diff --git a/chapter-hsms/chapter.tex b/chapter-hsms/chapter.tex
index c28b1a0..5ad6457 100644
--- a/chapter-hsms/chapter.tex
+++ b/chapter-hsms/chapter.tex
@@ -146,8 +146,63 @@ networks, almost all payment terminals on the market irrespective of their count
 standards. Adding on to PCI's ecosystem impact, its security standards are thought out well and provide a higher level
 of security than one might expect from an industry association.
 
-The concrete requirements in the PCI SSC standards boil down to a list of logical requirements regarding key handling
-that 
+Physical security standards in card payment applications both on the client side -- payment terminals -- and on the
+server side -- HSM appliances -- are more stringent than one might expect since the finance industry has been reluctant
+to adopt modern cryptography. Not only are modern cryptographic protocols like Secure Multiparty Computation (SMPC) or
+Zero-Knowledge Proofs (ZKPs) not commonly used. Even asymmetric cryptography has only been adopted reluctantly, and
+ancient ciphers such as Triple DES are still commonly referenced in industry
+standards~\cite{pci_security_standards_council_payment_2025}. As a result, increased hardware security is necessary to
+safeguard weak symmetric keys, compensating for the systems' modest cryptographic security.
+
+Since card payment terminals are widely deployed, many different models from various manufacturers are available. Each
+manufacturer tends to have their own, patented tamper-sensing implementation. Being manufactured at scale, card payment
+terminals are cost-sensitive devices, which is reflected in the construction of their tamper-sensing implementations.
+
+\subsubsection{HSM Appliances}
+
+For datacenter applications, HSMs are sold both as add-in cards and as standalone rackmount appliances with a network
+interface. In practice, the standalone appliances are just low-end computers in a rackmount enclosure that expose the
+API of an internal HSM add-in card to the network. In this survey, we were only able to procure a single such HSM since
+these devices are expensive, and even used specimens of older models are usually listed for several hundreds to several
+thousands of EUR. The one sample we procured was a 2011 model Utimaco CryptoServer LAN. Our unit was a white-label
+variant procured by premium TV encryption technology provider Irdeto, presumably used in Germany to produce
+cryptographic key streams for TV signal encryption. We bought the device from a recycling company specialized on
+datacenter components. The device was sold with any HDDs removed. The device consisted of an older mainboard for
+embedded applications containing an Intel Core 2 Duo-brand processor and 2 GiB of DDR2 RAM, which was connected to the
+HSM add-in card through PCI. The device contained a small Lithium backup battery on the add-in card, and another, larger
+battery in an enclosure at the front of the device that was connected to the card through a cable. The device did not
+contain any obvious case intrusion sensors.
+
+\subsubsection{ATM Encrypting Pin Pads}
+
+ATMs are built in a modular construction approach. Physically, the enclosure of an ATM is not its only security
+barrier. Besides the enclosure, there are two security barriers worthy of note. First, the bank notes in the machine are
+stored in an automatic cash dispenser that is built into a traditional vault inside the machine. This vault primarily
+acts as a mechanical barrier to discourage theft, but it also often includes tamper sensors that activate an Intelligent
+Banknote Neutralisation System (IBNS). The IBNS is designed to spread hard-to-remove ink over the bank notes inside the
+vault when tampered. The permanently stained bank notes are not accepted by banks or retailers anymore.
+% FIXME cite https://www.oberthurcp.com/hubfs/Oberthur_December2020/Pdf/IBNS_Introduction_to_ink_staining_Oberthur_Cash_Protection_2019.pdf
+% archive: https://web.archive.org/web/20250822134238/https://www.oberthurcp.com/hubfs/Oberthur_December2020/Pdf/IBNS_Introduction_to_ink_staining_Oberthur_Cash_Protection_2019.pdf
+% FIXME cite https://www.ecb.europa.eu/euro/banknotes/damaged/html/index.en.html
+% FIXME cite https://www.bcl.lu/en/Banknotes-and-Coins/remboursement/billets-macules1/index.html
+
+Besides the vault, the other secondary security barrier is located inside the ATM's pin pad. While all communication
+with the customer's card passes through an end-to-end encrypted channel from the bank's backends into the card's
+smartcard IC, the customer must necessarily enter their pin in plain text. To prevent leakage of the plaintext PIN, the
+PIN is encrypted inside the PIN pad itself. To this end, the PIN pad contains a microcontroller handling the encryption.
+Often, both the circuit board containing the PIN pad's keyboard matrix and this microcontroller are shielded by a
+tamper-sensing mesh to prevent physical attacks such as the installation of a skimming device that would record and
+transmit the plaintex PIN.
+
+We acquired three different EPPs for analysis: Two designed by Sagem and apparently re-sold as a whitelabel product by
+Cryptera and Diebold, respectively, and one made by and branded NCR. All three devices have robust stainless steel front
+cases.
+
+\subsubsection{Other miscellaneous devices}
+
+Sometimes, tamper-sensing meshes show up in other types of devices. We acquired two such devices. First, we acquired a
+Neopost franking machine, a type of device that is used to directly print a code on an envelope that replaces a
+conventional postage stamp.
 
 \section{Conclusion}