top of page
Crayonic KeyVault_fingerprint.jpg

Take your business
passwordless

Remove sensitive

personal data and biometrics from databases.

Eliminate phishing and account takeovers.

Meet all digital identity related compliance laws.

Prevent
man-in-the-middle attacks.

Avoid
credential stuffing.

Resist
keyloggers.

bank.jpg

FOR FINANCE & BANKING
& CRYPTOEXCHANGES

Bank employees use KeyVault to login to PC's, cloud services, and bank applications. 

KeyVault secures VIP and Corporate clients' digital identities in centralised and decentralised financial transactions regardless of KeyVault issuer.

Financial services use KeyVault to eliminate paper contracts by enabling their clients to digitally sign documents with highest possible identity assurance available on the market today.

KEY RECOVERY & BUSINESS CONTINUITY

Self-service recovery of lost or damaged KeyVaults.

Crayonic KeyVault uses combination of biometrics and cryptography to securely backup and recover its content into enterprise HSM solution.

crayonic_notebook_cray.jpg
mobile_gateway_new.png
Okta_Logo_BrightBlue_Medium-thumbnail.pn
forgerock-color-vertical-logo.png
azure-active-directory.png
logo-active-directory.png
keycloak.png
INTEGRATION & COMPATIBILITY

Leverage existing infrastructure based on:

Microsoft Active Directory and/or Single-Sign-On solutions such as Okta, KeyCloak, ForgeRock, SailPoint, and others that support the FIDO standard.

Utilize secure mobile devices based on Android and iOS for less sensitive access with Crayonic KeyVault mobile app only.

ENTERPRISE KEYVAULT MANAGEMENT

Using just a web browser without
installing client-side agents you can:

  • Manage FIDO2 keys.

  • Manage KeyVaults' security policies.

  • Issue X.509 certificates for PKI based access (VPNs, physical access, email & doc signing).

  • Manage PGP keys*.

fido L1 certified.png
SWITCH FROM LEGACY CREDENTIALS WITHOUT DISRUPTION

Supporting a variety of legacy authentication methods that you may already have deployed such as OATH HOTP/TOTP, PGP,  PIV, and Smart Cards.

Custom OTP schemes available per-request.

Secure legacy passwords with Bitwarden compatible KeyVault integration for securing remaining passwords.

PLUG & PLAY USER EXPERIENCE

The user’s PC or mobile device connects to Crayonic KeyVault™ via USB, Bluetooth, or NFC.

Supporting open standards FIDO2, FIDO U2F, and W3C WebAuthn makes KeyVault fully compatible with all major platforms. No need to install additional software on Windows 10, macOS, Linux, Android, iOS.

Windows 10 comes with inbox FIDO2 and PIV drivers and it even contains a basic GUI for security token management. The end-user experience with Crayonic KeyVault™ thus really is plug-and-play.

autentification_icon_new3.png
STEP-UP AUTHENTICATION

The administrator can combine and configure multiple authentication factors of Crayonic KeyVault. The security policy determines necessary steps to unlock credentials with high assurance requirements. 

  • PIN code

  • Fingerprint recognition

  • Handwriting recognition – digits or signature (optional)

  • Voice recognition – digits or passphrase (optional)

A TRUE VAULT FOR ALL KEYS

In addition to authentication use cases, Crayonic KeyVault™ enables users to

  • unlock BitLocker-encrypted data drives with biometrics

  • use KeyVault as a secure USB flash drive and safeguard sensitive files with transparent data encryption and biometric authentication

  • securely store legacy passwords directly on KeyVault and let it type them for you 

sign_in6_new.jpg
COMPATIBLE WITH PIV-BASED PKI

Crayonic KeyVault also emulates a PIV-compliant smart card, providing compatibility with existing on-premise Active Directory deployments and PKI infrastructure.

Users can use the KeyVault with their fingerprint or PIN to securely login to Windows workstations, Remote Desktop, VDI, VPN, Wi-Fi, 802.1X, and intranet web applications.

Through the Crayonic Gateway, it is possible to integrate FIDO2 authentication with Active Directory Federation Services or directly with any enterprise application that supports SAML, WS-Trust, OpenID Connect, or OAuth.

sign_in5_meno.jpg
kluce2.png
SMALL DEVICE, HUGE POTENTIAL

Crayonic KeyVault™ is a truly versatile security device. Its many use cases also include:

  • Physical access control (NFC)

  • Follow-Me printing (NFC)

  • Generating one-time passwords compatible with OATH (TOTP / HOTP)

  • Offline cryptocurrency wallet protected by multiple biometric factors and Proof-Of-Free-Will™

  • OpenPGP encryption and authentication.

  • Signing of electronic documents with a qualified electronic signature according to eIDAS.

bitwarden.png
oracle.png
docusign.png
office.png
azure.png
google.png
aws.png
salesforce.png
bottom of page