PCI-DSS Compliance

The world’s first automated, streamlined and software-defined encryption, key management and authentication platform built to address the challenges of meeting PCI requirements in today’s hybrid cloud, perimeter-less world.

( let’s talk )

The Challenges of PCI Compliance in a Perimeter-Free World

Implementing PCI-DSS regulations is a challenge in today’s global hybrid cloud environment.

Among the many challenges:

Data in the Cloud – Housing data and applications in the cloud forces organizations to share control of encryption keys with the CSP

Privileged Access Scenarios – User-owned devices (BYOD) are inherently secure, so strong authentication usually requires cumbersome dedicated hardware tokens

Unbound helps organizations meet the following PCI-DSS guidelines:

Requirements Addressed: 3.4, 3.4.1, 3.5, 3.5.1, 3.5.2, 3.5.3, 3.5.4, 3.6

Unbound Key Control (UKC) lets you protect encryption keys of data-at-rest and data-in-motion. UKC also keeps track of crypto inventory (keys, partitions, usage, etc) and performs key management actions like generation, import, distribution, refresh and revocation. UKC protects keys for symmetric (e.g. IPsec with AES/3DES) and asymmetric (e.g. SSH/SSL protocols) encryption algorithms

Requirements Addressed: 6.3, 6.6

Unbound offers two products that address this goal. Unbound Key Control (UKC) provides applications with secure authentication and auditing.

Unbound Crypto-of-Things (CoT) offers strong user authentication for public-facing web and mobile applications, thus preventing client-side attacks.

Requirements Addressed: 7.1.2, 8.1.1, 8.1.2, 8.1.6, 8.1.8, 8.2, 8.2.1-6, 8.3

Unbound Key Control (UKC) allows role-based access control (RBAC) to control access to data decryption keys on a “need to know” basis.

Go beyond password-grade security by using digital certificates to authenticate users and systems. UKC allows you to customize granular admin authorization and access management rules. UKC’s M-of-N control policy allows you to define a minimum number of admins (M) out of a total number of admins (N) who must work together to perform the high-security operations that you define.

Unbound Crypto-of-Things CoT answers the BYOD trust problem ensuring that device authentication keys are secured with a virtual root-of trust that is built right into the application. This guarantees that only authorized users can authenticate to critical applications and access their data, without making burdening users with the hassle of carrying dedicated hardware, such as OTP tokens.

Requirements addressed: 10.2, 10.2.1-7, 10.3, 10.3.1-6, 10.5, 10.5.4

Unbound’s advanced context-based auditing tools give you the full details of every decrypt or signing operation every time a key is used, in a real-time tamper-proof audit log. Audit logs can be exported to a SIEM / risk engine.

Requirements Addressed: 2.3, 2.2.3

Unbound Key Control (UKC) and Unbound Crypto-of-Things (CoT) let you build strong authentication into all your network devices, protecting SSH, VPN and SSL/TSS encryption keys.

See it in Action

Learn how Unbound’s Distributed Trust Platform takes the
complexity out of achieving and maintaining PCI-DSS compliance

 ( Request a Demo )

A Compliance Solution Made for Global Enterprise

Unbound can significantly reduce cost and complexity associated with PCI-DSS compliance. Unbound provides platform-agnostic software-only solutions that can be implemented on all public/private cloud and on-premises workloads, giving global organizations with cardholder data the ability to comply with several aspects of PCI-DSS, including those related to encryption, key management, authentication, access control, auditing and monitoring.

Protect Cardholder Data

Strongly protects encryption keys of data-at-rest and data-in-motion on any environment

Secure the Network

Strongly protect SSH, VPN and SSL/TSL encryption keys

Vulnerability Mgmt

Provides apps with secure authentication and auditing

Access Control

Enables granular admin authorization, including M-of-N

Monitor Networks

Context-based auditing of every
decrypt or signing operation in
a tamper-proof audit log

Related Articles


Get an in-depth explanation of how Unbound uses MPC, a mathematically proven method to secure keys on any device.

( Download )


Control Your Own Keys in the Cloud (CYOK) can ensure your sensitive assets remain secure even in the event of a breach.

( Watch )


Learn how Unbound Key Control, the first secure-as-hardware key management system can protect your crypto keys anywhere.

( Download )


Learn more about how two major banks are using Unbound to reinvent data reinvent data protection in the Digital Banking age.

( Watch )