Simon Blake-Wilson VP of Embedded Security Solutions INSIDE Secure

INSIDE Secure, a leader in embedded security solutions for mobile and connected devices, has announced at Cartes America the launch of MatrixSSE, a software secure element for mobile applications including enterprise, entertainment and financial applications. The solution allows mobile applications to securely process and store sensitive data in a hostile mobile environment. It simplifies the integration of security into mobile applications and allows them to defend against malicious attacks.

“We are excited to bring together a broad range of best-of-breed security technologies and put ourselves at the forefront of applications protection.”

According to the latest McAfee report, Android malware almost tripled between 2012 and 2013(1). Today, attackers can easily gain access to mobile devices and simply steal keys and other secrets from software that uses traditional cryptographic implementations. MatrixSSE solves this problem by securing the execution and storage environment using whitebox cryptography and code obfuscation technology. In particular, tamper resistant MatrixSSE also prevents out-of-context execution and other “lifting attacks” that plague other less comprehensive solutions by using its advanced context enforcement feature.

MatrixSSE combines a number of existing technologies, including software and tools from Metaforic, a company acquired by INSIDE Secure on April 5, 2014, and existing INSIDE Secure tools, into a comprehensive package of tested and proven security technology layers that have been deployed in more than 100 million mobile applications in the payment, entertainment and gaming sector. These applications have successfully gone through extensive penetration and attack testing by external security labs.

INSIDE Secure calls MatrixSSE a “software secure element” because it protects applications from a broad range of security threats, similar to traditional hardware secure elements. Whilst hardware secure elements protect applications by isolating them on dedicated hardware, MatrixSSE protects data and processing by isolating them securely within the application. The solution provides the best possible protection in software, with the advantages that it is downloadable and updateable. These are key requirements in the fast moving mobile apps market.

“Hackers, malware and other security issues pose a significant threat to the mobile app ecosystem,” said Simon Blake-Wilson, executive vice-president of Mobile Security division at INSIDE Secure. “We are excited to bring together a broad range of best-of-breed security technologies and put ourselves at the forefront of applications protection.”

Examples of security features within MatrixSSE include:

Anti-tamper: prevention of changes to applications
Obfuscation: hiding the function of all or part of an application
Whitebox cryptography: enabling secure encryption and data storage on any platform
Jailbreak detection: allowing an app to determine if it is running on a rooted device
Application to application authentication: checking interactions with other applications and hardware are genuine
These features make MatrixSSE well suited to protect a wide range of apps, including payments using Host Card Emulation, entertainment, enterprise and financial applications. Indeed INSIDE Secure is incorporating MatrixSSE into its own market-specific offerings: QuickSec VPN Client for enterprise.

INSIDE Secure is uniquely positioned as the only company able to provide security solutions for enterprise, digital entertainment and financial services markets, the three key market drivers for mobile security. Benefitting from these core expertise, MatrixSSE is built as a trusted foundation for mobile applications that defend against any malware, “man-in-the-app” attacks (Trojan horse) and communication spoofing attacks. Retail, financial, entertainment and mHealth service providers planning to deploy secure mobile applications can ensure the highest level of security for their app and data with MatrixSSE.

(1) http://www.infosecurity-magazine.com/view/34882/digitally-signed-malware-sees-tripledigit-growth/

(2) http://www.theregister.co.uk/2013/06/17/lookout_badnews_iisi_malware/

About INSIDE Secure

INSIDE Secure (NYSE Euronext Paris FR0010291245 – INSD.PA) is a leading designer, developer and supplier of semiconductors, embedded software and platforms for secure transactions and digital security. INSIDE mobile NFC, secure payment and digital security products provide security for a wide range of information processing, storage and transmission applications. The company’s customers are found in a wide range of markets, including mobile payment, identification documents, access control, transit, electronic device manufacturing, pay television and mobile service operators. For more information, visit http://www.insidesecure.com