SmartCard Secure, is a deployment and licensing solution. Marketed mostly at SMEs who need to deploy their software solution to their end users and at the same time need to control their licensing count such such limit no. of installations, expire date etc. SmartCard Secure uses secure encryption algorithms that are widely used in the industrial and commercial world. For example AES, 3-DES, that uses 128/256 encryption keys, and the SHA-1/SHA-2 hashing algorithms for random key generation. These encryption are build right into the smart card chip itself. Private keys written and programmed into smart card chip are largely secured and cannot be easily copied out or duplicated.
Secure Design Concept
The Secure Concept is straightforward. The private keys are embedded into the smart card. The Smart card is a normal PC/SC smart card. For our show case product we use the Smart Card by Oberthur Technologies. The smart card is inserted into a PC-linked smart card USB reader with built in flash memory (eg. 2Gb) which i choose to use the smart card reader @MAXX Lite by SCM. (@ $65 USD). The private keys programmed in the smart card are protected by onboard encryption mechanism. The keys are then used to control various variables of the client's application like for example, license count. any installation of the clients application on end user's computer will deduct a count for instance.
During the installation, a program running in the USB will authenticate for a valid passphase to login to the smart card (configurable). Success will then allow user to perform installation on their PC. In the scenario if the USB @MAXX is lost or duplicated, the clients application is protected by the smart card, without the smart card, malicious users cannot login to the smart card and perform installations.
The secure framework is 2 fold. After the installation, to the protect the client's exe files, every each of the client's files have to perform a check code to check for the same or (different) valid private key inorder to use the application. This side of the security framework had to be implemented on the client's end. Although our product cannot provide this side of the security, we can however support it by simply by contacting us through MyBloomShop.com. We can also rent out our prototype for your company to try out our product. Check out the SmartCard Secure User Manual below.