Last updated 28 March 2001

This section relates to 'core' retail and wholesale banking cryptography activity, and will not cover smart card security (covered in another area of the resource centre) or home and internet banking security explicitly (also covered elsewhere). What we will be concerned with in this section is host and central system cryptography and key management, network and telecommunications security (including S.W.I.F.T interfaces and so on), and on-premise terminal cryptography.

There are 'traditional' cryptography vendors for the banks, these are Atalla, Racal and IBM. Not all solutions are hardware only; IBM was successful in the international marketplaces in the seventies and eighties with PCF (Programmed Cryptographic Facility) that was effectively a software emulation of a DES hardware device. Other software solutions are available for as variety of platforms, see the Cryptography software section.

I would caution the would-be information hunter that there is a huge amount of data on the Internet labelled 'cryptography'. Not much of it is relevant to the banking technology marketplace.

I may extend this section in the future to cover cryptographic standards for Banking technology, consultancy papers and so on. Let me know what you want to see. I can't improve this site unless I get feedback

 Atalla

Now owned by Compaq (via Tandem), Atalla claim they are "... the people who invented the network security processor..".They also invented the Identikey method ..... A variety of processor boxes providing key management, cryptographic service and high speed processing are produced, such as the A10000E (Ethernet) unit. Also in production are the A7000 (SCSII/Tandem), A6000 (SDLC), A4000 (RS232) devices. Details can be found here.

 Bull

Bull provides SWIFT with security using its CP8 Smart cards. There's an overview here.

There's also a reference to the SWIFT project here on the Integris site. For network security, the place to go is the Bull network security overview.

 Eracom

Australian company Eracom manufacture EFT security modules as well as other cryptographic hardware products. The ESM 2000 is a physically secure hardware device providing both DES and RSA encryption, key management and so on.

Eracom have been around for a while (since 1979) and have 20,000 encryption adapters installed worldwide.

The Eracom web site may be found at www.eracom.com.au

 IBM

IBM have long produced cryptographic subsystems for the Banking and financial world, and there is a whole IBM sub-site dedicated to cryptography. In reality, in line with my previous notes on IBM web content, it doesn't tell you much. You can search the site here.Anyhow, IBM claim one of the fastest (in terms of operations per second) facilities that I have come across, the ICRF feature for the S/390 mainframe at a claimed 7,000 cryptographic operations per second (compare this to Racal's 720/sec above). In addition, IBM produce the channel (S/3x0 again) attached 4753 RSA/DES processor, the 4755 ISA bus processor, and AS400 features. All these products go under a generic title of 'Secureway'.

You can find product 'details' in the products index or look at the general site index

 Jones Futurex

US based Jones Futurex manufacture several PIN security products under the Excrypt brand name; the SSP500 (entry level), PCE4000 (a PC board system), RMC5000 (full size) and ESAP (PIN Mailer server). Solutions have obtained Visa, MasterCard etc certifications.

There's pictures, online information and so on at the web site, www.futurex.com/pinmenu.htm

 Nanoteq

Good grief, these people have been hard to track down.

South African Nanoteq manufacture the Summit high performance, tamper resistant security modules, as well as a whole host of other security kit.

There's an overview spec at the web site, http://196.30.227.130/product/welcome.htz

Nanoteq is owned by Comparex, also the parent of Mosaic.

 Racal

The Racal name will be more familiar to European than US banks.

Racal produce a variety of hardware devices that fall into this category, the most familiar to Retail bankers will be the RG7000 series of HSM's (Host Security modules). The HSM is "... a physically secure, tamper resistant device that provides cryptographic functions to secure transactions in fianncial and other networks." It comes in a variety of attachment formats, including IBM channel attach, TCP/IP etc, and supports both symmetrical and public key systems. In the same family is the RG7x10 series of HSM's that provide high speed equivalent functionality for high volume networks (up to 720 tps in the channel attached RG7210).

Related systems software, such as the MVS Security Resource Manager is also supplied by Racal (believe me, you don't want to code native support for these boxes!). The SRM is also provided for Tandem and Unix.

PIN management software is provided for the PC to provide a low-cost entry level method of PIN production.

Also worthy of note is the RG720 PC Security module for DOS, NT and Windows and the CAT (Cryptographic Auth Terminal).

 Zergo

UK based Zergo have only been around since 1988, but they provide the security for the UK Clearing system, CHAPS. They merged with US based Baltimore Technologies in 1999, and subsequently all the hardware products seem to have been discontinued. If anyone finds out anything different, please let me know.

Zergo previously produced an HSM, the CG5000,and an interesting-looking PCI bus PC card, with NT and OS/2 drivers called the HSP4000

Baltimore are at www.baltimore.com The previous zergo website redirects you here.

Can you fill in any gaps? Are there any manufacturers that I've missed? Please, please tell me!