Futurex — General-Purpose HSMs (Vectera Plus), VirtuCrypt (Cloud HSM & Cloud Payments HSM),

Futurex — CryptoHub (Unified Crypto Platform)

Common Models / Form Factors

  • CryptoHub software platform for unified cryptography: centralizes HSMs, key management, PKI/CA, and data protection across on-prem, cloud, and hybrid estates.

FIPS Status

  • Operates with FIPS 140-2 L3 (and PCI PTS HSM, where applicable) via the HSMs it orchestrates (e.g., Vectera Plus, Excrypt series, VirtuCrypt).

PQC (Post-Quantum) Support

  • Crypto-agile orchestration: Enable dual-stack rollouts (classical + PQC) by routing to PQC-capable libraries/HSMs while keeping policy, custody, and automation in one place.

Dual Private-Key Format Support (Seed vs Expanded)

  • Seed custody & derivation: Store compact seeds as controlled objects; materialize expanded keys inside HSM-backed services; seed-centric backups as seed-only PKCS#12 profiles mature.

How SafeCipher Helps (Procure • Deploy • Support)

  • Procurement & contracts: Sizing, licensing, co-termed renewals.
  • Deployment & integration: Connect enterprise apps, unify HSMs/KMS/PKI, harden HA/DR.
  • Operations: 24×7/BH SLAs, monitoring, config governance, hybrid migration playbooks.

Futurex — VirtuCrypt (Cloud HSM & Cloud Payments HSM)

Common Models / Form Factors

  • VirtuCrypt cloud platform for cloud HSM, key management, and payments cryptography; elastic capacity and multi-region options.

FIPS Status

  • Backed by FIPS 140-2 L3 validated HSMs; PCI PTS HSM options for payments workloads.

PQC (Post-Quantum) Support

  • Pragmatic path: Run dual-stack migrations—anchor custody and access in VirtuCrypt while PQC algorithms are enabled through approved libraries/HSM images, then fold into standard ops as features mature.

Dual Private-Key Format Support (Seed vs Expanded)

  • Seed-centric custody: Store seeds under dual control/split knowledge; deterministically derive expanded keys inside the service boundary; wrapped backup/restore and seed-only PKCS#12 runbooks.

Payments Strength & Scaling

  • Throughput tiers from tens → hundreds → thousands TPS, multi-AZ HA, and high-availability SLAs for TR-31/TR-34, EMV, PIN, DUKPT pipelines.

How SafeCipher Helps (Procure • Deploy • Support)

  • Procurement & contracts: Sizing, SLA selection, marketplace onboarding.
  • Deployment & integration: Hybrid patterns with on-prem HSMs, policy/RBAC design, telemetry/alerting.
  • Operations: 24×7/BH support, firmware/config governance, audit packs, PQC pilots.

Futurex — General-Purpose HSMs (Vectera Plus)

Common Models / Form Factors

  • Vectera Plus network HSM for general-purpose crypto with optional payments features; supports virtual HSMs for multi-tenant isolation.

FIPS Status

  • FIPS 140-2 L3 validated; PCI PTS HSM compliant options where payments features are enabled.

PQC (Post-Quantum) Support

  • Crypto-agile design: Use Vectera as the hardware root for key custody, wrapping, access control, and audit, enabling dual-stack (classical + PQC) deployments.

Dual Private-Key Format Support (Seed vs Expanded)

  • On Vectera estates: Custody seeds in-HSM; re-derive expanded keys inside the boundary; import/wrap expanded keys only when apps require; wrapped backups and seed-centric migration runbooks.

How SafeCipher Helps (Procure • Deploy • Support)

  • Procurement & contracts: Quotes, sizing, co-termed renewals, EOL refresh.
  • Deployment & integration: Cluster/HA, client stacks (PKCS#11/JCE/CNG), AD CS/DB/TDE/code-signing onboard, performance tuning.
  • Operations: 24×7/BH support, monitoring/telemetry, firmware lifecycle, TR-31 enablement (if used for payments), auditor-ready evidence packs.

Futurex — Key Management / Platform

KMES Series 3 (Key Management Enterprise Server)

  • Role: KMIP key manager with embedded HSM for central key custody across arrays, databases, tape/backup, apps.
  • FIPS: Operates with FIPS 140-2 L3 modules in the appliance.
  • PQC: Acts as policy/custody plane while PQC runs in apps/HSMs; enables dual-stack distribution and rotation.
  • Dual key (seed vs expanded): Store seeds as KMIP objects with dual control; derive expanded keys in downstream HSMs; manage wrapped expanded keys where required.
  • SafeCipher helps: HA clustering, client onboarding, policy/RBAC, migration from legacy KMS, audit-ready ops.

CryptoHub (listed above) provides the unifying control plane across Excrypt/Vectera/KMES and VirtuCrypt.

Futurex — Ops Accessory (Not an HSM)

Excrypt Touch (RKL & secure admin tablet)

  • Role: Remote Key Loading, secure configuration, and lifecycle ops for Excrypt/KMES/VirtuCrypt estates.
  • How we use it: Standardize RKL, reduce human error during ceremonies, and produce tamper-evident audit artifacts; integrate into our runbooks for rotation, DR, and field ops.

Bottom line

CryptoHub for unified control, VirtuCrypt for elastic cloud HSM (and cloud payments), Vectera Plus and Excrypt (Plus/SSP v.2) for on-prem roots, and KMES for centralized key management

we’ll help you buy it right, deploy it right, and keep it right with seed-centric PQC readiness and audit-clean operations.