Highest cryptographic security available.
Each of IBM’s HSM devices offer the highest cryptographic security available commercially. Federal Information Processing Standards (FIPS) publication 140-2 defines security requirements for cryptographic modules. It is issued by the U.S. National Institute of Standards and Technology (NIST) and is widely used as a measure of the security of HSMs. The cryptographic processes of each of the IBM HSMs are performed within an enclosure on the HSM that is designed to provide complete physical security.
The IBM PCIeCC3 (CEX6S) is validated to FIPS 140-2 Level 4, the highest level of certification achievable for commercial cryptographic devices. See FIPS certification number 3410 (link resides outside IBM) for the certificate.
The "Payment Card Industry Hardware Security Module" standard, PCI HSM, is issued by the PCI Security Standards Council. It defines physical and logical security requirements for HSMs that are used in the finance industry. The PCI HSM certification process for the IBM CEX6S is in process.
The IBM PCIeCC2 is validated to FIPS 140-2 Level 4. See FIPS certification number 3164 (Link resides outside ibm.com) for the certificate.
The IBM 4767 with IBM Enterprise PKCS#11 firmware is Common Criteria EAL4 Certified (Link resides outside ibm.com).
The IBM PCIeCC2 hardware with CCA firmware version 5.3 meets the requirements of the German Banking Industry Committee (GBIC) (Link resides outside ibm.com). The CCA release 5.3 provides sophisticated state-of-the-art protections for handling sensitive information like PIN data, cryptographic key data and account data. The HSM IBM Model 4767-002 CCA Release 5.3 implementation is compliant with GBIC's security requirements.
The IBM PCIeCC is also validated to FIPS 140-2 Level 4. See FIPS certification number 1505 (Link resides outside ibm.com) for the certificate.