Hardware Security Module (HSM)
Enhance your SwiftNet operations with our HSM, safeguarding PKI credentials for secure data exchange. It provides comprehensive cryptographic key protection, available in two models tailored to your specific security needs: HSM boxes and HSM tokens.
Benefits
HSM Refresh Programme 2023-2025
The current Hardware Security Module (HSM) boxes will reach end-of-life in 2025. To help ensure safe and continuous operations on our network, we’re launching a programme to swap existing boxes for updated models.
We started in early 2023 and will continue until end 2025. Complying with this programme is mandatory for members of our community, but we’ll be on hand to help along the way.
Key takeaways
HSM boxes play an integral role in our security architecture. They enforce the confidentiality and integrity of data exchanged between us and our clients by storing the PKI certificates used for signing and encryption.
The Thales Luna IS6 boxes have a life expectancy of 8 to 10 years and were first introduced to our community in 2013.
The ongoing HSM refresh programme will run until end 2025. This will ensure that all impacted customers are upgraded well before their current model reaches end-of-life.
We’ll subsidise 75% of the one-time overall cost, including delivery costs, for the new HSM boxes if you make your switch on time.
Frequently Asked Questions
Where can I find information on the HSM refresh programme?
If you need to upgrade your HSM box, you will have received an email from us (to the address registered with your BIC) with information on what you need to do.
Will I be impacted by this change?
If you currently have a Luna IS6 HSM box, you’ll need to upgrade to our new model, regardless of when you purchased the equipment. We plan to stop selling Luna IS6 HSM boxes in June 2024 – it’s important to make your switch to avoid any issues in the future.
When will the new boxes be available?
Luna SA7 boxes were available to order from 2022.
How much will the new boxes cost?
The new pricing structure depends on which model you purchase. The two new boxes have different capabilities, with the standard box able to store up to 500 certificates and the premium box storing up to 3000.
To receive specific information on the one-time fee and recurring maintenance costs, contact your Account Manager or get in touch with our support team.
Will the subsidy cover shipping costs and taxes?
Yes. Our subsidy will cover 75% of the total one-time cost of acquiring your new HSM box. Make sure you upgrade on time to take advantage of this offer.
When will support for the new HSM Luna SA7 start?
Support for the new boxes will start as soon as you receive it.
When will support for my old HSM Luna IS6 stop?
We don’t have a specific date for end-of-support for the Luna IS6 boxes, but we expect it to be late 2025.
Which products are impacted by the HSM refresh?
The connectivity footprint products that connect directly to HSM boxes need to be upgraded to a supporting version. You’ll be able to find information on all new versions on our release timeline. Affected products include:
- SwiftNet Link
- Alliance Gateway
- Alliance Gateway Instant
- Domestic Messaging Channel
- Minimal footprint
What happens if an old box fails during the refresh period?
If your existing box fails during this time, don’t worry – we’ll still offer full support and repairs on the Luna IS6 boxes until 2025.
However, in the following circumstances this may change:
If an HSM IS6 box fails before the new boxes are shipped, we’ll replace it with an HSM IS6 box. However, if this happens and you’d like to replace it with a new model, we’ll accelerate the shipment of your new model. Each request will be processed manually based on availability.
Once we’ve shipped HSM Luna SA7 boxes, we recommend using them at customer premises to replace failed boxes.
Six months after all the boxes are shipped, we’ll stop replacing old boxes.