GS Logo
The Green Sheet, Inc

Please Log in

A Thing

Wednesday, September 13, 2017 — 13:46:30 (EDT)

Trustonic completes FIPS 140-2 certification

Cambridge, U.K., Sept. 11, 2017 – Trustonic’s cryptographic library has been validated in line with the Federal Information Processing Standard (FIPS) 140-2. This new certification ensures that apps developed using Trustonic’s security technology meet the stringent security requirements implemented by both the US government and other regulated industries.

“As BYOD initiatives expand, devices such as smartphones and tablets are being used to access and share government information,” comments George Kanuck, SVP of Sales and Marketing, Trustonic. “Keeping this data secure presents challenges, especially if employees are able to use their own devices. Now, service providers using Trustonic’s FIPS-certified crypto library can be sure that their apps are protected by the highest levels of hardware security. This enables them to work with government agencies and organizations, whose security requirements are, necessarily, strict.”

The National Institute of Standards and Technology (NIST) issued FIPS 140-2 to coordinate the standards for cryptography modules that include both hardware and software components. The standard relates to services that collect, store, transfer, share and disseminate sensitive information.

Already embedded into more than one billion devices, Trustonic’s Trusted Execution Environment (TEE)* hardware security technology offers a secure operating system, isolated from the normal device operating system. This makes it, and trusted applications residing in it, immune to all software threats resident on the device and enables advanced device security, such as biometric authentication and secure PIN entry. A unique Root of Trust, also embedded into the devices ensures that a trusted identity is preserved, preventing fraudulent use or cloning.

“Governments are increasingly focused on cybersecurity and hardware protection is central to the fight against hacking and fraud,” added Kanuck. “This is where our open TEE technology comes into its own. Uniquely, third-party apps, like secure messaging, can be provisioned after the handset or device has been deployed, which means that they too can benefit from secure isolation. This certification demonstrates our commitment to ensuring the highest levels of security for governments and enterprises across all devices and services.”
This achievement follows news earlier this year that Trustonic’s TEE product was the first to receive Common Criteria security certification. To find out more about Trustonic, visit the website and blog.

* The TEE is a secure area of the main processor in a smart phone (or any connected device) that ensures sensitive data is stored, processed and protected in an isolated, trusted environment. The TEE's ability to offer isolated safe execution of authorised security software, known as 'trusted applications', enables it to provide end-to-end security by enforcing protection, confidentiality, integrity and data access rights. The TEE offers a level of protection against software attacks, generated in the Rich OS environment. It assists in the control of access rights and houses sensitive applications, which need to be isolated from the Rich OS.

About Trustonic
Trustonic is a venture formed in 2012 by blue chip leaders in the semiconductor industry (ARM) and digital security (Gemalto). Trustonic’s mission is to protect, enrich and simplify people’s digital lives by enabling optimum security on all smart connected devices and associated services and applications. Trustonic has already pioneered the adoption of advanced Trusted Execution Environment (TEE) security technology into the world’s leading mobile devices, such as those from Samsung, vivo, OPPO, Xiaomi, LG, Meizu and Gionee, and has working solutions today underpinning Samsung Knox, Samsung Pay, Alipay and Symantec VIP.

Source: Company press release.

List by Date | Search

Spotlight Innovators:

North American Bancard | USAePay | Super G Capital LLC | Humboldt Merchant Services | Impact Paysystems | Electronic Merchant Systems