Information Security Systems

> Thales Payment HSMs

Bernard Foot
Product Manager
Information Security Systems

> The Family – past & present

 Our pedigree <

Created first Payment HSM – for Visa

Market leader outside of US

HP Atalla is market leader in US – but weak elsewhere
We are well known & respected
Introduction to Thales Payment HSMs – March 2011

70% of world’s payments are protected by Thales HSMs

Atalla claim a similar thing!
But that’s OK … each payment goes through multiple HSMs

Over 12,000 units sold

All major card applications work with Thales payment HSMs

2
 A history lesson <

payShield 9000 (300)

Introduction to Thales Payment HSMs – March 2011

HSM 8000 (5,500)

RG7000 (7,000)
We’ll be talking only
about payShield 9000
RG6000 (3,000)

1988 1995 2003 2009 ???

3
Information Security Systems

> How a Thales Payment HSM works

 How does a Thales HSM work? <

Attaches to a computer (“host”) as a peripheral

Command/Response API (Application Programming Interface):
Host sends a command to HSM
Asking for a function to be performed
HSM sends response back to the host
Confirmation/error code, results, …
Introduction to Thales Payment HSMs – March 2011

These are simple messages sent by standard communications

E.g. Ethernet

Command requesting a function

Response
HSM
Host Computer
5
 Command/Response API – Pro’s and Con’s <

With Command/Response, nothing is installed on host

So our HSMs work with any host
No need to keep up with changes to Operating System

A single command performs a complex function

Introduction to Thales Payment HSMs – March 2011

We have about 300 available commands

Down sides:
Functionality limited to what we offer
Less of a problem for payment card systems
“Gaps” can be filled by Custom Software
Some customers like standard APIs - PKCS #11, CAPI

6
 Reminder from last session - Card Payment Processing <

Authorisation

Issuer

Switch
PIN Block format C, Key C

PIN Block
Introduction to Thales Payment HSMs – March 2011

Format B,
Key B

PIN Block format A, Key A

Acquirer
Transaction

7
 Examples of commands for transaction processing <

CA – convert a PIN Block from (format x, Terminal PIN key) to

(format y, Zone PIN Key)

DA - Verify a Terminal PIN using the IBM (or Diebold, Visa,

Comparison) method
Introduction to Thales Payment HSMs – March 2011

CY – verify a Visa (or Mastercard, …) Card Verification Value

DU – (For PIN change by customer) Verify an IBM PIN Offset

and, if successful, generate the PIN Offset of the customer-
selected PIN using the IBM 3624 method. The current and new
PINs are supplied in an encrypted form.

8
Introduction to Thales Payment HSMs – March 2011 Thales API supported by the major industry software <

9
 Physical Host interfaces <

payShield 9000:
Dual Gigabit Ethernet ports (TCP/IP & UDP) (from v1.1)
Asynchronous
FICON (new IBM fibre optic) - in development
Introduction to Thales Payment HSMs – March 2011

HSM 8000:
Single 100Mbit Ethernet port (TCP/IP & UDP)
Asynchronous
ESCON (obsolete IBM fibre optic)
SNA/SDLC (obsolete IBM network)

10
Information Security Systems

> A bit about the payShield 9000 …

 What the customer buys <

Hardware
Base software package *
Optional Licences
Remote Management
Custom software
Introduction to Thales Payment HSMs – March 2011

Accessories
Cabinets, spare keys, rack-mount
kits
Professional services
Support

* Base software licence for HSM 8000

12
 Layout of the payShield 9000 <
Cover detector 4 USB ports
microswitches 4 Ethernet ports

Secure Crypto
Smart card reader
Sub-system
(TSPP)

Erase Button
Left
Introduction to Thales Payment HSMs – March 2011

Keylock

LEDs
Main board

Dual Power
2 USB ports
Supply Units

Restart Button
Tamper Labels go here
Right Keylock

13
 Local Master Keys - LMKs <

The crucial secret

Stored in the Secure Cryptographic Module (TSPP)
No person has whole LMK – only components
Always deleted when the HSM is tampered
Encrypts all the operational keys used by the HSM
Outside of the HSM, operational keys are never in the clear
Introduction to Thales Payment HSMs – March 2011

2 types:
Variant – older, less secure, used by nearly all customers
Key Block – new, more secure, little used – yet
Multiple LMKs
HSM can have up to 10 LMKs
Managed by different security teams
Allows multiple clients/applications on one HSM
Makes refreshing of LMKs easier
Unique to Thales payment HSMs

14
 Hardware Options <

Range of performance modules

20, 50, 220, 800, 1500* tps (transactions per second)
Can be upgraded in the field

Dual Power Supply Unit (PSU) *

Introduction to Thales Payment HSMs – March 2011

Must be ordered at time of purchase

Not hot swap: lets customer plan replacement of dead PSU

Power Cord type

* Not available on HSM 8000

15
 About performance … <

Rated Performance relates to CA command (PIN Block

Translation)
Most other commands run at same speed
Some commands run slower (e.g. RSA Key Generation)
May depend on key length and payload
All commands run faster on higher performance HSM
Introduction to Thales Payment HSMs – March 2011

