All software uses cryptographic keys to encrypt outgoing and decrypt incoming communications containing sensitive data. But cryptography alone is not sufficient. Today cybercriminals are not trying to break this advanced algorithm; they are focused on stealing the keys. And most cryptographic implementations are vulnerable because they do not account for hostile environments. Even the strongest encryption methods fail when cryptographic keys are compromised.
Zimperium zKeyBox leverages white-box cryptography to protect keys and secrets within your mobile application. It transforms and obscures cryptographic algorithms so that keys never appear in the clear and the execution logic is untraceable. Your keys cannot be extracted—even if the device itself has been compromised.

How Cyber Criminals are Stealing Keys

Exploit poor Key Management practices

Exploit hardware-based security storage

Inspect apps in an execution environment under their control

Use malware to steal keys from device memory

Exfiltrate keys embedded in the source code

Compromising unsecured cloud storage
Why Zimperium?

Protect any standard or
custom cryptographic algorithm.

Protect your keys
on any platform.

No dependency on
hardware provided by the
underlying platforms.

Pentested regularly to
support regulatory compliance.
(PCI, EMVCo, etc.)

High Performance
Avg. Signing Speed = <250 ms
Avg. Library Size = 1 MB

Deep cryptographic
expertise to guide every
step of your deployment.
Download our whitepaper on White-box Cryptography
Learn how our technologies keep software secure on multiple platforms.
Platforms Supported













“Security and risk management leaders must take due care in protecting their application
clients to avoid turning a promising software design trend into a security failure.”
– Gartner’s Market Guide for In-App Protection Report
(July 3, 2019; Dionisio Zumerle and Manjunath Bhat)