Security engineering
Optimal protection for data and systems
The security of the data and the entire IT infrastructure is of great importance for the success of your company. The loss of data can paralyze many business processes and lead to enormous losses. At CoreWillSoft we have a solution to these security challenges with our service for security engineering. We integrate comprehensive security measures in all applications to prevent attacks on your computer systems.
Application Security
Various applications allow your employees to access the data on the company server, to control production facilities or to authorize access to corporate premises. The use of mobile apps is becoming increasingly popular for these tasks. However, these are often characterized by considerable security risks. Studies have shown that around 75 percent of all smartphone apps have many vulnerabilities and do not even pass a basic security test.
At CoreWillSoft, we guarantee secure development. We can also assess existing systems as part of a security audit. We specialize in mobile security. However, we can also ensure a high level of information security in many other areas.
Secure by Design
We put security at the center of our development processes
We follow the “secure by design” strategy for all apps that we develop. This means that the security aspect is already the focus when planning the basic structures. We assume that the central task of all software products is to be secure. This approach leads to a secure architecture that does not fix weak points in the applications afterwards, but prevents them from the ground up during the entire SDLC (Software Development Life Cycle).
At the beginning of each project, we first analyze the possible security strategies of the corresponding application with our team of experts. We then decide on the approach that ensures the highest possible data security for the respective project. The chosen strategy then represents the most important requirement in software development.
FAQ
RFID is a technical system that can be used to read and store data without contact. The data does not have to be seen or touched, as it is transmitted exclusively via radio frequency identification. An RFID system usually consists of a transponder and an RFID reader.
Bluetooth is a special method of transmitting data via radio. This eliminates the need for a cable connection between two devices. Bluetooth can transmit any type of data, including music.
NFC or “Near Field Communication” is a contactless data transmission that makes use of Radio Frequency Identification (RFID) technology. The globally standardized frequency is 13.56 MHz. Transmission ranges of around five to ten centimeters are possible.
CoreWillSoft
Your partner for secure app development
CoreWillSoft specializes in developing secure software. We take into account all basic data protection standards using end-to-end encryption. We ensure reliable user authentication to prevent unauthorized access and since our activities include physical security and IoT applications as well as cybersecurity, we can develop comprehensive security concepts that protect the data and computer systems of the entire company.
We are experienced in the area of mobile apps in particular, and we can offer outstanding expertise. The smartphone has now become an important part of life. Smartphone apps are also becoming increasingly popular in a commercial environment. At CoreWillSoft, we create reliable security concepts in this area – for both Android and iOS apps.
To ensure a high level of security, it is very important that the applications do not run in an unsafe environment. This is the case, for example, with devices where the usage restrictions have been lifted by rooting or jailbreaking. Smartphones that have malware installed or that are not protected by a password, PIN or biometric data, or that have not been authorized by your company, also pose a security risk. Our applications therefore check these factors and, if necessary, prevent them from being executed.
Cryptography engineering is also one of our areas of expertise. We use encryption algorithms that contribute to outstanding data security. We not only provide comprehensive encryption for our own applications, but we also carry out a cryptographic system audit, during which we check the implementation of existing applications.
Two-factor authentication, which is a combination of two different authentication methods, leads to a reliable identification. As a rule, you need an object that you have in your possession – for example, an RFID card or other hardware. The second factor is something that you know, like a password or a PIN. It is also possible to use biometry such as fingerprint or FaceID. In the case of critical security applications, it is also possible to implement multi-factor authentication, which uses more than two factors and randomly combines them to confirm user identity. Despite these high authentication requirements, we always ensure an efficient key management so that employees can authenticate themselves easily.
In all of our solutions, we implement the OWASP principles at level 1 and level 2. These provide a practical guideline that leads to safe and robust applications. We also use obfuscation to make reverse engineering more difficult. If communication with other systems is necessary, we always use end-to-end encryption.
Certified security
Our solutions have been certified by VdS. VdS is the largest institute for corporate security in Europe. Only applications that offer excellent security can get it. This gives you the certainty that you are optimally protecting your company with the solutions from CoreWillSoft.