LINKS
ABOUT

airkeys@inwebo.com

Tel: (415) 879-8915

169 11th Street

San Francisco, CA 94103

Tel: +33 1 46 94 68 38

64, rue de Caumartin

75009 Paris, France

Tel: +49 6158 940749

Kinzigstr.1,
64560 Riedstadt, Germany

SOCIAL
  • White Twitter Icon

AIRKEYS and inWebo are registered trademarks of inWebo Technologies.

© 2018-2023 by inWebo Technologies.

Security

Offline authorization use cases are more difficult to secure than online ones. AIRKEYS has been designed for an easier user experience, yet with no compromise on security. Here's part of what you'll find under the hood. Of course ARIKEYS only uses state-of-the-art cryptography.

 

  • Virtual keys match only one smart lock. Both virtual keys and smart locks are files handled by AIRKEYS libraries. You can issue and map these files to smartphones and to resources as it best makes sense for your use cases.

  • Virtual keys and smart lock mutual authentication: both virtual keys and smart locks have unique identifiers to limit useless authorization traffic. Furthermore, AIRKEYS implements a mutual authentication mechanism so that, for instance, no “fake” smart lock can request a virtual key just by mimicking the smart lock identifier.

  • Permissions integrity: AIRKEYS doesn’t understand what the permissions mean as these are business rules, not security rules. However, AIRKEYS provides a proof of integrity of the permissions. That proof can be verified by smart locks but can’t be altered by users (or anyone else) when virtual keys are stored in their smartphone.

  • Virtual key protection at rest: AIRKEYS has an option to encrypt virtual keys in a way that makes a simple copy of the key file useless. A skilled hacker having access to the user’s smartphone would need to be by the virtual lock to have a chance to obtain the virtual key. Eventually, we designed AIRKEYS so that it would be easier to steal the smartphone than to bypass AIRKEYS security and get unnoticed.

  • Virtual key protection in transit: AIRKEYS offers several options to encrypt the virtual key when it’s initially sent to the user’s smartphone. Furthermore, during the authorization dialog, the virtual keys are never transmitted or exposed, even encrypted. Finally, the smart lock can request a user authentication (e.g. PIN, fingerprint) to prevent someone from using the virtual key if the smartphone has been stolen. AIRKEYS is designed to enforce security requirements on a per transaction basis so that you have a complete control.

  • Virtual key revocation: AIRKEYS provides optional mechanisms to revoke keys when an attack is detected. 

  • Back-end security: AIRKEYS back-end relies on certified hardware security servers (HSMs). Only you have access to the administration of virtual keys and virtual locks for your service.