Using a security framework to open the car securely via a digital car key app

Easy and secure access to the vehicle with the digital car key

Easy and secure access to the vehicle with the digital car key

Smartphone instead of car key

Constant companion of our present times: the smartphone. We pick it up several times a day to check the news, make phone calls or use various apps that make our lives easier. Wouldn't it also be extremely practical to have a mobile app that conveniently unlocks and locks the car? Such apps have been around for a while, but there are still security concerns. Attacks on digital car apps have already been mentioned in the media several times. As a result, many drivers will be reluctant to use a digital car key. However, if a multi-layer security framework were integrated during the development of such apps, there would be no need to worry about a lack of security in the future.

Commentary from Torsten Leibner, Head of Product Management and Technology bei Build38

It sounds so simple: I install an app and can use it to comfortably open and close my car via smartphone. So where does it fail, that not every car owner wants to make use of a digital car key? First and foremost, because of the lack of trust in the security. Sentences such as “That’s far too insecure” or “Better not, later my vehicle will still be hacked remotely” are often heard. But if you take a close look at the issue of maximum and sustainable security as part of the planning and early implementation phase of an app, these concerns are unfounded.

Meanwhile, there are frameworks on the market that contain all the necessary security features and can be integrated within a few minutes during the development process of a digital car key app. They combine In-App Protection, In-App Reaction and In-App Monitoring in one solution. The advantage for app users is that they can benefit from the comfort of the digital car key without having to worry about any security risks. In turn, app operators from the automotive industry address more customers with a completely secure application, thus strengthening trust in the brand and the technology. In addition, such a software development kit enables a faster launch of the app.

Protect keys in the smartphone optimally

Developers of a mobile car key app can use a modern framework to directly integrate all the necessary security functions at once. This includes, in particular, protection through hardware-based security such as the Silicon Vault. This leaves them more time to concentrate primarily on usability, which is also important. A suitable solution uses cryptographic technology to prevent the secret keys from being accessible to third parties. The secure storage of the keys also offers the advantage of being able to unlock and lock the vehicle even without a sufficient connection – for example in an underground car park. To make it difficult for hackers to decrypt, a professional framework is made available to developers and providers as an inherently protected library. In this way, hackers can be prevented from accessing the digital car key. In addition, a corresponding solution makes it possible to detect whether the digital car key is running on an original or a rooted device.

So, what speaks against using such a framework and ensuring that even more owners of future-proof cars use a mobile car key?

For specific practical experience, see our case study with Chongqing Changan Automobile Company.


ablet Secure Apps Healthcare Sector

Security framework from Build38 makes eHealth apps secure

Security framework from Build38 makes eHealth apps secure

Comprehensive app security guaranteed from development

With the current boom in eHealth apps, concerns around security and privacy are growing louder. Particularly in the case of health apps that provide information about specific diseases, offer support or form the communication interface between health insurers and customers, sensitive data must be specially protected. The so-called Trusted Application Kit (T.A.K) provides a secure framework with code encryption, making it much more difficult for hackers to gain access.

In order to finally eliminate security and data protection concerns in the use of eHealth apps, a general GDPR-compliant solution is currently being sought. This is especially true for digital health apps, which are prescribed by doctors. Build38 already has a suitable solution ready: The T.A.K is permanently adapted to the latest security findings and requirements in order to be able to guarantee the necessary security at all times.

Comprehensively secure eHealth apps with T.A.K

In accordance with the Shift Left Security approach, the T.A.K is already integrated into the app during app development as a library with code obfuscation. Since decryption proves to be particularly difficult, this ensures security from the outset. The multi-layered framework offers In-App Protection as well as reaction and central In-App Monitoring.

When a T.A.K-protected eHealth app is downloaded from the app store and opened for the first time on a mobile device, the app first checks whether it is running in a secure environment. Depending on the result, the app is then either run or blocked subsequently. “Digital health apps make an important contribution in the detection, monitoring, treatment or alleviation of diseases. For this reason, as for all medical devices, important safety regulations apply to them,” says Dr. Christian Schläger, Managing Director at Build38. “With our T.A.K, app operators and developers have a tool that can be integrated into the app in under three minutes. With effective risk and threat management, abuse and manipulation by cybercriminals can be significantly minimized.”

You can also get extensive insights into the topic of eHealth apps and their security in the podcast “Tick Tack – Time for Mobile Security” from Build38: https://build38.com/de/neuer-build38-podcast-mobile-health-security-episode-1.


