Arxan Technologies
   HOME

TheInfoList



OR:

Digital Ai (Formerly known as Arxan Technologies) is an American
technology company A technology company (or tech company) is an electronics-based technological company, including, for example, business relating to digital electronics, software, and internet-related services, such as e-commerce services. Details According to ''Fo ...
specializing in anti-tamper and
digital rights management Digital rights management (DRM) is the management of legal access to digital content. Various tools or technological protection measures (TPM) such as access control technologies can restrict the use of proprietary hardware and copyrighted works. ...
(DRM) for
Internet of Things The Internet of things (IoT) describes physical objects (or groups of such objects) with sensors, processing ability, software and other technologies that connect and exchange data with other devices and systems over the Internet or other comm ...
(IoT), mobile, and other applications. Arxan's security products are used to prevent tampering or
reverse engineering Reverse engineering (also known as backwards engineering or back engineering) is a process or method through which one attempts to understand through deductive reasoning how a previously made device, process, system, or piece of software accompli ...
of software, thus preventing access or modifications to said software that are deemed undesirable by its developer. The company reports that applications secured by it are running on over 500 million devices. Its products are used across a range of industries, including mobile payments & banking, automotive, healthcare and gaming.


History

Arxan is privately held and private equity-backed. In the fall of 2013,
TA Associates TA Associates, founded in 1968, is one of the early modern-era private equity firms in the United States. The firm leads buyouts and minority recapitalizations of profitable growth companies. TA invests across five industry groups: technology, hea ...
, a private equity firm, completed a majority investment in Arxan Technologies. Previously, the company received Series B funding in 2003, followed by $13 million in Series C funding in 2007 and a Series D funding of $4 million in 2009. Early investors included Trident Capital, EDF Ventures, Legend Ventures, Paladin Capital, Dunrath Capital, TDF Fund and Solstice Capital. Arxan was founded in 2001 by Eric Davis and Purdue University researchers, Mikhail Atallah, Tim Korb, John Rice and Hoi Chang. The first funding came from Richard Early and Dunrath Capital. Rich Early subsequently became Arxan's first CEO. The company's early intellectual property was licensed from Purdue University. The company's initial focus was on defense anti-tamper applications. Following the sale of its defense technology unit, Arxan Defense Systems, to Microsemi in 2010, Arxan focused on commercial applications. In April 2020, Arxan Technologies joined CollabNet VersionOne and
XebiaLabs XebiaLabs is an independent software company specializing in DevOps and continuous delivery for large enterprise organizations. The offers a DevOps Platform, for application-release automation (ARO). These components include release orchestration ...
to form Digital.ai, a software company with the stated aim of 'pulling software development, business agility and application security into a single platform'.


Products

Arxan offers a number of
Anti-Tamper Software Anti-tamper software is software which makes it harder for an attacker to modify it. The measures involved can be passive such as obfuscation to make reverse engineering difficult or active tamper-detection techniques which aim to make a program ...
products for application and cryptographic key protection. These include: *Arxan Code Protection to secure Mobile, IoT & Embedded, Desktop and Server applications *Arxan Cryptographic Key & Data Protection to secure secret keys and data with
white-box cryptography Obfuscation is the obscuring of the intended meaning of communication by making the message difficult to understand, usually with confusing and ambiguous language. The obfuscation might be either unintentional or intentional (although intent u ...
, which provide all the major crypto algorithms and features required to protect sensitive keys and data in hostile or untrusted operational environments. Arxan Cryptographic Key & Data Protection is FIPS140-2 validated. In May 2012, the company announced comprehensive support for Android application protection and hardening against tampering and piracy. In June 2014, Arxan announced that its mobile application protection offerings will be sold by IBM as part of IBM's portfolio of security products. Arxan's products are based on patented security techniques for code hardening, tamper-proofing, key security and node locking. The core technology consists of a multi-layered, interconnected network of Guards that each perform a specific security function and are embedded into application binaries to make programs tamper-aware, tamper-resistant, and self-healing. The company claims a three-layer protection paradigm of defend, detect and react as a differentiating approach. By detecting when an attack is being attempted and responding to detected attacks with alerts and repairs, this protection helps secure software against hacking attacks and threats such as: * static
reverse engineering Reverse engineering (also known as backwards engineering or back engineering) is a process or method through which one attempts to understand through deductive reasoning how a previously made device, process, system, or piece of software accompli ...
or code analysis * dynamic reverse engineering or debugging * tampering to disable or circumvent security mechanisms (authentication, encryption, anti-virus, security policies, etc.) * tampering to modify program functionality * tampering for piracy or unauthorized use * insertion of
malware Malware (a portmanteau for ''malicious software'') is any software intentionally designed to cause disruption to a computer, server, client, or computer network, leak private information, gain unauthorized access to information or systems, depri ...
into an application * counterfeiting and IP theft * stealing of cryptographic keys


IoT anti-tamper

Arxan's IoT products insert the anti-tamper protection into the
firmware In computing, firmware is a specific class of computer software that provides the low-level control for a device's specific hardware. Firmware, such as the BIOS of a personal computer, may contain basic functions of a device, and may provide h ...
of the device itself, causing parts of the code to continually check each other for integrity. If any tamper attempt is detected, Arxan's product can either attempt to restore the code to its original form, stop the firmware from running entirely, send a notification to the developer or any combination of the three.


