Cyber Security Protection

EndpointLock Mobile SDK

What is being protected?

​

• User’s data by encrypting every keystroke at the point of data entry, before a keylogger has the chance to intercept. 

• ​Federal mobile apps that collect user PHI, PII, HiPAA and other sensitive information .

• With an important layer-of-protection embedded right into your apps, protecting your users from the malware most often used in identity theft. ​

• Keystroke Transport Layer Security Protocol™ (KTLS™)

​

Benefits of an integrated encrypted keyboard

​

• All mobile application interaction, regardless of whether the mobile device is secure, will be encrypted and protected from keyloggers. 

• Compatible with Mac, Windows, Android and iOS environments. 

• Protection can be expanded to IoT devices running on these same operating systems. 

• EndpointLock™ SDK will not affect the app’s functionality.

• Monitors for risk in accessibility services.

• Encrypts keystrokes and words.

• Blocks other potential malicious keyboards

• Applies proprietary anti-malware key and word scrambling

• Sends ciphered keystrokes

​

Keyloggers in the news

​

US Treasury issues sanctions against Russian cybercriminal organization
"The primary threat to financial activity is the Dridex’s ability to inject malware or keylogging software, via API hooking, to steal customer login information. Once the attackers have obtained a victim’s login information, they can use it for fraudulent activities such as facilitating wire transfers or opening new accounts.”

– US Treasury Department

IRS warns of dangerous new email impersonation scam
August  2019 – “By infecting computers with malware, these imposters may gain control of the taxpayer's computer or secretly download software that tracks every keystroke, eventually giving them passwords to sensitive accounts, such as financial accounts.”

- Internal Revenue Service

Hackers think global act local. Small business at greater risk

“85% of data breaches in small businesses can be traced back to user behavior. 

This includes clicking on phishing links that download keylogger software.”

- Experian Blogs

​

How it works​

• Protects keystroke data by creating an alternate  AES 256 AES bit encrypted tunnel, routing the data around the area of vulnerability.

• Create Encrypted Keystroke packet per keystroke

• Create Decrypt packet per keystroke for Encrypted Keystroke

• Send Decrypt packet into text box requesting stroke and then deliver encrypted keystroke and decrypt keystroke directly into the mobile app

• Keystrokes are delivered to the enterprise mobile app (Mobile eCommerce platform) via SDK. The alternate encrypted mobile keyboard & delivery channel is directly utilized by the enterprise or mobile eCommerce application.

• Cromtec can white label our Secure Keyboard utilizing SDK within
  your mobile application with your company logo and hyperlink.