WISeKey is a leading global cybersecurity company headquartered in Geneva, Switzerland currently deploying large scale digital identity ecosystems with a patented process. WISeKey’s Swiss-based cryptographic Root of Trust (“RoT”) provides secure authentication and identification in both physical and virtual environments for the Internet of Things, Blockchain and Artificial Intelligence. The WISeKey RoT serves as a common trust anchor to ensure the integrity of online transactions among objects and between objects and people.
Our integrated vertical trusted platform combines a range of chips with software applications that cater to our customers’ security and business needs. The software includes proprietary technology developed by the company such as, RoT and Public Key Infrastructure (“PKI”). These technologies are offered as part of standalone products, as well as on the fully integrated Vertical Trusted Platform that enables WISeKey clients to manage their digital identity, information, and communications in a seamless process housed by complementary technology and products. We enable our clients to adapt to a changing device landscape without compromising their digital security. The rapid growth and proliferation of internet based devices, as well as people’s dependence on them for personal and business needs, precipitated the connectivity of digital devices. However, such connectivity creates numerous opportunities to alter or manipulate digital footprints. We believe that our integrated products provide the most comprehensive solution to these gaps in cybersecurity and data protection. The core of WISeKey’s Vertical Trusted Platform is based on our Cybersecurity SaaS business, also known as managed PKI services, and on our Semiconductor chips.
The managed PKI services deploy digital certificates used for public key encryption, allowing them to securely authenticate users and devices on the internet. Such certificates also create tamperproof electronic signatures that, given our accreditation by the relevant governmental authorities and organizations, render such signatures legally valid and binding. Our semiconductor chips provide hardware encryption and, once embedded into a device, securely authenticate the device’s identity for protected communications. PKI is extended with a blockchain instead of running certificate of authority, or CA, software on a computer, which requires back-up and, maintenance, the CA runs on a trusted private blockchain allowing the code to accessible to anyone thereby rendering the PKI more robust and trustworthy.
Before the advent of e-commerce, there were highly developed practices – combined with normal human instinct – that helped secure commercial interactions. Physical possessions could be kept behind locked doors. Banks were located in recognized buildings. Couriers securely delivered important documents that could be locked in filing cabinets. The identities of individuals could be verified using difficult to forge ID cards. Important transactions were signed in person, and often with a notary or witness to attest to their legitimacy. The growth of e-commerce has led to transactions of all sizes and importance being conducted online, and to individuals sharing previously private details about their lives in return for free services such as social media or email. Many people have never visited the physical location of their bank nor met in person the individuals at organizations with which they conduct important business. Furthermore, documents and transactions only exist in electronic form, and many electronic devices and online accounts are intricately intertwined in daily life, such as the mobile telephones and their applications that can open physical doors, control household devices and enable convenient access to online lives. As the online world has proliferated, it has started to face the online version of issues faced by the traditional world: cybercrime, data manipulation, identity theft, online fraud, and hacking. Even worse, the ‘borderless nature’ of the online world means that these attacks can be performed at great distance, at huge scale driven by automation, and in relative anonymity. As a result, there has developed an urgent need to replicate in online environments the security of the traditional world. This has resulted in evolving cybersecurity technologies that attempt to prevent, detect and respond to cyber threats.4 There are also rapidly evolving laws, regulations and technical standards that are designed both to enable online transactions, as well as instill order in the services providers that operate and protect them.
CyberSecurity SaaS and Trust Service The security model currently in place follow a “fortress mentality.” based on a perception that attackers were outside of an organization’s network and it was sufficient for an organization to load up on protections such as software, hardware, firewalls and biometric systems. The challenge with latest cyber threats is that an attacker is frequently inside the organization, using simple technologies, such as a USB stick or a cell phone camera, enabling the attacker to collect information and bring it outside the massive defensive walls. As a result, organizations today need to start adopting more effective measures to maintain greater control over employees, including providing them with digital IDs that permit better tracking and restrictions. While information security has been a key concern since the proliferation of computer networks, the increased levels of concern have prompted organizations to devote more resources to combat this threat. Computers can be used as weapons, and the effort to improve computer security is impacted by contradictory forces given the need for the Internet to remain open, with its totally unsecured and decentralized architecture. The use of encryption underpins many forms of online security, leveraging different facets of cryptography in order to encrypt data for privacy, to identify an individual or entity, and to protect data integrity. Distributed Denial of Services (DDoS) attacks are becoming increasingly ubiquitous and dangerous, causing organizations billion dollar losses. In addition, man-in-the-middle attacks on video surveillance cameras are becoming commonplace. These are just two examples of threats faced by IoT systems. Hackers have different motivations (e.g., causing disruption, money, terrorism, etc.) and resources (material, collusion, expertise, etc.) to penetrate a system, but all IoT Systems face a significant risk of hacking. The consequences can be significant: disrupted services, intrusion on users’ privacy and safety, theft of intellectual property, damaged brand reputation, loss of revenue, job destruction and more. Public key cryptography, also referred to as asymmetric cryptography, is a critical tool to secure virtually all online communications. In its simplest form, public key cryptography is used to generate a pair of keys: a private key and a public key.