Securing Mobile Apps
In recent years, we’ve seen explosive growth in the use of mobile devices to interact with sensitive data, enterprise apps, and critical infrastructure. This proliferation in mobile device usage offers tremendous benefits for individuals and businesses—and it also introduces unprecedented risks. While many mobile devices and apps employ encryption, these implementations can be vulnerable.
One way to protect cryptographic keys is to use the hardware means of the underlying platform, such as an HSM. That, however, is not available on all devices and different devices offer different features and APIs to access the hardware-backed cryptographic services.
By employing white-box cryptography with zKeyBox, teams can employ strong key security that is hardware agnostic and guards against the vulnerabilities posed by unsupported hardware and compromised devices. This solution transforms and obscures cryptographic algorithms so that keys never appear in the clear and the execution logic is untraceable. Consequently, keys cannot be extracted—even if a mobile device has been compromised.