Security Measures
Secure by Design with Industry Leading Certifications
MOCA’s Airfob technology is built on the premise that mobile credentials are not only faster and easier to use than RFID access cards but also far more secure. To make this possible, MOCA has taken great steps to ensure the foundational security of all Airfob hardware, software and firmware. We have taken steps across every layer of our system architecture and every communication touchpoint to preserve privacy and data integrity.
Data Encryption
Data is encrypted within Airfob Portal and its underlying database, on mobile phones, and as data passes between the Airfob API and apps or clients.
Secure Data Storage and Transfers
Data is securely stored in the database and on mobile phones, and while transferring between phones and readers.
Forgery Protection
Mobile access cards can not be forged and each organization’s mobile cards use a unique signing key.
A Superior Choice
Mobile credentials are inherently secure
Replacing RFID cards with mobile credentials immediately makes your access control system more secure. There are many reasons why mobile credentials are the more secure option:
- It’s cheap and easy to issue a mobile card to every single person that enters a facility, from visitors and freelancers to delivery drivers and repairmen, granting authorization only for specific areas they need to access.
- Credentials can be canceled remotely or set to automatically expire after a specific period of time.
- Site administrators can (optionally) require people to unlock their phones before using mobile credentials for an extra layer of security.
- People naturally mind their phones more closely than access cards and are less likely to lend out or lose them.
Secured by design with proven technologies
Airfob employs a number of the most modern proven technologies to ensure end-to-end security across all its apps and hardware.
Secure portal access
AWS Amazon RDS encrypted DB instances using the industry standard AES-256 or better encryption algorithm
Data protection at rest
Industry-standard AES-256 or a better encryption algorithm, enhanced with additional encryption steps
Data protection in transit
Secure HTTPS connection with TLS 1.2 encryption, using AWS API gateway to throttle API requests and requiring an access token that expires after one hour
Encrypted and hashed card IDs
AES 256-encrypted to prevent ID number exposure on third-party servers
Secure storage of mobile cards on smartphones
AES 256 encryption for all data, with keys stored and managed within the phone’s Trusted Execution Environment (TEE), such as Secure Enclave on Apple devices and TrustZone on ARM SoCs
Secure communication between phones and readers
Every connection is secured with a new one-time encryption key, similar to a one-time-pass (OTP), which terminates immediately after each data transfer
Mobile card data forgery prevention
Each Airfob Pass uses Public Key Infrastructure (PKI) based Digital Signature Protection with different signing key values for each Airfob Portal site, ensuring that mobile credentials only work with mobile card readers from the same organization.
ISO 27001
Your data is certified Safe
Airfob technology meets the rigorous standards for ISO 27001 and ISO 27701, solidifying our position as leaders in information protection management systems. We also make efforts to ensure that we store and handle data in a way that aligns with GDPR. ISO 27001 consultants have thoroughly analyzed Airfob and found that it successfully meets all of the following requirements:
Data Protection Management Standards
Personal Information Management Requirements
Data Protection Controls
Upgrade to the future of access control
Airfob opens doors for more than 11,000 spaces. Is yours next?
Upgrade to the future of access control
Airfob opens doors for more than 11,000 spaces. Is yours next?