Code, Data and Keys Protection Software

 

State-of-the-art technologies to protect your applications and IoT objects against attackers

Seamless Integration

In-App Defense

Fine Grained Configuration

Epona App Shield

Epona Keys Shield

Epona Digital Vault

Titre Section

Seamless integragion

Use it in a transparent way as it integrates easily with your favorite development toolchain

In-app defense

Choose obfuscation to disrupt attacks to your application, anti-tampering to prevent modifications and anti-debugs to prevent dynamic analysis

Fine grained configutration

Tune it easily at the level of robustness and performance you want to achieve

Three components to protect code, data, and keys running on untrusted environments

Epona App Shield

Code & Data Protection

Deter reverse engineering and hide your program logic with source code obfuscation. Limit tampering with integrety checks.

Epona Keys Shield

Cryptographic Key Protection

Hide secret keys and unique identifiers within source code with advanced white-box cryptography. Control the genration of your white-box.

Epona Digital Vault

Data Encryption and Secure Storage

Easily encrypt personal data used in your application with Epona Digital Vault. Leverage hardware encryption when available to heighten the security level.

Epona Features

Epona App Shield Epona Keys Shield Epona Digital Vault
Protection mode Static and dynamic Static and dynamic Persistent (on disk) keys & data
Protection layers

Code & Data obfuscation (25+ different passes)

Environmental protections (anti-root, anti-jailbreak, anti-debug, anti-hooking, anti-dynamic analysis)

Integrity checks / anti-tampering

Multi-level configuration (block, function, module)

Zero-trust: full control on the (re)generation of your application

Automatic test & reporting on applied protection

Symmetric encryption: AES128 with CBC/CTR modes

Signature: AES-CMAC, ECDSA on NIST-256p

Asymmetric encryption: ElGamal on NIST-256p

Diversification per client or per device

Zero-trust: full control on the (re)generation of your whitebox

Device binded key/value database

Encryption and authentication of data

Only decrypt what you use

Rely on hardware security components if available (e.g. Android KeyStore)

Small code and memory footprint

Languages C/C++ API
Security policy External YAML configuration or Pragma in the code API
Operating systems Linux, Windows, OS X, Android, iOS Linux, Android
Architecture x86, x86_64, ARM, ARM64
IDE integration Apple XCode, Microsoft Visual Studio, & Google Android NDK
Sec/Dev/Ops (CI/CD Integrations) Gitlab, Jenkins

Client Testimonial

“Quarkslab provided us with a solution to obfuscate source code and protect encryption keys for our secure player.

We are very happy with the relationship, and working each day hand in hand with Quarkslab on improving the solution to achieve the best ratio between performance and security.”

Cédric Hardouin

Executive VP R1D, Viaccess-Orca

Industry-recognized software

Related Resources

Securing Mobile Payment Applications

Securing Mobile Payment Applications

Payment systems are at the heart of the global economy. Over the past few decades, electronic payments have grown at a fast pace, supplanting traditional payment systems such as cheques and cash to become the current standard.  These systems have evolved over the...

read more
Use Case – Viaccess Orca

Use Case – Viaccess Orca

The streaming video market is estimated to reach 110 billion euros by 2024, with an average annual growth of almost 20%. Boosted by mobile devices, ever more powerful 4G and soon 5G connections, online video consumption is here to stay. Viaccess-Orca (VO) is one of...

read more
Infographic – Mobile Payment

Infographic – Mobile Payment

Discover in the infographics below how mobile payment works and what are the risks and threats  with the development of payments from mobile platforms. Mobile Payment

read more