CRYPTOMATHIC BLOG

 

1 min read

Unveiling Obsidian: The Next-Gen Payment Platform for the Cloud Era

We are delighted to announced the launch of Obsidian, a cutting-edge payment platform designed to meet the evolving needs of the payment industry....

Read More

7 min read

Quantum-Resistant Short-Lived Certificates

Short-lived certificates play a vital role in current infrastructures, finding a suitable quantum-resistant alternative to the currently used...

Read More

2 min read

Cryptomathic and PQShield form strategic alliance to offer PQC solutions for code signing and data protection in compliance with latest NIST and CNSA recommendations

Two foremost software security experts and pioneers in cryptographic agility and post-quantum cryptography join forces to offer comprehensive,...

Read More

4 min read

The Challenges of Certifying the EUDI Wallet: A Deep Dive

As the European Union solidifies the framework for the EUDI (European Digital Identity) wallet, the certification process outlined in the...

Read More

6 min read

Qualified Electronic Signatures – Best Practice Implementation of the Signature Activation Module (SAM)

This article evaluates the implementation options for the Signature Activation Module (SAM) in the context of eIDAS 2. Based on this analysis we...

Read More

2 min read

Hard Truths About Hardware: Why the EUDI Wallet Needs More Than Just Secure Chips

Mobile phones are increasingly vulnerable to hacking and fraud, presenting significant challenges for securing sensitive applications like the EUDI...

Read More

2 min read

Assessing the EUDI Wallet Reference Implementation Code

The EUDI wallet reference implementation serves as a practical guide for developers to create secure digital identity management solutions based on...

Read More

3 min read

Key Vulnerabilities of the EUDI Wallet Solution Reference Architecture (ARF)

The EUDI (European Digital Identity) wallet solution reference architecture (ARF) is designed to provide a secure framework for managing digital...

Read More

2 min read

Cryptomathic Signer and KeyCloak Integration: A Powerhouse for eIDAS-Compliant Remote Signing

To deliver trust services, managing user´s identities and access is paramount. eID schemes and trust service providers all require IdP solutions for...

Read More

3 min read

7 essential strategies to secure mobile-first consumer-driven banking

North America is catching up fast to the open banking initiatives that are currently thriving across Europe, South America and Asia Pacific. As...

Read More

1 min read

Cryptomathic names new Sales Director for South Europe, Africa & LatAm

Cryptomathic is delighted to welcome Edmundo Diaz as its new Sales Director for Southern Europe, Africa and Latin America (LatAm). Edmundo’s...

Read More

1 min read

Secure Your Data in Azure with External Key Management and BYOK

Data security can be complex, but it's essential in today's business world, especially when using cloud services. One effective approach is adopting...

Read More

1 min read

Cryptomathic welcomes new Sales Director for North America

Cryptomathic further bolsters its leadership team, welcoming Davin Cooke as Sales Director for the company’s North American operations.

Read More

2 min read

Key Management for HSMS and post-quantum cryptography

In today's fast-evolving digital landscape, robust key management has become an essential part of securing sensitive data and communications. The...

Read More

1 min read

Cryptomathic assures security of Belgium’s new digital identity wallet

Cryptomathic’s Mobile App Security Core (MASC) delivers the highest levels of security, protection and privacy for citizens using the app

Read More

4 min read

Key Management in the Automotive Domain

Today’s cars are computers on wheels which operate in a connected world and ecosystem of other cars, roadside infrastructure, and the cloud. Car...

Read More

1 min read

Cryptomathic strengthens senior leadership with Chief Revenue Officer

Cryptomathic is delighted to announce the appointment of Anna Russell as Chief Revenue Officer (CRO).

Read More

7 min read

Exploring DORA

Cryptomathic solutions support your financial institution towards compliance. The financial sector is increasingly dependent on technology and on...

Read More

1 min read

Cryptomathic launches Signer 6

signer 6 enables future-proofed, scalable digital signing to support the upcoming european digital identity wallet (eudi) We are delighted to...

Read More

2 min read

NIS2 succeeds NISD, and can now affect you too

Cryptomathic guides you towards compliance. EU Directive 2022/2555 on Network and Information Systems, also known as NIS2, entered into force on Jan...

Read More

4 min read

Steps to Achieve State-of-the-Art Protection for Your Mobile Apps

In today's digital landscape, ensuring the security of your mobile applications is paramount. Cryptomathic's Mobile App Security Core (MASC) is at...

Read More

2 min read

Mobile Point of Sale Compliance – What is it all about?

PCI have recently released the new standard and compliance program for Mobile Payments on Commercial off-the-shelf devices (MPoC). This blog is the...

Read More

2 min read

eIDAS 2.0 – What’s New?

The European eIDAS regulation, short for the Electronic IDentification, Authentication and Trust Services Regulation, was created in 2014 to ensure...

Read More

2 min read

Demystifying Mobile Application Hardening: Techniques and Best Practices

What is Mobile Application Hardening? Mobile application hardening refers to the process of securing mobile applications against various threats and...

Read More

2 min read

More Post-Quantum Digital Signature Candidates!

On July 17, 2023, the National Institute of Standards and Technology (NIST) announced a new set of 40 candidates to compete in their Post-Quantum...

Read More
High rise buildings- banking

3 min read

Cloud Data Security: Why Centralized Key Management is Vital for Banks

In today's digital era, banks are increasingly leveraging cloud and multi-cloud environments to drive operational efficiency. However, the security...

Read More

2 min read

The European Digital Identity Wallet as a Means of Authentication

The European Commission, as part of the eIDAS 2.0 proposal promotes the European Digital Identity Wallet (EUDI Wallet) as an app that enables...

