nCipher HSMs secure Snapper’s mobile reload transit solution
How an innovative company added convenience for commuters while delivering iron-clad security.
THE CHALLENGE: MAXIMIZE SECURITY FOR MOBILE TRANSIT PURCHASES WITHOUT SLOWING PERFORMANCE
Snapper, an enterprising New Zealand company, set out to improve public transportation for riders in Dublin, Ireland. The National Transport Authority of Ireland wanted to make paying for transit much more convenient for their riders, even letting them load their cards while a bus approaches within sight. Snapper needed to give NTA’s customers a way to check their balance and instantaneously re-load their LEAP transit cards using their smart phones. Their solution needed to serve up to 500 people topping up at the same time – and to do so with the utmost security.
THE SOLUTION: SMART PHONE PAYMENTS SECURED BY NCIPHER SECURITY HSMs
Snapper designed a solution that lets customers load their transit accounts by tapping their smart cards to their phones and making payments through Snapper’s app. The phones recognize the contactless chips embedded in the cards, triggering Snapper’s app to open. The app authenticates and reads the cards and guides customers through PCI-compliant credit card transactions. Customers then use the transit cards to travel by bus, tram, and rail in Dublin.
To help secure their solution, Snapper turned to nCipher nShield HSMs (hardware security modules). Snapper’s app encrypts customer transaction data, and uses nShield HSMs to manage the encryption keys critical to safeguarding the data. For high assurance security, all encrypted data is stored in the contactless chips in the smart cards.
CODESAFE HELPS TO SECURE TRANSACTIONS
The security of Snapper’s solution relies on managing encrypted data, keys, and, to ensure integrity, the mutual authentication between the smart cards and HSMs – all driven by Snapper’s custom routines. These sensitive routines and the data they handle would be vulnerable to threats if exposed outside the closed system. nCipher CodeSafe provided the protection Snapper needed by securing the crypto code within the boundaries of their nShield HSMs.
Snapper started their six-month project, one they viewed as pivotal to expanding outside of New Zealand, with another security solutions vendor. Halfway through, they realized the vendor wouldn’t meet their requirements for protecting their crypto code or delivering to the National Tranport Authority’s performance specifications. With three months to go, Snapper asked nCipher to step in. What made nCipher’s solutions the right choice?
- Easy to implement – Snapper needed a straight-forward solution that would integrate seamlessly with their design. nCipher delivered, helping Snapper succeed in their high profile, time-sensitive project while staying within a fixed budget.
- Performance – nCipher HSMs support simultaneous consumer transactions at a rate 6x greater than the project required, and significantly faster than Snapper’s original security vendor. This gave Snapper and the National Transport Authority confidence in meeting the consumers’ needs – with room to grow.
- Expert Guidance – The nCipher Advanced Solutions Group (ASG) gave what Snapper called “frictionless access to their expertise” and worked efficiently with Snapper to align the team around project requirements, helping Snapper quickly and confidently deliver its solution to Dublin’s transport authority.
NSHIELD LETS CUSTOMERS CONTROL THEIR KEYS
The NTA’s master keys are their most valuable secrets and the NTA’s IT managers follow very strict processes to protect them. nCipher nShield HSMs and the associated Security World architecture fully supported these key handling processes and made it easy for the NTA to manage all production key related functions securely and without involvement from Snapper.
NCIPHER’S ARCHITECTURE SUPPORTS STRICT POLICY ADHERENCE
Security World greatly reduces the risks of non-authorized personnel gaining control of encryption keys by enforcing roles-based controls, thus helping to ensure comprehensive security.
ABOUT THE SOLUTION
nCipher nShield HSMs provide a tamper-resistant environment for secure cryptographic processing and key management. nShield HSMs are certified and meet established and emerging security standards for cryptographic systems while staying highly efficient.
nShield HSMs isolate and protect cryptographic operations and keys for organizations’ most critical applications. nShield HSMs perform encryption, digital signing, and key management for an extensive range of applications including public key infrastructures (PKIs), SSL/TLS, and code signing. nShield HSMs are high-assurance alternatives to software-based cryptography – supporting all leading algorithms and featuring world-class ECC performance.
With nCipher HSMs and their unique architecture, you buy only the capacity you need and easily scale your solution as your needs evolve.
CodeSafe hosts and runs sensitive custom applications within nShield HSMs. CodeSafe lets applications decrypt, process, and encrypt data inside the secure environment. As a result, applications, such as Snapper’s code used to authenticate smart cards, are well protected from outside threats.
Advanced Solutions Group (ASG)
The nCipher ASG team of security consultants delivers customized services to meet specific business needs. Experienced with a variety of applications, the ASG team helps organizations plan integrations, mitigate risks and execute projects through deployment and field testing – quickly and securely.
KEY NCIPHER SOLUTION BENEFITS
- Protect cryptographic keys and operations within tamper-resistant hardware to significantly enhance security over software-only solutions.
- Run sensitive custom applications within HSM boundaries using CodeSafe.
- Maintain control over your keys and build HSM estates that scale with evolving needs with nCipher’s unique Security World architecture.
- Develop your solution efficiently and confidently with nCipher ASG’s expert guidance.
ABOUT NCIPHER SECURITY
Today’s fast moving digital environment enhances customer satisfaction, gives competitive advantage and improves operational efficiency. It also multiplies the security risks. nCipher Security empowers world-leading organizations by delivering trust, integrity and control to their business critical information and applications.
Our cryptographic solutions secure emerging technologies – cloud, IoT, blockchain, digital payments – and help meet new compliance mandates, using the same proven technology that global organizations depend on today to protect against threats to their sensitive data, network communications and enterprise infrastructure. We deliver trust for your business critical applications, ensuring the integrity of your data and putting you in complete control – today, tomorrow, at all times.
To find out more how nCipher Security can deliver trust, integrity and control to your business critical information and applications, visit www.ncipher.com.