Tyfone: IoT Security through Decentralized Smart Card Chips based Hardware

As the world becomes one big information system influenced by IoT, more and more organizations are opting for cloud storage, which often raises issues on data security. According to a recent Gartner' research, the world will see 25 billion internet connected devices by 2020. In this scenario, Tyfone offers secure transactions and identity solutions, enabled by over 100 patents and over 700 issued invention claims.

IoT devices, from connected cars to wearables pose a clear and present danger to the privacy and confidentiality of individual information that is being collected by the device and typically stored in the cloud by the service providers. This implies that we need to secure the data that is in transit, the data at rest on the cloud, and the permissions to access that data. The key to all of these capabilities to securely store and manage a set of digital cryptography keys for identification, authentication, data encryption, and non-repudiation. Tyfone enables such a capability through the use of decentralized security hardware, called the Connected Smart Card (CSC) that is controlled by the user for sensitive information and also provide mechanisms for securing information that may not be as sensitive using software mechanisms."Our solutions are an outcome of the threats surrounding the Moore's law-with the biannual increase in processing power for computers resulting in cheaper computing hardware, cyber crimes committed by hacker sare made easy," explains Dr. Siva G

CEO, Tyfone. "The Moore's law of hacking" also demands the need for a decentralized hardware for effective enterprise security, which dismisses the possibility of remote hacking.

Traditional 'software only' security technology defend the digital fortress only from the inside, since the security itself is stored right next to the data it needs to protect. By combining Tyfone's CSC technology with traditional technology we enable businesses to defend their digital fortress more effectively from the outside. No more complex passwords to remember! No more remote and anonymous IoT hacking!

While CSC brings Level 4 identity and authentication security to IoT as defined by National Institute of Standards and Technology (NIST) Tyfone's platform enables all four levels of authentication. While Levels 1 and 2 refer to centralized security, Level 3 deals with pseudo-decentralized security and Level 4 is concerned with truly decentralized security. Although Level 4 is perceived as expensive, Tyfone believes in offering all four levels of security at the same cost."Additionally, our platform is extremely versatile and convenient as our CSC technology works at the click of a button and is available in various compact form factors,such as memory card and CR80 credit card," remarks Narendra. Comprising dual abilities, the CSC hardware can either be implemented as a security module
plugged into an existing IoT device or it acts as an independent IoT device that connects with available sensor networks.

For instance, Tyfone added its CSC hardware to RaspberryPi, which is a low cost computing system with an open-source IoT platform. The company also enabled Firefox to be directly accessible from the hardware based security. "With high-end security easily accessible through Firefox, anyone who can build html5 apps can easily protect the data invested in the IoT device," says Narendra. Currently, the company is working with the World Wide Web Consortium (W3C) to build standards for hardware-based security. The company organized a workshop with Google and Microsoft, which promulgated the integration of web browsers and smartcard chip protocols. "Since smartcards chips are the only global standard for hardware security and web browsers are the only global standard for software, we are looking at connecting the two," informs Narendra.