Dictao Cloudcard - Mobile eID
Cloudcard is an electronic identity (eID) system distributed between the holder device and a private or public Cloud. It performs trust operations such as strong authentication, transaction authorization and digital signature, without the need for an additional hardware device.
* Strong authentication – no PKI required
Cloudcard performs a truly two-factor authentication, with enhanced protection against widespread threats such as phishing, man-in-the middle, social engineering...
* Digital signature – with standard PKI
Thanks to seamless integration with third-party PKI registration and certification authorities, Cloudcard generates universally recognized signatures from mobile devices.
* Lifecycle and usage management
Cloudcard provides card lifecycle management capabilities: security policies administration, card issuance, identity registration, card activation and personalization by the holder in the Cloudcard app, hot-line support (PIN unlocking, device unbinding, card destruction...).
* Public or private Cloud
Cloudcard is available as a public Cloud service, on ISO 27001 infrastructures operated 24x7 by Dictao, or on
a private Cloud, deployed on your infrastructure and operated by your team.
* Extended threat protection/certification
Cloudcard integrates protection mechanisms to guard against external and internal threats: separation of duties (trust functions, help-desk, operations), integrity checks, hardware security module (HSM), data and communication encryption, anti-replay protection...
The product conforms to a security target under the Common Criteria framework with an EAL3+ grade, which is under validation by the French regulatory agency ANSSI (French Network and Information Security Agency)
* Patented sole control mechanism
The Cloudcard patented mechanism ensures that the secrets are restored in a HSM, and only usable by the card holder after having successfully authenticated himself and his mobile device.
Cloudcard can be integrated with all the e-ID ecosystem players (identity provider, registration authorities, certification authorities, help-desk, CRM).
Thanks to their open web services interfaces, Cloudcard administrators can complete their existing platforms and build upon their existing investments.