KEY PROTECTION SDK
ToothPic Key Protection SDK protects cryptographic keys stored on smartphones from malware and unauthorized use, tying them to a hardware characteristic of devices: the fingerprint of their camera sensor.
The SDK can be easily integrated into existing Android and iOS apps. Everytime a user needs to authenticate, sign or authorize a transaction, the SDK securely unlocks the required credential. Only the authorized device can use the credential.
The SDK turns every smartphone into a secure hardware key, reducing the attack surface with respect to competing solutions.
- Secret keys are never stored on the smartphone
- Enhances the security of TEE-based solutions
- Camera can be physically obstructed to prevent key recovery
The solution is flexible and can be adapted to countless use cases
- Possession Factor Verification
- Strong Customer Authentication
- Sign with your smartphone
- No additional device required
- Trusted devices for company executives’ documents and messages
- Secure wallets for crypto users and exchanges
HOW IT WORKS
Everytime a key needs to be unlocked, the Key Protection SDK takes control of the camera for a few seconds and reads the sensor fingerprint. No interaction is required from the user.
Sensor fingerprint is used to obfuscate a standard cryptographic key
The cryptographic key is destroyed
Only that specific device can recover the cryptographic key when needed