SentryBay to demo new method of securing mobile data at Infosecurity Europe.
Technology creates new secure channel for communications between a secure keypad and mobile applications.
Key problems exist in the use of system keyboards on all smartphones where data typed is sent in clear text to the cloud (to support predictive text) and to the host application requesting the key entries. Malware residing on the phone can intercept and steal keystrokes – stealing passwords, identity information and financial information. No applications are immune to this issue as they require data to be sent from the keyboard – which operate in a separate process to the application.
SentryBay have created a secure keypad that can be used as the default system keypad on the device for use with all applications, or embedded within an application. When embedded, the technology creates a new channel for communication of the keystrokes to a host application, where keystrokes are encrypted within the keypad and only decrypted when successfully received by the host application. To further improve security, fake random characters are streamed through the conventional communication channel - fooling an attacker into thinking they have obtained the actual keystrokes. This technology is patented to SentryBay.
The secure keypad also ensures that no data is sent to the cloud, and provides other key security features such as screen capture protection, jailbreak detection and anti-tap jacking.
Chief Operations Officer, Marcus Whittington says “SentryBay has developed numerous mobile security apps, but we believe this technology, in particular, plugs a key security hole in the mobile data ecosystem. While this technology will be used within numerous proprietary solutions, it has widespread application for major app developers looking to secure their mobile e-banking, e-commerce and security apps. The system-wide keyboard can be utilised to secure key entries into any application on a mobile device.”
This embedded application will be delivered via a SDK which allows developers to build the secure keypad and communications protocols into any native application. SentryBay will be at Infosecurity Europe in London from June 2-4, 2015 to meet with prospective OEM Partners that want to add the SentryBay technology to their product-set and solutions.
Download PDF version