Silicon Vault, by Build38, makes data storage on mobile devices more secure

Silicon Vault, by Build38, makes data storage on mobile devices more secure

Product update ensures improved control over sensitive data

With the Trusted Application Kit (T.A.K) Build38 has developed a software development kit (SDK) that protects mobile apps from all online threats. In order to adapt the T.A.K to new security requirements, the provider has now added Silicon Vault to its tool, which uses the hardware (HW)-backed storage capabilities of modern smartphones. This means that certificates, API keys, sensitive data and health information, among other things, can be stored on the mobile device even more securely than before.

Business and digital use cases are evolving at an ever-increasing pace these days, from eGovernment to healthcare to automotive use cases. This makes it all the more important to constantly adapt the mobile app security to the current requirements and the threat situation. Build38’s T.A.K already contains all the necessary security functions for mobile apps. This security framework can be integrated in under three minutes during app development.

With Silicon Vault, Build38 has supplemented the T.A.K with a new security feature that uses hardware-based symmetric and asymmetric cryptography on mobile devices. In this way, data storage can be effectively secured in the future. Other T.A.K features such as Secure Storage – which has been available for a long time – signature creation and TLS authentication also benefit from this increased level of security.

“With the extension of our solution, we are pushing the step towards further digital sovereignty for our customers and partners,” says Torsten Leibner, Head of Product Management at Build38. “The new feature enables us to provide maximum security for modern use cases when using mobile apps. Security-relevant information remains on the end device and is securely stored there.”

Torsten Leibner, Head of Product Management von Build38
Torsten Leibner, Head of Product Management, Build38


Security of eHealth apps

3, 2, 1 – Lets start with Mobile Health Security

3, 2, 1 – Let`s start with Mobile Health Security

An introduction to health app security

Do you already use eHealth apps? Maybe you’ve already tracked your fitness on your smartphone or documented your nutrition. In the meantime, there are even certain tested medical apps that are prescribed by doctors and covered by health insurance companies. In the case of diseases such as diabetes, tinnitus or obesity, they provide information, offer preventive measures and support with training and nutrition. Some apps also measure, store and evaluate medical data. This makes them a great help for many people: they motivate them to make personal changes, to keep an eye on their health, or even to improve it. But with all these positive effects, what about app security, and inherently also protecting the patient date? In this blog post, we provide an initial insight into the topic of digital health, what types of apps there are and what their security status is.

Have you ever heard of diabetes apps? They can help those affected by diabetes to manage everyday life more easily, and bundle all important therapy information in one place. In this way, app users can conveniently automatically transfer their values ​​to the app via Bluetooth and then have them analyzed with one click. Such an app is also able to display the blood sugar history or to offer motivating challenges. The data obtained in this way can be used to create clear PDF, Excel or CSV reports that can be used, for example, for the next doctor’s visit.

Diabetes apps are just one example in the area of ​​eHealth. There are many other apps that focus on our health.

What is eHealth?

eHealth is a subcategory of Digital Health. It has been defined by the World Health Organization (WHO) as an umbrella term for the use of information and communication technologies for health. It is the integration of IT technologies or applications for the purpose of health. With regard to digital applications, one quickly stumbles upon the term mHealth (mobile health). mHealth refers to a subset of eHealth activities and systems on mobile devices. eHealth apps are now available en masse. At the latest the Corona pandemic is likely to have continued the upward trend.

Many people have certainly tried health apps in their everyday lives – from the simple body mass index (BMI) calculation app to personal health assistants. A large part of these apps is made up of the wellness area, ie apps for “health-oriented people”; for people who are concerned about their health and “just” want to live healthy. These include fitness apps, lifestyle apps and apps with nutritional information.

Then there are apps that are used in specific cases of illness, and those that are supposed to make life with an illness easier. In these two areas, the focus is on accompanying or supporting their life despite an illness.

In addition, further categories have been defined: apps that require CE marking and the digital health applications introduced in Germany in 2020, the DiGA apps (Digital Health Application). Both take an important step in the direction of quality assurance, because they are subject to regulatory control.

Not to be forgotten are apps, which are playing an increasingly important role in the communication process of the health system. These include, on the one hand, apps for management and communication between health insurance and customers and, on the other hand, apps that increase efficiency in the health system. The latter include, for example, the e-prescription and the electronic patient record (ePA). As for the DiGA apps already mentioned, the legal basis for all this has now also been created.

Security, where are you?