Read More

3 min read

AWS External Key Store (XKS) with the Crypto Service Gateway

AWS Key Management Service (KMS) has long provided cryptographic services to safeguard your AWS resources. This involves generating and managing keys...

Read More

3 min read

Cybersecurity Paradox: How Too Many Solutions Makes You Less Secure

Believing that more cybersecurity solutions increase safety is a common misconception. An overload of security measures can ironically generate more...

Read More

4 min read

Improving Cloud Key Management with the Enclave Security Module

When organizations make the strategic decision to shift their applications and infrastructure onto the cloud, they face a myriad of challenges. These...

Read More

7 min read

Top 10 Mobile App Security Threats and How to Protect Your Data

The ubiquity of mobile applications has made them part of our day-to-day lives, but with the increased use comes the risk of potential security...

Read More

7 min read

WHAT IS AN ELECTRONIC SIGNATURE? HOW DOES IT DIFFER FROM DIGITAL SIGNATURES?

Were I to ask you what a handwritten signature looks like, with an air of confidence will you grab a pen and scrawl your name on a piece of paper,...

Read More

4 min read

Payments from a European Digital Identity (EUDI) Wallet

The European Digital Identity Wallet (EUDI Wallet) is at the forefront of the European Commission's eIDAS initiative to establish a secure and...

Read More
organizations are getting ready for the quantum security era

4 min read

PQC and How Organizations are Preparing for the Quantum Security Era

Quantum computers offer potential transformational power for organizations dealing with complex computational problems in various industries such as...

Read More

4 min read

How FinTech is Helping Build a More Sustainable Financial Future

Along with the increased convenience and security offered by digital payment technology, many consumers are now showing greater interest in...

Read More

5 min read

The evolution of zero-trust security

The zero-trust approach to enterprise cybersecurity assumes that no connections to corporate systems and networks should be trusted. It requires...

Read More

4 min read

How Cryptomathic's Mobile App Security Core Protects the EUDI Wallet

Cryptomathic Mobile App Security Core (MASC) is a comprehensive security software solution for the European Digital Identity (EUDI) wallet, eID apps,...

Read More
EUDI Wallet for payments

1 min read

Banks Ask EU to Reconsider Inclusion of Payments in EUDIW Legislation

The European Digital Identity Wallet (EUDIW) has the potential to serve as a comprehensive identity gateway, enabling individuals to manage their...

Read More

3 min read

Bring Your Own Key (BYOK) as Part of Your Company's Data Security Strategy

The adoption of cloud computing has altered the approach organizations take toward security. Rather than concentrating on securing the perimeter of a...

Read More

4 min read

Why is Zero Trust Important?

Zero Trust security is a concept that has been discussed extensively. However, there are many different interpretations of what it means. Some...

Read More
Cryptomathic and Fidentity

2 min read

New Partnership : Cryptomathic and Fidentity

Cryptomathic is excited to announce that we have partnered with fidentity, an expert in online identity verification, to enable automated identity...

Read More

6 min read

Resources to Help You Develop and Test EUDI Wallet App Security

Itemizing the potential risks of the European Digital Identity (EUDl) Wallet scheme is a complex task that involves assessing the attack surface of...

Read More

3 min read

Threats to the EUDI Wallet App

The European Digital Identity wallet (EUDI wallet) is proposed by the European Commission to provide a secure, safe and standardized digital identity...

Read More

5 min read

Payment Fraud and Mitigation Trends in 2023

Merchants must remain vigilant against fraud and ensure they have the necessary tools to combat it. Failure to do so may render their fraud detection...

Read More

4 min read

Will Cyberattacks Cause the Next Financial Crisis?

The recent instability of a major bank that catered to US tech startups caused concern for several prominent tech companies and venture capitalists,...

Read More

5 min read

Encryption for GDPR Compliance

Under the GDPR, organizations must take appropriate measures to protect personal data from unauthorized access, use, disclosure, or destruction. One...

Read More

6 min read

Outline of the Players in the EUDI Wallet Ecosystem

The European Digital Identity (EUDI) Wallet aims to offer digital wallets to all EU citizens and businesses for identification purposes and document...

Read More

5 min read

What is an Assurance Protocol in Mobile App Security?

Mobile apps and mobile software components are rarely stand-alone as they frequently perform their most important operations on various backend...

Read More
How to Protect Yourself Against “Steal Now, Decrypt Later”?

4 min read

PQC & Crypto-agility: Protect Against Steal Now, Decrypt Later

Large-scale quantum computing is coming soon, and with that comes new cybersecurity threats. One of these threats is "steal now, decrypt later,"...

Read More

2 min read

HSM remote key loading using CKMS and PCI-certified KLD

Hardware security modules (HSMs) are physical devices that provide cryptographic functions such as encryption/decryption and digital signing. They...

Read More

5 min read

Cybersecurity Trends To Watch Out For In 2023 And Beyond

Each year, various events within the cybersecurity industry have a significant impact on the industry, leading experts to predict an increase in the...

Read More
PQC and crypto agility

2 min read

Preparing For Post-Quantum Cryptography In 10 Steps

With post-quantum technology having the potential to trigger a new wave of cyber threats, we identify 10 steps that organizations should take to...

Read More

4 min read

Will The UK Follow The EU On Digital Identities?

The UK's relationship with the EU has been tumultuous in recent years, especially in the wake of Brexit. With regards to digital identities, former...

Read More

4 min read

Exploring The EMV Personalization Process

EMV Personalization of a payment card is the process of writing data to the card in order to make it ready for use. This includes loading the card...

