Security Philosophy

Security Philosophy image

In the payments world, Security is paramount and Spire Payments has a family of terminals sharing the same strong security design principles (for both hardware and software) certified PCI-PTS 3.x.  Extensive use of open source software at all levels (e.g. Linux, OpenSSL, Busybox), provides a secure by-transparency platform that is a fundamental building block for security in the payments industry.  Moreover, Spire Payments has implemented its own Certification Authority (CA) using a Public Key Infrastructure (PKI) for system and application software authentication / signature in which domain separation exists not only between systems (firmware) and applications, but also between application developers / providers, for even stronger protection and accountability.  Finally, we have implemented SRED using a highly innovative and flexible approach and one of the key ingredients for the implementation of P2PE.  Spire Payments’ approach to security is highly efficient in that it is designed for cost-effective terminal and application deployment through a “write-once-run-anywhere” approach. These same security principles protect applications and data across all Spire Payments terminals.