Sectigo and Thirdwayv partner to secure critical IoT systems
June 11, 2019
A partnership between New Jersey-based certificate authority Sectigo and Californian connectivity company Thirdwayv aims to protect smartphone and app layers from malware and wireless attacks in medical and other mission-critical IoT systems.
By combining Sectigo’s certificate authority (CA) device validation with Thirdwayv’s secure communication channel between smartphone apps, IoT devices and the cloud, the companies are accelerating the deployment of systems that are resistant to malware and other cyber-security attacks that target smartphones’ vulnerable wireless channels.
“Whether in healthcare, automotive or financial services applications, our customers rely on cyber security to protect highly sensitive data being communicated between IoT devices, smartphones and the cloud,” said Vinay Gokhale, vice president of Thirdwayv. “By partnering with Sectigo, we are addressing demand for the convenience of controlling IoT devices and accessing IoT data and applications on smartphones. We’re providing a complete solution for speeding the use of IoT systems that have the strongest possible embedded security possible.”
Business Insider Intelligence projects that by 2025 there will be more than 64 billion IoT devices, up from ten billion in 2018. IoT deployments are generating and sharing an expanding volume of sensitive data and the growing use of general-purpose smartphones introduces another threat surface.
Sectigo (formerly Comodo CA) and Thirdwayv are teaming to bring trust and security to these systems, making it possible for companies to build out and scale their development ecosystems with the necessary elements for maintaining and managing security throughout the device lifecycle.
With Sectigo’s efficient, automated cloud-based IoT security platform issuing trusted, third-party PKI certificates, and Thirdwayv providing software development kits (SDKs) and APIs for rapidly incorporating its SecureConnectivity and AppAuth offerings, commercial and enterprise IoT developers can see years of development reduced to weeks.
“IoT attacks are increasingly common, highlighting the need for improved security,” said Damon Kachur, vice president of Sectigo. “Thirdwayv has demonstrated success in rapidly deploying the most secure IoT applications, while also solving the challenge of securely incorporating smartphones into them. The Sectigo and Thirdwayv collaboration ensures the proper security policy is integrated at the birthplace of the device, providing third-party CA validation of connected devices. For enterprises looking to add connected device deployments, we’re offering malware protection on the smartphone and app layer, enabling secure communications between the thing and the smartphone.”
Thirdwayv’s products augment TLS transport layer security mechanisms of Android and iOS operating systems by providing smartphone app client authentication via the smartphone hardware root of trust. Thirdwayv enhances shared wireless protocols such as Bluetooth so IoT devices can be securely connected to, and controlled by, an authentic app over the shared connection.
The products also protect the app environment, provide digital cryptographic identity to each element of the IoT system, enable IoT system elements to validate the authority and privilege of each other, and support various communications protocols such as BLE, wifi, LTE and NFC
Thirdwayv products have been incorporated into a commercialised medical device that uses smartphones and was recently cleared by the Food & Drug Administration (FDA). Other applications for Thirdwayv’s products include high-value asset tracking, autonomous and connected cars, and critical infrastructure.