Joint Solution Protects Smartphone and App Layers from Malware and Wireless Attacks in Medical and Other Mission-Critical IoT Systems
ROSELAND, N.J. – June 5, 2019 – Sectigo (formerly Comodo CA), the world’s largest commercial Certificate Authority and a provider of purpose-built and automated PKI management solutions, today announced a technology partnership with Thirdwayv, a leading provider of end-to-end secure connectivity solutions for mission-critical IoT applications.
By combining Sectigo’s Certificate Authority (CA) device validation with Thirdwayv’s secure communication channel between smartphone apps, Internet of Things (IoT) devices, and the cloud, the companies are accelerating the deployment of systems that are resistant to malware and other cybersecurity attacks that target smartphones’ vulnerable wireless channels.
“Whether in healthcare, automotive or financial services applications, our customers rely on cybersecurity to protect highly sensitive data being communicated between IoT devices, smartphones, and the cloud,” said Vinay Gokhale, Vice President, Business Development, Thirdwayv. “By partnering with Sectigo, we are addressing demand for the convenience of controlling IoT devices and accessing IoT data and applications on smartphones. We’re providing a complete solution for speeding the use of IoT systems that have the strongest possible embedded security possible.”
Business Insider Intelligence projects that by 2025, there will be more than 64 billion IoT devices, up from 10 billion in 2018. IoT deployments are generating and sharing an expanding volume of sensitive data and the growing use of general-purpose smartphones introduces another threat surface.
Sectigo and Thirdwayv are teaming to bring trust and security to these systems, making it possible for companies to quickly build out and scale their solution development ecosystems with all the necessary elements for maintaining and managing security throughout the device lifecycle. With Sectigo’s efficient, automated cloud-based IoT Security Platform issuing trusted, third-party PKI certificates, and Thirdwayv providing software development kits (SDKs) and application programming interfaces (APIs) for rapidly incorporating its SecureConnectivity™ and AppAuth™ solutions, commercial and enterprise IoT developers can see years of development reduced to weeks.
“IoT attacks are increasingly common, highlighting the need for improved security. Thirdwayv has demonstrated success in rapidly deploying the most secure IoT applications, while also solving the challenge of securely incorporating smartphones into them,” explained Damon Kachur, Vice President, IoT Solutions, Sectigo. “The Sectigo and Thirdwayv collaboration ensures the proper security policy is integrated at the birthplace of the device, providing third-party CA validation of connected devices. For enterprises looking to add connected device deployments, we’re offering malware protection on the smartphone and app layer, enabling secure communications between the ‘thing’ and the smartphone.”
Augmenting TLS and Wireless Protocols in Smartphones
Thirdwayv’s products augment Transport Layer Security (TLS) mechanisms of Android and iOS operating systems by providing smartphone app client authentication via the smartphone hardware root of trust. Thirdwayv enhances shared wireless protocols such as Bluetooth so that IoT devices can be securely connected to, and controlled by, an authentic app over the shared connection. The products also:
- Protect the app environment
- Provide digital cryptographic identity to each element of the IoT system
- Enable IoT system elements to validate the authority and privilege of each other (‘thing, smartphone/app, and cloud)
- Support various communications protocols such as BLE, WiFi, LTE, and NFC
Thirdwayv products have been successfully incorporated into a commercialized medical device that uses smartphones and was recently cleared by the Food and Drug Administration (FDA). Other applications for Thirdwayv’s products include high-value asset tracking, autonomous and connected cars, and critical infrastructure.