Default banner

Introducing the payShield Trusted Management Device

The payShield Trusted Management Device (TMD) is a secure portable device that enables security teams to manage symmetric keys remote from production HSMs.

payShield Trusted Management Device

payShield TMD offers secure, flexible and efficient key management for payment HSMs. It is a compact, intuitive, self-contained secure cryptographic device (SCD) that enables you to perform symmetric key management tasks including securely forming keys from separate components or splitting existing keys retrospectively into new components. payShield TMD generates and shares keys in a manner that is compliant with relevant security standards, including X9 TR-31, ANSI X9.24-1 and PCI PIN Security.

Unlike traditional approaches, these critical key management tasks can be carried out without any physical connection to a production HSM, providing greater operational flexibility without compromising security. For example, a single payShield TMD can form keys for multiple payment HSMs distributed across multiple data centers, enabling large payment processors to create and distribute thousands of Key Encrypting Keys (KEKs) or Zone Master Keys (ZMKs) in a timely and secure manner while eliminating data entry errors.

Each payShield TMD shares one or more Master ZMKs (MZMKs) with the HSMs to facilitate secure exchange of key material. payShield TMD does not require access to the Local Master Keys (LMKs) used by the production HSMs. Keys exchanged between a payShield TMD and an HSM are encrypted under the appropriate MZMK.

  • Benefits
  • Specifications
  • Accessories

Simplify key management

Leverage our unique QR code method for key import and export to streamline the process and eliminate data entry errors common in legacy approaches.

Minimize time required

Perform all sensitive key management tasks in a secure remote location 24x7. No need to book data center slots or have physical access to production HSMs.

Share keys securely

Take advantage of our standard-based management approach for keys and components when sharing keys with HSMs from multiple vendors.

Key management functionality

  • Generate key components
  • Form keys from components
  • Split existing keys into components
  • Key sharing methods – QR codes, smart cards, USB tokens and paper components
  • Compatible with HSMs that support TR-31 / X9.143 key management (e.g. Thales payShield 10K and payShield 9000)

Physical and logical security

  • Tamper-responsive physical design – sensitive key data erased immediately in the event of an attack
  • Secure touch screen – sensitive key information encrypted at the point of capture
  • Dual control login via smart card for administrators and operators
  • Up to 20 independent Master ZMKs (MZMKs) per payShield TMD
  • MZMK cryptographic key strength – DES (double / triple length) and AES (128, 192 and 256 bits)
  • Comprehensive audit log

Device physical characteristics

  • 7” touch screen display
  • Integral smart card reader
  • Integral camera and thermal printer
  • Dimensions : 72 x 114 x 231 mm (H x W x D)
  • Power : 5V/2A switching power adapter, Li-Ion battery
  • Operating temperature : 0 to 50C

Security certifications and compliances

  • PCI HSM v3 certified Key Loading Device (KLD)
  • PCI PIN Security audit
  • TR-39 audit

Smart cards

  • Dedicated payShield TMD smart cards for use by administrators, operators and auditors
  • payShield HSM smart cards for secure storage of MZMK components
  • Related Resources