CardEX is a paradigm shift in the approach of solving smart chip vulnerabilities. It takes a proactive rather than reactive stance, addressing the core vulnerabilities with secure encryption which prevents fraudulent attacks. CardEX enabled devices self-authenticate internally, between the device and its own built in secure EEPROM memory region before communicating or transacting with the outside world. Its patent-pending, unreadable-memory-partition, allows any secure data to be stored and only accessed once the request is authenticated. Its authentication and encryption duties are split between two symmetric keys that never expose themselves in a raw state, ensuring that no data is compromised
The worldwide trend of malware and fraud has evolved from hacking encryptions to cloning EEPROMs, and more recently to the infiltration of the sources of encryption keys and digital certificates. The integrity of the Public Key Infrastructure (PKI) - i.e. the set of roles, policies and procedures needed to create, manage, distribute, store and revoke digital certificates - has been compromised, and digital certificates are being misused to fraudulently gain access to worldwide users' systems, emails and personal data.
Even if your device, e.g. your bank or SIM card, has unhackable encryption and authentication, if the key-issuer's system has been compromised through malware, hacking or internal espionage, your devices are vulnerable to attack because the Private Key is known. IDAT's technology solutions resolve this core security failure, taking a proactive rather than reactive stance, using secure encryption to prevent fraudulent attacks.
IDAT's fundamental design and operational features prevent all types of hacking and cloning of smart chips, ensuring that bank cards, SIM cards and ID cards are secure.
Even if your device, e.g. your bank or SIM card, has unhackable encryption and authentication, if the key-issuer's system has been compromised through malware, hacking or internal espionage, your devices are vulnerable to attack because the Private Key is known. IDAT's technology solutions resolve this core security failure, taking a proactive rather than reactive stance, using secure encryption to prevent fraudulent attacks.
IDAT's fundamental design and operational features prevent all types of hacking and cloning of smart chips, ensuring that bank cards, SIM cards and ID cards are secure.
- Any device protected by an IDAT solution self-authenticates via a secure EEPROM memory region before it communicates or transacts with the outside world. When the smart chip is powered up, it will first generate a dynamic authentication hash that it compares with a hash in this protected hidden portion of memory. If they match then the card is passed as authentic. The access to this hidden area can only be done via its patent pending technology. Any card cloning or EEPROM memory "dumps" would not render the portion of memory that is required to perform its primary authentication. Without this primary authentication it would generate an error "Invalid Memory Reference". The simplicity of its operation nullifies cloning and hacking.
-
Its patent-pending, unreadable-memory-partition, allows any secure data to be stored and only accessed once the request is authenticated. If you cannot read the secure data, you cannot hack or clone it. This data protection extends to any non-volatile memory that enables users to secure their laptops, tablets, servers and mobile phones -
It has split the authentication and encryption duties between two symmetric keys that never expose themselves in a raw state. The keys are encrypted twice via a proprietary date/time sensitive algorithm that feeds dynamic keys into full AES256. If a cocoon of encrypted data is somehow compromised or intercepted, it has a limited validity, which is card-issuer defined, either by time e.g. five minutes, or by individual transaction. It cannot be accessed without the valid keys required during the initial self-authentication phase. There is no private-public key mechanism in operation. If a certificates authority (CA) or an appointed agent is compromised, the data is still protected.