Your Commercial-Grade Weapon

Against Zero-Day Keylogging Malware

Studies now show that 98% of enterprise breaches begin with a successful phishing attack to an endpoint, followed by the installation of spyware, specifically a keylogger.

Keyloggers are one of the most common, yet dangerous components of malware and are used to gain access credentials needed to advance a breach. In fact, keyloggers were at the helm of some of the biggest breaches of our time including large retailers, banks and health organizations.

Endpoint Managed Security

What Are Keyloggers?

  • Keyloggers can record every keystroke made on a mobile device or desktop
  • Keyloggers are the single biggest threat leveraged in the first stages of almost all advanced threats
  • Today’s anti-virus solutions are unable to identify and stop keylogging
  • 98% of enterprise breaches include a phishing attack to install a keylogger
  • Keyloggers can change form and go undetected for months or years

How Keyloggers Hurt Businesses?

Keyloggers can steal your:

  • Privacy
  • Usernames and passwords
  • Personal identity
  • Credit card numbers
  • Proprietary corporate data
  • Email accounts
  • Corporate transactions
  • Banking data

Up until now, organizations have lacked the ability to fully protect their endpoints from a zero-day keylogger. Most keyloggers have the ability to change their form and go undetected as they quickly spread between the endpoints in your enterprise.

How do you fight back? With EndpointLock: Patented keystroke encryption for desktops and mobile devices.

EndpointLock and KTLS

Keystroke Transport Layer Security (“KTLS”) is a patented cryptographic protocol that provides for the encryption and transport of keystrokes, at the kernel level. It activates at the time of secure boot, or entry into any application or web browser. This proprietary technology is unique to CromTec Cyber Solutions.

KTLS can be utilized in both desktop and mobile environments as a critical component of endpoint security. The protocol provides strong cryptography at the time of keystroke entry, to protect the initial transmission of usernames and subsequent keystrokes entered in to any program or application.

EndpointLock is the commercial product name by which KTLS is implemented within an enterprise.

EndpointLock™ Key Features:

Continuous Protection

  • The only solution that protects against zero-day keyloggers.

  • Operates as an anti-subversive, detects untrusted drivers and displays a warning containing the name of any suspicious driver.

  • Automatically installs to your TPM (Trusted Platform Module) if available.

Visual Alerts

  • Anti-Screen Scraping blocks screen capture.

  • Anti-Clickjacking Warning visually alerts you with a red dotted outline of untrusted areas.

  • CryptoColor: Visual confirmation highlights verifies the text fields are safe to type into.


  • Can be installed in an enterprise and deployed via group policy.

  • Compatible with McAfee ePolicy Orchestrator

  • Can encrypt double-byte characters

  • Can encrypt all international keyboards

  • Works with PS2, USB, Wireless & Bluetooth keyboards


  • Built here in the USA, and more than 8 Million consumers and corporations have already downloaded our technology.

  • McAfee ePO (ePolicy Orchestrator) Compatible

EndpointLock™ for iOS and Android Devices

  • Supports: Apple iPhones & iPads, Android Phones & Tablets.


  • Encrypts all user keystrokes
  • Creates a secure keyboard with your branding
  • Supports all iOS and Android mobile devices
  • Supports all 5G iOS and Android IOT devices
  • Routes encrypted data around the vulnerability
  • Protects against infected apps and phishing emails/messages

An estimated 16 million mobile devices are infected with mobile malware, with threats constantly on the rise. Traditional keystroke data flows from your mobile keyboard through your operating system before it appears in your apps. Hidden along the way are areas of vulnerability where cyber criminals can plant keylogging spyware. With (BYOD) Bring your own device and mobile cyber attacks both increasing, enterprises must address security with tools to thwart the massive vulnerabilities that exist when using infected apps and phishing emails and messages, which download keylogging spyware.

EndpointLock™ for Mobile protects your keystroke data by installing a secure encrypted keyboard that creates an alternate pathway to your apps, routing your encrypted data around the areas of vulnerability. For added security, the EndpointLock™ pathway is protected by a complex 256-bit encryption code

EndpointLock™ Mobile SDK (Software Developer’s Kit)

Secure your Desktop and/or Mobile Apps

Get keystroke encryption embedded right into your desktop and mobile app. Users will feel confident as they provision and use the app and add their credentials including typing in their credit card numbers.

