Q&A explores new Swissbit's “Security” unit

Mr Grobbel, why did Swissbit decide to head into the security market?

Our customers made the decision for us. Swissbit has stayed in close contact with its customers around the world for more than 20 years. Over the course of all these conversations it emerged that there is growing demand for security cmbined with memory.

Where is this demand coming from?

A number of places since the issue affects diverse markets. In the telecommunications market, it is now public knowledge that the GSM standard has weaknesses, meaning that calls you make via mobile phone are no longer secure and can be intercepted. Then came the media reports about mass interception of data on a global scale, so now the public has less trust in the confidentiality of communications. In the end, a data package with no security measures is, at best, as confidential as a postcard. And this affects governments as well as businesses and private individuals.

Industry is focusing more heavily on this issue as an increasing number of plants go online – keyword: Industry 4.0. Search engines allow for relatively simple filtering by plant type where vulnerabilities can be exploited. When encryption and access authentication are weak, systems are susceptible to attack. If someone remotely sets a school’s heating system to 30°C, then that’s a relatively harmless prank. But what about traffic lights, hospital generators, chemical production facilities or power plants? Attacks like the Stuxnet attack have clearly demonstrated the extent of what is achievable by targeting and manipulating very specific facilities. Corporate know-how is also at risk if devices can be copied by means of firmware with weak security. The list is pretty much endless. This is why insurance companies increasingly demand reliable statements about system security and want any gaps closed at the latest after the very first incident. Nevertheless, it may already be too late for a business if its image has been ruined or draconian reparations have been imposed.

So the market recognises the need for appropriate security technology. What can Swissbit offer to meet this need?

We are in a position to meet the specific requirements of the industry, medicine, government, telecommunications and banking segments and deliver the one component that every system needs: secure memory in an external or embedded form factor. We offer a smooth migration path towards secure systems while retaining any existing memory form factor. To protect a system, users simply need to replace the existing memory with secure memory. This broad offering is unique.

What products are included in your Security portfolio?

Our PS-100u range offers three Flash memory variants in micro SD format.You can save data to these as you would to any normal micro SD card. What makes these memory cards secure is the embedded smart card chip and a controller with special firmware. The Standard Edition PS-100u SE fits best into authentication and PKI use cases. It is supported by leading middleware vendors in mobile, desktop and tablet use cases to ensure a seamless design in into existing security infrastructures. The Voice Edition PS-100u VE provides Elliptic Curve Cryptography for encrypting voice data. The big computation and security advantage combined with small certificate sizes make the PS-100u VE card ideal for online key- and certificate exchange like it is crucial for high performance secure voice solutions. The PS-100u CL is built for contactless NFC applications in devices and systems. Instead of the complex design-ins of an RFID chip, all you need is an antenna to enable communication between an NFC-capable telephone and the micro SD smart card. Example applications include electronic payment terminals and highly secure data entry solutions, such as required for closed medical devices and industrial systems in critical environments. Moreover, the newest Android version 4.4 will activate Host Card Emulation Mode in NFC telephones. All of our secure micro SD cards will be able to serve as a fully functional secure element for contactless communication via the telephone’s NFC chip.NFC service providers have been asking for a free choice of security technology for a while and this is the perfect solution for secure offline use cases, which means that they are no longer restricted by the limited functions of SIM cards. A diverse array of applications lies ahead. Our technology provides the necessary flexibility and innovation for the NFC ecosystem.

You mentioned before that customers will be able to hold on to their current form factor. Now you’re only talking about micro SD cards.

However, our overarching product strategy is clearly aimed at integrating these security features into the standard Swissbit portfolio. Our customers will be able to add various security features to all of our memory components, as and when they need to. Various form factors will then be available at the same security level and with the same interfaces. This opens up a world of flexibility.Plus, as a long-standing partner to our customers we can assure them that Swissbit also reacts quickly and absolutely confidentially in matters of security.

From a customer perspective there must be highly precise and specific guidelines in terms of security level. Can you also meet individual requirements?

Of course. We consult closely with the customer to choose the method that best matches the customer’s data protection profile. We can also integrate a customer’s smart card – such as access badges, bank or health cards – into our products and so port them to new platforms.

Swissbit is a newcomer to the security market. That brings me to two questions: Where does the requisite know-how come from? And how will you build your customers’ trust to the extent required for products as critical as these?

For the last twenty years, Swissbit has proven its ability to deliver and guarantee highly reliable memory for success-critical system components. Consequently, our company has established an excellent trust base in the market. This is reflected in the fact that customers approach Swissbit with their security requirements.They put trust in us that we can successfully expand our product range into the security field.

As to the requisite know-how, that is embedded in our new team of security experts. Together they have many years’ experience in successful development of security components for mobile applications, as well as in smart card technology and consulting for public bodies and businesses. Being a separate business unit lets the Security team focus on its core competency: security in combination with flash memory.

Mr Grobbel, you are the head of this new unit. Tell us a little about yourself.

Swissbit’s new Security unit is the ideal arena for me as one of my main interests is the development of new security solutions .For example, after studying electronics at the Technical University in Aachen, I spent many years working in various roles in software development, consulting, project management, product management, partner management and business development. At Giesecke & Devrient I was deeply involved in voice, message and data security for governments, companies and end users. The technology, requirements and market structure are like second nature to me, which gives me the confidence to say that Swissbit is a very good and, above all, neutral technology partner on the market.

Swissbit is an established player on the memory market, but as the new kid on the block in the security segment it will first have to prove itself. How will you go about this?

Our products have a fantastic USP due to the combination of highly reliable memory with long-term availability and the security function. Additionally, Swissbit has its own long-standing supply chain. There is practically nothing on the industrial market today that can compare to our security components. Unlike in the mobile telecoms market: with product lifecycles of often less than two years and a stronger focus on costs, aspects such as long-term reliability and long-term availability are secondary concerns. For this market we offer cost-optimised products with large memory, high flexibility through our tailored portfolio and short time-to-market because we can develop products quickly. Another plus point is Swissbit’s extensive partner network that can realise turnkey, customer-specific solutions with individual interfaces and secure elements within a very short space of time. Being a European provider means that we are also close to our customers – both geographically and culturally.

What are Swissbit’s goals for the new Security business unit?

On the one hand we are building on solid relationships with our existing customers by offering them exactly what they need for their business, now and in the future. On the other hand we want to capture new customer groups in the security market from industry, medicine, government, telecommunications and banking.

And what goals have you set yourself as head of this business unit?

In six years’ time, trusted supplier Swissbit will be market leader in Europe and the US for the combination of security and memory technology. I am convinced that I can achieve this in collaboration with the Swissbit team and our customers.