Reliably Protecting Data and Devices

Governments, enterprises, banks, and industry demand high-end security to protect their assets. The growing number of IoT devices need to be secured against interception of data transfer and hacking of control systems. But even trusted security solutions like management engines, smartcard chips, or secured CPUs prove to be imperfect. An upgradeable security solution based on exchangeable hardware cryptography and standard interfaces is the solution to update systems to an always-state-of-the-art security level. Swissbit‘s security solutions offer smart card functionality coupled with NAND flash storage. Systems with SD card or USB interface can easily be updated to the protection level of a smart card chip.

Industrial IT Security Products

Security Technology and Services

The security product series in USB, microSD, and SD form factors addresses the growing demand for mobile, portable and industrial security. The products offer tangible hardware security in the same manner as the plug and play approach. They offer unique hardware security which is very suitable for retrofit and updates in the field.

For various markets, Swissbit offers a broad set of security use cases. The flash memory can be used by any host to store data on the cards at high speed. Additional security functions of the card can be activated to protect any data.

Valuable data such as sensitive files, emails, photos, OS images, firmware updates, log files, and audit trails can be protected by encryption, access protection, or made resistant to tampering by digital signature based on secure elements. Voice and video calls as well as data streams for M2M communication can be protected by the card in high speed.

Swissbit offers product-related services:

• security firmware and drivers
• logo printing
• optical and electronic personalization
• design-in of consigned smart card chips

As well as extended services:

• security consulting
• security training
• customer support
• design-in support
• computer consulting
• connection with eco-system partner network for turnkey solutions and quick time to market

Swissbit Data Protection Devices

The Swissbit DP version is based on a flash controller with AES encryption engine and a sophisticated security firmware. The firmware defines the key for the data encryption and the access rights. Unless the host transmits the correct key, access is restricted or prohibited. With a configurable retry counter the firmware tracks invalid key entries and blocks all future requests to the storage, effectively prohibiting a brute-force attack.
The DP firmware hides disabled partitions and manages various access profiles and user / administrator keys.

 

For managing the access rights, a Swissbit configuration tool is available. Alternatively, the host OS or BIOS can implement a key management tool and communicate with the DP product via a Swissbit API, which relieves the need for low level access to the Swissbit DP device.

Host access to a Swissbit DP device

Swissbit Secure Element Devices

The Swissbit DP version is based on a flash controller with AES encryption engine and a sophisticated security firmware. The firmware defines the key for the data encryption and the access rights. Unless the host transmits the correct key, access is restricted or prohibited. With a configurable retry counter the firmware tracks invalid key entries and blocks all future requests to the storage, effectively prohibiting a brute-force attack.
The DP firmware hides disabled partitions and manages various access profiles and user / administrator keys.

 

For protection on system level, the host needs to implement the required security functions. Swissbit provides an API (application programming interface) which, together with a PKI package (public key infrastructure) supports standard security calls with a standardized programming model. This allows implementation of secure communication channels, protection of mass storage or user authentication.

The Swissbit Secure Element device is the main key storage and can also be used as a protected storage element.

Host access to a Swissbit DP device

Security Editions

 

Recommended for encryption and access protection of stored data.

 

Recommended for protecting data and systems by providing secure key storage (PKI) through a secure element.

 

Premium Edition comprises the features of “Data Protection Edition” with the “Standard Edition” to provide full protection of data and systems.

Security Features

Swissbit security products enable system manufacturers to reliably protect data and devices. Therefore, they must incorporate cutting-edge security technology and latest security features.

true random number generator (TRNG) True hardware RNG

True random numbers are generated inside the secure element to prevent brute force attacks.

True hardware RNG

Digital signature & verification Digital signature & verification

Digital signatures are very popular and inevitable to protect against data or code manipulation.

Digital signature & verification

Hardware-based data encryption Hardware based data encryption

Hardware based security is key when it comes to replaceability, simple workflows, and trusted runtime environments.

Hardware based data encryption

Mobile banking / e-purse / e-wallet Mobile banking & e-purse

Strong authentication and offline security for mobile banking and payment.

Mobile banking & e-purse

Device protection by dual factor authentication Device protection by dual factor authentication

The user needs to have the card and know the PIN.

Device protection by dual factor authentication

Secure voice solution Secure voice solution

The product is optimal for fast, encrypted, and user friendly secure voice solutions.

Secure voice solution

Elliptic curve cryptography support (ECC) Elliptic curve cryptography support

Elliptic curves are faster and more efficient than RSA cryptography.

Elliptic curve cryptography support

Data protection & encryption Data protection & encryption

The card offers a data safe function with strong AES encryption and PIN access protection.

Data protection & encryption

Secure logging Secure logging

Any data can be stored securely in write-once mode, queue mode, or random-access mode.

Secure logging

Secure CD-ROM Secure CD-ROM

Important data can be modified only after PIN authentication.

Secure CD-ROM

Swissbit Security Trailer