KOBIL Mobile, Secure and Flexible
KOBIL is the ideal product for the mobile, yet safe transportation of your data and the protection of your digital identity. The perfectly integrated smartcard technology protects the user against the accidental loss or theft of the midentity device. At the same time, KOBIL is as easy to handle as a normal USB memory stick. The Challenge A basic prerequisite for secure mobile working consists in the securing of your digital identity and the highly secure protection of your data. In order to increase the work efficiency in modern companies, employees must be able to access their company s intranet with ease from any PC equipped with internet connectivity. Moreover, mobile workers should always be able to carry their sensitive data with them in highly secure form, and should be able to work on any PC, anywhere. To this end, both the data at issue and the corporate intranet need high security protection. Because customer address files, contract documents, tenders, balance sheets and corporate strategies, for instance, are contents that must not fall into the hand of an external party. That is why the access to highly sensitive data needs to be as safe as possible. Data storage on standard USB sticks is far from sufficient. Only persons who submit unique authentication should be able to access this sort of data. Faced with the lack of a suitable solution, many companies have outlawed the use of normal USB mass memories. This kind of measure, however, severely restricts the efficiency of the modern, globally active worker. Alternative Solution Technology Normal USB mass memories are unable to protect the data on a given device once that device has been stolen or misplaced. Nor are pure mass memories suitable for the protection of your digital identity. The reason is that security aspects play no more than a subordinate role for the development of such devices: Standard USB mass memories do not use smartcard technology for cryptographic data protection (through strong authentication and encryption). Naturally, this makes the representation of your digital identity in a forgery-safe manner impossible. This level of security frequently requires additional, third party components. Alternative solutions whose sole security feature is based on biometric characteristics are no universal cure either. Because in this case, biometrics can only be a supplementary security feature, and cannot take the place of your memorised PIN. In the event, for instance, that a correct fingerprint is mistakenly not recognised, you would have to fall back on the PIN entry as emergency solution anyway. Our Solution As a globally recognised vendor in the secure digital identity environment, KOBIL committed itself to the development of a mobile smartcard terminal with integrated flash memory and intelligent applications that would offer all the safety and mobility a user needs. This product is designed to protect the data of staff working offsite, as it enables them to communicate with the company headquarters in a manner that is entirely safe against interception, and easy to handle. Data stored on midentity are automatically subjected to high security encryption (3DES 168 bit and RSA up to 2048 bit via smartcard). We call this patented technology midentity. Since we always apply top standards to our products in terms of comfort, we developed KOBIL midentity 2
Basic specifically for comfortable mobile usage. While requiring no software or driver installation, enables users to carry their data securely with them in an integrated data safe. Where required, you may also use it to set up a highly secure SSL-VPN- or terminal server connection via public networks. It is the only system of its kind worldwide. All you need to do as a user is to insert your midentity into any PC, enter your personal PIN, and set up a secure connection to your company s intranet. Or you can easily access the data stored in your midentity secure data storage. In other words, data access presupposes two factors: Possession of the midentity device and knowledge of your personal PIN. Benefits KOBIL is the only solution that provides users with highly secure, yet mobile and comfortable, data security. The protection is effected through proprietary and patented KOBIL technology, based on smartcards and flash memory. The use of interchangeable smartcards results in a low personalisation overhead, thus cutting the costs for the entire rollout process. At the same time, users of benefit, as soon as the free software has been installed, from the same range of features that a pure smartcard solution would offer, such as a secure and easy Windows logon, secure remote access via IPSec-VPN and secure e-mail. If you buy the product upgrade, midentity Classic, also offers the additional features of Simple Sign-on and hard disk data encryption. This ensures a high-level security of investment. Applications Applications Without Prior Installation on the Client PC: > Mobile Secure Data Storage Provides high security transportation of sensitive data. Data access from any PC with just your PIN. > Secure Web Applications and Mobile SSL-VPN High security SSL client authentication, using the smartcard and certificates integrated into. A preconfigured SSL client in form of Mozilla Firefox browser is stored manipulationsafe on midentity. Technical Details Platforms > Windows 2000, SP 3 or higher > Windows XP, SP 1 or higher > Windows 2003 Server Standards > Microsoft Crypto API* > PKCS#11 > PC/SC (CCID)* > X.509 v3 certificates > SSL v3 > S/MIME* Cryptographic Processes > RSA 2048 bit > 3DES 168 bit Simple Sign-On > Dialog boxes** > Web forms** Interface > USB 2.0 High Speed > USB 1.1 High Speed Dimensions 74mm x 22mm x 12mm (L x W x H) Weight > 13.5 g Available Sizes S, M, L, XL, XXL (64, 128, 256, 512, 1024 MB) * Requires installation of basic software ** Only in combination with Classic upgrade 3
> Secure Terminal Server Sessions Combined with Mobility High security Citrix and Windows terminal server sessions, using the smartcard and certificates integrated in. User mobility is provided on the basis of preconfigured clients that are stored manipulation-safe on midentity. Applications Requiring Previous Installation of the midentity Basis Software on the Client PC: > Windows Logon High security logon onto the Windows network with just your PIN, both with and without domain. > Remote Access and Network Logon High security access in VPN, firewall, SAP R/3 and Novell NDS environments using two-factor authentication and a combination of smartcard technology and public key cryptography. > Secure Communication Digital signatures and encryption create privacy, validity and manipulation safety in e-mail communication and other applications. Features > One-Time Password System The system includes an authentication server for validating the one-time passwords generated by midentity, as well as a management system. > Update Capability Easy update-enabled firmware will always keep your system up-to-date. > Flexible Personalisation through Replaceable Smartcard Personalisation is efficiently performed by replacing the smartcard. Additional Options > Protection Against Unsafe USB Sticks Third party port blocker software blocks the use of unsafe USB sticks. Making midentity the only device authorised for mobile data storage. > Digital Rights Management Optional digital rights management for custom assignment and control of access privileges. > Company Card Building access control and time tracking, using contact-less RFID technology (undergoing evaluation). > Compliance with German Signature Act Secure PIN input through a patented virtual PIN pad. Other Functions can be upgraded any time to midentity Classic to include a number of extra functions. 4
References Various future-oriented and globally renowned enterprises are already using KOBIL. A case in point, DATEV tax consultants and auditors use the KOBIL midentity secure data storage for mobile data security. At the same time, the integrated Mozilla Firefox browser provides them with access, via SSL-VPN connection (requiring no prior installation), to other DATEV online applications using public networks, of course. DG-Verlag, a German service provider mainly supplying Volksbank and Raiffeisenbank savings banks, offers key account customers a KOBIL midentity version with the in-house proficash home banking software already integrated in the device. This grants the user comfortable and mobile high security access to the own current account. This solution received the ISSE 2004 award for innovative technology. information is as safe as it would be in a Swiss bank vault, except that users can pocket this their very own data vault and carry it along, anywhere they go. Customers also include Deutsche Telekom, who has already deployed KOBIL midentity in a variety of sectors. User groups include anyone from executives to mobile consultants. Thanks to its patented technology, KOBIL midentity is the only solution to satisfy this customer s combined requirements of mobility, flexibility and top security. Customers who have equipped their employees with KOBIL midentity to provide them with mobile secure data storage capability include the RWE energy group and the secret service of a European country. The largest Swiss private bank uses KOBIL midentity as their only authorized USB mass memory. For the bank, it is of the essence that even the last shred of doubt regarding the security and privacy of customer information be removed. Such 5