HSM Profiles

Click on the HSM Profile icon to see the HSM Profile section of the Administrator.

A Hardware Security Module (HSM) is a self-contained, secure device used for the generation, storage and manipulation of cryptographic data, particularly PKI Credentials such as public and private keys and Digital Certificates.

Within the context of SmarterPay, these devices can be used to automate the signing and sending of your payment files to the Bacs service.

An HSM profile is SmarterPay's way of allowing you to refer to a single signing mechanisms that can come from one of many HSMs that may be available to you, and then specify a single signing certificates on that HSM.

It may be that you would prefer to sign certain files that originate from one back office using a certificate located on one HSM, different files using another one, or perhaps even a different certificate located on the same device.

In SmarterPay, HSMs can be used in one of two modes; attended or unattended:

• In an attended scenario, the HSM is used very much in the same way as a Smart Card, in that you manually interact with payment files using the SmarterPay client to perform signing operations and submissions.
• For unattended, the entire process of creating submissions from payment files, sending them to Bacs, and retrieving the reports is performed for you. To use an HSM profile in an unattended manner, it must be profiled against a back office import profile.

For users of unattended Bacs solutions, it is a requirement that they automatically check for reports at a regular interval - SmarterPay performs this check once an hour, however, in order to facilitate this functionality, an HSM is required to connect to the Bacs service.

In order to utilise HSMs within SmarterPay, you must first licence the DIPHSM00 component within the Licence Codes section of the Administrator.

More:

• Add/Edit an HSM Profile