Bull renews and extends PCI HSM certification for its CRYPT2Pay hardware security modules

Paris, November  5, 2014 -

To strengthen all uses of cryptography in financial institutions, the PCI HSM certification covering Bull's CRYPT2Pay solution has been renewed and extended to Bull CRYPT2Protect. This certification is awarded by the Payment Card Industry Security Standards Council (PCI SSC), an international organization bringing together the major of payment cards systems.

With the extended scope of the PCI HSM certification, financial institutions can now use the same platform to enhance the security of their whole business.

  • Dedicated to financial sector companies and institutions, Bull CRYPT2Pay is a Hardware Security Module (HSM) which secures payment card transactions, as well as managing the lifecycle of these cards in electronic banking centers.

  • Based on the same hardware and software platform, Bull CRYPT2Protect further strengthens the cryptography of secure infrastructures (PKI, electronic signatures), as well as data encryption solutions and card management solutions (CMS).

This recertification adds to the security certificates already obtained by Bull CRYPT2Pay including FIPS 140-2 certification level 3+ 1 and GIE-CB 2 MEPS 2. Bull CRYPT2Protect is already qualified at the basic level under the French government's RGS general security database (Référentiel Général de Sécurité).

The PCI SSC is a body set up by the major card schemes (American Express, Discover, JCB, MasterCard and Visa) to improve the security of payments data. In awarding the PCI HSM certification for Bull CRYPT2Pay/CRYPT2Protect, an independent assessor rigorously evaluated several dozen physical and logical security criteria, as well as the development, manufacturing and logistics methods used.

"With this new PCI HSM certification, our customers can shared the security hardware used for their applications while meeting the PCI SSC's strict requirements," said Philippe Duluc, Vice President of Bull's Security Division. "Bull takes a comprehensive approach to security, in which solutions such as CRYPT2Pay feature best practice and risk management. This means our banking customers can more effectively protect their financial transactions."

CRYPT2Pay and CRYPT2Protect are market leaders in France, and used in more than 30 countries through Bull's network of partners. Bull CRYPT2Pay is widely used in international banking networks such as American Express Global Network Services, Visa, MasterCard International and the Groupement des Cartes Bancaires.

As a provider of security solutions to major financial institutions, Bull provides a consistent offering including encryption solutions and identity and access management, as well as consulting and PCI DSS audit.

Bull will be exhibiting at CARTES 2014 in Paris from 4-6 November 2014.

For more information >>>http://www.bull.com/cybersecurity/data-protection.html

1FIPS: The Federal Information Processing Standard (FIPS) Publication 140-2 (FIPS PUB 140-2) is a computer security standard used to accredit US government cryptographic modules.

2MEPS: Method for Evaluation of Security Products defined by the Groupement des Cartes Bancaires CB to certify cryptographic modules.

Bull is the trusted partner for enterprise data. The Group, which is firmly established in the Cloud and in Big Data, integrates and manages high-performance systems and end-to-end security solutions. Bull's offerings enable its customers to process all the data at their disposal, creating new types of demand. Bull converts data into value for organisations in a completely secure manner.

Bull currently employs around 9,200 people across more than 50 countries, with over 700 staff totally focused on R&D. In 2013, Bull recorded revenues of €1.3 billion.


distributed by