Without a system like this, you would require many HSMs physically co-located with every server around the world, you would be trusting entirely in the ability of the HSM to withstand prolonged physical attack/analysis by a highly-resourced adversary (I'd consider this security suicide), and you would still not have the ability for the bank to cut off impersonation at any moment.
I have, incidentally, downvoted your comment, because you are complaining about downvotes. Don't do that.
A HSM does not need to be physically attached to "every server around the world". This is what they've built here, yet another network attached HSM, but not by following the standard PKCS protocols.
(On the subject of HSM physical attacks: That's another issue altogether, and does not stop at the HSM. But normally that's not an attack you defend against, because you have the relevant contractual obligations against your infrastructure provider.)
I promise not to ask about downvotes again. But the question was honest; if I'm wrong I want to know it.
Why do you think banks don't use HSMs? They do. They are off the shelf products. If it's the "correct" solution to your problems depends on what your problem actually is.
In this case Cloudflare apparently thought it was the right solution in theory but developed their own instead of using existing products and/or standards. I don't know the rationale for this, but I'd be interesting in knowing more, as you can read in my comment above.
I don't know why I should point out that Cloudflare did the wrong thing. Perhaps you are confusing me with someone else?
What I did say is that the alternative to the described solution is to use a HSM, and that their solution should offer equivalent security.
You said "There is no practical improvement here.".
If CloudFlare has not done something wrong, then why did you say that?
Before you answer that question, remember: A hypothetical solution is not a practical solution. A practical solution is always a practical improvement over the case where there was no existing practical solution offered.
And before you say "They should have used HSMs", remember: CloudFlare has made it clear that HSMs being under their control was simply not an option. It was clear in their first blog post, and just for good measure, it was made absolutely explicit in an interview with Ars[0] where CloudFlare's CEO said "there’s no vault we can ever build that they’ll trust us with their SSL keys".
That was in response to: "It is a huge improvement. Nobody can impersonate the bank without the bank's cooperation."
And that is not true. The alternative is not to let other organizations impersonate you without your cooperation. That is very clear from the article. Storing plaintext keys with Cloudflare was never on the table. That's not why they built it.
There reasons to why Cloudflare built their own, probably good ones because Cloudflare employs some talented people, and I would think they have to do with the scale Cloudflare operates at.
Network attached HSMs are off the shelf devices. If you've worked with PKI, you've seen them. And that is what they would have went with if they hadn't built this. If it was right or wrong to go with a home-grown HSM instead of an off the shelf one is not something I could possibly know -- but I know it's not a "huge improvement in security" to build your own. The fact that is offers comparable security is probably why the bank chose it.
If there is one thing to take away from the article, it should be: Don't invent your own security protocols. Buy off the shelf devices. If you really need to build your own, this is how.
Please summarize the differences between this protocol and PKCS instead of downvoting.