Hardware Security Module (HSM)
Enhance your SwiftNet operations with our HSM, safeguarding PKI credentials for secure data exchange. It provides comprehensive cryptographic key protection, available in two models tailored to your specific security needs: HSM boxes and HSM tokens.
Benefits
Learn more about Hardware Security Module (HSM)
Features
-
HSM boxes
Network-sharable, our HSM boxes offer scalability and resilience and are available with three different throughput classes to meet your needs – low, medium or high-volume. The HSM box is a hardware box accessed over the local area network by SwiftNet Link.
Boxes can be shared between multiple SwiftNet Links.
Highly scalable, HSM boxes can support low to high throughput classes and store hundreds of certificates. Each certificate is stored in a separate partition with its own access control protection.
HSM boxes can be configured in a high-availability cluster, minimising downtime and preserving certificates in case of failure. The boxes have the same certificates and handle the traffic in parallel.
Contact your Account Manager to find out more.
-
HSM tokens
If you have lower message volume requirements and manage a limited number of certificates, you can choose to use an HSM token.
- The HSM token is a hardware token, inserted into the USB port of the PC hosting the SwiftNet Link.
To use your HSM, plug the HSM token into the USB port of your SwiftNet Link.
You can remove your HSM token from the PC hosting the SwiftNet Link when not required. You can also move it to another SwiftNet Link, while access to the SwiftNet PKI certificate remains fully secure.
HSM Refresh Programme 2023-2025
The current Hardware Security Module (HSM) boxes will reach end-of-life in 2025. To help ensure safe and continuous operations on our network, we’re launching a programme to swap existing boxes for updated models.
We started in early 2023 and will continue until end 2025. Complying with this programme is mandatory for members of our community, but we’ll be on hand to help along the way.
Key takeaways
HSM boxes play an integral role in our security architecture. They enforce the confidentiality and integrity of data exchanged between us and our clients by storing the PKI certificates used for signing and encryption.
The Thales Luna IS6 boxes have a life expectancy of 8 to 10 years and were first introduced to our community in 2013.
The ongoing HSM refresh programme will run until end 2025. This will ensure that all impacted customers are upgraded well before their current model reaches end-of-life.
We’ll subsidise 75% of the one-time overall cost, including delivery costs, for the new HSM boxes if you make your switch on time.
Get started with HSM refresh
-
Get started
Get a detailed overview of the steps in the HSM box migration journey. Keep this one-page guide for your reference.
-
Implement and test
The Project Navigator will guide you. Complete the steps one by one and track your own progress.
We also recommend that you bookmark and use this content hub for easy access to knowledge
-
Go Live
Start using HSM and get familiar with the maintenance operations.
Resources
Selected HSM resources
Related content
-
Swift services
Swift Services
Experts by your side every step of your journey
With Swift Professional Services, you will leverage Swift's distinctive and recognised expertise, enabling you to use our products and services in the most effective way.
Our team of experts will help you accelerate your path to success, reduce risk, and achieve operational excellence.
We are your partners for performance, whenever and wherever you need us:
– To assist you in designing strategies and solutions
– To cover all aspects of implementation and adoption
– To solve your integration challenges
– To cover your maintenance needs