Read More

5 min read

Protecting the European Digital Identity Wallet

The European Commission promotes the European Digital Identity wallet (EUDI wallet) as part of its effort to digitize the economy and help foster...

Read More
How Bring Your Own Key Can Provide Schrems II Compliance for AWS-Hosted Data

4 min read

How BYOK Provides Schrems II Compliance for AWS-hosted Data

Companies who use Amazon Web Services (AWS) often choose to do so because of its scalability, ease of use and lower costs than other services or...

Read More

2 min read

NIST Picks Lightweight Cryptography Algorithms to Secure Small Devices

Security experts from the National Institute of Standards and Technology (NIST) have declared Ascon - a group of cryptographic algorithms - as the...

Read More

3 min read

Secure BYOK Service for AWS S3 Buckets

Keeping data safe in the Cloud has always been a concern for users, hence the need for encrypting data. With more businesses taking advantage of what...

Read More
Cardholder, Merchant, Issuer & Acquirer - The Four Corners Model for Payment Security and Key Management

4 min read

The Four Corners Model for Card Payment Security and Key Management

The “Four Corners” model, also called the “Four Party Scheme”, is utilized in almost all standard card payment systems across the globe. Here, we...

Read More

3 min read

Get Quantum-Ready with Crypto Service Gateway

When it comes to preparing for post-quantum computing, the legacy mechanisms for effective implementation, integration, and management of...

Read More

4 min read

Exploring Digital Signing Services: What's Involved in Setting Them Up?

Digital transformation has been a critical focus for businesses and institutions prior to the pandemic. Digital documents and e-signatures are a...

Read More
How Cryptomathic’s AWS BYOK Service Provides Industry Grade Compliance

3 min read

How Cryptomathic’s AWS BYOK Service Provides Industry Grade Compliance

The AWS cloud is enjoying increasing popularity with its very high levels of scalability, durability, and availability. It releases companies from...

Read More

8 min read

Cybersecurity for connected vehicles

Vehicles today come with an array of convenience and safety features driven by software. This means that the cybersecurity of these vehicles must now...

Read More

3 min read

EMV Personalization cryptographic requirements 

EMV Personalization is a process used to get card data into cards, mobile phones, and wearables. The process includes a variety of complicated...

Read More

3 min read

Cryptomathic AWS BYOK: Secure Scalability, Durability & Availability

In today’s dynamic business landscape, companies need to be agile with their cloud processes to remain competitive. But at the same time, they must...

Read More

3 min read

Secure BYOK for AWS Simple Storage Services (S3)

Cloud storage via AWS Storage Services is a simple, reliable, and scalable way to store, retrieve and share data. As a third-party cloud vendor, AWS...

Read More
BYOK is Essential for Data Security and Privacy as Business-Critical Applications Move to the Cloud

3 min read

Why BYOK is Essential for Data Security and Privacy in the Cloud

The 2020 Oracle and KPMG Cloud Threat Report focuses on the key risks and challenges organizations face as they implement and maintain cloud...

Read More

3 min read

How Prepared are Companies for Quantum Computing Cybersecurity Risk?

This article discusses how prepared companies are for quantum computing cybersecurity risks based on a recent Deloitte poll and what the current...

Read More
Great white shark gliding lazily beneath the ocean, symbolising malware threats to mobile banking apps

5 min read

Malware Protection for Mobile Banking Apps: What You Need to Know

To bank safely online, you need additional mobile app security mechanisms that go beyond standard OS security features. In this article, we take an...

Read More

3 min read

Mobile Banking Application Protection: Challenges and Techniques

As the use of mobile phones for mobile banking and payment applications increases, so too do the security threats. Most smartphones use only two...

Read More
TR-34 Key Blocks for the TR-34 Exchange Protocol: Basic Principles

4 min read

TR-34 Key Blocks for the TR-34 Exchange Protocol: Basic Principles

Among all the various key block formats, the TR-34 format is undoubtedly one of the most sophisticated. The TR-34 norm is an implementation of the...

Read More

3 min read

EU AWS Hosting: Data Residency, Regionality, Digital Sovereignty, GDPR

This article sheds light on the intersection of legal and technical aspects when hosting data on AWS as a European company.

Read More
Explaining the Java ECDSA Critical Vulnerability

3 min read

Explaining the Java ECDSA Critical Vulnerability

On April 19, 2022, information about a severe vulnerability in recent versions of Java shook up the security community.

Read More
PCI PIN Requirements for Key Blocks in the Payment Card Industry - FAQs

3 min read

Key blocks and PCI PIN requirements: FAQs

This article proposes a few answers to a series of frequently asked questions (FAQs) about key blocks and their use with PCI.

Read More

3 min read

What is a Secure Signature Creation Device? Types and Requirements

As defined by Regulation (EU) No 910/2014 (eIDAS), which took effect on 1 July 2016, an electronic signature creation device is software or hardware...

Read More
Crypto Service Gateway: Enabling Crypto-Agility with the CSG Policy Engine

5 min read

Crypto Service Gateway: Enabling Crypto-Agility with the CSG Policy Engine

Today's businesses rely heavily on cryptography to authenticate people and processes, secure communications, and safeguard critical data.

Read More

4 min read

EMV Payment Security - Acquirers

In the “four corner model”, acquirers are apparently the less active party as their role seems ‘only’ to forward the transaction flow originating...

Read More

3 min read

Digital vs Wet Signatures: The Impact of Forgery On House Buying

Mortgage fraud is a serious crime. Once executed and signed, a mortgage deed is a legally binding contract. The responsibility of trying to prove...

