Create robust file authentication processes with a Hardware Security Module (HSM)

  • Remove reliance on physical devices, no need for smart card readers or Gemalto
  • Reduce time spent on submission process
  • Enable straight-through processing of Bacs or FPS submissions

Internet Explorer is being retired by Microsoft in February 23. This end-of-life announcement directly impacts AccessPay users who rely on smart cards to authenticate payment runs. 

Smart card users will be required to upgrade all users to the Microsoft Edge browser by February in order to continue using Gemalto, the software that’s linked to your smart card device. Upgrading the device of every user involved in your payment processes will be a mission-critical task that could pose risks to submissions if not completed in time.  With this change in mind, there is a recommended alternative.

A Hardware Security Module (HSM) is a hardware-based security device that generates, stores and protects cryptographic keys. It provides the foundation for a high-level secure certification authority. 

Used for secure authentication and file transmission, hardware security modules are a more robust and secure alternative to other PKI devices such as smartcards, which can be used to bolster remote working and disaster recovery policies. 


Smart Card vs HSM: Which is best for your business?


Hardware Security Modules provide a higher level of security than non-secure media, such as security tokens or smart cards, since the latter can be easily removed, stolen, misplaced or copied. 

And with Internet Explorer reaching end-of-life in February 2023, Smart Card users will be forced to upgrade to Microsoft Edge to continue using Gemalto. 

For more information on the key differences between Smart Cards & Hardware Security Modules, click through to read our blog 


AccessPay has transformed the way we work. Our old software meant we had to rely on one laptop to read all of our cards which carries an obvious business risk. Access Pay’s HSM feature has made us much more agile and secure; we no longer have to rely on IT and machines. – Denise Campbell, Head of Treasury, Great Places Houses Group


Remote working and Disaster Recovery


Hardware Security Modules can serve as the lynchpins of any good Disaster Recovery policy.  

Your HSM lives in the cloud, and the box needed to store it is held in a secure location. So, if you’re unable access your physical premises, you can still make transactions remotely. 

Equally, with higher adoption rates of work from home and flexible working policies since the COVID 19 pandemic, remote access ensures that payment processing operations can continue, whatever your circumstances. 

Implementing HSM within your organisation


Attended HSM


Attended HSMs work for corporates who prize flexibility. An Attended HSM enables you to log in to AccessPay, approve your files and authenticate the submission from any device. With an Attended HSM, you still benefit from an eyes-on approvals process, but you can complete submissions anytime, anywhere – without relying on a physical device or location.

Unattended HSM


Unattended HSM enables straight-through processing of Bacs and FPS submissions by automating the whole process, using authentication keys stored within the HSM. Unattended HSMs are ideal for organisations already completing approvals within a back-office system, or for those who make a vast number of transactions regularly.

The Reports Download Service


Report downloads can be configured alongside the HSM Submission Service using the digital certificate stored on the HSM device to automate the download of Bacs reports.  

This service includes the ability to configure a report download schedule based on submission type, dates and SUNs. 

Upgrade to HSM now



Download Factsheet