Powerful Encryption Without Locking You Out

When it comes to encryption, nobody wants a backdoor – especially not one that can be downloaded off the Internet or looked up in a manual. However, no one wants to lose their data either. So security engineers have an interesting challenge: avoid locking users out of their data and preclude a compromise of data security.

GoldKey Master Tokens are an elegant solution to this challenge. They provide immediate access to any data encrypted by users in their organization without weakening the security of the implementation.

Master Tokens are also necessary to create and manage groups, reset GoldKey personalization data, such as the PIN, and to duplicate GoldKeys. Any GoldKey in a set of duplicates can access any data encrypted by any of its duplicates. There is no limit to the number of duplicates a GoldKey can have. You can make as many duplicates as you need using a Master Token.

Complete Control

With GoldKey, organizations can have complete control over who can access their confidential files. Master and GrandMaster Tokens can be used to administer GoldKey Tokens throughout an organization. Master Tokens can designate various permission levels to decide what each of its registered GoldKey Tokens can access.

GoldKey Tokens can also be assigned to various groups so that secure files can be shared between all tokens inside a group. Master Tokens can open or unlock any files that any of its registered tokens have encrypted. This means if a token is lost, the files it encrypted can still be recovered by its Master Token. The Master Token can disable the lost token’s access to data stored in the cloud, and can even program a new token to take the lost token’s place.

Management in Hardware

GoldKey groups and permission levels are decided and then stored in GrandMaster Tokens instead of in software. Using a secure connection, Master Tokens can be registered to the GrandMaster. Each Master can then register GoldKey Tokens.

This architecture keeps encryption ciphers off hackable servers and other appliances running software. Since the internal secret never leaves the key, this solution is true multi-factor authentication – without a correct token, the permissions cannot be accessed. This also allows administration to be transported physically and stored safely, perhaps in a bank vault.

Unlimited Number of Users

Because of its clever design, a Master Token can manage an unlimited number of GoldKey tokens registered to it. This allows organizations to add additional keys as they grow in users without any fear of outgrowing their data security system.

Learn more about GoldKey Hierarchical Management

GoldKey-Master-Token

Prevent Data Loss

GoldKey uses a three-tier Hierarchical Key Management System to prevent data loss due to accidental lock-outs. GrandMaster / Master Tokens may securely access data encrypted by their registered tokens, duplicate a lost token, or reset a PIN.

Secure Cloud Storage

GoldKey enables secure storage and sharing of data in the Cloud. Data is encrypted and transferred over the internet to a GoldKey Vault which is only accessible with your GoldKey and PIN.

Encrypt Files & Folders

Create a Secure Drive on any computer. Files placed in the Secure Drive are automatically encrypted. To unlock a Secure Drive, the correct GoldKey must be plugged in and the correct password entered, or the data is inaccessible.

Lock Computer Login

Replace Windows password with two-factor authentication by requiring a GoldKey and PIN to access your computer’s user account.

Protect Email

GoldKey allows you to send emails with encrypted attachments. With a simple right click, you can encrypt a file or folder with GoldKey.

Built-in USB Smart Card

GoldKey is a reliable USB smart card with built-in compatibility for PIV standards including authentication, encryption, and data signing.

Self-Defending

GoldKey automatically detects unauthorized attempts to access your data. In order to halt an attack, your GoldKey will become disabled after ten attempts to guess your PIN.

Part Number GK-M1A
Casing Stainless steel, waterproof, tamper resistant and tamper evident
Supported Operating Systems Windows: 10, 8, 7, Vista, XP
Mac: Mac OS X v10.6 or higher
Compliance FIPS 140-2 certified
Certifications CE, FCC
Standards NIST PIV spec SP-800-73-2 and SP-800-73-3, X.509 v3 certificate storage, CCID, USB 1.1
Certificate Storage Up to four X.509 certificates (up to twenty-four X.509 certificates with Windows Smart Card Minidriver)
Security Algorithms AES, 3DES, RSA-1024, RSA-2048, ECC Curve P-256, and ECC Curve P-384
Supported Data Objects Card Capability Container, Cardholder Unique Identifier, X.509 Certificate for PIV Authentication, Cardholder Fingerprints, Security Object, Cardholder Facial Image, Printed Information, X.509 Certificate for Digital Signature, X.509 Certificate for Key Management, X.509 Certificate for Card Authentication, the Key History Object, twenty Retired X.509 Certificates for Key Management, and Cardholder Iris Images
Physical Dimensions 30 x 12 x 4.5 mm (1.18 x 0.47 x 0.18 in.)
Operating Temperature 0°C to 70°C (32°F to 158°F)
Storage Temperature -40°C to 85°C (-40°F to 185°F)
Humidity Rating 0-100% without condensation
Connector USB type A (Universal Serial Bus)
Life Expectancy Over 10 years