Read More

5 min read

Centralized Authentication and Signing for E-Government

Achieve Non-Repudiation of Origin (NRO) and Non-Repudiation of Emission (NRE)

Read More
Classification-cryptpgrapjic-keys

5 min read

Classification of Cryptographic Keys

This article is meant to be an introduction to the different types of cryptographic keys that are used to protect digital applications in encryption...

Read More

3 min read

EMV Payment Security - Issuers

An issuer is one of the corners in the ‘four corner’ model. An issuer is a financial organization (e.g. a bank) that produces payment cards and...

Read More
A Brief Overview of the Challenges Involved in Key Management for EMV Personalization : The Main Actors of EMV Personalization

3 min read

Key Management Challenges for EMV Personalization

The EMV personalization data processing in itself is not the topic of this article, we will instead focus on the cryptographic schemes involved in...

Read More
An Overview of the Different Key Block Formats

2 min read

An Overview of the Different Key Block Formats

A key block is a unique piece of cryptography that is used to protect cryptographic keys while they are being sent over networks that might not be...

Read More
Payment & Banking: An Introduction to z/OS and the IBM Common Cryptographic Architecture

4 min read

An Introduction to z/OS and the IBM Common Cryptographic Architecture

IBM’s mainframe computers have been a rock-steady part of banks’ security infrastructure for many years. Originating from the local data-center...

Read More

3 min read

Introducing the Digital Signature Activation Protocol for Remote Server Signing

This article explains the digital Signature Activation Protocol (SAP) in the context of eIDAS-compliant central signing. It sheds light on its...

Read More
A detailed diagram showing the various steps involved in mobile payment tokenization

4 min read

How to Secure Mobile Payment Apps with Tokenization

The use of mobile payments is expected to continue to rise and become the second most popular payment method after debit cards by 2022. Analysts...

Read More
Horses galloping across a field, rendered in black and white representing the speed and reliability of remote electronic signature services

4 min read

Remote Electronic Signatures: How to Improve Performance and Scalability

National digital signature schemes that utilize remote electronic signature technology can achieve very high usage rates, whereas Trust Service...

Read More

3 min read

Understanding IBM CCA & the Importance of Banking-grade Key Management

The IBM Common Cryptographic Architecture (CCA) is a cryptographic platform providing several functions of special interest for securing financial...

Read More

2 min read

NIST Post-Quantum Cryptography Standardization: SIKE Bites the Dust

Just a month ago, NIST announced its selection of three digital signature algorithms and one key establishment mechanism (KEM) for future use in...

Read More

3 min read

Advantages of Centralized Key Management

Traditionally, end-to-end lifecycle key management was achieved through inefficient paper-based procedures and highly resource intensive tasks...

Read More

3 min read

7 Tips for Correct Usage of Encryption to Secure eGovernment Processes

Encryption has become the most essential part of securing data online. The biggest headache to the Cybersecurity industry is a data breach. The last...

Read More

3 min read

How to Deploy and Manage Cryptography in a Project the Right Way

With the ever increasing number of online services and electronic transactions, business owners are becoming ever more dependent on the use...

Read More
What You See Is What You Timestamp – A Cost-Effective Acceptance Method to Guarantee Non-repudiation document acceptance for Legal Archiving Purposes

2 min read

What You See is What You Timestamp: An Attractive Alternative to QES

In this article, we proposeWhat-You-See-Is-What-You-Timestamp (WYSIWYT) as an attractive alternative to Qualified Electronic Signatures, for certain...

Read More
Person in an apron clicking a green arrow on a large touchscreen display

5 min read

Electronic Signature Use Cases: Which Industries MUST Use E-signatures?

Certain industries have a duty to protect confidential information, as well as a requirement for authentication - proving that a document was sent by...

Read More

3 min read

NIST Releases Quantum-Resistant Cryptography Standards. Act Now!

An over five-year-long process has come to a preliminary end: On July 5, 2022, NIST issued the long-awaited announcement of the winners of Round 3 of...

Read More
Converting Key Blocks from one to another One Format to Another: How It’s Done and in Which Sectors

2 min read

How to Convert Key Blocks

There are several types of key block formats used in different industries, especially the retail banking industry. The systems that use these key...

Read More

3 min read

Integrating PSD2 and eIDAS

With the introduction of PSD2, banks are forced to provide third party payment service providers (PSPs) with access to the bank’s customers’ account...

Read More

5 min read

Resolving Common Pain Points of Key Management

Many organizations struggle with cryptographic key management for multiple reasons. However, these pain points can be resolved with the right tools.

Read More
Payment Security - Cardholders

4 min read

EMV Payment Security - Cardholders

Cardholders (or consumers) are one of the corners of the ‘four corner’ model in the payment card world. Here we take a brief look at the payment...

Read More

2 min read

The eIDAS-compliant Printout of a Digitally Signed Document

This article describes a model that could enable an electronically signed document to be printed out and used as an original in legal proceedings, in...

Read More

3 min read

Mobile App Data Obfuscation Techniques for Banking

Code obfuscation is one of the most effective techniques for protecting sensitive data in mobile banking and payment apps. However, it's not always...

Read More
The Union Jack atop a flagpole seen against a blue sky with fluffy white clouds

5 min read

Qualified Digital Signing and Electronic Signature UK Law

This article aims to demystify electronic signature UK law and explain how it supports all types of electronic transactions in accordance with UK...

Read More

5 min read

Bring Your Own Key: What is the Difference Between BYOK, CYOK & HYOK?

