Once again, a security incident has the IT world in a tizzy. This time it is several security holes in the widely used mail server Microsoft Exchange that have triggered the disaster. In Germany alone, at least 10,000 Exchange servers were initially affected. Through the aforementioned security holes, an attacker can gain administrator rights on an Exchange server, which gives him access to all emails processed there. According to press reports, a hacker group from China known as Hafnium is said to have used these vulnerabilities for numerous attacks worldwide. It is not yet clear what damage they caused. Meanwhile, Microsoft has provided security updates that are supposed to fix the problem.
In the meantime, it has become known that hafnium has also attacked at least three federal authorities. However, with reference to the welfare of the state, the federal government is still keeping under wraps which institutions these are and what exactly happened. The choice of words alone, however, suggests a serious threat. After all, the term “welfare of the state” has already been used by the Federal Constitutional Court, which ruled in 2009 that this term was linked to “existential security and secret protection concerns” as well as “information requiring secrecy”.
Regardless of this, the Exchange hack and the Hafnium attacks show once again: it is becoming more and more important to reliably protect emails from unauthorised access. Even if the operator of a mail server does everything right, a security gap in the software used can throw a spanner in the works. For confidential data, email encryption is therefore a must. However, an encryption gateway connected to the server, as is used in many places, is often not sufficient. Because if – as in this case – the attacker has access to the mail server, gateway protection is as good as useless. Instead, end-to-end encryption is necessary, which takes place on the client.
A proven client-based email encryption solution that provides end-to-end security is GreenShield from cryptovision. GreenShield is particularly suitable for public authorities that process VS-NfD data. As one of the few email encryption products on the market, GreenShield has the VS-NfD approval required for this purpose.
When it comes to secure email communication in the public authority environment, you are definitely on the safe side with GreenShield.
The events that have taken place during 2020 seem to have put us all at great distance. The pandemic has shrouded the world in a fog of fears of death and illness. But it’s not just the disease itself, which causes hardship to people: coronavirus mitigation measures taken by rich countries to protect themselves, directly affect those less fortunate all over the world. Instead of isolating and turning inward to focus on our own challenges, let us take up the true spirit of the holiday season by being compassionate and let us cultivate a more balanced sense of responsibility for others and ourselves.
At this year’s SDW Virtual, cryptovision presents its ePasslet Suite V3 on SECORA™ ID X, the new Java Card™ platform from Infineon. With the help of ePasslet Suite, users of SECORA™ ID X will be able to put numerous eID functions into practice easily and flexibly. A presentation will be displayed in the SDW Virtual “Technology Showcase” section.
Cryptovision’s ePasslet Suite on SECORA™ ID X provides applets for various eID document applications, including electronic passports, eIDAS-compliant ID and signature cards, international electronic driver’s licenses, electronic health cards (eHIC), custom national eID cards and more. ePasslet Suite V3 also supports ICAO LDS 2.0, an extension of electronic passports with electronic visas and entry and exit stamps.
In addition, ePasslet Suite on SECORA™ ID X can be freely customized through various configuration options. It can evolve to support new use cases and applications while retaining Common Criteria (CC) certification, thereby enabling multi-application cards and documents.
“We are delighted to have reached a further milestone on our path to offer modular, standard-based eID solutions on all major chip platforms. Government customers across the world will benefit from this broadened portfolio,” states cryptovision’s CEO Markus Hoffmeister.
ePasslet Suite on SECORA™ ID X is being certified according to Common Criteria (CC) EAL 5+. It is available in three editions, offering cost-efficient configurations for standard as well as high-end and customized ID document solutions. Samples of the solution are now available on request.
With Infineon’s SECORA™ ID X as additional platform for ePasslet Suite, cryptovision extends its offering for international eID customers: Infineon’s expertise is based on more than 200 government ID projects that cover more than 75 percent of the world’s population.
Another EU country has introduced an electronic identity card for its citizens. After Germany, Spain, Italy, Belgium, Finland, Estonia and several other countries, the Republic of Malta has also been issuing ID documents with a smart card chip since August 2020. The 400,000 citizens of Malta will be equipped with the new document over the next few years, gradually replacing the old ID cards, which will remain valid until the planned expiration date.
The new Maltese ID card is contactless. It complies with European Union requirements and is therefore based on proven data formats. The keys and certificates used are compatible with those used in other countries. Like the electronic passport, which is now in widespread use worldwide, the Maltese identity document also stores biometric features, which means that an ID card can be securely assigned to its owner. In addition to the smartcard chip, the new ID document has various physical security features that make forgery much more difficult. In particular, the name and additional information about the holder are laser-engraved into the document.
