Common sense
Common sense
by geobridge

The KeyBRIDGE platform extends a simple and intuitive interface for managing and distributing cryptographic keys and keying materials across a broad spectrum of use cases.  In today’s threat landscape, encryption is a business critical requirement.  Encryption can be simple when there is no requirement to share information.  However, when encrypted information has to be shared, as is always the case in the Payment Industry, the generation and distribution of cryptographic keys and keying materials can be a daunting task.  The KeyBRIDGE platform eliminates the burden and worry associated with cryptographic key management by supporting this vendor agnostic approach.

TokenBRIDGE (licensed on the KeyBRIDGE appliance)

KeyBRIDGE Appliance

When companies ask the question, what is more secure? A PIN traveling through their network, or PII that is stored and tokenized? In most cases, the PIN is more secure, because the PII has been associated to a token that was generated poorly, and the PII was encrypted with software, where keys can leak and ultimately compromise the intended PII. This is why GEOBRIDGE introduced the TokenBRIDGE License on the KeyBRIDGE Platform.

With widespread adoption of tokenization for multiple purposes, it’s no longer “good enough” to encrypt clear data and offer a surrogate. In today’s threat landscape, “good enough” will result in a Breaking News headline of mass data loss. PCI PIN and PCI P2PE have encryption standards for a reason. These same standards can be used for tokenization and that is what TokenBRIDGE is really all about. PII is encrypted under hardware based 256 bit AES encryption.

Tokens are produced from a FIPS 140-2 Level 3 certified random number generator. Secure the original data to the highest standard available, and guarantee uniqueness. Your company, your reputation, and most importantly your clients deserve the best protection possible.

TokenBRIDGE supports high availability for both token generation as well as de-tokenization. A mesh network of KeyBRIDGE appliances can be deployed to support Pool Mode while guaranteeing uniqueness and high availability of customer defined formats for token values. Connectivity is based on mutual authentication TLS 1.2 for added security and assurance.

What is TokenBRIDGE?

  • Generates random tokens in any defined format.
  • Tokens are stored in logical containers called Relationships.
  • High Assurance Token Collision Avoidance.
  • Submitted clear values are encrypted using per-Relationship keys.
  • Built-in backup – system restore only takes minutes.
  • Full audit logging of all token and administrative operations.
  • Implements a true token vault (submit clear value, get token; retrieve clear value).
  • All encryption keys are AES-256 and managed internally – no external key management required.
  • Token generation uses a FIPS-certified hardware RNG.
  • Can store 250+ million values.
  • Uses TLS v1.2 mutual authentication and certificate whitelist for client access.
  • Can function as a standalone appliance, or be part of a High Availability mesh network.
  • Leverages the GEOBRIDGE KeyBRIDGE platform.

For additional information or to schedule a demonstration, CLICK TO MESSAGE US

Keybridge 3100 Key Management



For additional information or to schedule a demonstration:

call:  (571) 799-0145