Here we look at what it means to “bring your own key”, “control your own key” and “hold your own key” and what the differences are between these...

Read More
PSD2-eIDAS-Distributed-Authentication

8 min read

The PSD2 - Directive and Distributed Authentication

PSD2 breaks up the ways in which banks do their business, by forcing them to open up their APIs. By doing so, PSD2 challenges the way in which data...

Read More
Crypto-Agility: The Real Gold (Standard) at the End of the Rainbow

3 min read

Crypto-agility: The Gold at the End of the Rainbow for NIST PQC

Cryptography is the backbone of data security technology. In this article, Jo Lintzen, MD at Cryptomathic Inc. explains the preparations for...

Read More
Diagram that shows how to integrate an eIDAS Qualified Remote Signing solution with other business systems

3 min read

How to Integrate eIDAS Qualified Remote Signing Tools with Your Systems

The demand for remote digital signatures to enhance security and customer experience continues to grow across the EU, as the banking and financial...

Read More
ANSI X9.24-1-2017: Key Replacement, Destruction, and Archiving

2 min read

ANSI X9.24-1-2017: Key Replacement, Destruction, and Archiving

One aspect of key management is dealing with what happens when a symmetric cryptographic key is no longer needed. The section ‘Key Replacement,...

Read More
4-pillars-of-eIDAS-Cryptomathic

3 min read

The four pillars of eIDAS

The eIDAS regulation sets the standard for electronic identification, electronic signatures, and trust services. It paves the way for delivering...

Read More

3 min read

Digital Identity and eIDAS in Banking

The eIDAS Regulation lays the groundwork for creating a robust digital identity framework. The idea is to provide EU citizens with a secure, robust...

Read More

3 min read

Symmetric Cryptography in Financial Institutions: Key Management Challenges

This article addresses some of the challenges of symmetric cryptography as applied in banks, describing how it works and what are its unbeaten...

Read More

2 min read

ANSI X9.24-1-2017: Key Loading

The ANSI X9.24-1-2017 standard defines the requirements for the loading of key components or shares, and the loading of cleartext keys. The loading...

Read More
NIST PQC Finalists Update: It’s Over For The Rainbow

4 min read

NIST PQC Finalists Update: It’s Over For The Rainbow

Last month, one of the three NIST finalists for post-quantum signature schemes received its final nail in the coffin: Ward Beullens, a PostDoc at IBM...

Read More
An 'open' sign hanging in a shop's glass door

2 min read

UK eIDAS and EU eIDAS: Implications for Cross-Border & Digital Transactions

The eIDAS Regulation (No 910/2014) (EU eIDAS) came into force in 2016. It created a Europe-wide legal framework for electronic identification,...

Read More

5 min read

Crypto-Agility in the Advent of Post Quantum Computing

There is no question that quantum computing is coming. However, organizations need to question themselves as to whether they will be vulnerable to...

Read More
Understanding NIST’s Process on Post-Quantum Cryptography (PQC) Standardization

2 min read

Examining the NIST's Post-Quantum Cryptography Standardization Process

Most current public-key cryptography (asymmetric) algorithms are vulnerable to attack from large-scale quantum computers. In its efforts to...

Read More
What's_in_a_name_mathematics.jpg

2 min read

Q: What's in a Logo? A: Mathematics

Maybe you have wondered where our logo comes from and what it actually means. If you have, we hope the following will answer these questions. Just as...

Read More

2 min read

Why Emulator Detection is Essential for Mobile Banking and Payment App Security

Attacks on mobile banking and payment applications frequently begin with the use of an emulator for the mobile operating system, where the targeted...

Read More
A group of people in a public space using their smartphones, perhaps to access a mobile e-signature solution

6 min read

How to Enable Legally Binding Mobile E-signatures On Your device

The ever-growing number of applications and uses for mobile devices has long been a hot topic. Using mobiles to electronically sign transactions and...

Read More

2 min read

eIDAS and PSD2 – A perfect symphony in the digital marketplace?

The European Union is leading the way in the move towards the creation of a single digital market. There are many advantages a digital business has...

Read More

6 min read

Cryptographic Key Management - the Risks and Mitigation

With the growing need for cryptography solutions to protect digital assets and communications, the ever-present security holes in modern computer...

Read More
Manage, Handle and Control Your Own Key in the MS Azure Key Vault

2 min read

Manage, Handle and Control Your Own Key in the MS Azure Key Vault

Microsoft’s Azure Key Vault Managed HSM allows customers to safeguard their cryptographic keys for their cloud applications and be...

Read More

3 min read

Payment & Banking Cryptography: The Benefits of z/OS & the Z Platform

This article looks at some reasons for popularity of the IBM mainframe platform in the banking sector and touches upon its limitation for...

Read More
Spectre-Meltdown

2 min read

Meltdown & Spectre – What you Need to Know about Protecting your Keys

A number of serious security vulnerabilities, collectively known under the names of “Meltdown” and “Spectre” [1][2], have recently been discovered in...

Read More

3 min read

What the European Interoperability Framework & eIDAS Means for You

The European Interoperability Framework (EIF) adopted in 2017 is the primary thrust in the EU’s effort to improve the efficiency of public service...

Read More

3 min read

How Digital Signature Deployment Models Optimise eIDAS Implementation

The eIDAS regulation provides both the technical and legal framework for electronic identification and digital signatures that the banking sector...

Read More
Common Key Management System Models for the Cloud

4 min read

Common Key Management System Models for the Cloud

This article explains the four primary cloud KMS pattern combinations and which are best suited for use with Cryptomathic’s Key Management System...

