Encrypted communication -secure and simple!
01The encryption problem
02The ideal solution
But what is the ideal solution to this problem, especially for companies with very sensitive customer relationships, such as lawyers/notaries, tax advisers/auditors, doctors, business consultants or banks? The following are defined as important criteria for the encryption solution in practice
- Team-oriented encryption; easy administration of access rights even in large teams
- A uniform system for all desktop and all mobile devices, including Android and iOS
- Installation of software, certificates etc. on end devices is not necessary
- 2-factor authentication at the level of mobile devices for maximum security
- True end-to-end encryption (no back door); identity change (man-in-the-middle attack) through the absence of the first protocol level must be ruled out.
Such a solution did not exist on the world market!
03The technical concept
The IT company AccXess IT-Systems GmbH from Schleswig had already made a name for itself in the security sector. It developed and brought to market a process for secure, truly complete end-to-end encryption for Windows desktops in the form of its iMUNIQE technology. The core of this system is a double backup by means of a password and USB token. The market challenge was now to create a uniform solution across all operating systems. This set the additional challenge of using a contactless token, as many mobile devices no longer have USB ports.
04Development and funding
A token has now been developed that is about the size of a USB flash drive but is used contactlessly via NFC or Bluetooth. This token is not just some “dumb” drive that stores the key, but is itself a small computer. The encryption and decryption is not done on the PC, mobile phone or tablet, but on the token, which then makes the encrypted data available to the device once more.
The system has several advantages. For one thing, no software has to be re-installed when a device is changed. The token can be used without any hassle by several end devices. And, decryption on the end device cannot be done if the token is not nearby - an important feature at some border controls.
The development project was funded using funds from the federal government. The Central Innovation Programme for SMEs (ZIM) was used for this purpose.