About Diversinet
MobiSecure® SDKs

The Diversinet Software Development Kits (SDKs) consist of mobile and web application programming interfaces (APIs) for developing secure, healthcare applications across multiple platforms.

Client SDK

  • Advanced Messaging
  • Persistent Data Storage
  • Integrated Security - Server Sync
  • Data Forwarding (email / FAX)
  • Access to mobile web apps

Mobile Security SDK

  • OTP For Strong Authentication
  • Encryption & Decryption of Data in Transit and at rest
  • Over-The-Air auto detection and Provisioning

MobiSecure® SDKs consist of:

  1. Provisioning server:  Provides automatic device recognition and classification, direct app download or re-direction to App Stores, and dynamic over-the-air provisioning of security credentials onto mobile devices.

  2. Validation server:  Provides OATH compliant, one-time password validation, dynamic key derivation for data encryption and decryption, and symmetric key management.

  3. Gatekeeper server: Performs auto registration of authorized users and devices, user and device authentication using one-time passwords, and application data encryption and decryption on behalf of the customer application.

  4. Security SDK: Consists of mobile native client-side APIs and REST-based server-side APIs that can be embedded into customer applications. Key features are:

    • One-time password generation and validation
    • Symmetric key provisioning and management
    • Application data encryption and decryption
    • Offline user PIN management
    • Diversinet cryptographic libraries are FIPS 140-2 approved and NIST validated

Client APIs are available for MS Windows Phone 7, iOS, Android, Blackberry and J2ME MIDP 2.0.

Key Features:

  • Supports both event- and time-based one-time passwords
  • Supports hosting, distribution and provisioning of several custom mobile applications associated to different client organizations or services
  • Auto-device detection technology that automatically detects the type of device the subscriber is using and will provision the appropriate application to that device over the air
  • Provisioning confirmation – The one-time-password is tested as a part of the real-time provisioning process
  • Can be branded using enterprise customers specifications upon request
  • Seamless integration with existing systems based on an HTTP Get request and response interface protocol
  • Role-based user access levels – Users can be authenticated via static passwords, event-based one-time passwords or user certificates
  • System configuration, message customization, device management, and subscriber management capabilities
  • Web services interface provided for token management and service ordering

Security Features

  • Diversinet cryptographic algorithms are FIPS 140-2 approved and NIST validated
  • Encrypted using a AES 256-bit master key, sensitive data is protected in a hardware security module (HSM) or a JAVA keystore
  • Preservation of user anonymity and sensitive data identifiers
  • Data in transit between MobiSecure® Gatekeeper and external sources is encrypted by a proprietary algorithm and SSL
  • Data integrity checks for audit logs
  • Unauthorized access data wipe

 
ABOUT US
SOLUTIONS
PRODUCTS
PARTNERS
NEWS
CONTACT US
TERMS
LEGAL
Overview MobiSecure® Communicator MobiSecure® Gateway SDK