Read More
eIDAS Trust Services – Strengths and Challenges in Implementation

3 min read

eIDAS Trust Services – Strengths and Challenges in Implementation

A study published in early 2018 by the European Union Agency for Network and Information Security (ENISA), revealed that 90% of the respondents...

Read More
Why a Key Management System Must Understand ANSI X9.24/TR-31 Key Blocks

3 min read

Why Key Management Systems Must Understand ANSI X9.24/TR-31 Key Blocks

The PCI Council requires most actors of payment networks to implement ANSI X9.24/TR-31-compliant key blocks to wrap and securely transmit, transfer,...

Read More

5 min read

The Weakest Link in Many Cryptosystems - Part 2 of 2

RSA, a short recap In a public key scheme, and for the sake of simplicity, assume a public scheme based on encryption-decryption (as opposed to e.g....

Read More
What_is_the_right_user_interface_for_a_key_management_system.jpg

2 min read

What is the right user interface for a Key Management System?

User interface design and usability are the deciding factors in attaining a good user experience for most IT deployments, including key management...

Read More
Understanding the Concepts of Bring Your Own Key

3 min read

Understanding the Concepts of Bring Your Own Key

Bring your own key (BYOK) is a popular term relating to key management for cloud applications. However, a lack of standardization makes it confusing...

Read More
IBM's z15 Mainframe - Security, Resilience and Secure Key Management for Financial Service Platforms

3 min read

IBM z15 Mainframe & Secure Key Management for FS Platforms

Banks continue to feel the profound transformational effects that digital technologies have on their business. This can be seen in the creation and...

Read More
Tokenization-will-reduce-false-declines

4 min read

How Tokenization May Reduce False Declines

This article discusses how tokenization may reduce false declines with credit card transactions that could negatively impact merchants.

Read More

3 min read

What is a Crypto-Abstraction Layer?

A crypto-abstraction layer (CAL) is, in its most general sense, an application programming interface (API) - also known as a library- that hides...

Read More
Introduction to Cryptographic Key Blocks - FAQs

2 min read

Introduction to Cryptographic Key Blocks - FAQs

This article proposes answers to a series of frequently asked questions (FAQs) about key blocks.

Read More
commoncriteria_logo

3 min read

How Common Criteria Helps Organizations Choose the Right HSM

Hardware Security Modules (HSMs) are used in all card payment systems (as well as various other applications that require strong security) to protect...

Read More
How Cryptomathic Signer differs from other eIDAS compliant remote signing solutions

3 min read

Signer: The Most Advanced, eIDAS-compliant Remote Signature Solution

As part of the global drive for digital transformation, legally binding digital signatures are at the forefront of many businesses’ ambitions to...

Read More

5 min read

How an e-Signature Failure Derailed a €3bn Swiss-Austrian Transport Deal

Last week order for 186 double-decker trains was nullified due to a legal formality surrounding the Qualified Electronic Signature used to ink the...

Read More
Methods_of_maximizing_the_security_protection_of_a_cryptographic_system.jpg

5 min read

Maximizing Payment Card Industry (PCI) & Cryptographic System Security

This article talks about how different factors and controls can affect the strength and effectiveness of a cryptographic system's security. It gives...

Read More

3 min read

How FinTechs can benefit from the European eIDAS Regulation

The financial service industry has always been innovator in technology adoption. This is not surprising considering the nature of the industry with...

Read More

4 min read

Where 2FA and PKI Meet

Under pressure from sophisticated attacks and rising fraud, many B2C organisations of the financial industry are currently enhancing the static...

Read More
ANSI X9.24-1-2017: Key Utilization and Storage

3 min read

ANSI X9.24-1-2017: Key Utilization and Storage

This article briefly summarizes the symmetric cryptographic key utilization and storage requirements as described by the ANSI X9.24-1-2017 (part 1)...

Read More
Digital-trade-case-study.jpg

2 min read

Case Study – Fully digital trade transactions

Great strides have been made in the retail banking and payments space via innovative financial technology products. However, in the corporate banking...

Read More

6 min read

epassport inspection: The Need for Speed

Ever since the EU mandated the introduction of biometric ePassports containing fingerprints there has been a flurry of technology development and...

Read More

4 min read

Issuing MULTOS Cards

MULTOS cards are being deployed in steadily increasing numbers and Cryptomathic is delighted to be involved in MULTOS projects across the globe....

Read More
Payment & Banking: Why IBM z/OS Needs a Banking-grade KMS for the Hybrid Cloud

3 min read

Why IBM z/OS Needs a Banking-grade KMS for Hybrid Cloud

The IBM mainframe series (“z-series”) has become a backbone for security, privacy and resilience in a large share of payment and banking related...

Read More
Thales Key Blocks

3 min read

How to use Thales Key Blocks in payShield HSMs

Thales Key Blocks are an essential cryptographic key wrapping format. In comparison to other key block formats, they are proprietary and only work...

Read More

3 min read

Bridging the gap between eIDAS and Anti-Money Laundering Directives

Banks and other financial institutions are playing a key role in countering global challenges like money laundering and terror financing.

Read More
Cryptomathic CKMS: Centralized & Automated Key Management for payShield HSMs

2 min read

Cryptomathic CKMS: Centralized, Automated Key Management for payShield

Banks and financial institutions must adhere to a rigorous set of security and regulatory practices to protect data, communications, and processes.

Read More

3 min read

Selecting the Right Key Management System

The protection and secure management of cryptographic keys is crucial for ensuring that cryptography is used in the most effective way to keep data...

