Category

News & Updates

With a FIDO Certified Server, your data is safe with us.

Tellaro, a FIDO Certified Server

By | News & Updates

At RSA 2018 in San Francisco, StrongKey announced the newest addition to its suite of cryptographic wonders: The Tellaro, a FIDO Certified Server appliance.

April 10, 2018

Contact:

Public Relations

press@strongauth.com

(408) 331-2000

StrongKey Announces New Security Solution: The Tellaro

The Tellaro packages enterprise security in an appliance for small and medium businesses and satellite offices.

StrongKey (formerly StrongAuth) announces plans to introduce the Tellaro, a security appliance with a FIDO Certified Server solution included among many other capabilities to protect SMBs from ransomware, password, and phishing attacks.

The Tellaro—similar to its enterprise-proven sibling, KeyAppliance—enables web and mobile developers to smoothly integrate FIDO-based strong authentication, encryption, and digital signature-based transaction authorization into their applications, and equips businesses with security they need. The Tellaro will be debuted at the 2018 RSA conference in San Francisco, focusing on making available the same industrial strength technology used by StrongKey’s current government and enterprise customers worldwide, but at a price point designed for small to medium-size businesses, as well as branch offices and new startups.

Tellaro makes use of the StrongKey CryptoEngineTM (SKCE)—certified in 2015 by the FIIDO Alliance as a Universal 2nd Factor (U2F) FIDO Certified Server—to provide strong authentication to secure sensitive data. While the Tellaro server currently uses the FIDO U2F standard, StrongKey is committed to including a FIDO Certified Server implementation of the upcoming W3C standard for strong authentication, WebAuthn (a.k.a. FIDO 2.0), in the near future. In the meantime, Tellaro boasts a simple, programmable web service that can be integrated into web applications in fewer than two days.

StrongKey offers robust support for the Tellaro anywhere in the world.

Pre-orders and partnership discussions for resale and distribution are being accepted now for the Tellaro’s release later in 2018.

To learn more about the StrongKey Tellaro, visit https://strongkey.com/tellaro/. To read more about FIDO Certified Servers and WebAuthn, visit https://fidoalliance.org/.

Download StrongKey’s open-source CryptoEngineTM free at https://sourceforge.net/projects/skce/.

We've changed our name to StrongKey.

Attacks are evolving. We are too.

By | News & Updates

2018 promises to be a big year for StrongAuth and StrongKey. Much more news to come over the next few weeks, but the high level is this: StrongKey and StrongAuth (our parent company) have become one company, and we have concluded our Series A round of funding for $10 million.

Here’s the official announcement:

January 2, 2018

Contact:

Public Relations

press@strongauth.com

(408) 331-2000

StrongAuth Announces $10 Million in Series A Funding

Strategic investment will be used to grow the existing enterprise business and launch a new security product aimed at small businesses.

StrongAuth, Inc. announced today a strategic Series A investment of US$10 million into the business. The entire investment is from Systena Corp, a Japan-based software company, through its U.S. subsidiary, Systena America, Inc.

The investment will be used to:

  • …fuel growth of StrongAuth’s enterprise-focused business through expansion in Durham, NC, as well as overseas markets
  • …to launch a new product line—the StrongKey Tellaro—targeted at small and medium enterprises
  • …develop new modules for its products

Jake Kiser, CEO of StrongKey says:

“I am proud of the vision, tenacity, and desire to make the internet a safer place shared by Arshad, our team, and our technology. We are also excited for the partnership with Systena, who shares our vision of bringing security to those who need it most.

2018 will be an exhilarating year for us. On the enterprise side, we will be able to tell the StrongAuth story in a new way that will bring growth. And with the Tellaro, we are providing an unprecedented level of security to people who badly need it—and all for less than the price of their office photocopier.”

Mr. Katsuhiro Fuchinoe, CEO of Systena America, comments:

“We are very pleased to be part of the StrongAuth team through this investment. We don’t doubt its continued growth, its worldwide success, and a bright future for StrongAuth, and are looking forward to working closely with them.”

Arshad Noor, Founder and CTO of StrongAuth looks to the future:

“What will remain unchanged at StrongAuth are the extraordinary open-source data security solutions we create and the great customer support our customers have come to expect. We look forward to this evolution and continuing the journey through our next chapter.”

About StrongAuth/StrongKey

Founded in 2001, StrongAuth, Inc. is a privately held company based in Silicon Valley, CA and Durham, NC. It brings open-source cyber-security solutions to the market, with government and enterprise clients on six continents. The company has solved complex data protection problems while creating some of the most innovative and affordable solutions around cryptographic key management.

Providing products and services in Symmetric Key Management, Encryption, Tokenization, PKI, and FIDO-based strong authentication, StrongAuth is focused on securing data in the areas of cloud computing, e-commerce, healthcare, finance, and sectors mandating protection of sensitive data. StrongAuth’s solutions are installed at customer sites around the world and are key components of mission-critical business operations.

