Frequently Asked Questions
What is application-level security?
Application-level security is a data security solution that protects data as soon as it is created in an application. In data security, the application is the top layer where users directly input data and information before sending it anywhere. When you secure data here, it is protected from the moment of creation instead of after it has already been in transit.
How are application level and operating system level security different?
The difference between application level and operating system level security is where the data is actually being secured. The application level is where data is created/inputted by users. When data is secured here, it is secured the moment that it is created, protecting the data from end to end. On the other hand, operating system level security refers to when data leaves the application, travels to the operating system, and is then secured by something like TLS security.
How does MTE technology secure mobile applications?
MTE Technology secures mobile applications through its MTE Mobile Toolkit. This toolkit is configurable on each endpoint and session, uniquely protecting each data payload. MTE can detect when there is a threat to the mobile device or application’s data and respond by intentionally corrupting the synchronization making the data unusable to bad actors. By securing data from application to server-side application, MTE Mobile addresses vulnerabilities such as jailbroken or rooted devices, SIM swap attacks, and application-based threats (malware, spyware, privacy threats, vulnerable applications).
What kinds of threats does MTE technology protect against?
MTE protects against threats such as man-in-the-middle attacks- including injection, replay and delay, inspection, spoofing and eavesdropping- and OS (operating system) attacks including heighten privilege and memory reading.
How does MTE protect against zero-days?
MTE protects against zero-days by always providing full end-to-end protection of data. Zero-day attacks happen when hackers find ways to unexpectedly steal data, leaving companies to retroactively attempt to implement stronger security. MTE uses zero-trust with full knowledge to eliminate the risks that leave systems vulnerable to those attacks and to ensure that the data will be fully secured from any actions bad actors may take.
Does MTE use AES Encryption?
No, MTE does not use AES Encryption. Instead, it uses AES and SHA based DRBGs to create random streams of values to replace sensitive data.
What is the Eclypses Cryptographic Library (ECL)?
The Eclypses Cryptographic Library (ECL) houses all cryptographic algorithms used by MTE and all MTE add-ons.
What does FIPS 140-3 conformance tested mean?
In April 2021, Eclypses embarked on our FIPS 140-3 certification for our MTE Cryptographic Library. Through this process, our technology was FIPS 140-3 conformance tested and currently awaiting certification by an independent, NIST-certified cryptographic security testing laboratory. Our cryptographic modules have passed the mandatory testing and documentation requirements leaving the final phase for the laboratory to submit their findings to NIST for CMVP validation and FIPS 140-3 certification. As of EOY 2021, Eclypses is currently awaiting certification into the Cryptographic Module Validation Program (CMVP) Module In Process (MIP) phase with NIST, which is the formal review process outlined by NIST to issue the FIPS 140-3 certification.
What is the implementation process for MTE technology?
The implementation process for MTE Technology can be completed in only a matter of days. To aid in an easy implementation, we have ample resources available for reference including:
- Implementation tutorials for every language
- Developer guides and demo code within SDK
- Code snippets, full examples, and best practices within our developer portal
- Our team will also work with you from start to finish to manage the project and offer support to your team on all implementation work.
How do I contact Eclypses?
The Eclypses team can be reached by emailing [email protected].