Network security is one of the key issues to be addressed in every IT strategy. Behind the firewall there are strict rules in place to block out potential intruders, maintain data integrity, and prevent critical information from falling into the wrong hands. In view of the growing risk associated with theft and misuse of sensitive data, a corporate network without precisely defined access policies has almost become an impossibility.At the same time, the increasing use of mobile applications on PDAs and smart phones, in particular when linked to corporate applications, leads to the emergence of a whole new set of risks. Ensuring toplevel network security without sacrificing the advantages of mobile communications is one of the key challenges to IT administrators today.

Our Solution

The certgate Smartphone Protector - based on the certgate SmartCard microSD - offers comprehensive hardware-based security for all mobile devices with a microSD card slot.

The certgate SmartCard – in the shape of a microSD flash memory card – reliably prevents unauthorized access to, and tampering with, the data and applications on your mobile device. The combination of a flash memory with a highperformance, common-criteria-evaluated cryptographic processor makes it possible to generate and store digital key pairs (RSA 2048 Bit) and certificates.

• Reliable protection against unauthorized access, even if the device is lost, through encryption of all user data
• Encrypted storage of sensitive data in the flash memory of the certgate card Read-only system components and configuration data
• Use of own application signatures for maximum security
• Protected access to certgate SmartCard by means of SmartCard PIN
• Secure email encryption
• Access to protected network through VPN channel by using personal certificates stored on certgate SmartCard
• Access to secure websites via SSL protocol or ex­change servers by using personal certificates stored on certgate SmartCard
• Smartcard log-on and access to device also possible during boot-up
• Tamperresistant activating and deactivating of device interfaces and drivers; Bluetooth, WLAN, Ac­tiveSync-USB/RNDIS, IrDA, camera; blocking of ports, etc.
• Tamper-proof activating and deactivating of device applications and functions; blocking of ports, config SMS, auto-updates, numerous possible configurations, etc.

Your Advantages

The certgate Smartphone Protector combines top-level security with the advantages of miniaturization and the use of universal standards. It enables you to implement your organization's security policy on the mobile devices that your executives and field staff have in daily use.

Proven encryption mechanisms, the separation between knowledge (PIN) and possession (smartcard) and the tamperproof device configuration together offer a maximum security potential.

The result is a series of advantages for the implementation of your security architecture:

• Fast and economical integration of mobile devices in your organization's security infrastructure
• Identical or even higher security level for usage of mobile applications and for mobile network access
• Security level individually scalable – up to the level needed for top-security zones
• Use of any security applications compatible with conventional smartcards also for mobile devices
• Insertion into normal card slot (SD, miniSD, microSD) of mobile devices under Windows Mobile – no additional drivers needed
• No replacement of terminal devices (smartphones, PDAs, laptops, etc.) required
• No additional cost for card readers or any special mobile devices
• Certificates stored on certgate card also usable on desktop PCs, directly or via adapter
• Limited administrative effort required for one-time configuration of certgate application to comply with internal security policies
• Maximum possible security for user, application, and corporate data Safe initial authentication of user
• Single sign-on to check user's authorization.)

Standards

• SD specification: 1.1 and microSD^TM Addendum 1.1
• Smartcard chip: NXP P5CC072 smartcard controller; Common Criteria EAL5+ certificated
• On-card secure random number generator; FIPS PUB 140-2 and BSI AIS 31 compliant
• On-card RSA 2048 bit security algorithms
• Enhanced 80C51 microcontroller (Secure_MX51/NXP)
• ISO7816 interface for APDU transfer between smartcard and SD controller
• Smartcard operating system: JCOP^TM 2.3.1 (Common Criteria EAL4+ certificated), JavaCard^TM 2.2.1
  and GlobalPlatform^TM 2.1.1 compliant
• High resistance against SPA/DPA counter measure attacks; BSI DSZ CC 0227 compliant

 
  List of supported devices