Uniform quality criteria for eHealth apps do not yet exist. Data protection and security in particular should be given greater focus in app development. After all, patients want their data to be secure, and legislators also want sensitive data to be protected. However, this does not only apply to eHealth apps. Every app processes personal data and can only be marketed successfully in the long term if consumer trust in IT security and protection of data can be guaranteed.

General security is therefore one of the most important requirements users have of an app. In opinion polls, users say that security and data protection are most important to them in eHealth apps. This is followed by the credibility of the app and the manufacturer, regular maintenance of the app, integration and data collection, and last but not least, who owns the data. You can find out what this means in concrete terms for the security of health apps in our next blog post on this topic.


Sicherheit für den Digital Car Key

Digital Car Key: Open the car safely with your smartphone

Digital Car Key: Open the car safely with your smartphone

The world is becoming more and more digital. An indispensable part of our daily life: smartphones and tablets. As a matter of course, we almost constantly use our mobile companions to google something, make contactless payments or switch on the light in the living room. The flood of apps that are added every day in the App or Google Play Store is almost endless. In the wide world of the stores, there are also mobile applications with which vehicles can be locked and unlocked via cell phone. Such digital key apps are extremely popular not only with many drivers, but especially with hackers. As a result, it is important to take appropriate measures right from the start of the app development to protect the practical digital car key from being accessed by third parties.

Due to the corona pandemic, businesses are increasingly calling for contactless payments. In the course of this, many have already switched to mobile payment and pull out their cell phone or smartwatch at the checkout to settle the bill. What we know from the financial sector has meanwhile also found its way into the automotive sector: the digital car key is enjoying increasing popularity. With the appropriate installed app, future-proof cars can easily be opened and closed again using a smartphone. This offers a pleasant comfort.

However, some automobile owners do not have trust in such modern technology as there is a lot of media coverage of vehicles that have been hacked remotely. To solve such concerns, it is essential that manufacturers adequately protect their digital key apps. This is the only way to guarantee customers security when using the technology. Maximum and sustainable protection should already play a central role in the planning and early implementation phase. Thereby, many of those responsible do not have on their radar that there are multi-layered security frameworks that make the work much easier.

Integrate framework – lock out hackers

A Software Development Kit (SDK) like our Trusted Application Kit (T.A.K) holds a collection of security features that every app needs. Developers of a mobile car key app can integrate the SDK without much effort and in a short time. This ensures that the secret keys in the mobile app are not accessible to unauthorized persons using cryptographic technology. Due to the secure storage of the keys in the smartphone, there is the additional advantage that no network signal is required to access the car. Even if it was parked in an underground garage where the connection is insufficient, the vehicle can be opened without any problems. Furthermore, the integration of our T.A.K allows several people to access the digital key without compromising security.

To ensure that hackers have no chance of accessing the mobile car key, the SDK is made available to developers and providers as a library with code obfuscation, which makes decryption much more difficult. In addition, the app protection uses a secure communication channel between the client and the cloud and provides each app, including the digital car key, with its own secure communication channel. The secure communication channel to the server prevents data traffic analysis (network sniffing). Therefore, the T.A.K should be integrated into the app at the beginning of the development so that it can respond directly to threats later during execution. The integrated Trusted Application Kit can, for example, detect whether the mobile car key is being executed on an original device or a rooted device. Beyond that, the digital car key can be declared inactive via the T.A.K cloud.

Advantages for the users

  • They can use the digital car key unhesitating and benefit from everyday convenience without worrying about the security risks.

Advantages for the automotive industry

  • The T.A.K increases the security of many operating system versions and thus achieves high market coverage/many customers.
  • They strengthen trust in the brand and the technology.
  • It is possible to satisfy the desire of many car owners for security when using such promising technologies.
  • The car owner’s belongings are protected.
  • There are lower costs to develop the technology in an all-around secure way.
  • The app can be launched more quickly because the kit integrates all the essential security aspects required for In-App Protection.
  • Reputational damage can be avoided.

Find out how it all works in practice in our case study with Chongqing Changan Automobile Company.


Shift Left Security

Shift Left Security – Learn about this critical trend that will remain

Shift Left Security – a trend that will remain

Traditionally, organizations focus their security efforts near the end of a development and release cycle. While this can ensure that the rest of the software achieves a certain level of stability, high risks and vulnerabilities remain.
Shift Left Security is a remedy to this problem: Implement security as early as possible in your software development cycle (hence called “left”) and do it right from start. It spares you the headache and saves a lot of often unconsidered cost after the app has been released. It is the most important cornerstone of your solution for the digital world.

