Proxy Security Overview

  1. Proxy Help Center
  2. Proxy Products: Guides + Resources
  3. Proxy Access | General Information

Proxy Security Overview

Credentials

User credentials

  • User verification via email; user credentials are not stored on the phone, but exchanged for tokens that authenticate the mobile app to the cloud endpoints (OAuth).

  • HTTPS transport encryption.

Access credentials

  • Access credentials are not stored on the phone or on the reader; each operation uses a unique, time-limited, non-replayable token encrypted and signed by the server.

  • AES-128 encryption, unique per-device keys.

 

Cloud Infrastructure and Management Dashboard

  • HTTPS transport encryption for all traffic.
  • At-rest encryption of credentials and device keys (AES-256-GCM with rotating keys).
  • User verification via email or password; user credentials are exchanged for tokens that authenticate the web app to the cloud endpoints (OAuth).

 

Reader hardware

  • Secure boot, digitally signed firmware images.
  • Local verification of access tokens and signatures; reader is not exposed to the network.

 

For more detail information, please contact your Proxy Representative. 

 

Was this article helpful?
0 out of 0 found this helpful

Related articles