Read More
Attacks on PDF Certification and the impact on Approval Signatures

3 min read

Attacks on PDF Certification and the impact on Approval Signatures

In May 2021, researchers published two attacks on certified PDFs, which enabled unintentional and fraudulent modifications to be applied to signed...

Read More
BYOK for MS Azure KEY Vault - Helping Banks Take Control of Their Keys for MS Azure, Dynamics, and Office 365

4 min read

Take Control of Your Keys: BYOK for the MS Azure Key Vault

This article explores how Cryptomathic CKMS combines BYOK for the MS Azure Key Vault with banking-grade key lifecycle management; to address the...

Read More

4 min read

Encryption Key Management Challenges for IaaS in the Cloud

This article discusses key management methods for the IaaS Cloud model, and security problems to be dealt with because of its virtualization...

Read More
Market-Stakeholders-eIDAS-Enabled-Solutions

3 min read

eIDAS Enabled Solutions:  Market and Stakeholders Analysis

The ultimate aim of regulations like eIDAS is the creation of a true Digital Single Market (DSM). eIDAS plays its role by providing the necessary...

Read More
A crowd of people gathered outside a neo-classical building in a European city, holding royal blue balloons

3 min read

The UUM&DS Project – How eIDAS Improves the EU’s Customs Interface

With each passing year, the volume of international trade in goods and services keeps rising. With all of this trade, however, comes an associated...

Read More

4 min read

Air India's Data Breach - data security is more crucial than ever.

Recent global events have demonstrated that high-profile hackers and state-sponsored security breaches have been steadily increasing since 2020. It...

Read More
Payment Security and Key Blocks: Why are key blocks so secure?

2 min read

Payment Security and Key Blocks: Why are key blocks so secure?

How can keys be securely exchanged over potentially unprotected channels? The answer to this question is “key blocks”. A key block is an essential...

Read More

3 min read

The Federation of eID Providers: A Polish Perspective

The growth of electronic identification systems has been different for each European country during the past several years. European countries have...

Read More

3 min read

Centralized Key Management Systems: Challenges and Opportunities

Over the last 10 years, enterprises have moved on from decentralized and distributed key management to centralized key management systems to provide...

Read More
Finance-Distriict-PCI-DSS-Compliance-Key-Management

5 min read

Introducing a PCI DSS compliant Key Management System to a Bank

A key management system is a critical component in achieving PCI DSS compliance for a banking institution. It involves implementing a crypto system...

Read More

3 min read

eIDAS - What You See is What You Sign (WYSIWYS) for Non-Repudiation

What You See is What Your Sign (WYSIWYS) is a term that is used to describe an enhanced level of data integrity within a digital signature system....

Read More

4 min read

Integrating Microsoft Banking Accelerator with On-prem Key Management

The cloud services provided by Microsoft Dynamics 365 are gaining rapid market share in the banking world. A burning question for the security...

Read More

4 min read

Enterprise-grade code signing: Securing the Signing Process

This article outlines the importance of code signing and describes a centralized approach for securing and streamlining the code signing process...

Read More

3 min read

Managing Keys for ATM Remote Key Loading using CKMS

ATM Remote Key Loading has become a common practice in the industry. Yet managing the top-level keys to establish trust between the Host and the ATM...

Read More
Misuse of X.509 Certificates & Keys Involved in SolarWinds Attack

3 min read

Misuse of X.509 Certificates & Keys Involved in SolarWinds Attack

This article discusses the misuse of X.509 certificates and keys in the SolarWinds attack and how Cryptomathic CKMS and CSG could help protect...

Read More

3 min read

How to Simplify Key Management System Compliance Audits

This article explains some of the cryptographic key management tasks involved in demonstrating and proving compliance to acceptable standards, and...

Read More

3 min read

eIDAS & RTS for Strong Customer Authentication

The Delegated Regulation on Regulatory Technical Standards (RTS) by the European Commission aims to facilitate Strong Customer Authentication (SCA)...

Read More

3 min read

Key Management Interoperability Protocol: Achievements and Challenges

The Key Management Interoperability Protocol standard intends to provide interoperability across various key management environments and hence to...

Read More
A plain blue lego brick, representing the CEF building blocks

3 min read

Introducing the CEF Building Blocks: eDelivery, eID, eSignature & more

The CEF building blocks of the digital service infrastructure, as defined under the Connecting Europe Facility (CEF), cover essential components like...

Read More
The SolarWinds attack and best practices for code-signing

2 min read

The SolarWinds attack and best practices for code-signing

Since the announcement of the SolarWinds supply chain attack, intensive analysis has been done by Crowdstrike, FireEye (with additional details),...

Read More

3 min read

Understanding Symmetric Key Creation, Components & Keyshare Generators

In this article, we look at the process of a keyshare generator and key derivation as described by the ANSI X9.24-1-2017 standard. This process is...

Read More
Bring Your Own Key (BYOK) to the Google Cloud Brings New Opportunities to Financial Institutions

5 min read

BYOK for Google Cloud Unlocks Opportunities for Financial Institutions

This article discusses the concerns surrounding key management for cloud environments and how Cryptomathic addresses them by bringing banking-grade...

Read More
Man in a blue checked shirt sitting at a desk with a cup of coffee, working on his laptop

2 min read

E-signatures vs Digital Signatures: Key Differences and Regulations

People often use the terms e-signature and digital signature interchangeably. However, they aren't the same thing. Everything from the processes that...

Read More
Diagram showing the different layers of mobile app security

5 min read

Common Mobile Banking App Security Issues and How to Solve Them

An investigation conducted by "Which?", a consumer watchdog group based in the UK, found serious vulnerabilities in the security of banking security...