In the near future, the Maltese government plans to offer e-government services via the Internet, which citizens can use with the new ID card as identity proof. This requires a card reader on the PC and smart card middleware.
Electronic identity documents are currently experiencing a boom. An electronic ID card is not only more secure, but also and above all enables a multitude of new applications. For example, the issuer can decide to use an electronic identity document for payment, as a health insurance card, for authentication on the Internet, as a driver’s license, as a door key, as a travel document, for digital signing and for age verification – to name just a few examples. In most cases, a secret key is used as a security anchor, which is stored unreadably on the chip and authenticated by a digital certificate.
Electronic ID cards play an important role in making the increasing digitalization secure and reliable. It is therefore to be welcomed that more and more countries are equipping their citizens with such documents.
To learn more about electronic identity card systems, check here.
cv cryptovision GmbH, a leading manufacturer of encryption solutions for companies and public authorities, is preparing for the growing demand in the area of identity-based security solutions and is strengthening its management team: Manager Stefan Frenzel took up the position of Senior Vice President Sales on August 1.
After a successful 2019, the forecasts for the coming years are also consistently positive. cryptovision is still on a growth path and strengthens the management team in the course of this development. With the appointment of Stefan Frenzel as Senior Vice President Sales, the company underpins its course to develop solutions for the security of electronic identities. Stefan Frenzel has held numerous operational and strategic management positions in international technology companies, including Cherry GmbH and HID Global. Most recently, he was Head of Sales at the high-tech company Distec GmbH.
Marco Smeja, the former Head of Sales at cv cryptovision, was promoted to second Managing Director and CSO last year and in this position is responsible for other business areas beyond sales, including consulting and legal.
Commenting on the new sales management appointment, Smeja says: “cryptovision is a dynamic and flexible company with an outstanding product portfolio. We are pleased to have won Stefan Frenzel, a manager with valuable experience in the international ID security market. With his support, we will continue to drive the positive development of cryptovision not only in the international segment of electronic ID cards and passports with our portfolio around the ePasslet Suite”.
cryptovision develops, among other things, security solutions that sign and encrypt company data such as e-mails and files. The Gelsenkirchen-based company offers numerous security solutions certified by the German Federal Office for Information Security (BSI), such as the product GreenShield. It allows the processing and transmission of information with the classification level “Classified information – for official use only (VS – NfD)”.
“I’m at the home office right now.” As good as everyone has heard that phrase several times over the last few days. No wonder, because in the times of the coronavirus, working from home is as much a part of everyday life for many people as breathing masks and empty supermarket shelves. According to the German industry association Bitkom, one in three professionals in Germany is currently working in a home office for the first time, while for 43 percent, existing homework regulations have been extended.
Inevitably, the issue of security now comes into focus, because remote access should of course only be available to authorized employees of a company, and not to hackers.
Centrally managed company laptops or tablet PCs protected by endpoint security measures can usually be securely integrated into the corporate network using a virtual private network (VPN) enhanced with two-factor authentication (e.g. with a company ID). However, if a company has not yet implemented an endpoint security concept, a VPN is not sufficient. Instead, a sealed-off VDI (Virtual Desktop Infrastructure) is necessary, as it can be implemented on the server side with solutions from VMware, Citrix or Microsoft.
On the user side, both a fat client (for example via RemoteApp/RemoteDesktop) and a thin client can be used. A product bundle cryptovision offers together with partners such as IGEL, IBM or genua is best suited for this purpose. In such a solution, cryptovision’s smart credential middleware SCinterface is integrated, so that the user can log on in the home office with a secure two-factor authentication and does not become a security risk (think of phishing or attacks on the client system). Since SCinterface supports all common cards and security tokens, a company can also use existing Smart Credentials for the home office VDI.
You want to know more about cryptovision’s solutions for the secure home office? Our colleagues will be happy to advise you.
We use cookies on our website. Some of them are functional, while others help us to evaluate page usage and thus improve our online offer. You can find out more in our privacy policy. Cookie SettingsAgreePrivacy Policy
Cookie Settings
Privacy Overview
This website uses cookies to improve your user experience while you are navigating the website. These cookies store the cookies categorized as required in your browser, since they are essential for the functioning of the basic functions of the website. We also use cookies from statistical tools, with which we can analyze and understand how you use this website. These cookies are only saved in your browser with your consent. You also have the option of deactivating these cookies. However, disabling some of these cookies can affect your browsing experience.
Necessary cookies are essential for the proper functioning of the website. This category only contains cookies that guarantee basic functions and security features of the website. These cookies do not store personal information. The necessary cookies also include the Polylang cookie, which is used to remember the language that the user selected when visiting the website again.