mPOS Security: Thales e-Security Solutions

Thales hardware security modules (HSMs), both payShield 9000 and nShield, are already helping PSPs to deliver secure mobile point-of-sale (mPOS) solutions to large numbers of merchants, some accepting card payments for the first time.

The HSM performs three critical functions for PSPs – managing keys for the card readers, decrypting the encrypted transaction data received from the merchants and translating the PIN blocks for online PIN-based transactions.

payShield 9000 meets all the relevant payment security certification standards (FIPS 140-2 Level 3 and PCI HSM) in addition to supporting various algorithms and key management methods used in mPOS transactions –  with the ability to add custom functions to meet individual PSP requirements if necessary.

Working in conjunction with numerous partners in the mPOS ecosystem, Thales enables all PSPs to choose from a wide range of card readers, providing a fast, efficient and proven security solution with minimum integration risk.


  • Use the HSM to manage the mPOS card reader keys to suit the particular payment gateway requirements – secure generation and loading at the factory or via remote key injection after shipment to the merchant
  • Take advantage of the pre-integration with a wide range of leading mPOS card readers, enabling more choices for merchants
  • Comply with PCI HSM and PCI P2PE requirements out-of-the box with a hardware/software combination specifically designed for mPOS which simplifies PCI DSS compliance for both merchants and PSPs
  • Reduce time to integrate the HSM with the mPOS payment gateway by using Thales sample code and online test environment – ideal for PSPs new to HSMs  and/or point-to-point encryption
  • Implement highly resilient hardware with full remote management flexibility – keeping all keys secure and providing ability to upgrade performance in line with mPOS transaction volume growth