As applications evolve to become more complex and collaborative, there is an increasing need for applications to cross-communicate with one another and have some means of establishing mutual trust in order to perform their individual functions. This is especially relevant to applications that depend on other applications for user authentication, payment, and secure data transfer for trusted data storage or processing. As some of these applications may operate in untrusted environments, such as unsecured IoT devices or compromised mobile devices, an application would have to determine if the other application is what it claims to be, has not been tampered with (both statically and dynamically), and can communicate over a trusted communication channel, before trust can be established.
This technology offer provides an application-based secure element bounded within the application which can provide attestation to the app’s identity and integrity, thereby enabling mutual trust. This technology can be use in a variety of applications, including mobile applications, server-side applications, or even applications running within robots or IoT devices.
To ensure an application’s identity and integrity, this technology embeds a secure element into the application. With this isolated secure element, trust can be established between an application communicating with another application in the same device or across different devices. This can then be used to create a trusted communication channel between servers and/or applications.
Application-to-application mutual trust can occur in a variety of combinations and depending on the actual use case, trust may be an application trusting another application (one-sided) or both applications trusting each other (mutual). The following one-sided/mutual configurations are supported by this technology:
This technology enables individuals, banks, enterprises and government entities to establish inter-application authenticity and enables the storage of sensitive or confidential personal and corporate data, including credentials, private keys, tokens, and purchase or transaction data. Potential applications also include: