Moving Payments to the Cloud
Meet some Two-key Triple DES within an HSM
There is little to stop payments from moving fully into the Cloud, apart from where there are regulatory requirements or where there is poor network connectivity. We now live in an always-on networking society, where ISP (Internet Service Providers) now promote network resilience as a key selling point (and with 4G and broadband support):
So, would debate whether it was really unbreakable, but it certainly shows that network resilience is now a key feature for network connectivity.
But, surely payments must be done on a trusted piece of hardware? Well, not quite, as the main element of the payment is that it can be processed in a secure enclave, where the processing and encryption keys cannot be tampered with. In fact, moving into the cloud could have many advantages, including the fact that the device does not need to be set up to store sensitive information. The Cloud, too, offers enhanced audibility and logging of data.
The solution to this is to use a Hardware Security Module (HSM) in the Cloud, which is now offered by AWS with their AWS Payment Cryptography:
