Skip to main content

The system uses a standard web browser (Internet Explorer, Chrome or Firefox) connecting over a TCP/IP network to the HSM via a secure authenticated session. Strong encryption is employed to protect the data which involves AES 256-bit session keys and ECC 521-bit certificates. HSMs can be logically segregated and grouped as appropriate into separate security domains normally under the control of different security teams. payShield Manager can be used to place any HSM into one of its three permitted states (online, offline and secure) and for transitioning between states – specific smart cards are required during such processes which replace the physical brass keys in face-to-face HSM interactions.