Azure Payment HSM Service

Card and mobile payment authorization capabilities are now available in Azure. The Azure Payment HSM service brings the Thales payShield 10k payment hardware security module (HSM) into Azure as a service-based offering. The infrastructure is designed for FIPS 140-2 Level 3 and PCI HSM v3 standards. Due to the hardware encryption, Microsoft has no access to any of the data. Further, when deallocated, the data is zeroed out to maintain data protection. The solution is designed to support payment processing, payment credential issuing solutions, securing keys and authentication data, and providing further protections for sensitive data elements. Details on this new service and the current public preview can be found here 

Why This Matters

  • HSM devices are common in highly protected industries and organizations, and these have been a barrier to some cloud migrations. Further, those organizations that need to handle credit card and other payment solutions have been required to use a third-party solution or maintain those on-premises due to HSM requirements.
  • Delivering an HSM, and especially the Thales platform, as a service can allow these organizations to migrate existing workloads into Azure while also opening new business options for organizations that did not have the skills and staffing to support an HSM solution on-premises.