Cybernetica

Menu

Features

No Physical Token Required

SplitKey is mobile based, meaning there is no additional hardware token required. For the user, this means a simple, convenient method of authenticating themselves when accessing secure accounts. For the service provider, this means a fast, low cost setup and rollout.

Secure Against Attacks

SplitKey shares the responsibility between the HSM (Hardware Security Module) of the service provider’s servers, and the user’s mobile phone (not using their SIM), meaning if either one is compromised, the other protects the overall system. This leads to SplitKey not being susceptible to SIM hacking/swapping or compromised servers. Further measures prevent phishing attacks due to 2FA requirement, brute force attacks due to online PIN verification, and phone cloning due to the use of shared one-time tokens.

Two Factor Authentication

SplitKey uses a knowledge-based factor and a possession-based factor to ensure that even if your user’s username and PIN codes are stolen, without the user’s phone, they remain protected. In the same way, if the user’s phone is stolen, without the PIN codes, the system is not compromised.

User Control Over Private Key

The user’s share of their private key never leaves their device. This means the user always retains control of their digital signature, so an attacker, or even the server, never has enough information to create the full digital signature without input from the user and their mobile.

PKI Cryptography

SplitKey relies on PKI asymmetric cryptography, developed by peer reviewed experts in the field. 6K bit keys are used with RSA which can be increased if required. You can read more about the technology and cryptography behind SplitKey here.

Separate Authentication and Signing Functions

The authentication and signing functions within SplitKey are separate and use different cryptographic keys. This also involves two different length PIN codes to ensure they remain two independent functions and the act of signing-in cannot then be used to sign or approve on behalf of the user as well.

Scalability

SplitKey can be scaled as required. Whether it’s used for ticket sales to ensure a limited number per person in the tens or hundreds of thousands, or if it’s in use for a nation’s population interacting with government services in the tens or hundreds of millions. SplitKey is horizontally saleable and can support thousands of transactions per second, already in use with over 1.2 million users in the Baltics.

Regulatory Compliant

SplitKey is compliant with the eIDAS regulation; electronic identification and trust services for electronic transactions in the internal market, as well as PSD2, the European Payment Services Directive. It is also currently under evaluation by an independent third party for Common Criteria for Information Technology Security Evaluation (ISO/IEC 15048), due to be complete by EoY.

Contact

SplitKey Sales Team
E-mail: splitkey-sales@cyber.ee
Phone: +372 639 7991