Quarks Digital Vault
Sensitive data protection for mobile applications and IoT software
Authentication tokens, unique identifiers, passwords are sensitive data which can be used by hackers for fraud or counterfeiting.
Data leakage of these information put organizations at risk of reputational damage and loss of revenue.
Data encryption, at rest and in transit, safeguard against these risks. To this intent, platform manufacturers and operating systems vendors offer APIs for data encryption leveraging hardware security features or security features provided by a Trusted Execution Environment (TEE).
However, these functions are platform and software dependant, and thus not universally available, as well as hard to apprehend for those which are not versed in security matters.
If an application is built for several platforms, misusing these APIs or having to reimplement each protection scheme for each platform means that secrets, logins, passwords are at risk of being in the clear for attackers to grab.
An abstraction layer for cryptographic operations
To answer this challenge, Quarks Digital Vault has been built to offer application developers an easy to use and reliable API to encrypt secrets by leveraging available cryptographic hardware capabilities (Secure Element or Trusted Execution Environment).
If not available, Quarks Digital Vault automatically defaults to software-based cryptography, ensuring that your data is never stored in the clear.
Facilitated data encryption
By providing an abstraction layer for data encryption for different platforms, application developpers are sure to protect sensitive data without having to reimplement security measures for each supported platform.
Unique to each peripheral
Quarks Digital Vault creates fingerprints for each device, making sure that even if lifted, the application cannot be used, guaranteeing against application repackaging.
Easy project integration
Available as a C and C++ software libraries, Quarks Digital Vault can easily be integrated into any project through simple API calls.
Key Features
| Quarks Digital Vault | |||
|---|---|---|---|
| Protection mode | Persistent (on disk) keys & data | ||
| Protection layers | Device binded key/value database Encryption and authentication of data Only decrypt what you use Rely on hardware security components if available (e.g. Android KeyStore) Small code and memory footprint |
||
| Languages | API | ||
| Security policy | API | ||
| Operating systems | Linux, Android | ||
| Architecture | x86, x86_64, ARM, ARM64 | ||
| IDE integration | Apple XCode, Microsoft Visual Studio, & Google Android NDK | ||
| Sec/Dev/Ops (CI/CD Integrations) | Gitlab, Jenkins | ||
Reach out to our team for a product demonstration
Related Resources
Securing Mobile Payment Applications
Payment systems are at the heart of the global economy. Over the past few decades, electronic payments have grown at a fast pace, supplanting traditional payment systems such as cheques and cash to become the current standard. These systems have evolved over the...
Cases studies – Viaccess Orca
The streaming video market is estimated to reach 110 billion euros by 2024, with an average annual growth of almost 20%. Boosted by mobile devices, ever more powerful 4G and soon 5G connections, online video consumption is here to stay. Viaccess-Orca (VO) is one of...
Infographic – Mobile Payment
Discover in the infographics below how mobile payment works and what are the risks and threats with the development of payments from mobile platforms. See the infographics: https://bit.ly/3oIhyAO