StrongKey KeyAppliance (SAKA) enables strong key management and DPAppliance enables large-scale encryption.

Enterprise Solution:


The StrongKey Data Protection Appliance™ 2.0 (DPAppliance or DPA) adds the CryptoDocument Orchestrator Module to include the ability to orchestrate the encryption of tens of millions of documents within a business application. This is in addition to the encryption, tokenization, strong authentication, cryptographic module, high availability and open-source licensing model bundled in the flagship StrongKey KeyAppliance. Designed and built in Silicon Valley, the DPAppliance delivers ALESA to help mitigate the risk of data breaches in a single solution — so you can sleep easy at night.


CDO Module for Large-scale Orchestration

  • Manage the flow of documents into/out of a Data Protection Infrastructure
  • Encrypt/Decrypt documents synchronously or asynchronously
  • Scale cryptographic services automatically based on workload
  • Use public or private cloud storage for automatic storage and recovery of encrypted documents
  • A single web service API for applications no cryptographic plumbing required in business applications
  • Use FIDO-based authorization to enable the decryption of documents
  • HA and DR capabilities included with automatic replication

KA Module for PCI DSS, HIPAA, FFIEC, etc.

  • Encrypts, tokenizes and manages billions of data-elements (PAN, SSN, DOB, …..)
  • Generates and manages tens of millions of encryption keys (AES, TDES, ECDSA, RSA, ….)
  • Delivers end-to-end encryption using ANSI X9.24-1 2009 (DUKPT) algorithm
  • Uses CC-certified cryptographic hardware module for key management (FIPS-certified HSM available as an option)
  • Ensures applications can always receive services through HA clustering
  • Blistering speed greater than 300 web service operations per second (WSOPS) per node
  • Exceeds PCI DSS requirements for encryption and key management controls

CE Module for File Encryption, Digital Signatures, etc.

  • Encryption Engine to encrypt files of any type and any size; store keys on-premises while storing encrypted files in public/private clouds
  • Encrypts tens of millions of documents across the enterprise: images, audio, PDF, business documents, etc.
  • Signing Engine to digitally sign documents/code uses FIPS-certified HSM for signing key
  • Integrates with any application that can call a web service over the network

FE Module for FIDO Strong Authentication

  • FIDO Engine with a FIDO certified U2F server to enable strong authentication to web applications
  • Manages tens of millions of registered ECDSA keys
  • Works with any FIDO certified U2F authenticator (token)
  • Eliminates password-compromises and phishing attacks to web-applications
  • Smartcard- and digital certificate-type strong authentication without the headaches of smartcards and digital certificates

CC Module for End-user Secure File Sharing

  • A ready-to-use web application to share files, protected by your own on-premises key management system
  • FIDO-enabled to require strong authentication
  • Eliminate the need for password-based authentication inside corporate networks
  • Integrated with Active Directory and Oracle Access Manager
  • Integrated with AWS S3, Microsoft Azure, Eucalyptus Walrus for cloud storage


Coming Soon

WSDLs and XSDs

Our appliances only use web services to provide cryptographic capability; this makes it possible to integrate to the DPAppliance within an hour. Point your IDE to the WSDLs shown here to generate stub code to use with the sample client code shown below.

CDO Module

  • CDO WSDL (Coming Soon)

KA Module

  • PAN Encryption WSDL
  • PAN Encryption XSD
  • CCS WSDL (for DUKPT processing) Coming Soon

CE Module

StrongKey Support is 24/7.


Both options include telephone/e-mail support, hardware warranty, appliance bug fixes and updates including major versions.

  • Monday – Friday Business Hours (PST)
  • 24 x 7

Foss License

The StrongKey DPAppliance™ uses free and open-source software (FOSS) licensed under the GNU Library or Lesser General Public License version 2.0 (LGPLv2).  This means that you don’t pay us for every application that uses the appliance for cryptographic services — encryption, tokenization, FIDO registration or authentication, etc. You also get the full source code to the components of the appliance to modify and use in accordance with the terms of the LGPL.