Dedicated hardware is the magic keyword to get access to a new level of mobile security and of protection against privacy intrusion, identity theft, and many other forms of fraudulent data and identity misuse which can be commited by using state-of-art mobile communication equipment and malign applications available to almost everyone - read more on how to get protection by the Secocard platform.

Dedicated hardware is the magic keyword to get access to a new level of mobile security and of protection against privacy intrusion, identity theft, and many other forms of fraudulent data and identity misuse which can be commited by using state-of-art mobile communication equipment and malign applications available to almost everyone - read more on how to get protection by the Secocard platform.

Many attempts have been made to add something to an off-the-shelf smartphone, tablet and PC product which the manufacturer more or less arbitrarily failed to add – security. A smartphone running Windows Mobile had the built-in capability to sign, encrypt and decrypt email message based on the S/MIME standard. Only the certificate to ensure security was stored within the phones registry – a place to found and exploited by an expert intruder within a few minutes. The latest iOS based devices have the same capability – to the same effect: nice feature, no effective protection.

These are only two of a myriad of existing examples that the handset and computer manufacturers could not actually care less about protecting their users’ privacy, their data and their voice dialogs. And one must add: for whatever reason they do not care about protection makes no difference – it has to be added by third parties.

In most cases these security adding attempts were led by the idea of virtualizing the OS, controlling the interfaces, and adding applications which do things the original OS will not provide.

Many of these attempts were based on using software, but we all learned over time that software cannot protect software. Some security developers used hardware extensions, or tried to make use of Secure Elements already present inside the device – this is mainly the way handset manufacturers try to support their own payment solutions. Unfortunately third parties cannot do that to an extent sufficient to be secure. The same is true when trying to use the SIM card - there is only limited access without full support by the device vendor, leading to full dependency and to solutions which need to be redone for every make and every new model.

Since there are no common standards for smartphones and tablets, you will have to do it over with every new model anyway, however well designed your solution may be – and we k now what we are speaking about because we did exactly that with the so-called “Merkelphone”.

So the obvious idea is – create a token which can speak with the smartphone or tablet over standard interfaces – only that the token is secure, it has a limited set of things it is designed t do, it has no own OS which is meant to support a broad variety of applications and thus would support the traitor app just as well as the protection app.

The token needs to be small – just as big that it can take a ID1 card – a credit card, a German Neuer Personalausweis (ID card), a corporate card or whatever medium you may use to carry your personal Secure Element – and it needs to either read its chip or speak with the card via NFC communication.

To fully meet these rather tough requirements Empelor created Secocard – a device just big enough to slide an ID1 card entirely inside its body for reading, while the same card can instead be read through NFC just the same if supported by the card. You can even use the device’s internal Secure Element if your processes allow.

For secure online banking purposes, it can run the part of the dialog with the bank’s back end data center which is critical for the bank customers security because Secocard has a screen and its screen has a touchpad type of keyboard – so for the first time you only sign what you see and not what a trojan application makes you believe will be the outcome of your intended transaction and you give your O.K. to some hidden background process which transfers funds from your account to someone you do not owe any money at all.

The Secocard platform can host customized applications which serve all major security purposes like electronic signatures, encryption and decryption of email and chat messages including secure display of decrypted texts on its capacitive touch screen which cannot be accessed from any unwanted external program or process. Also voice communication can be encrypted and decrypted using the integrated headset jack, transferred in encrypted mode only to the smartphone for transport through a VoIP channel, with Secocard maintaining a secure contacts list which is inaccessible from the smartphone for encrypted calls.


Our Security Platform in Pictures