Four corners model and Payment HSM Integration – Get Thales’ payShield 10k

Published: 6 June 2022

Reading time: 3 minutes

The “Four Corners” model is a part of all standard card payment systems across the world. Hardware security module (HSM) is needed for each of its components involved in the cryptographic process.

Before getting into how HSMs are used throughout the four corners model, it is best to first understand what  the four corners represent in this model:

The Cardholder, sometimes referred to as the consumer who has a payment card from a bank and is authorized to use it. Typically, the card is directly linked to the Cardholder’s account, except in instances where the card may be a corporate credit card or fleet card provided to employees.

Credit card mockup

The Merchant (restaurant, store or any type of business accepting card payments) is often referred to as “the Acceptor“. Accepting card payments for goods or services provided is the primary role the Merchant. An ATM may also be considered a merchant because it accepts payment cards.

Scan to pay

The Issuer, typically a bank that issues the payment card to the Cardholder. The payment card that is issued may be one of three different types:
Debit card
Credit card
Prepaid card
These cards are provided on behalf of specific card payment network, such as Mastercard, Visa, American Express.

The Acquirer, usually a bank or other financial system that provides the tools needed for the Merchant to process payment card transactions, including hardware and software.

The Four Corners Model is relatively simple and involves several flows between each of its components, but the data between the corners have to be protected as it travels back and forth.

Role That HSMs Play in Credit Card-Based Payment and Retail Banking
Card-based payment and retail banking transaction processes that are conducted within the Four Corners must be performed in a secure environment, such as that provided by an HSM.

What is a HSM?
HSM stands for Hardware Security Module, and is a very secure dedicated hardware for securely storing cryptographic keys. It securely stores and manages cryptographic keys that are instrumental in ensuring the highest level of physical security for your applications.

Protect sensitive data with HSM as a service
An HSM helps you secure your most valuable data by storing your encryption keys in a dedicated hardware.


Thales – What Payment HSMs Do
Thales Payment HSMs and management tools provide flexible, efficient transaction security for retail payment processing environments, internet payment applications, and web-based PIN delivery. Ensuring the security of consumer data is essential to the integrity of intra-bank network payments, ACH transfers, check clearing, mobile payments, and credit card transactions. In addition to meeting today’s government and industry regulations and standards, Thales Payment HSM solutions are designed to anticipate tomorrow’s.

payShield 10K is a payment hardware security module (HSM) used extensively throughout the global payment ecosystem by issuers, service providers, acquirers, processors and payment networks. It plays a fundamental security role in securing the payment credential issuing, user authentication, card authentication and sensitive data protection processes for both face-to-face and digital remote payments.

Ask us more about payShield 10K!

To make this website run properly and to improve your experience, we use cookies. For more detailed information, please check our Cookie Policy.

  • Necessary cookies enable core functionality. The website cannot function properly without these cookies, and can only be disabled by changing your browser preferences.