Reliably Protecting Data and Devices

Digitalization and the growth of networked devices in the Internet of Things (IoT) are driving great demand for secure memory products as well as for the security solutions. The most valuable asset in the future is data. Swissbit's key responsibility is to protect data and devices reliably. By combining its proven technical expertise in cyber security and in highly integrated 3D packaging, Swissbit is able to offer innovative and durable solutions for industrial, security and IoT applications.

Swissbit offers SD and microSD cards, USB sticks and, in future, also eMMCs with integrated security features and special firmware functions developed for security requirements such as encryption and tamper-proof storage.

Security Technology and Services

The security product series in USB, microSD, and SD form factors addresses the growing demand for mobile, portable and industrial security. The products offer tangible hardware security in the same manner as the plug and play approach. They offer unique hardware security which is very suitable for retrofit and updates in the field.

For various markets, Swissbit offers a broad set of security use cases. The flash memory can be used by any host to store data on the cards at high speed. Additional security functions of the card can be activated to protect any data.

Valuable data such as sensitive files, emails, photos, OS images, firmware updates, log files, and audit trails can be protected by encryption, access protection, or made resistant to tampering by digital signature based on secure elements. Voice and video calls as well as data streams for M2M communication can be protected by the card in high speed.

Swissbit offers product-related services:

• security firmware and drivers
• logo printing
• optical and electronic personalization
• design-in of consigned smart card chips

As well as extended services:

• security consulting
• security training
• customer support
• design-in support
• connection with eco-system partner network for turnkey solutions and quick time to market

Swissbit Data Protection Devices

The Swissbit Data Protection (DP) devices are based on a flash controller with AES encryption engine and a sophisticated security firmware. The firmware defines the key for the data encryption and the access protection. Unless the host transmits the correct keys, access is restricted or prohibited. Different partitions can be defined with Read/Write access rules. With a configurable retry counter, the firmware tracks invalid key entries and blocks all future requests to the storage, effectively prohibiting a brute-force attack.

The DP firmware hides disabled partitions and manages various access profiles and user / administrator keys.

Swissbit DP version of an microSd card

For managing the access rights, a Swissbit configuration tool is available. Alternatively, the host OS or BIOS can implement a key management tool and communicate with the DP product via a Swissbit API, which relieves the need for low level access to the Swissbit DP device.

Host access to a Swissbit DP device

Swissbit Secure Element Devices

The Swissbit Secure Element devices , such as the Standard Edition (SE) and Premium Edition (PE), are based on a dedicated secure element, which communicates with the Flash controller through an ISO 7816 port. The Flash controller is equipped with an AES encryption engine and a sophisticated security firmware. In addition to the DP features, the Secure Element serves as a root of trust and protected key storage.

The retrofittable Swissbit Secure Element devices provide security functions comparable to a trusted platform module (TPM) and are the central elements for implementation of system security.

Swissbit DP version of an microSd card

For protection on system level, the host needs to implement the required security functions. Swissbit provides an API (application programming interface) which, together with a PKI package (public key infrastructure) supports standard security calls with a standardized programming model. This allows implementation of secure communication channels, protection of mass storage or user authentication.

The Swissbit Secure Element device is the main key storage and can also be used as a protected storage element.

Host access to a Swissbit DP device

Security Editions

Swissbit provides easy-to-integrate and retrofittable hardware-based security products together with software development kits (SDK) and customization services, enabling manufacturers to offer systems with secured devices, secure data storage, and secure data communication.

 

Data Protection Edition

Standard Edition

Premium Edition

 

Recommended for encryption and access protection of stored data.

 

Recommended for protecting data and systems by providing secure key storage (PKI) through a secure element.

 

Premium Edition comprises the features of “Data Protection Edition” with the “Standard Edition” to provide full protection of data and systems.

Security Features

Swissbit security products enable system manufacturers to reliably protect data and devices. Therefore, they must incorporate cutting-edge security technology and latest security features.

True hardware RNG

True random numbers are generated inside the secure element to prevent brute force attacks.

True hardware RNG

Digital signature & verification

Digital signatures are very popular and inevitable to protect against data or code manipulation.

Digital signature & verification

Hardware based data encryption

Hardware based security is key when it comes to replaceability, simple workflows, and trusted runtime environments.

Hardware based data encryption

Mobile banking & e-purse

Strong authentication and offline security for mobile banking and payment.

Mobile banking & e-purse

Device protection by dual factor authentication

The user needs to have the card and know the PIN.

Device protection by dual factor authentication

Secure voice solution

The product is optimal for fast, encrypted, and user friendly secure voice solutions.

Secure voice solution

Elliptic curve cryptography support

Elliptic curves are faster and more efficient than RSA cryptography.

Elliptic curve cryptography support

Data protection & encryption

The card offers a data safe function with strong AES encryption and PIN access protection.

Data protection & encryption

Secure logging

Any data can be stored securely in write-once mode, queue mode, or random-access mode.

Secure logging

Secure CD-ROM

Important data can be modified only after PIN authentication.

Secure CD-ROM

Swissbit Security Trailer