Securing your messaging flows
Hardware Security Module (HSM) protects your SWIFTNet PKI certificates against unauthorised access and is mandatory for signing live traffic and authenticating on production services.
The HSM is a security device which safestores your critical SWIFTNet PKI certificates and generates signatures for your traffic. The device secures the generation, storage and use of cryptographic keys by providing logical and physical protection.
There are three HSM models to address different customers’ needs: HSM tokens, HSM cards and HSM boxes.
- HSM tokens and HSM cards are tailored for customers with lower messaging volumes who manage a limited number of certificates. These types of HSM models are easy to use and portable.
- HSM boxes are network-sharable and offer scalability and resilience. They are available with three different throughput classes to address the needs of low, medium and high volumes customers respectively.
Different models to suit your needs
With three different models available, you can choose an HSM based on your traffic volumes and the level of resilience and scalability you require.
Installation and configuration is embedded in SWIFTNet Link, which triggers the HSM’s signing operations and monitors correct functioning.
High level of protection
HSMs provide significantly more security than disk-based certificates as the private keys are generated and stored encrypted inside the HSM.