Mobile Application Security

Cryptographic Key Protection

zKeyBox

Protect Keys Even on Compromised Devices

Zimperium's Cryptographic Key Protection, part of the Mobile Application Security Platform, uses white-box cryptography to secure encryption keys within mobile applications—ensuring they are never exposed in plain text or accessible to attackers. By transforming the key, Zimperium's Key Protection prevents unauthorized decryption, transaction forgery and access to DRM-protected or licensed content.

Unlike hardware-dependent solutions, Zimperium's Key Protection is hardware-agnostic, delivering consistent protection across all devices. Keys remain secure at rest, in transit, and in use—even on compromised devices.

Cryptographic Key protection

 

CASE STUDY

A leading media firm leveraged Zimperium’s Key Protection and App Shielding capabilities to bolster its security, proactively safeguarding licensed content from malicious attacks aimed at piracy, unauthorized access, and data theft.

phone_app_steam_float1A

Why Look Beyond Standard Encryption

icons_24_lock_orange_500px
Keys Are Never Exposed

Keys remain secure during storage, transit, and use—even on compromised or rooted devices

icons_24_phoneshield_orange_500px
Secure on Compromised Devices

Perform cryptographic operations safely on jailbroken, rooted, or insecure environments

icon_24_compliance_orange_500px
Compliant Key Handling

Supports PCI-DSS, DUKPT, TR-31, and separation of cardholder and PIN data

icons24_shield_check_orange_500px
Hardware-Agnostic Security

Strong protection without relying on Secure Enclave, Android Keystore, TPMs, or other TEEs

Protect any cryptographic scheme using algorithms such as AES, 3DES, RSA, ECC, HMAC, etc. 

Supports Linux, Windows, macOS, Android, iOS, tvOS, watchOS, Xbox, PlayStation, WebAssembly, and others.

Our UI makes it easy to design a schema and define key usage rights to mitigate API misuse. 

View the diagram

Our UI simplifies schema design and auto generated white-box code, accelerating implementation and reducing manual coding effort.

Plug-and-play replacement for standard cryptographic libraries. Easy to use APIs as there are no excessive parameters to specify.

 

key

 

Prebuilt Protection Modules:

Choose from three ready-to-deploy modules, each available as a standalone purchase or as a part of Cryptographic Key Protection.

 

noun-checkmark-6681150 Secure PIN

Android library that secures POS PIN entry with white-box cryptography, keeping PINs hidden even on compromised devices while supporting DUKPT, TR-31, and PCI-DSS compliance. 

noun-checkmark-6681150 Secure Network

White-box protected OpenSSL library that secures TLS private keys, preventing interception, impersonation, and tampering of encrypted communications.

noun-checkmark-6681150 Secure Database

A white-box protected library that secures the encryption key and ensures the key is never exposed in plaintext, even while in memory or during read and write operations.

 
 

Explore Related Content

Case Study - Orange
zKeybox's pivotal role in LINE's Security Infrastructure
MAPS
Zimperium Mobile Application Protection Suite
Blog
Top 5 Cryptographic Key Protection Best Practices