Hardware security modules have long been a staple in payments network security, but increasing transaction flow and coding in the mobile and digital age can create data bottlenecks with current technology.
Thales e-Security is launching nShield XC in the third quarter of 2016 to provide twice as much, or more, memory for hosting applications in the hardware security module and processing high-tech transactions with greater speed.
The nShield XC represents the third generation of hardware redesign on Thales' line of hardware security modules since the late 1990s. The nShield XC is designed to stir interest in emerging payment methods such as bitcoin and mobile payments.
Thales has long been a proponent of mobile and digital as a more secure option for payment data.
The nShield XC supports elliptic curve cryptography, or ECC, and Thales' CodeSafe technology. ECC algorithms conserve computer power and take up less space in the module. CodeSafe is a secure one-time cryptographic boundary within the HSM.
"The XC would have a wide array of uses, such as for holding the keys to a transportation payment system in which cards were topped off or loaded with funds," said Peter Galvin, vice president of strategy and marketing for Plantation, Fla.-based Thales.
Credit card companies sending a high volume of encrypted data to back-end databases would also benefit from the increased storage and power for public key infrastructure that nShield XC provides, Galvin said.
Payments and data security needs both hardware and software security modules in the future because "it is all about layers so a gap in one can be covered by others," said Ben Knieff, senior analyst at Aite Group.
"Key management is critical because we've seen examples over the last few years where keys expired or were stolen and it caused serious problems," Knieff said.
Ultimately, key management will have to become a software-as-a-service for businesses and consumers, Knieff added.
In the bitcoin space, the nShield XC plays a role in transaction security, rather than bitcoin mining, said Sander Temme, senior product line manager at Thales.
"It would help make sure only designated parties can sign blockchain entries with keys that belong to the party for that transaction," Temme said.
In general, Thales considers the XC a great fit for key management on applications that will operate on smartphones, tablets, sensors and other payments devices.
"It's not only for today's apps, but for emerging technologies," said Kristina Cairns, senior product marketing manager at Thales. "With the overall speed and volume it can handle, it puts customers in position to run enterprise level communications, aid in retail payments, and credit card database management at a much higher level than they can today," Cairns added.
The XC will also work for security-as-a-service cloud providers, Cairns said. Late last year, Thales launched CipherTrust to help network operations teams monitor the status of Thales HSMs in private or public clouds across multiple locations.