Thales Blog

Thales payShield receives the French Cartes Bancaires HSM certification

July 6, 2023

Philippe Carrere Philippe Carrere | Sales Director, France, Maghreb and WAF, Thales More About This Author >

Securing online payments is more important than ever. The meteoric rise of e-commerce and digital transactions has made online payments an essential part of doing business but, as a result, has subjected organizations to increased risk. If companies want to continue reaping the rewards of online payments, they must give online payment security the necessary attention, and complying with industry standards is a vital element of achieving that.

Thales is proud to announce that we are one of the first vendors to achieve the latest version of the stringent Cartes Bancaires HSM certification (CB HSM), also known as the SAFIRE v2.2 methodology, for our current payment HSM, payShield 10K.

The certification is the most recent confirmation of Thales’ commitment to the French payment system and its specific security requirements; and our exemplary track record in obtaining MEPS/CB HSM certifications for our previous HSM models – including RG7000, HSM8000, and payShield 9000 – dating back 25 years.

About HSMs

Hardware Security Models (HSMs) are dedicated cryptographic processors that protect the crypto key lifecycle. HSMs act as trust actors, protecting organizations’ cryptographic infrastructures by securely managing, processing, and storing cryptographic keys inside a hardened, tamper-resistant device. Enterprises typically use HSMs to protect identities, transactions, and applications.

About payShield 10K

payShield 10K is the fifth generation of payment HSMs from Thales. Like its predecessors, payShield 10k delivers payment security functionality proven in critical environments, including transaction processing, sensitive data protection, payment credential issuing, mobile card acceptance, and payment tokenization.

The product of Thales’ 30+ years’ experience in securing digital payments, payShield 10k can be used throughout the global payment ecosystem by issuers, service providers, acquirers, processors, and payment networks. It plays a fundamental role in securing face-to-face and digital remote payments, delivering the necessary trust that underpins communications between payment participants.

In 2022, Thales launched payShield Cloud HSM, a cloud-hosted version of our payment service. It uses payShield 10k HSMs to provide the secure real-time cryptographic processing capabilities required by payment workloads running in any of the major public clouds.

A ‘bare metal’ hosted HSM service, payShield Cloud HSM addresses the needs of existing payment HSM users and new payment entrants looking to leverage hardware-based security. Whether Thales’ customers choose an on-prem, cloud, or hybrid deployment model, consistent HSM functionality is available with the highest level of security compliance. Thales manages the physical infrastructure and hosts the HSMs in data centers under Thales’ control. PayShield Cloud HSM users can access dedicated payShield 10K HSMs under their control via flexible subscription options. Thales expects to offer this solution as a CB HSM-certified option for our banking customers in France soon.

payShield 10K continues to evolve, and Thales is committed to ensuring its growing customer base in France can take advantage of the latest management and monitoring tools to support payShield 10K.

About Cartes Bancaires

Cartes Bancaires is an Economic Interest Group (EIG) set up in France in 1984 to establish an interbank card payment and cash withdrawal system. It has 128 members from French and foreign banking and financial institutions but primarily operates in France.

CB is France’s local card network, boasting over 46,000 ATMs and 1 million EFTPOS acceptance points. More than 95% of CB cards are co-branded with either Visa or Mastercard, and CB account payments make up around 60% of household consumption in France. Since 1992, all CB cards have been smart cards, making France the first country to do so.

The MEPS/CB HSM certification, developed by CB, is a security standard that regulates all cryptographic security equipment intended for use by the member banks on their payment networks in the CB system.