Connected devices are being used to access increasingly sensitive services, dramatically increasing the risk for application developers and service providers.
Service providers need to ensure the integrity of their applications, but ubiquitous security has been hard to achieve as consumers are using a wide range of devices and operating systems. Every device has different security features and developing an app tailored for each is not sustainable. Many service providers would also prefer to secure their apps with hardware, as it is security best-practice, but accessing it on devices has been a challenge so software protection is currently their only line of defence.
Trustonic Application Protection (TAP) solves these issues by:
- Giving app developers access to Trusted Execution Environment (TEE) hardware security features on over 1.7 billion devices (and counting) worldwide.
- Securing apps, code, keys and data with leading software protection, based on white box cryptography and advanced code protection technology, on every device.
Using Trustonic’s common API set, apps only need to be developed once. They then benefit from the best security available on each device, with hardware security always prioritized where available.
How does Trustonic give developers access to hardware security in over 1.7 billion devices?
For the last five years, Trustonic has been working with chip and device manufacturers to embed its TEE technology – the Trustonic Secured Platform (TSP) – into billions of devices. Importantly, as TSP is the only ‘open’ TEE technology available, by using Trustonic’s APIs app developers can access the hardware security services offered by the TEE.
What is a Trusted Execution Environment (TEE)?
Trusted Execution Environment (TEE) device security technology offers a secure operating system that is isolated from the device OS (e.g. Android), making it, and trusted applications residing in it, highly protected from software threats and hacking. The TEE is used by the OEMs to secure system services such as DRM and biometric sensors, but can also be used by service providers, post deployment, to secure their apps.
Trustonic’s TEE also delivers a trusted user interface (TUI), which ensures rogue applications can’t see information on the display or access the touchscreen. This enables features such as secure passcode or PIN entry to be performed without the potential for credentials to be exposed. It also enables applications to display secure messages to users, safe from snooping apps.
What is software protection?
Software protection utilizes a set of techniques to protect sensitive assets in an application and to detect potential attackers. Whitebox cryptography is a special way of implementing cryptographic algorithms to protect confidential information, including encryption keys. Code protection measures are also delivered, including code obfuscation, anti-debug protection and jailbreak and root detection.
Trustonic’s software protection is certified to FIPS 140-2, offers Java Android and Native C protection, is tuned to deliver the lowest performance impact and comprises advanced tools to define application security and performance.
Click here to contact Trustonic and learn how TAP can protect your apps and services on any device.