The two-factor strong authentication capabilities of CodeMeter have been used to protect the access to equipment during maintenance. The combined SmartShelter PDF runs applications and sensitive data for a preset limited time only.
CrypTA success story at Wincor Nixdorf
Wincor Nixdorf is a leading global supplier of IT solutions and services for retail banks and commercial enterprises. The CrypTA authentication tool has been in use since 2009 and guarantees maximum security. It not only protects applications and sensitive data, it also protects access to equipment during maintenance work. The tool has been realized using CodeMeter® protection and licensing technology from Wibu-Systems.
Wincor Nixdorf’s catalogue of requirements for effective software protection and identity and access control comprised several components. Access control via a strong two-factor authentication e.g. knowledge of a password and PIN was extended to include ownership of a uniquely identifiable object (dongle). A single password should start all protected applications, with each user having their own password. The solution should be flexible to cope with the heterogeneous system landscape of the service applications (Java, C), and mobile to allow maintenance work to be carried out on the applications.
CodeMeter® protection and licensing technology from Wibu-Systems fulfils all these requirements.
For authenticated access to CrypTA, users not only need a CmDongle, they also need a second factor such as a personal password. The password must be reentered each time the CrypTA stick is plugged in. As with a mobile telephone, the same password activates all protected software applications. Because the stick is automatically deactivated when it is removed, there is no risk of a security breach if the stick is lost: a person can only access the device and applications if he knows the password.
CodeMeter®’s “Enabling” feature is deployed here i.e. the correct password must be entered to activate the complete CrypTA Stick. The stick remains activated as long as it’s plugged in and supplied with power. CrypTA applications are written in Java and C.
As the CrypTA Stick is really just a CmStick/M with additional flash memory, it not only functions as an authentication dongle, it can also be used as a storage device.
The complete CrypTA software can be distributed on the stick. The software starts directly from the CrypTA stick and doesn’t need to be installed first.
Not only does Wincor Nixdorf protect its software applications, it also protects its documents using SmartShelter | PDF and uses the same CmStick for authorization.
An expiry date means licenses which are used to access protected applications and documents are only valid for a certain period of time. They can be reactivated though after they have expired via remote programming. For example, an employee’s password becomes invalid when he leaves the company.
Guido Walther Director Technical Support at Wincor Nixdorf “Thanks to Wibu-Systems technology, we have been able to guarantee high level security for the protection of our Intellectual Property, while at the same time implementing the required flexibility into our processes.”
Oliver Winzenried Chief Executive of Wibu-Systems: “The implementation at Wincor Nixdorf shows how versatile CodeMeter® is: secure protection of both software and documents, two-factor authentication with personal password, and mobile use without installation: it’s all in the CmStick/M.“