Dual ports do not give additional performance

Multiple threads/connections needed for full throughput

Up to 64 threads per Ethernet port (128 total)
Maximum performance by 4-8 ports
Depends on HSM model and command

16
 Software licenses – Base packages <

Each payShield 9000 must have one – and only one – Base Package

Packages
HSM9- HSM9- HSM9- HSM9-
PAC001 PAC010 PAC020 PAC030
Introduction to Thales Payment HSMs – March 2011

HSM 8000 Transaction Magnetic EMV

base Processing Stripe Issuers
equivalent Issuers

HSM 8000 has only HSM8-LIC001 base licence

17
 Software licenses – optional items <
Sales Order Code License Description

HSM9-LIC002 RSA license

HSM9-LIC003 AS2805 license
HSM9-LIC004 Europay Security Platform (ESP) license
HSM9-LIC005 User Authentication (HMAC/CAP/DPA) license
HSM9-LIC006 X9 TR-31 license
HSM9-LIC008 Data Protection license
HSM9-LIC009 Remote Management license
HSM9-LIC011 Magnetic Stripe Contactless Card Data Preparation license
Introduction to Thales Payment HSMs – March 2011

HSM9-LIC012 LMK x 2 license

HSM9-LIC013 LMK x 5 license
HSM9-LIC014 WebPIN license
HSM9-LIC016 EMV-based Card Data Preparation license
KSM9-LIC020 Korean Algorithm license
HSM9-LIC021 LMK x 10 license
HSM9-LIC024 Magnetic Stripe Issuing license
HSM9-LIC025 Magnetic Stripe Transaction Processing license
HSM9-LIC026 EMV Transaction Processing license
HSM9-LIC027 PIN and Key Printing license
HSM9-LIC028 Visa Cash Processing license
HSM9-LIC029 Legacy Functions license

18
 Custom software <

Allows customer to have whatever functionality they need

Customer pays for development once

Software can be installed on multiple HSMs for free, but …

Customer must buy base Package or License

Introduction to Thales Payment HSMs – March 2011

Custom software is built for a specific base version (e.g. 1.0)

To work with a later base version (e.g. 1.1), the custom software
must be ported

HSM 8000 custom software can be ported to payShield 9000

Fixed prices for porting from HSM 8000 v2 & v3

19
 Local & Remote HSM Manager <

Local HSM Manager

Provided as part of the base product – no charge
Since HSM 8000 v3.1a & payShield 9000 v1.0a
Replaces the Console (80x24 character terminal)
Provides Graphical User Interface (GUI)
Introduction to Thales Payment HSMs – March 2011

Locked-down bootable Linux CD

Runs on most PC hardware

Remote HSM Manager

Similar to Local HSM Manager, but …
Optional – must be purchased
Allows HSM to be managed across a TCP/IP network

20
 Remote HSM Manager <

Bootable CD with Linux OS &

Remote Management App (RMA)

Administrator smart
card readers – simulate
physical keys
Introduction to Thales Payment HSMs – March 2011

Operator smart card WAN

reader – simulates
Standard
Authorising Officer
PC or Laptop Ethernet
card in Local Mngr Management
port

21
 Remote HSM Manager <

Benefits:
Modern graphical user interface (GUI)
Fits in with organisation’s structure
Avoids time & cost of travel
Gets around restrictions on data centre access
Introduction to Thales Payment HSMs – March 2011

Updates and management changes can be done quickly

What the Customer buys:

1 Remote Management System Pack
HSM9-LIC009 for each HSM
Optional: additional System Packs, smart cards, card readers

22
 Introduction to Thales Payment HSMs – March 2011

23
Remote (and Local) HSM Manager GUI <
 Main certifications <

payShield 9000:
FIPS 140-2 Level 3 (TSPP crypto module only)
PCI HSM (in progress)
APCA (in progress)
MEPS (Cartes Bancaires) (future)
Introduction to Thales Payment HSMs – March 2011

HSM 8000:
FIPS 140-2 Level 3 (SGSS crypto module only)
APCA
MEPS (Cartes Bancaires)

HSM 8000 will not be PCI HSM-certified

24
Information Security Systems

> Some useful materials …

(all available via your Thales representative)
 Brochures <

payShield 9000:
Brochure
Application Note
Datasheet
HSM 8000:
Introduction to Thales Payment HSMs – March 2011

Brochure
Application Note
Datasheet

26
 Application Notes <

• Utilization & Health Check Reporting

• Packages & Licenses
• Software & License Update Procedure
• Introduction of New Smartcards
• Thales key Blocks
• TR-31 Key Blocks
Introduction to Thales Payment HSMs – March 2011

• Multiple LMKs
• Remote HSM Manager
• Remote Key Loading
• Support for EMV PIN Change
• Diagnostic Commands
• Multiple Authorised States
• Contactless Payments
• Message Encryption

27
 Thales Payment HSMs <

Foundation for Secure Banking Services

Introduction to Thales Payment HSMs – March 2011

bernard.foot@thales-esecurity.com
28