SurePassID Universal MFA can be used in conjunction with a HSM. By changing settings in the administrative portal, cryptographic processing and key management can be offloaded to the physical or logical HSM of your choice. Customers have deployed SurePassID with HSMs including Townsend HSM, Thales HSM, nCipher HSM, and Google Cloud HSM.
SurePassID also enables FIPS 140-2 compliance for government customers using Amazon GovCloud and Microsoft Government Cloud. We use Amazon AWS KMS (Key Management Service) and Microsoft Azure Key Vault KMS, both FIPS 140-2 validated cryptographic modules, in conjunction with GovCloud and Government Cloud’s HSM encryption.