DRM

Its DRM solutions have been compared to their competitor
Denuvo Denuvo Anti-Tamper is an anti-tamper technology and digital rights management (DRM) system developed by Austrian software company Denuvo Software Solutions GmbH, a subsidiary of Irdeto. The company also developed an anti-cheat counterpart. Hi ...
, with both working to provide a layer of anti-tamper security on top of already existing copy protection mechanisms added by the developer. This results in a multi-layered approach in which the original DRM software protects the software from unauthorized copying, modification or use, while Arxan prevents any attempt to remove or alter said protection. However, much like with Denuvo's application of it, this approach has also been criticised for increasing the use of
system resource In computing, a system resource, or simple resource, is any physical or virtual component of limited availability within a computer system. All connected devices and internal system components are resources. Virtual system resources include fi ...
s. Arxan has previously expressed strong confidence that its DRM solutions would not be
cracked Cracked may refer to: Television * ''Cracked'' (British TV series), a 2008 British comedy-drama television series that aired on STV * ''Cracked'' (Canadian TV series), a 2013 Canadian crime drama series that aired on CBC * "Cracked", a Season 8 ( ...
, but in fact cracks or bypasses for Arxan products have been shown to exist; in one example Zoo Tycoon Ultimate Animal Collection was successfully cracked in 2018 while using a five-layer approach featuring UWP,
XbLA Xbox Live Arcade (XBLA) is a digital video game Digital distribution in video games, download service available through the Xbox Games Store, Microsoft's digital distribution network for the Xbox 360. It focuses on smaller downloadable games from b ...
, MSStore, EAppX and Arxan protection simultaneously. Several more bypasses of Arxan's protection have since emerged in 2018 and 2019, with Arxan-protected
Gears 5 ''Gears 5'' is a 2019 third-person shooter video game developed by The Coalition and published by Xbox Game Studios for Windows, Xbox One, and Xbox Series X, Xbox Series X/S. It is the fifth main installment of the ''Gears of War'' series and t ...
being cracked by a
scene Scene (from Ancient Greek, Greek σκηνή ''skēnḗ'') may refer to: Arts, entertainment, and media Music *Scene (subculture), a youth subculture from the early 2000s characterized by a distinct music and style. Groups and performers * The S ...
group less than two weeks following its original release.


Media and awards

* Deloitte 2014 Top 500 Fastest Growing Technology Company * CIOReview Magazine 2014 Top 50 Most Promising IoT Companies * 2015 Mobile Innovations Award Winner for Best Management of Mobile Security Issues * Info Security Products Guide 2014 Winner for Best New Product: Mobile Application Integrity Protection™ Suite v 5.0


See also

*
Tamper resistance Tamperproofing, conceptually, is a methodology used to hinder, deter or detect unauthorised access to a device or circumvention of a security system. Since any device or system can be foiled by a person with sufficient knowledge, equipment, and ti ...
*
Application Security Application security (short AppSec) includes all tasks that introduce a secure software development life cycle to development teams. Its final goal is to improve security practices and, through that, to find, fix and preferably prevent security i ...
*
Encryption In cryptography, encryption is the process of encoding information. This process converts the original representation of the information, known as plaintext, into an alternative form known as ciphertext. Ideally, only authorized parties can decip ...
*
Content Protection Copy protection, also known as content protection, copy prevention and copy restriction, describes measures to enforce copyright by preventing the reproduction of software, films, music, and other media. Copy protection is most commonly found on ...
*
Digital rights management Digital rights management (DRM) is the management of legal access to digital content. Various tools or technological protection measures (TPM) such as access control technologies can restrict the use of proprietary hardware and copyrighted works. ...
*
Cryptographic Key Types A cryptographic key is a string of data that is used to lock or unlock cryptographic functions, including authentication, authorization and encryption. Cryptographic keys are grouped into cryptographic key types according to the functions they perf ...
*
Obfuscated Code In software development, obfuscation is the act of creating source or machine code that is difficult for humans or computers to understand. Like obfuscation in natural language, it may use needlessly roundabout expressions to compose statement ...
*
Cryptography Cryptography, or cryptology (from grc, , translit=kryptós "hidden, secret"; and ''graphein'', "to write", or ''-logia'', "study", respectively), is the practice and study of techniques for secure communication in the presence of adver ...


References

{{reflist Companies based in San Francisco Cryptography companies Computer security software companies