Today’s world requires stronger data protection. Encrypt your data.

Data Encryption

Data at rest is a frequent target for hackers

Most data security practices are vulnerable due to weakly protected encryption keys and holes in encryption and decryption processes. WWPass’s data encryption solution stores a user's keys in our distributed system, which provides not only granular access to protected data, but also maintains strict control over sharing that access.

Secure data encryption to keep your confidential data truly confidential

Whether you need your own password manager or a custom enterprise storage solution to securely store confidential data and logins, we’ve got you covered. Here’s what you get:

Management of encryption keys with secure methods to prevent them from falling into the wrong hands

Segregation of data into small chunks with separate encryption keys for each chunk, so that even if a single encryption key gets compromised, the entire data set will not

Client-side encryption, the ultimate security approach, never allows the service provider application access to any unencrypted user data and restricts access to users only

How it works

Encrypt personal and corporate data based on whichever combination of these approaches is right for your business:

Our servers cut sensitive data into pieces, encrypt them with unique keys, and make them available to you, the service provider, only when you request them. The keys themselves are stored in our distributed storage, encrypted with other keys which are not available to anybody, including WWPass. They only become accessible to the service provider application when they’re required to perform encryption and decryption as the user logs in.

Why we're different
  • Separate storage and ownership of keys and data
  • Strong control over key access
  • Strong resiliency and redundancy in case of data loss, natural disaster or attack

We generate an asymmetric key pair, storing the public key in a data and the private key in our distributed data storage. The private key becomes available when the user logs in, allowing secure data sharing across multiple users.

Why we're different
  • Strong resiliency and redundancy in case of data loss, natural disaster or attack
  • Autonomous data integrity monitoring and backup
  • Protection measures against full data breaches

We generate a symmetric key, specific to a particular combination of the user and service provider, in the browser after the user logs in to a site. All further cryptography takes place on the user's device, so the service provider cannot access or store any user data.

Why we're different
  • Separate storage and ownership of keys and data
  • Full encryption and limited access of data to server-side applications
  • Less sensitivity to server-side bugs
  • Reduced risk of compromising sensitive information

Resources

4 ideas about securing user data in web applications.
Read the post

Don't wait for a breach before you get serious about security. Get in touch today.