Protection for critical data
Sikur ID SKD is the best set of APIs for implementing authentication and encryption without passwords in mobile and web applications. It eliminates the use of passwords on proprietary systems and thus prevents phishing and malware fraud.
Because it is a fully customizable solution, it enables integration without complexity (avoiding failures during the process) and implementation of encryption to protect data in legacy systems: data is encrypted before it even leaves the device, making it unreadable to third parties.
With Sikur ID SDK it is possible to prevent the main cyber security problems: credential theft breaches and data leakage. Consequently, the solution avoids reputational damage, penalties and fines.
Data regulatory market
Built on the Privacy by Design concept, it meets data regulatory market global guidelines (such as GDPR and LGPD):
- Cyber-security best practices;
- Identification and authorization;
- Right to be forgotten, rectified, and completely erased.
How it works – Authentication
1) User Registration
The user’s license is created in the Sikur Manager Portal and the user receives an activation code by email to create the account through an App. Then, a cryptographic key is generated (which can be created and stored in the HSM) that will serve to encrypt the user’s information.
To authenticate to a specific client system, the user will access their smartphone, open the App with their biometrics and enter the “authentication” area. Through the camera, the QR Code is read on the system access screen.
When reading the QR Code, the system sends the user a challenge to prove their identity. Only the duly authenticated user is able to prove their identity. The process takes place in the background, without compromising user experience.
By proving their identity, the user gains access to the system, without having entered a login and password.
How it works – Encryption
1) Access to the App
With the account created, the user will always access the App using their biometrics, never login and password.
2) Transactions and Validations
For transactions of any kind, the user’s identity is validated. The process takes place in the background, without compromising user experience.
3) Encryption at Source
All user-generated information or transactions can be encrypted at source, protecting data at rest and/or in transit throughout their lifetime.
Sikur ID SDK solves key authentication challenges:
No need for passwords
Eliminates credential sharing and/or theft.
No repudiation of user
The same account cannot be used on different devices simultaneously.
Increases security and improves user experience.
All information generated and transacted in the App can be encrypted at origin, at rest and/or in transit.
Use of keys
A cryptographic key can be used for multiple applications or be specific to a particular application.
Privacy by design
All Sikur solutions are designed based on international data protection and privacy standards (such as GDPR and LGPD), which guarantees organizations and governments the avoidance of fines and a competitive advantage in the market.
More than a technological solution, we are a strategic decision for organizations.
Our mission is to redefine the relationship between enterprises and cyber-security and the user experience in the process of authentication and access to technology assets.