on October 01, 2021

airgapped. disconnected. isolated. cold. it can be spelled out many ways, but the definition is the same: not having any method of connecting to the internet practically eliminates the possibility for internet based over-the-air attacks.

Isokey is devoid of transfer protocols like Bluetooth, WIFI and USB.  The only method of introducing data into the device is through QR codes and user-inserted micro-sd cards, making sure the user is conscious of any data transfer into or out of the device and ensures all data is securely stored and managed.


why are we isolated?


short answer: it’s way more secure.


long answer: if you have a physical safe to store your passports, legal documents, or other sensitive date, you wouldn’t leave the safe in plain sight even if the lock was super strong. you would install it out of sight, covered even.  there’s no reason to advertise that the safe exists at all.

in a parallel to digital security, if you have important, heavily encrypted files, you shouldn’t store them on your internet connected computer.  if you encounter a virus, spyware, or malware on that computer, those files can be compromised without you even knowing a hacker was there.  this process can be done automatically by malware or ransomware in the blink of an eye. a hacker doesn’t need to scour through your files one by one.

with a staggering majority of data loss originating from the internet, the safest option is to reduce or eliminate this threat altogether by removing all forms of communication.  this is why our product has no WiFi, Bluetooth, NFC or USB. there is no way for our product to connect to the internet directly or have high bandwidth connection to another internet connected device.  this makes over-the-air attacks virtually impossible.

the major drawback of an unconnected system however is ease-of-use.  it increases the friction of inserting passwords or authentication tasks as they require the user to manually transfer the data into and out of the device.  to help reduce this friction, we have added a camera module that allows the device to read and decode QR codes, allowing easier use of challenge-response protocols for authentication, building QR based transfer requests in the case of cryptocurrencies, and to be relayed to the networks from a separate, internet connected device.

we believe in data isolation as a security measure. even with its usability draw-backs, it will provide great leaps in peace-of-mind regarding where your private data is stored and what threats it faces.