Shift Right: Dealing with security near the end of the development is not an option anymore

As a mobile app (or solution) moves through the different steps of conception, design, development, build, test and finally upload to the app store, adding security was often merely considered as last step. On top of that, additional development time and costs occur. Sad to say, sometimes security has just been put aside to meet time to market requirements.
There are plenty of examples where security has been introduced at the last stage of a project, means keeping security rather to the right. This has a tremendous negative impact on your project: Immediately with the release of the app also the risks and vulnerabilities are published. They are found by security researchers or hackers. In best case feedback is given to the developers and in the worst-case the knowledge is misused. In the latter case compliance violations and reputational damage may happen instantaneously – no pre-warning will be given!

Shift Left Security Economics – the importance of it!

Shift Left Security is economically driven by analysis of the software development processes and maintenance phase afterwards. Fixing issues after releasing the mobile app is about 20 times more expensive as if the problem would have been recognized and solved already during the definition phase of the project. That is merely the development side of costs as a study (Japers Jones, A short history of the cost per defect metric, 2013) shows.
Often unconsidered, forgotten or excluded from those cost discussions is financial impact of a security breach: consequential damages, cyber-attack (and recovery) costs and litigation costs. When considering those costs as well, a later study (Capers Jones, Achieving Software Excellence, v7, 2016) shows that poor quality software may be up to 2000 times more expensive than investing in high quality software right from the beginning. In this example cyber-attack costs contribute to around 45% of negligence in software quality.
The essence of all this: We need to focus on good software and on building good solutions, rather than finding fraud afterwards and spending money on mitigation measures. Shift-Left Security means: the earlier you do it right, the less cost you have afterwards.

Security winners focus on best practices

Shift Left Security is such a best practice. In your software development life cycle (SDLC), you must think about architecture and a secure design already at a very early stage. Secure design should include doing threat modeling, which helps you defining the base line and assessing the required security controls.
“Security can be achieved only when it has been designed in. Applying security measures as an afterthought is a recipe for disaster” („The Six Pillars of DevSecOps: Automation”, 2020), said the CSA (Cloud Security Alliance) about securing design. A very valid comment for any software development project.
As Build38 CEO Christian Schläger put it in a recent PwC interview: “So rather than mopping up the floor afterwards and spending SOC resources and plenty of analysts’ hours on forensics, I would like to see more quality software and solutions that can’t be hacked that easily anymore.”
In a nutshell: finding out what happened to a mobile app after it has already been released is simply too late: More money is spent on fixing, re-testing, and releasing the app again!

Shift Left Security – do it right, from start!

Shift Left Security is the new paradigm and your best investment protection scheme you can have. It helps you to save money throughout the whole lifecycle of a mobile app. It also supports you to reconsider how, where, and when security should be embedded into your app project.
Shift Left Security is also a crucial part of your considerations to become compliant: to eIDAS regulation, to the upcoming Medical Device Regulation (MDR) in 2021, to DiGA regulation, to PSD2, etc. It is about putting security controls into action.
Build38 gives you all the means to start with Shift Left Security now: We deliver you the most comprehensive security suite for Android and iOS, and give you the solution which is fastest to integrate on the market. Additionally, we support you in identifying the security relevant topics, give advice how to design security controls the right way and what to consider.

 

Curious now? Then contact Us and be part of the “Shift Left Security” movement!


Contactless Payment, Part 2: Drives business and requires the right security!

In the first part of this blog series, we have already informed you that there is a strong trend towards cashless and especially contactless payment. Payment via smartphone is also becoming increasingly important. The SPoC and CPoC standards provided by the PCI play an important role here.

PCI SPoC and CPoC – what is this all about?

SPoC (Software-based PIN Entry on COTS) is – simply spoken – the software-based PIN Entry standard from PCI for mobile devices, in combination with a Secure Card Reader for PIN which is an extra piece of hardware, connected to the mobile device, e.g. by Bluetooth.

CPoC (Contactless Payments on COTS) is the second and more recent standard which makes accepting contactless payments even simpler. The NFC capability transforms mobile devices into a contactless payment reader.

Common to both standards are the mobile card reader app, the attestation and monitoring services. All of it just for upholding a high level of security and trust. Of course, besides that typical payment related services are part of the backend.

What role does Build38 play in this?

