"Is GateKeeper safe?" Very. There are no passwords or credentials of any kind stored on the actual token - so losing it will not put any passwords at risk. GateKeeper utilizes AES-256 military-grade encryption security to protect data.
Every new employee, contractors, volunteer, or user, in general pose new security leak risks. GateKeeper is actually making the human aspect of cyber security automated to ensure it's not the people being asked to do more.
The beauty of GateKeeper is that NO private information is transmitted over the air. Usernames and passwords are encrypted and stored on the GateKeeper server on the customer’s network and protected by the customer’s firewalls and are NEVER transmitted over the air. At no time in the operation of GateKeeper is any private info transmitted between the GateKeeper token and the computer. During normal operation of the GateKeeper, the only data that gets transmitted over the air is signal strength, battery life, and accelerometer response.
A read-only device firmware prevents cryptographic key read-back if an attacker gains physical access to the token. The tokens only accept over-the-air firmware update when the firmware is signed by Untethered Labs – making it impossible to insert malicious firmware into a token. In order to prevent duplication of GateKeeper tokens, a randomly generated SECRET KEY can be written to each token during the registration process. This SECRET KEY is then used to generate one-time-passcodes on the token which are advertised as part of the Bluetooth advertisement packets and scanned by the client software. These one-time-passcodes change every few seconds, and therefore prevent other Bluetooth devices from imitating a GateKeeper token.
GateKeeper does not pair or connect so is not susceptible to Bluetooth spoofing attacks. GateKeeper was specifically designed to avoid every single Bluetooth issue. GateKeeper is not subject to any traditional security or security flaw in BLE communications.
For more detailed information on the security of the GateKeeper proximity authentication technology, please check out GateKeeper Security Specifications data sheet.
We have also engaged independent cyber security teams to perform a rigorous and thorough penetration test of all aspects of the GateKeeper software and hardware to discover any potential vulnerabilities.
If you have any other questions regarding the security of wireless logging in and out of your PC using proximity authentication, please read more at www.gkaccess.com or contact us at firstname.lastname@example.org.
GateKeeper proximity software, risk level; Is GK Halberd safe?; GateKeeper cybersecurity; Cyber safety; GateKeeper protection from cyber incidents
Passed penetration test; GateKeeper pen test; Pentest of GateKeeper system; has GateKeeper security been tested?; independent verification, independently verified; independently verified; real-time cyber security; real-time cybersecurity solutions; Bluetooth-based Smart Lock for Computer; Bluetooth-based Smart Lock for PC; Bluetooth-based Smart Lock for Windows; Bluetooth-based Smart Lock for Mac; Bluetooth-based Smart Lock for workstation; is data encrypted at rest; is data encrypted;