BCSS Accelerates Payment HSM Integration

Prime Factors’ Bank Card Security System (BCSS) takes much of the hassle out of adding Thales HSMs to your in-house developed card issuance platform. Backed by a dedicated support team, BCSS eliminates programming required to make Thales hardware security modules (HSMs) work in accordance with requirements established by the network brands for security code creation, verification and key management.

To incorporate an HSM into your secure card issuing or personalization solution is no trivial undertaking. For example, it requires a variety of internal expertise, and programming resource to keep a key management system in compliance.

With BCSS, there is no need to learn a proprietary machine level language to deploy the payShield 9000, Thales’ most advanced HSM. Plus you no longer need to constantly upgrade your custom code to take advantage of new functionality in the Thales HSM firmware.

Joint Thales/Prime Factors Solution Brief

Subroutines do the work for you

BCSS has a library of subroutines that handles more than 100 functions that access the BCSS key vault database and the payShield 9000. Therefore, BCSS eliminates the need to know Thales' proprietary host commands and makes it easier to issue calls from popular programming languages such as C, C++, C#, COBOL, Java and Visual Basic. BCSS subroutines include those that call the payShield 9000 to create and verify security codes and PINs.

BCSS includes subroutines that support transaction switching and verification environments. For these applications, BCSS can perform functions such as PIN translation, PIN changes, verification of PINs and card security codes.

BCSS capabilities extend to subroutines that work with your Thales HSM to print PIN mailers. This provides a secure environment for the generation of PIN mailers directly from a Thales tamper resistant device.

BCSS also supports environments with multiple payShield 9000s and provides load balancing and automatic backup in case an HSM fails.