Products       Application protection       Secure Key Box™

whiteCryption® Secure Key Box™

Secure your cryptographic keys in critical software and apps using industry-leading white-box cryptography.

whiteCryption® Secure Key Box™

Build tap to phone payment systems faster

Secure Key Box automates the implementation of cryptographic protocols such as DUKPT key management and TR-31 key blocks.

Keep secrets and keys safe on any device

Even the strongest encryption methods fail when the encryption keys are compromised. Hackers can easily find and steal exposed cryptographic keys in code or memory. whiteCryption Secure Key Box protects your data and secrets by transforming keys and the algorithm logic so that keys never appear in the clear. This ensures that keys cannot be extracted—even if the device itself has been compromised.

Keep secrets and keys safe on any device

Equip your software with enterprise-grade key security

whiteCryption Secure Key Box seamlessly integrates with your application code to keep credentials and keys safe, without the need for specialized hardware.

Protect your cryptographic keys at all times

  • Secure keys at rest, in transit, and in use
  • Protect all cryptographic functions including key generation, encryption, digital signatures, key agreement, and dynamic key unwrapping
  • Safeguard against sophisticated side-channel attacks
protect-your-cryptographic-keys-at-all-times.jpg thumbnail

Seamless, secure, software-based key protection

  • Eliminate hardware dependence, cost, and complexity
  • Ensure universal, uniform security across platforms
  • Reduce time to market with quickly integrated key protection
seamless-secure-software-based-key-protection.jpg thumbnail

Retain control and flexibility

  • Diversified libraries with unique binary footprint and root keys ensure your keys work only for you
  • Configure features to optimize application performance and binary size
  • Respond to threats with custom defense actions through our Code Protection integration
retain control and flexibility.png thumbnail

Comply with regulations

  • Strengthen protection of sensitive data / PII
  • Integrate multiple white-boxes in a single application to isolate payment card and PIN data
  • Meet cryptographic protection pentesting requirements
comply-with-regulation.jpg thumbnail

Build compliant tap to phone apps

When it comes to building a tap to phone app, the regulatory hurdles around mPOS can be overwhelming. Learn about some of the specific requirements under PCI CPoC and how whiteCryption solutions help you comply.

Download white paper
Build compliant tap to phone apps

Strongest software-based key protection

Secure Key Box conceals and obscures keys and algorithm logic so keys can’t be extracted and tampering attempts are shut down.

Strongest software-based key protection thumbnail

Secure Key Box isn’t just for native apps

Our industry-leading white-box technology also protects web app crypto keys, keys in Java applications, and secures end-to-end communications.

Secure encryption keys in web apps thumbnail

Secure encryption keys in web apps

Cryptographic keys in your JavaScript web apps are at high risk. Browsers don’t have access to device hardware-based protections available to native apps. Every cryptographic operation performed in a JavaScript app exposes the keys for easy extraction. Secure Key Box (SKB) for Web keeps web app keys and credentials safe from attack.

Protect trusted communications thumbnail

Protect trusted communications

Communications are only as secure as the keys used to encrypt them. whiteCryption Secure Key Box (SKB) for TLS ensures the keys used to establish a TLS connection, as well as the session keys, are always protected. Keys never appear in plain form in device memory, remaining encrypted, even when in use.

Why whiteCryption Secure Key Box

Protect keys when stored, in transit, and in use icon

Protect keys when stored, in transit, and in use

Keep keys safe at all times, even on compromised, jailbroken, or rooted devices. Keys are never exposed in memory; algorithms operate directly on encoded keys.

Shorten development time icon

Shorten development time

Replace your standard cryptographic libraries with drop-in white-box secured key protection. No need to develop different protection mechanisms for different operating systems and platforms.

Any algorithm, any platform icon

Any algorithm, any platform

Agnostic security works on all platforms and devices. Protect any cryptographic algorithm including AES, 3DES, RSA, SPECK, ECC, ECDSA, DH, ECDH, HMAC, and SHA. Custom algorithm support also available.

Proven technology backed by experts icon

Proven technology backed by experts

Intertrust’s deep application protection expertise guides every step of your deployment. Secure Key Box protects keys and sensitive data in millions of installed apps and undergoes regular independent security testing.

Related products

Make your apps self-defending thumbnail

Make your apps self-defending

whiteCryption Code Protection provides enterprise-grade in-app protection, including advanced obfuscation, anti-tamper technologies, integrity checks, and runtime application self-protection (RASP).

Secure IoT devices with PKI thumbnail

Secure IoT devices with PKI

Intertrust Seacert provides cryptographically secure device identities so IoT devices can interact within secure ecosystems. Seacert is both WebTrust compliant and ISO 9001:2015 certified.

Ready to get started?

Get in touch with a whiteCryption expert today.

Start your all-access Secure Key Box trial

Learn more



Posted on 21 Dec 2020

An introduction to white-box cryptography

Read more


whiteCryption Secure Key Box: Industry-leading white-box cryptography

Read more


How secure are today’s mobile healthcare and medical apps?

Read more