised Payments Services Directive (EU) 2015/2366 (PSD2), and take advantage of new business opportunities offered by open banking.
PSD2 is the driving force behind open banking, where financial institutions are required to open their customer account data to regulated third party payment service providers. The goal is that those third parties will build innovative new services for banking customers and improve the customer experience.
The regulation requires payment service providers to use qualified certificates as defined by Regulation (EU) No 910/2014 covering electronic Identification, Authentication and Trust Services (eIDAS). eIDAS mandates that trust service providers use trustworthy systems, and the applicable technical standards specifically require the use of certified HSMs to protect the private keys used to issue those digital certificates.
nShield HSMs are certified to Common Criteria EAL4 + AVA_VAN.5 and ALC_FLR.2 against EN 419 221-5 Protection Profile, under the Dutch NSCIB scheme. Using nShield HSMs to protect the private keys used to issue digital certificates enables Microsec to issue Qualified eIDAS certificates and provide the essential security elements to fulfil the PSD2 authentication and security requirements.
“Microsec has long been a customer of nCipher and relied on its HSMs to provide a foundation of trust to all our digital services. By launching this new trust service we can now also support banks and third-party service providers in securing their communications and complying with PSD2 identification requirements,” says Dr. Sándor Szőke, deputy director of eIDAS Trust Services at Microsec.
“The financial services industry is under the constant threat of fraud and security risk,” says Cindy Provin, General Manager, nCipher Security and SVP, Entrust Datacard. “While PSD2 is creating a new digital financial services market, to achieve the benefits requires strong security measures. The use of our nShield HSMs provides a root of trust for business critical applications, facilitating compliance with ever stricter security regulations, such as PSD2 and eIDAS. I am delighted that Microsec is both a customer and partner and that our combined solution will provide highly-trusted, qualified eIDAS certificates to fulfil PSD2 requirements.”
Click here to read the case study