Read More

2 min read

Protecting Mobile Banking and Payment Apps from Malicious Attacks

We are constantly reminded by news stories how complex it can be to secure mobile banking and payments apps. A recent study has found that 11%...

Read More

3 min read

Introduction into PAdES for Trust Service Providers

The term PAdES stands for PDF Advanced Electronic Signatures. It refers to a group of extensions and restrictions that are used with PDF and ISO...

Read More

3 min read

Mobile App Hardening: Root and Jailbreak Detection

Unlike other operating systems like Windows, Linux, or OSX, both Android and iOS operating systems are usually shipped with built-in user rights...

Read More
What is Quantum Computing and how does it relate to today’s Cryptography Infrastructure Investments

3 min read

Quantum Computing and Cryptography Infrastructure Investments

The rise of quantum computing is expected to have significant impacts on both financial and technological considerations when evaluating...

Read More

3 min read

Recommendations for Providing Digital Signature Services

With the ever-growing number of electronic transactions and documents, the use of digital signatures make it possible to trust and act upon these...

Read More

4 min read

Understanding the Certificate Authority in the Context of eIDAS

In this article, we will discuss the Certificate Authority (CA) in the context of eIDAS and what is required of this entity in ensuring the integrity...

Read More
An Overview of EBA's New Guidelines on ICT and Security Risk Management (EBA/GL/2019/04) in the Light of COVID-19

4 min read

Exploring the EBA's New ICT and Security Risk Management Guidelines

Considering the COVID-19 impact on digitalization, EBA’s updated Guidelines on ICT and Security Risk Assessment will help focus on priority areas,...

Read More
Banking-Grade BYOK for Office 365

3 min read

Banking-Grade BYOK for Office 365

Securing data and keeping it private is essential for many organizations and institutions, including banks or ministries, where data security and...

Read More

4 min read

Certificates supporting the Payment Services Directive PSD2

The PSD2 Directive opens a considerable market for new solutions in e-banking, account information services and payment initiation services.

Read More

2 min read

BYOK: a Solution for EBA’s New ICT and Security Risk Management Guidelines

The European Banking Authority's (EBA’s) new ICT and Security Risk Management Guidelines provide guidance for cybersecurity requirements for...

Read More

4 min read

The link between HSMs and a Centralized Key Management System

Even in small-scale environments, managing cryptographic relationships and crypto key lifecycles can be difficult. The list of barriers to success...

Read More
Open Banking - Success through Agile Alignment of Security Infrastructure, Strategy and Technology

5 min read

Open Banking: Why Agile Alignment is the Key to Success

Open banking can offer opportunities for retail banks that are faced with competition from newcomers to the banking and finance industry. For those...

Read More

6 min read

Advanced vs. Qualified eIDAS Electronic Signatures

The Electronic Identification and Trust Services Regulation (EU Regulation 910/2014/EC - also known as eIDAS) is a complex set of laws (including...

Read More
eba

3 min read

EBA On Customer Authentication Under PSD2: Inherence

A fundamental objective of the Revised Payment Services Directive (PSD2) has been to reduce the risk of fraud to the maximum extent possible and...

Read More

3 min read

Postbank Master Key Breach: Why Strong Key Management is Essential

In the last couple of months, facts regarding breaches that occurred during December 2018 at PostBank, the national postal bank operator of South...

Read More

4 min read

Tokenization in Banking and Financial Services

Tokenization is a generalized concept of a cryptographic hash. It means representing something by a symbol (‘token’).

Read More

3 min read

Why a Banking Key Management System Must Support Atalla Key Blocks

Invented by Mohamed Atalla, the Atalla key block is the root of all key blocks. All over the globe, hundreds of millions of financial transactions...

Read More
A person peeping through a set of white Venetian blinds

3 min read

Why Native Code Obfuscation Techniques is Essential for Mobile Apps

In the mobile environment, source code is often distributed without enough security. Programs compiled as bytecode, such as the ones developed for...

Read More

5 min read

W3C's suggestion for a Web Cryptography API

The World Wide Web Consortium or W3C as it is commonly known was founded in 1994 by the original architect of the World Wide Web, Tim Berners-Lee. It...

Read More

8 min read

Securing the Life-cycle of a Cryptographic Key

This article discusses the main phases involved in the life-cycle of a cryptographic key, and how the operational lifetime of a key and its strength...

Read More

6 min read

Symmetric Cryptography & Key Management: Exhaustion, Rotation, Defence

With data protection standards, such as GDPR, and the sheer mass of data that companies collect and accumulate, the protection and control of...

Read More
A light brown praying mantis poised on the end of a leaf

3 min read

10 Anti-debugging Techniques for Mobile Banking and Payment Apps

In the mobile environment, while debuggers are legal and legitimate development tools, hackers can also use them to reverse mobile banking and...

Read More

2 min read

Addressing HTTPS Vulnerabilities in Mobile Banking and Payment Apps

Here we describe some of the HTTPS vulnerabilities in the context of mobile banking and their countermeasures.

Read More

2 min read

The need to manage both symmetric and asymmetric keys

A well-rounded solution for securing digital transactions includes the use of both symmetric and asymmetric cryptography and keys. Each method of...

Read More

3 min read

ANSI X9.24-1-2017: Key Distribution 

Key distribution is perhaps the most important and crucial aspect of the ANSI X9.24-1-2017 part 1 standard. But first, let us explain what...

Read More

5 min read

Symmetric Encryption Algorithms And The Need For Crypto-Agility

In this second installment of a three-part series on symmetric key encryption technology, we look at the evolution of symmetric key encryption...

Read More
1 2