Build38 fulfills the strictest security requirements mandated by PCI:

  • Ensuring the app is running in a secure environment (and only there)
  • Obfuscation
  • Anti-repackaging technology
  • Secure PIN entry
  • Mitigation of detected threats already on the mobile device, etc.

On top of that Build38 provides the required attestation component which acts as verifier to determine the current security state of the app. It delivers additional security signals into the monitoring system which detects, alerts, and mitigates suspected or actual threats and attacks.

PCI security requirements can be overwhelming with all its complexities, yet there is nothing to be afraid of!

You understand payments at your best, and Build38 masters your mobile security!

At Build38 we believe that in a changing digital landscape, the app security is not a luxury. It is a necessity. Your developers should focus on what they are best at: delivering business value and world-class payment apps, while Build38 provides mobile app security. Build38’s Trusted Application Kit (T.A.K) is a highly secure, holistic and easy to integrate mobile app security framework.

It all starts with better understanding your mobile risks.

Get to know where you stand today!
Strengthen your policies and compliance posture!
Explore your options and get the right solution!

 

Contact us and launch your own CPoC or SPoC solution faster in the market!


Contactless Payment, Part 1: The smartphone and App replace the card reader

Cashless payments are more popular than ever. This trend was also accelerated in particular by Covid-19. In Germany, for example, an increase of 20 % was recorded in the first half of 2020. Every second payment was even made contactless.[1] Nevertheless, there is still some catching up to do in Germany compared to other countries that already have a higher rate of cashless payments.

In addition to the “classic” variant of cashless payment via bank card, contactless payment via smartphone is also becoming increasingly popular across Europe. As a recent survey shows, around 12 % of the Europeans surveyed already prefer paying by smartphone.[2]

Contactless payments will gain further momentum

With contactless payment, the card is held against a card reader at checkout and does not need to be inserted anymore. For small amounts it is even not necessary to enter the PIN. In view of the pandemic retailers have been encouraging customers to pay in this way to avoid contact and a possible infection.

With contactless payment by smartphone, the app on the smartphone replaces the bank card. For further strong growth two requirements will play an important role:

  • Retailers, small merchants, market, and street vendors must be enabled to accept mobile payments, without the need to invest in traditional card readers.
  • Mobile payment for small sums must be supported, as demanded by customers.

At this point the question arises as to how the first requirement can be implemented in an affordable and simple way.

PCI standards are paving the way

The PCI Security Standards Council (PCI SSC), founded 2006 by American Express, Visa, MasterCard, among others, is a “global forum that brings together payments industry stakeholders to develop and drive adoption of data security standards and resources for safe payments worldwide”. They are the governing body for payment standardization, technical requirements, and certification of payment solutions.

PCI has already recognized that contactless payment must be available for everyone, means by using the smartphone or tablet, which PCI calls in their own language a COTS (commercial off-the-shelf) device. Therefore, two standards are available now: the SPoC (Software-based PIN Entry on COTS) and the CPoC (Contactless Payments on COTS) standard.

 

Learn more about these standards and how Build38 can ensure the security of payment apps in our next blog post.

 

[1] https://www.handelsblatt.com/finanzen/banken-versicherungen/coronakrise-kreditwirtschaft-trend-zu-bargeldlosem-bezahlen-haelt-schon-laenger-an/26289960.html?ticket=ST-350571-XZqIrSQGq5lLGZqhcQfl-ap4

[2] https://www.handelsblatt.com/finanzen/banken-versicherungen/umfrage-in-zwoelf-eu-staaten-die-coronakrise-verstaerkt-den-trend-zum-bargeldlosen-zahlen/26185710.html


Risk-free Healthcare Mobility: Understand mobile risks, enhance security, and master it

Healthcare providers, healthcare delivery organizations (HDO) and healthcare professionals (HCP) increasingly use mobile applications (“apps”). Mobile apps empower them to effectively optimize communication among patients, healthcare providers and their care givers. They also deliver better outcomes: Allow the monitoring of patient’s conditions around the clock, the personalization of their healthcare and improve the accuracy of diagnostics and treatments. Furthermore, organizations using apps are incentivized with lower costs in workflow management.
Providers leverage mobile apps to achieve those goals, but ultimately, they are also fully responsible to manage access to vital healthcare data without compromising data security.

38% already suffered a mobile security compromise

According to Verizon’s Mobile Security Index (MSI) 2020 report, mobile security compromises are at an all-time high now in the healthcare industry. 38% of those surveyed suffered a mobile security compromise. That is a staggering year-over-year increase of 52% (MSI 2019: “only” 25% were compromised)!

