Trustonic Application Protection (TAP) is a unique mobile security solution, delivering the most secure level of protection for any given device.
TAP delivers a combination of software and hardware based security to service providers, delivering optimal security for apps and associated sensitive data.
Hardware based security has always been most secure method, but traditionally has been costly and difficult to deploy. TAP makes use of ARM TrustZone technology to deliver a Trusted Execution Environment (TEE) available on over 700 million handsets today; if the handset in use does not support the Trustonic TEE, then best of breed software security technology will be used delivering white-box and anti-tamper technology.
Achieving optimal security efficiently and simply is crucially important from a development perspective, which is why ease of deployment is at the heart of the TAP proposition.
The benefits brought forward by TAP are possible through a combination of important protection technologies:
- Unique hardware roots of trust
- Hardware based Trusted Execution Environment (TEE)
- Whitebox software based cryptography
- Software code protection and anti-tamper technology
Developers using Trustonic Application Protection only need to integrate with a single, Global Platform (http://www.globalplatform.org) compliant API, but will see their code protected and deployed using the “highest available” methodology on each device:
- When the application is installed on a device which runs the Trustonic Secured Platform (TSP), the application uses the Trustonic TSP hardware security solution to protect the app and associated assets.
- When the application is installed on a device which doesn’t have the Trustonic TEE, the application will revert to software-based protection based on market leading white box cryptography and code protection.
Trustonic Application Protection provides applications with the very best security available on each given device. The flow from code architecture to customer deployment is captured in the diagram below:
Another benefit Trustonic Appication Protection brings to developers is the ability to use the same source code to protect any given software application across multiple platforms. Developers only have to use a single API to protect their applications and Trustonic Application Protection automatically selects the most appropriate security technique depending on the device capabilities.
Developers simply identify the sensitive parts of their code they would like to protect via the Trustonic API. The Trustonic Application Protection SDK compiles the Trusted Application and creates different binaries for each platform. The developer then packages the Trusted Application and publishes the application on the app stores using the business-as-usual processes.
As an additional layer of perimeter security, app developers can also choose to utilize the code protection and whitebox cryptography technologies to protect the “normal” world code base.
In summary, Trustonic Application Protection makes it easy to protect and deploy security-sensitive software applications using a single tool and single API, and is initially available for both Android and iOS based devices.