Authentication and encryption tools

Protection for critical data

Sikur ID SKD is the best set of APIs for implementing authentication and encryption without passwords in mobile and web applications. It eliminates the use of passwords on proprietary systems and thus prevents phishing and malware fraud.

Because it is a fully customizable solution, it enables integration without complexity (avoiding failures during the process) and implementation of encryption to protect data in legacy systems: data is encrypted before it even leaves the device, making it unreadable to third parties.

With Sikur ID SDK it is possible to prevent the main cyber security problems: credential theft breaches and data leakage. Consequently, the solution avoids reputational damage, penalties and fines.

Data regulatory market

Built on the Privacy by Design concept, it meets data regulatory market global guidelines (such as GDPR and LGPD):

  • Cyber-security best practices;
  • Encryption;
  • Identification and authorization;
  • Auditing;
  • Right to be forgotten, rectified, and completely erased.

How it works – Authentication

1) User Registration

The user’s license is created in the Sikur Manager Portal and the user receives an activation code by email to create the account through an App. Then, a cryptographic key is generated (which can be created and stored in the HSM) that will serve to encrypt the user’s information.

2) Passwordless

To authenticate to a specific client system, the user will access their smartphone, open the App with their biometrics and enter the “authentication” area. Through the camera, the QR Code is read on the system access screen.

3) Checking

When reading the QR Code, the system sends the user a challenge to prove their identity. Only the duly authenticated user is able to prove their identity. The process takes place in the background, without compromising user experience.

4) Validation

By proving their identity, the user gains access to the system, without having entered a login and password.

How it works – Encryption

1) Access to the App

With the account created, the user will always access the App using their biometrics, never login and password.

2) Transactions and Validations

For transactions of any kind, the user’s identity is validated. The process takes place in the background, without compromising user experience.

3) Encryption at Source

All user-generated information or transactions can be encrypted at source, protecting data at rest and/or in transit throughout their lifetime.

Sikur ID SDK solves key authentication challenges:

No need for passwords

Eliminates credential sharing and/or theft.

No repudiation of user

The same account cannot be used on different devices simultaneously.


Increases security and improves user experience.


All information generated and transacted in the App can be encrypted at origin, at rest and/or in transit.

Use of keys

A cryptographic key can be used for multiple applications or be specific to a particular application.

Privacy by design

All Sikur solutions are designed based on international data protection and privacy standards (such as GDPR and LGPD), which guarantees organizations and governments the avoidance of fines and a competitive advantage in the market.

  • Privacy and Data Protection
  • Audit
  • Data processing
  • Data Loss Prevention – DLP
  • Secure Managed File Transfer
  • Cybersecurity best practices
  • Authenticity and Identity Management

More than a technological solution, we are a strategic decision for organizations.

Our mission is to redefine the relationship between enterprises and cyber-security and the user experience in the process of authentication and access to technology assets.