Key ceremony of a security system forming part of a host computer for cryptographic transactions

1. A host computer system comprising:

• a key ceremony application associated with a computing device comprising a memorycreates a for-distribution master key,store the for-distribution master key in the memory connected to the key ceremony application,split the for-distribution master key into N shares,create a plurality of custodian transport layer security (TLS) keys that are different from one another,create a certificate authority that creates a service TLS key,create N bundles, each bundle including a respective one of the N shares, a respective one of the different custodian TLS keys and the service TLS key;
  
  distribute the respective shares among N custodians, each custodian being associated with a respective computing device, andclear the for-distribution master key, custodian TLS keys and the service TLS key from the memory of the computing device associated with the key ceremony application;
  
  a service associated with a different computing device comprising a different memory separate from the key ceremony application performs operations to;
  
  communicate over a communication network with respective computing devices of M of the N custodians to receive at least M of the N shares, where M is equal to or less than N,derive an operational master key from the M shares, andstore the operational master key in memory connected to the service; and
  
  a web application associated with a computing devicecommunicates over the communication network with a customer computer system to execute a checkout process only after the operational master key is stored in the memory connected to the service over the communication network.