biometric

Digital Sovereignty, to us, means more than having the data on your device. it also means safety and protection.  to ensure that personal data is securely stored, data encryption is handled with the highest standards and is flexible for everyone to use.  data can be encrypted using their fingerprint, PIN and/or password as the cryptographic seed, allowing data to be safeguarded with heavy encryption, even if the device is lost.

what is biometric?

short answer: biometrics are what we use to ease encryption and decryption of your data.

long answer: while we have covered the isolated nature of the device and its efficacy in reducing the threat surface that virtual attackers can exploit, we also have to protect against ‘physical’ attacks.  ‘physical’ attacks encompass what happens if an attacker gets hold of the actual device, rendering our ‘isolated’ defense less effective.

when initializing an isokey vault, the user logs their fingerprint and/or PIN as the cryptographic seed.  The cryptographic seed is then fed to a PRNG (pseudorandom number generator) that is used to encrypt the vault onto the micro-sd card.  this is done so that all data is kept encrypted on the device at all times, except for the when the user wants to access an individual file to display on the device. in that case, after it’s accessed, the unencrypted data is wiped from ram, and the rest of the data is kept safely encrypted on the micro-sd card.  if at any point during operation, the micro-sd card is removed, there is no need to worry.  the data on the card is protected with the safest encryption protocols and impervious to common attacks.