StrongKey is a member of the FIDO Alliance, a standards organization focused on making simpler and stronger authentication a reality on the internet.

For more information, please visit https://www.strongkey.com/

About Systena

Systena operates a Solution Design Business, as part of which they develop smartphone and web applications and provide a comprehensive range of support for planning, designing, developing, and operating online businesses for smart devices. They also operate a Framework Design Business, which develops backbone and peripheral systems for financial institutions and designs and builds application platforms.

Systena engrains business abilities for selling IT-related products to corporate customers, and provides total solution services that encompass planning, design, maintenance, and user support by combining the strengths of individual business segments, including the IT service, cloud, and consumer service businesses. The IT service business engages in systems operation and help desk; the cloud business offers cloud services and provides assistance with their introduction; and the consumer service business develops and offers gaming content for smartphones.

For more information, please visit https://www.systena.co.jp/eng/business/

 

StrongAuth is now StrongKey, but still provides cutting-edge security solutions.

Happy New Year—and Some Breaking News!

By | News & Updates

2018 promises to be a big year for StrongAuth and StrongKey. Much more news to come over the next few weeks, but the high level is this: StrongKey and StrongAuth (our parent company) have become one company, and we have concluded our Series A round of funding for $10 million.

Here’s the official announcement:

January 2, 2018

Contact:

Public Relations

press@strongauth.com

(408) 331-2000

StrongAuth Announces $10 Million In Series A Funding

Strategic investment will be used to grow the existing enterprise business and launch a new security product aimed at small businesses.

StrongAuth, Inc. announced today a strategic Series A investment of US$10 million into the business. The entire investment is from Systena Corp, a Japan-based software company, through its U.S. subsidiary, Systena America, Inc.

The investment will be used to fuel growth of StrongAuth’s enterprise-focused business through expansion in Durham, NC, as well as overseas markets; to launch a new product line—the StrongKey Tellaro—targeted at small and medium enterprises; and develop new modules for its products.

Jake Kiser, CEO of StrongKey says:

“I am proud of the vision, tenacity, and desire to make the internet a safer place shared by Arshad, our team, and our technology. We are also excited for the partnership with Systena, who shares our vision of bringing security to those who need it most.

2018 will be an exhilarating year for us. On the enterprise side, we will be able to tell the StrongAuth story in a new way that will bring growth. And with the Tellaro, we are providing an unprecedented level of security to people who badly need it—and all for less than the price of their office photocopier.”

Mr. Katsuhiro Fuchinoe, CEO of Systena America, comments:

“We are very pleased to be part of the StrongAuth team through this investment. We don’t doubt its continued growth, its worldwide success, and a bright future for StrongAuth, and are looking forward to working closely with them.”

Arshad Noor, Founder and CTO of StrongAuth looks to the future:

“What will remain unchanged at StrongAuth are the extraordinary, open-source data security solutions we create, and the great customer support our customers have come to expect. We look forward to this evolution and continuing the journey through our next chapter.”

About StrongAuth/StrongKey

Founded in 2001, StrongAuth, Inc. (now StrongKey, Inc.) is a privately held company based in Silicon Valley, CA and Durham, NC. It brings open-source cybersecurity solutions to the market, with government and enterprise clients on six continents. The company has solved complex data protection problems while creating some of the most innovative and affordable solutions around cryptographic key management.

Providing products and services in Symmetric Key Management, Encryption, Tokenization, PKI, and FIDO-based strong authentication, StrongKey is focused on securing data in the areas of cloud computing, e-commerce, healthcare, finance, and sectors mandating protection of sensitive data. StrongKey’s solutions are installed at customer sites around the world and are key components of mission-critical business operations.

StrongKey is a member of the FIDO Alliance, a standards organization focused on making simpler and stronger authentication a reality on the internet.

For more information, please visit https://www.strongkey.com/

About Systena

Systena operates a Solution Design Business, as part of which they develop smartphone and web applications and provide a comprehensive range of support for planning, designing, developing, and operating online businesses for smart devices. They also operate a Framework Design Business, which develops backbone and peripheral systems for financial institutions and designs and builds application platforms.

Systena engrains business abilities for selling IT-related products to corporate customers, and provides total solution services that encompass planning, design, maintenance, and user support by combining the strengths of individual business segments, including the IT service, cloud, and consumer service businesses. The IT service business engages in systems operation and help desk; the cloud business offers cloud services and provides assistance with their introduction; and the consumer service business develops and offers gaming content for smartphones.

For more information, please visit https://www.systena.co.jp/eng/business/

 

StrongKey is mitigating e-Commerce Fraud.

