News and resources on cloud strategy, selection, build, migration and operation for banks and fintechs.

Thales ports HSM technology to the cloud

Source: Thales

Today Thales announces the launch of Thales payShield Cloud HSM, a subscription-based digital payments security service built on its market-leading payShield 10K Payment Hardware Security Module (HSM) technology to help customers accelerate the adoption of cloud-based payments infrastructure.

For more than 30 years, Thales’s payment HSMs have helped protect cryptographic keys and sensitive data to facilitate secure payment processes - both online and in person. Leveraging the long-term success of Thales’s on-premises payment HSM deployments globally, the new service offers rapid deployment, improved flexibility, and seamless integration with leading cloud providers such as Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP).

The payShield Cloud HSM service can be used in hybrid deployments, enabling existing customers to move any application to the cloud at their own pace while avoiding disruption to their on-prem HSM infrastructure. The service can be deployed in minutes, delivering instant security, trust, segregation of duties, and functions that support the needs of leading payment brands such as American Express, Discover, JCB, Mastercard, UnionPay, and Visa.

Flexibility without compromising on security

The payShield Cloud HSM service is an alternative way for businesses to fulfil their payment security needs. It simplifies the sharing of production HSMs across multiple locations and applications, allowing more HSMs to be added quickly for resilience, backup or capacity. The service is currently supported by multiple data centres across the US and EU regions, with more in the pipeline - helping businesses with the growing complexity of data sovereignty. These data centres comply with critical data security audit standards including PCI PIN security essential for payment processing.

“Across industries and geographies, digital services are steadily transitioning from on-premises to cloud-based offerings. Payment solutions are no exception,” said Todd Moore, vice president of data security products at Thales. “Our cloud-based payShield 10K HSM service provides a new, flexible and fully-compliant solution for facilitating digital and face-to-face payments. This new offering delivers the exceptional performance customers expect from our payment HSM platforms, including low-latency operations with leading cloud platforms.”

“Continuing our decades of collaboration with Thales, Prime Factors has successfully tested our Bank Card Security System (BCSS) with the Thales payShield Cloud HSM service”, said Jose Diaz, VP, Products & Services at Prime Factors. “Not only are our BCSS customers able to leverage the full functionality of payShield in the cloud, but they can seamlessly do so with payShield HSMs across hybrid environments. BCSS allows easy and flexible control over using Thales payment HSMs on premises and in the cloud - designating specific functionality in one environment or another or load-balancing functionality across cloud and local payShield HSMs.


The payShield Cloud HSM service is available now to existing Thales customers migrating to a multi-cloud environment or adopting a hybrid approach as well as new customers seeking a cloud service payment security approach. For existing payShield customers, the service offers full backward compatibility with on-premises payShield HSMs, including any existing custom code.

Comments: (0)