Indeed Airkey Cloud

The cloud platform supported digital signature, strong authentication and delivery of encrypted messages to the user’s smartphone.

Indeed AirKey Cloud operation modes

The Indeed AirKey Cloud digital smart card is a hybrid one. It allows for combining the best strong authentication technologies in one application.

Depending on the situation, Indeed AirKey Cloud offers several operation modes to a user:
  • classic smart card mode
  • Internet smart card
  • one-time password generator
The selection of digital smart card operation mode is performed by user, depending on the following parameters:
  • type of device used: PC, web kiosk or tablet PC
  • whether Indeed AirKey Cloud smart card driver is installed onto the device used
  • whether Flight mode is activated on the user's iPhone
  • whether the user is in roaming mode

Indeed AirKey Cloud operation principle

Classic smart card mode

In this mode, the digital smart card is indistinguishable from a plastic counterpart, judging by its capabilities and operational characteristics. To operate correctly, it needs the PKI infrastructure implemented in the organization, digital certificates issued for the user and Indeed AirKey Cloud driver installed onto his/her computer.

The Indeed AirKey Cloud smart card can be utilized for user identification and authentication, data encryption and digital signing of messages, documents or transactions. To connect the Indeed AirKey Cloud to a user PC, a 3G/LTE, Wi-Fi or USB connection can be employed. Communication channel between iPhone and PC is encrypted using TLS protocol.

Indeed AirKey Cloud supports standard protocols, interfaces and PKI-mechanisms. The organizations, that use plastic smart cards for data protection and authentication procedures, do not need to make significant changes in their infrastructure to start using Indeed AirKey Cloud digital smart card instead of or in combination with the plastic counterparts.

Internet smart card mode

When a user works with web resources on somebody else's computer, tablet PC, thin or zero client, the Indeed AirKey Cloud digital smart card allows for user authentication using his or her certificate, without installing any drivers or runtime onto the device. In this case the Indeed AirKey Cloud establishes a direct IP connection to the application or web service via Internet (using 3G/LTE or Wi-Fi connection).

Communication channel between iPhone and web resource is encrypted using TLS protocol.

One-time password generator mode

In addition to Classic smart card and Internet smart card modes, the Indeed AirKey Cloud also supports “one-time password generator” mode.

The implementation of OTP algorithm, which Indeed AirKey Cloud is based on, requires that the user has a valid digital certificate (you can use the same certificate that is used for authentication in the network or at Windows Desktop), has an iPhone and certificate's private key.

One-time password generator mode makes the Indeed Airkey Cloud digital smart card completely self-contained: it does not need either installation of a driver onto PC, or connection of iPhone to PC. It also does not require established Internet connection.

Comparison of Indeed AirKey Cloud digital smart card to plastic counterparts

Characteristic

Indeed AirKey Cloud

Plastic smart card

Form factor

iPhone

USB key, plastic card, MicroSD

Memory available for key and certificate storage

Limited by iPhone memory only

up to 90 Kb

Processor

High-performance CPU of iPhone

Low-performance microprocessor

PKCS#11 standard support

Yes

Yes

Microsoft CSP interface support

Yes

Yes

Cryptographic algorithm support

  • AES
  • RSA
  • SHA-1
  • GOST-algorithms are implemented in the CryptoPro AirKey edition (https://www.cryptopro.ru/products/kriptopro-airkey)

Depends on the manufacturer

Strict authentication of access to enterprises corporate resources

Yes

Yes

Digital signature

Yes

Yes

Authentication of access to web applications using tablet PC

Yes

Limited support: additional smart card reader is required, as well as purpose-developed software for its support

Opportunity to enter PIN code not on the user PC (keylogger protection)

Yes, PIN code is entered on the iPhone

Limited support: additional device is required

Display of transaction details not on the user PC

Yes, iPhone screen is used

Limited support: additional device is required

Remote removal of keys and certificates from the user device (on air)

Yes

No

Biometrics support

Touch ID technology

Yes. Additional device is required, as well as match-on-card technology support.

Our products

Indeed Card
Management

Certificate key media management and recording, key information backup, user self-service, automation of operations with several CA.

Read more

Indeed
AirKey
Enterprise

This technology allows for employee access to all web applications without multiple credentials input.

Read more

Indeed
Enterprise
Authentication

Replacing passwords by strong, multi-factor authentication, automatic execution of privacy policies, access audit.

Read more

Indeed Enterprise
Single
Sign-On

This technology allows for employee access to all the corporate IT systems without multiple credentials input.

Read more

Indeed Web
Authentication

product-page.wa.product-list.description

Read more

Read more

Any questions? Chat with us!

Our contacts

+7 (812) 640-06-09

St. Petersburg

indeed-id

linkedin

indeedid

youtube channel