Mitigating e-Commerce Fraud

By | News & Updates

Today, we bring you this guest post from our founding CTO, Arshad Noor on solution requirements for preventing e-Commerce Fraud. You can read more posts like this at https://alesa.website/ and we hope you’ll join us on our upcoming NCCoE webinar on November 14 at 12:00 EST.

Assuming the Pareto Principle applies to electronic commerce, most companies likely derive 80% of their profits from just 20% of their customers. While merchants surely value these customers highly, the customers’ credentials, credit card numbers, and personally identifiable information are equally valuable to cyber-attackers too.

On an internet awash with data breaches, what can merchants do to protect their customers and themselves? While the cyber-security industry has created a litany of technologies to address the problem, fraud rates continue to climb.

The principal reason current anti-fraud technologies do not work effectively is because they rely on secrets—secrets stored at merchant sites, and which are susceptible to compromise through scalable attacks (where a single attack can compromise large numbers of customers). Here are some examples of secrets that are vulnerable:

• When customers are asked to authenticate themselves using passwords—a secret

• When customers are asked to authenticate using one-time passcodes (OTP)—a secret—typically sent to their e-mail or mobile phones

• When customers are asked to confirm their identities using answers—a secret—to questions they were asked as part of account registration

• When merchants “fingerprint” a customer’s computer and match the stored machine fingerprint—a secret—when customers come back to shop again

Another trend is to analyze customers’ shopping behavior and use algorithms to make real-time decisions about the risk of the transaction being executed by a bad actor. While this “artificial intelligence” is intended to automate human risk management, it has the propensity to become expensive as more and more shopping data must be stored and processed to make real-time decisions.

It is this author’s contention that merchants can dramatically reduce the risk of fraud by simply eliminating secrets—starting with the most obvious one: the customer’s password.

Using a strong authentication protocol from the FIDO Alliance, merchants can offer their top 20% of customers a free FIDO Authenticator (aka Security Key)—available for as little as USD$10—to protect their accounts. By using FIDO technology, merchants enable one of the strongest authentication protocols in the industry to ascertain their customers’ identity.

FIDO protocols and Authenticators on which they are based:

• Require a hardware-based Authenticator—not susceptible to attacks from the internet as file-based credentials are

• Require the customer to prove their presence in front of the computer originating the purchase—with possession of the FIDO Authenticator

• Are unphishable—attackers cannot compromise the protocol’s cryptographic messages and use them to masquerade as the legitimate customer

• Are privacy-protecting—even with a stolen or lost Authenticator, attackers cannot learn a customer’s identity and use it to compromise the customer’s account

The National Cybersecurity Center of Excellence (NCCoE) at the US National Institute of Standards and Technology (NIST) recently initiated a project to show how multi-factor authentication using FIDO protocols can help mitigate e-commerce fraud. As one of the Technical Collaborators chosen by NIST to assist with this effort, StrongAuth modified the popular open-source e-commerce platform, Magento, to integrate FIDO protocols into the purchasing process as a proof of concept.

StrongAuth will be presenting the modified Magento flow during an NCCoE webinar on November 14th 2017 at Noon EST, and subsequently releasing the Magento modifications to the open-source community. I encourage interested parties to join us on the webinar and learn how the simple step of FIDO-enabling an e-commerce application has the potential to eliminate fraud while strengthening the relationship between merchants and their customers.

StrongKey catalyzes FinTech.

StrongKey and FinTech: We’ll be at Money20/20!

By | News & Updates

Money20/20 is the largest event focused on payments and FinTech. This coming week, we’ll be in Las Vegas meeting people and organizations disrupting this space to talk about how important security is in conjunction with the latest financial innovation.

We believe that cyber-security is mission critical for everyone from disruptive FinTech startups to established financial services providers. So we’re here to protect them, with our globally proven security, so they can get back to what you love—writing the future of how we use money.

Here’s how StrongKey can help your business, whether in theFinTech, payments, or financial services industry:

Encryption

The Tellaro encrypts your sensitive data, such as customer information, credit card information, and payments. It can store the data either locally or in the cloud—but when using the cloud, you maintain exclusive control over the decryption keys.

Fraud Reduction

Through using risk analysis and strong authentication, the Tellaro can integrate with e-commerce platforms to reduce fraud and ensure that your customers are truly the ones making purchases.

Compliance

Data security requirements like PSD2, GDPR, and PCI DSS are table stakes for firms to operate. Using the Tellaro to secure data and process payments lets our customers easily become compliant. Our technology has done it for financial clients all around the world. In fact, it exceeds regulatory requirements for encryption and key management.

Integration into FinTech Web Applications

The Tellaro is a platform designed for easy integration into other web applications. If your company is web-based, then we can take care of the data security and user authentication.

 

Tellaro gives FinTech administrators and users peace of mind and lets you focus on a great customer experience.