Technology behind BlueID

The enabling software technology BlueID makes it possible to receive and execute sensitive authorizations in a secure manner via smartphone apps. BlueID can be quickly and easily integrated as a software package into your apps, back end systems and control modules.

With BlueID, you can take your authorization management to a new level of guaranteed security on potentially unsafe smartphones. BlueID is a highly effective and secure device authentication technology for mobile devices that you do not own.

A highly complex asymmetrical certificate process based on a Public Key Infrastructure (PKI) creates robust identities and continually protects the trustworthiness of your authorizations. PKI is used where communication and authorization between a continuously rising number of users, devices and things shall be managed in a scalable and secure manner.
 
We have created a very agile, scalable, fast PKI system based on industry standards. BlueID enables you to profit from the advantages of PKI without the necessity of dealing with the challenges of the technology. BlueID provides you with a PKI-based security layer which you can easily integrate into your existing IAM and back-end systems.

Our cryptography and identities also fit the smallest memory space of your control modules. The BlueID Trust Center is operated by experts who keep the software on the newest stage of development. Therefore, BlueID provides security on an exceptional level for your products and services in a fast and scalable manner.

This way, you are able to fully focus on your business.

 

NETWORK INDEPENDENT

  • Bluetooth Smart, NFC, RFID, WiFi..
  • Mobile Internet (2G/3G/4G)
  • Security is independent of wireless standard

100% DIGITAL IDENTITIES

  • Secured by certificates
  • Easily scalable
  • With verified security

CUSTOMISABLE ACCESS PERMISSIONS

  • Customizable in regards to access time
  • Freely selectable duration
  • According to frequency of occurence, etc.
BlueID_main_graphic_1150

Security

BlueID is maintained and continuously improved by trusted computing specialists to secure the highest level of security and the best comfort at all times. BlueID – a platform that makes security scalable.

Secure through PKI

The Public Key Infrastructure of BlueID provides protection through:

  • Encryption with up to 4.096 Bit
  • Use of the industry standards RSA and AES
  • Root CA (Certification Authority) in the Trust Center

Certificate based

Through encryption with certificates, the integrity of each permission is traceable and autonomously verifiable at all times. BlueID uses:

  • The Secure Hash Algorythm (SHA)
  • Elliptic Curve Cryptography (ECC)

Always up-to-date

With BlueID, you continuously receive the newest updates for all supported smartphone platforms as well as upgrades to support future wireless standards. Therefore, BlueID is always available to you in the newest version and you profit from the convenience of digital permission management.

security features

A major advantage of the BlueID SDK is that each service provider / operator who uses BlueID, decides for themselves which of the additional security layers that are currently available on the market shall be used. Thus, they can opt for a fast roll-out speed while at the same time incorporating hardened security for specific user groups such as staff with higher privileges and administrators. BlueID works seamlessly with:

PIN / PASSWORD

Each app that uses BlueID may require their users to identify themselves with a PIN or password before granting certain access rights to the user. Sensitive user credentials remain in the backend / booking system of the service provider or operator.

TRUSTED SERVICE

All BlueID enabled access systems benefit of the BlueID Trust Center. It employs certificate-based PKI (Public Key Infrastructure) encryption to securely transmit access permissions to the smartphones of users worldwide.

iBEACONS

iBeacons may be used as a second factor while authenticating the users. Thus, conditions for access can be applied, like requiring the user to be in a specified area, e.g. right in front of a parking barrier, before opening the barrier or gate.

OR OPTIONALLY

BIOMETRICS

Smartphone access can be combined with biometric sensors like fingerprint or voice recognition, which are either integrated in the phone or made available at the point of entry. Our partners supply the right technology for your use case.

SECURE SIM / TSM

BlueID easily integrates with Secure SIMs and their corresponding TSM services. Secure SIMs offer a very cost-effictive approach in scenarios where hardware security restrictions have to be met.

SECURE MicroSD

Administrators with a higher clearance level may be required to use a Secure microSD in their smartphone before granting them elevated access rights. Thus, hardware security requirements can be met with ease.

The use of pre-shared key systems on always-on mobile devices is risky. In the event of security breaches it leads to unforseeable costs and manual updates of all objects sharing the same key. The way, in which key diversification is ensured is often intransparent.Utilizing secure elements to protect pre-shared keys properely undercuts unlimited scalability and compatibility with all mobile devices.

Modern service business models result in a growing number of users and a rising interconnectedness of devices. Communication takes place more and more between a rising number of different systems. For efficient permission management in a scenario like that, for easy and fast identity creation and adaption, and for protecting the integrity of each single permission, the concept of identity management must be thought of differently. A Public Key Infrastructure (PKI) based on Asymmetric cryptography offers an enormous potential in a situation like that. Today, PKI is in use mostly in high-security banking and governmental environments. The challenges of PKI lie in:

  • The complexity of the security processes
  • The long encryption key lengths & hence the slow execution speed

Our long standing research and development has leveraged these challenges.

The BlueID software technology

BlueID consists of software packages for smartphones and control modules as well as the BlueID Trust Center service, which is connected to your backend or IAM system using standard APIs. You can license BlueID for use in your services.