Application Security

Applications need to be protected against malicious actors, both those targeting the application itself or the Android/iOS platform. Unlike competing solutions, our product adapts to give the best security possible on each device, depending on that device’s inherent capabilities.

For apps running on a device with a Trustonic TEE, or a TEE from one of our partners, our solution offers unparalleled application security, with critical code running directly in a secure OS and entirely isolated from Android malware. For other devices, we leverage world class software security, including WhiteBox cryptography, to provide a software TEE running exactly the same application code.

Our solution is ideal for high value applications which handle either financial or personally sensitive data. We work closely with evaluation labs to enable our customers to deliver EMVCo and PCI compliance and to ensure their solutions remain GDPR compliant.

Biometric
information

Strong identity

Trusted
applications

Storage

Independent & verified

How our Application Security works

We believe there is more to security than providing a barrier to attack. Our customers need access to high level, security-focused APIs, and we provide a rich set of capabilities based on industry standards.

Application protection for critical apps

Our approach is to focus on isolating the security-critical parts of the application and targeting our efforts on securing them, whilst applying a broader brush approach to the rest of the application logic. The critical code is run in an Trusted Execution Environment (TEE). On many devices, we utilize the hardware TEE provided by Trustonic or one of our partners. On other devices, we bundle a software TEE which heavily obfuscates and protects the critical code from attack.

APIs and features we provide

Both hardware and software TEEs provide a rich API suite. Our solution delivers the best user experience, regardless of the capabilities of the end-user device. Developers can employ the very latest application security and user-experience features, knowing that these will be delivered to optimise the performance of the application.

Biometrics
OTA provisioning
Trusted User Interface
Key store
Crypto

Related articles