Mostly yes. It's a niche product with low demand and relatively high R&D costs, so margins have to offset that.

There's probably also a bit of psychological biases at play, like: "if your HSM is 10x cheaper than everyone else's, it must be crappy and insecure".

Generally speaking, they're both: 1) higher performance, and 2) held to a much higher standard in terms of certifications they need.

For example, a normal YubiKey is unrated, a YubiKey FIPS is level 2 rated, and a Thales HSM is level 3 rated with all sorts of zeroization hardware.

Interesting, maybe also the development costs too. They sell way less volume of HSMs compared to the standard keys but the HSM's require I'm sure some very rigorous development and testing.

> HSM's require I'm sure some very rigorous development and testing.

I think they mostly require an outside evaluator to do a sort of documentation process that costs somewhere around $500k depending on complexity on a new product, and maybe $50k just for up-versioning.

It's generally hard to get that money back on a product since the market of organizations that need the certification is tiny and then the larger overall market for a security product is also usually small and not so happy to defray those costs.

I evaluated and purchased a few Thales HSMs. At the time the difference between the FIPS and standard/dev editions was a bunch of cash and the spaces within the device were filled with epoxy and would erase if tampered with.

Software was the same, hardware looked the same. The crypto module is validated only with the $$ hardware.

Sometimes the non FIPS devices will have other algorithms not on the FIPS list.

Did you ever consider the Yubikey HSM at all as it’s much cheaper?

No, as at time they did not offer a FIPS device, which was a requirement. Another nice feature of the Thales is that you could use multiple smart cards to ensure that no one person can do certain things.