EndpointLock for Desktop Other Security Features

TPM (Trusted Platform Module) Support:

EndpointLock will automatically detect if a PC has an Intel TMP (Trusted Platform Module) chip, which is designed to secure hardware and software integrity by integrating cryptographic keys into devices, and will install directly to the TPM on the PC.

Kernel Compromise Warning Feature:

Warns the user of a kernel breach by detecting the presence any unsigned software or if a driver has been altered since it was released. EndpointLock indicator will turn yellow to indicate warning and log details of the breach including identity of the breached computer and its file location within that system.

Self-Monitoring Capability

Anti-subversion technology prevents EndpointLock from being
by-passed by other software by reinstalling itself in the first position in the kernel level.

Anti-Screen Scraping Feature

Hides the screen from screen loggers and sends them a black screen.

Anti-Clickjacking Feature:

Makes the invisible, visible. Hackers can embed invisible objects into
iFrames, EndpointLock can detect this type of attack and unhide the invisible object, and paint a border around the object, alerting the user not to click on this object.

How EndpointLock™ and KTLS Work

EndpointLock proactively stops keyloggers by encrypting each keystroke at the point of data entry, and rerouting the encrypted keystrokes directly to the browser or desktop application.

With EndpointLock, instead of capturing your actual data, keyloggers see only a random string of meaningless numbers.

EndpointLock is designed as a secure keyboard, available whenever a browser or desktop application is launched. This keyboard can be branded with your logo and hyperlink.

KTLS uses the AES encryption with a key size of 256 bits to encrypt keystrokes. The same key is used to encrypt and decrypt.

The KTLS protocol secures connections between the keystroke and applications:

  • Symmetric cryptography encrypts the transmitted data to ensure privacy
  • The keys for this symmetric encryption are generated uniquely for each connection
  • The encryption is based on a shared secret generated from the Trusted Platform Module, or else by a built-in Random Number Generator
  • Keyloggers can’t obtain the negotiated secret, even if they place themselves in the middle of the connection
  • No attacker can modify the keystroke transmission during the negotiation without detection, which generates kernel-layer alerts
  • The encrypted session key is stored in secure memory, shared by all KTLS system components
  • KTLS proactively reroutes the encrypted keystrokes directly to the browser or desktop application

Trending for Business: BYOD

Bring Your Own Device

  • 80% of businesses support a BYOD policy
  • 60% of workers use a smartphone for business purposes
  • BYOD market: $30 billion in 2014  à  $367 billion by 2022
  • Companies encouraging BYOD save $350 per year, per employee

67% of business data breaches are due to employee mobile device use

*Source: Forbes, January 2019

EndpointLock Features:

  • A toolbar turns on automatically when browser or application is launched
  • Advanced, 256-bit encryption
  • Early-warning kernel and ID theft monitoring
  • User-friendly, comprehensive reporting dashboard
  • Screen-capture protection
  • Clickjacking protection
  • Protection against Dark Web email attacks*
  • ID theft protection insurance*
  • Crypto-color visual verification technology

*Add-on, enhanced services, for licensed EndpointLock solutions

EndpointLock Benefits:

  • Enterprise-grade
  • Certified by Windows, Mac, Linux, Android and iOS operating systems
  • Supports keyboard-enabled iOS and Android 5G IOT devices
  • Deployed directly into Layer 0, within the kernel itself
  • Encryption and decryption occur directly within the application, without any modification to the app required
  • Compatible with Intel’s TPM (Trusted Platform Module)
  • Easily scalable: deployed through MS GPO, PowerShell, SCCM and 3rd-party apps
  • Works with PS2, USB, wireless, Bluetooth and international keyboards
  • Small memory footprint
  • Requires no spyware database updates

EndpointLock is CromTec Cyber’s unique flagship product, and is a crucial component of a comprehensive Managed Endpoint Security strategy, which we can craft for your business.




  • Identity
  • Passwords
  • Online purchases
  • Credit cards
  • Banking data
  • Health data
  • Email and texts


  • Logins and passwords
  • Employee keystrokes
  • Enterprise risk
  • Corporate IP
  • Transactions
  • Financial data
  • HR data