StrongKey KeyAppliance (SAKA) enables strong key management and DPAppliance enables large-scale encryption.

Enterprise Solution:


The StrongKey KeyAppliance™ 3.0 (SAKA) redefines data security by providing unprecedented capability at an affordable price. Combining encryption, tokenization, strong authentication, cryptographic module, high availability, and an open-source licensing model, the latest edition of StrongKey’s flagship solution provides data protection unlike any other product on the market. Designed and built in Silicon Valley, the SAKA delivers ALESA to help mitigate the risk of data breaches in a single solution — so you can finally take that long-deserved vacation.


KeyAppliance Module (KAM) for PCI DSS, HIPAA, FFIEC, etc.

  • Encrypts, tokenizes, and manages billions of data elements (PAN, SSN, DOB, etc.)
  • Generates and manages tens of millions of encryption keys (AES, TDES, ECDSA, RSA, etc.)
  • Delivers end-to-end encryption using ANSI X9.24-1 2009 (DUKPT) algorithm
  • Uses CC-certified cryptographic hardware module for key management (FIPS-certified HSM available as an option)
  • Ensures applications can always receive services through HA clustering
  • Blistering speed greater than 300 web service operations per second (WSOPS) per node
  • Exceeds PCI DSS requirements for encryption and key management controls

Crypto Engine Module for File Encryption, Digital Signatures, etc.

  • Encryption Engine to encrypt files of any type and any size
  • Store keys on-premises while storing encrypted files in public/private clouds
  • Encrypts tens of millions of documents across the enterprise: images, multimedia, PDFs, business documents, etc.
  • Signing engine to digitally sign documents/code uses FIPS-certified HSM for signing key
  • Integrates with any application that can call a web service over the network

FIDO Engine Module for FIDO Strong Authentication

  • FIDO Engine with a FIDO-certified U2F server to enable strong authentication to web applications
  • Manages tens of millions of registered ECDSA keys
  • Works with any FIDO-certified U2F authenticator (token)
  • Eliminates password compromises and phishing attacks to web applications
  • Smart card and digital certificate-type strong authentication without the headaches of smart cards and digital certificates

Crypto Cabinet Module for End-user Secure File Sharing

  • A ready-to-use web application to share files, protected by your own on-premises key management system
  • FIDO-enabled to require strong authentication
  • Eliminate the need for password-based authentication inside corporate networks
  • Integrated with Active Directory and Oracle Access Manager
  • Integrated with AWS S3, Microsoft Azure, Eucalyptus Walrus for cloud storage


Coming Soon

WSDLs and XSDs

Our appliances only use web services to provide cryptographic capability; this makes it possible to integrate to the KeyAppliance within an hour. Point your IDE to the WSDLs shown here to generate stub code you can use with the sample client code shown below.

KeyAppliance Module (KAM)

  • PAN Encryption WSDL
  • PAN Encryption XSD
  • CCS WSDL (for DUKPT processing) Coming Soon

Crypto Engine Module

Sample Client Code — Other Languages

StrongKey Support is 24/7.


Both options include telephone/e-mail support, hardware warranty, appliance bug fixes, and updates — including major versions.

  • Monday – Friday Business Hours (PST)
  • 24 x 7

FOSS License

The StrongKey KeyAppliance™ uses free and open-source software (FOSS) licensed under the GNU Library or Lesser General Public License version 2.0 (LGPLv2).  This means that you don’t pay us for every application that uses the appliance for cryptographic services encryption, tokenization, FIDO registration or authentication, etc. You also get the full source-code to the components of the appliance to modify and use in accordance with the terms of the LGPL.