The same study also says that healthcare organizations are worried:

  • 88% said that they are concerned that the highly confidential nature of patient data makes them a target for cybercriminals.
  • 85% said they feared that a security compromise could seriously compromise patient care.

Indeed, that fear of personal or medical data being compromised is not unfounded. The Verizon’s Data Breach Investigations Report 2020 states that in case of an attack

  • 77% of personal data and
  • 67% of medical data

are compromised.

Your call for action:
Understand mobile risks, enhance security, and master healthcare mobility

At Build38 we believe that in a changing digital landscape, app security is not a luxury. It is a necessity. Your developers should focus on what they are best at: delivering business value and world-class Healthcare apps, while Build38 provides mobile app security. Build38’s Trusted Application Kit (T.A.K) is a highly secure, holistic and easy to integrate mobile app security framework.

It all starts with better understanding your mobile risks. Get to know where you stand today. Strengthen your policies and compliance posture. Explore your options and get the right solution.

Contact us! Simply write us an email info@build38.com or visit our website www.build38.com.


Build38 and Pryv Team Up to Simplify Mobile Security and Privacy for Digital Health Companies

Lausanne/Switzerland, Munich/Germany 5 May, 2020 – The Swiss leading provider of privacy and personal data management software, Pryv SA, and Build38 GmbH, the global provider of mobile application protection solutions, announced a strategic collaboration to address the growing demand for security and privacy compliance for the Digital Health and InsurTech Industry.

Security with app hardening and privacy-by-design backend are a top priority for Digital Health Providers

Fraud, privacy violations, cyberattacks, unauthorized data collection, outlaw processing, and hacking of connected medical devices and mobile applications are just a few of the threats arising from the digitalization of the healthcare industry. A hack, that can be disastrous for individuals, is just as harmful for businesses, who will face regulatory fines and damage to their reputation. Such threats can be minimized by implementing adequate privacy and security measures right from the very start. Protecting digital channels is invaluable on many levels, saves lives and prevents significant financial losses.

“Smartphones and tablets are the primary access point for both our personal and work life, and a valuable target for attackers,” said Dr. Christian Schlaeger, Build38 CEO. “Business agility provided by mobile devices will continue to drive adoption in the mobile health sector, even more now with the announced DiGA initiative of the German government. Build38 and Pryv empower businesses to embrace the productivity benefits of mobile devices while addressing the security and privacy risks.”

“Developing the privacy and security layers of Digital Health applications is a highly demanding task, yet essential to gain users trust and achieve compliance.” said Pierre-Mikael Legris, CEO at Pryv “This partnership is a game changer for digital health innovation. It provides digital health innovators with a rigorously tested off-the-shelf solution, allowing them to easily and rapidly develop trustworthy and scalable products.”

 The offering by Pryv and Build38 foster compliance with the most stringent existing and forthcoming data protection and cybersecurity regulations. No dedicated security knowledge or privacy-expertise is required by development teams. Companies can focus on their core competency, while de-risking security and privacy compliance, winning time-to-market and fostering user-engagement through trust and transparency.

 

About Build38:

Build38 is a global provider of mobile application protection solutions. Its Trusted Application Kit (T.A.K) solution combines AI-platform and strongest app shielding technology which protects B2B and B2C mobile channels from fraud and reduces your compliance risk exposure. It also enables new use cases and opens the market for new digital business models. Build38 protects applications across various industries including automotive, financial, public transport and health care. Build38 is headquartered in Munich with global offices in Barcelona and Singapore.

Contact:
Torsten Leibner
Head of Product Management and Technology & Co-Founder
torsten.leibner@build38.com
T: +49 170 9389064
www.build38.com

 

About Pryv SA:

Pryv makes health personal data processing as secure and trustworthy as online banking.

Pryv.io is a solid foundation on which you build your own digital health solution, so you can collect, store, share and rightfully use personal data. It comes with must-have consent and auditing tools to keep you compliant with existing and forthcoming regulations. The software has been developed to accommodate rapid integration, allowing you to properly manage your users’ data from day one. It comes with turnkey IoT connectivity, a secure storage vault, fine-grained consent management, and comprehensive auditing capability that radically cut IT risk, development costs and accelerate time-to-benefit while addressing the GDPR and the most stringent data protection requirements.

Contact:
Evelina Georgieva
Co-founder & CBDO
evelina@pryv.com
+41788767016
www.pryv.com