May 28, 2019

White Paper: FIDO and PKI Integration in the Enterprise – Best Practices

May 28, 2019 in FAQ, FIDO, GDPR, Resources

FAQ: FIDO Relevance for GDPR

The FIDO Alliance recently released an FAQ on how its authentication protocols help companies control access to and permissions for data—a key component for GDPR compliance. (more…)
Read More
May 28, 2019 in FIDO, GDPR, Resources, White Paper

White Paper: FIDO for GDPR – FIDO Authentication and the General Data Protection Regulation

If you're looking to understand how FIDO's strong, encryption-backed authentication can apply to the EU's General Data Protection Regulation (GDPR), check out this white paper published by the FIDO Alliance…
Read More
May 28, 2019 in FIDO, Resources

White Paper: FIDO for PSD2 – Providing for a satisfactory customer journey

StrongKey's CTO, Arshad Noor, collaborated on this white paper published by the FIDO Alliance to help illustrate how FIDO's strong, encryption-backed authentication can apply to PSD2's Regulatory Technical Standards for…
Read More


Automating Data Protection across the Enterprise

“The DEI is the logical evolution to make data protection a ubiquitous service on the network, accessible to systems and applications through a uniform interface, with the ability to address diverse data security regulations while leveraging the cloud for business benefits.”

—Published in on Feb 07, 2013.

Introduction to Public Key Cryptography

“For those interested in understanding some simple mechanics of how digital certificates work, why are they necessary, and how they can protect you, a good introductory paper can be found at this link.”

—Mozilla Developer Network

Visit the above-mentioned link here: Introduction to Public Key Cryptography

Data Protection for Companies

“In 2003, California passed Senate Bill 1386, requiring companies to report breaches of computerized systems resulting in access to sensitive information about a California resident. With the subsequent passage of similar laws in nearly 40 other U.S. states, it is now evident that our computer infrastructure is far more porous than we previously imagined.”

—Selected as one of the best articles published by the ABA. Published in the ABA SciTech Lawyer, Volume 5 Issue 1, Summer 2008

Symmetric Key Management Systems

“Most security professionals are familiar with symmetric key-based cryptography when presented with terms such as Data Encryption Standard (DES), Triple DES (3DES), and the Advanced Encryption Standard (AES). Some are also familiar with Public Key Infrastructure (PKI) as an enterprise-level solution for managing the life cycle of digital certificates used with asymmetric key cryptography. However, the term Symmetric Key Management System (SKMS) — which refers to the discipline of securely generating, escrowing, managing, providing access to, and destroying symmetric encryption keys — will almost always draw blank stares.”

—Published in the ISSA Journal, February 2007

Successful PKI Implementations

“Contrary to what you might have heard or read in the Information Technology (IT) press, companies have built Public Key Infrastructures (PKI) successfully, and use them daily to solve day-to-day business problems. What is little known, however, is the magic potion these companies used to make their PKIs successful. This paper will attempt to demystify some of that magic and provide you guidance that can help you navigate the pitfalls as you deploy your PKI.”

—Published in the ISSA Journal, September 2005

Blueprint for Managing SB 1386 Compliance

“Businesses need to address SB 1386 compliance effectively by implementing this four-part solution. This document presents an overview of what companies should address when putting their SB 1386 compliance infrastructure together.”

— Published in the ISSA Journal, May 2003


The Export Administration Regulations (EAR) provide information on the export restrictions on a wide variety of goods, software, and technologies. StrongKey, Inc. products are subject to the control of exports under the United States Bureau of Industry and Security (BIS). An item subject to U.S. export controls is not necessarily unable to be exported. In the case of StrongKey encryption products, a one-time government technical review/notification is required prior to exporting. Once a review has been completed, products may become eligible for a particular export license exception. This export authority may then be used by all exporters, not just StrongKey. For Export Control Classification Number (ECCN) information, please email

StrongKey’s products may not be exported to the embargoed countries and denied parties/affiliates without an export license.

We are providing this information as a general guideline to our customers. BIS requires that each entity exporting products be familiar with and comply with their affirmative obligations set forth in the Export Administration Regulations. Please note that the regulations are subject to change. We recommend that you obtain your own legal advice when attempting to export. In addition some countries may restrict certain levels of encryption imported into their country. We recommend consulting legal counsel in the appropriate country or the applicable governmental agencies in the particular country.


NCCoE Announces Technology Collaborators for Mobile Applications SSO Project

NIST’s National Cybersecurity Center of Excellence (NCCoE) is working with the public safety and first responder (PSFR) community to develop a Mobile Application Single Sign-On (SSO) solution to assist PSFR personnel in immediately accessing critical public safety data during states of emergency. After publishing a final project description, the NCCoE released a Federal Register notice seeking technology collaborators.

As this project moved into the build phase, NIST announced the chosen technology vendors who will collaborate with them on this project: Motorola Solutions, Nok Nok Labs, Ping Identity, StrongKey, and Yubico. With the participation of these vendors, the Mobile SSO project will leverage available technologies to help increase security and efficiency in high-stakes, time-sensitive situations. To learn more, please read the project description or the two-page fact sheet.

The team recently presented an overview of the project at the PSCR Public Safety Broadband Stakeholder Meeting. Click here to view the presentation.

Government Resources for StrongKey developers and collaborators.
StrongKey is nation-wide.
West Office | Cupertino, CA
East Office | Durham, NC