Online Identification and Access Control for all users. Restrict and allow login into your web site, your subscription service and any kind of online business!

Guarantee security and revenue from subscribers by requiring the convenient, ultra slim CRYPTO-BOX^® USB instead of passwords. Replace insecure, hard-to-remember passwords, which can be known by many, with a CRYPTO-BOX, which only can be used by one legitimate user.

• eBusiness.
• Financial and banking services
• Online authentication in general
• Remote activation and -programming of applications
• License upgrades and Pay-per-Use; Software leasing
• Electronic Software Distribution and Global presence
• Marketing support: Know all your customers, get 100% registration 
  ... and much more

The WebSecurity Toolkit (WebSec) will enable you to add security and strong identification features to your web site and Internet based solutions. Using special hardware, the CRYPTO-BOX USB from MARX on the client's side, WebSecurity provides web developers with a secure method of remote client authentication via the Internet, intranets, extranets and allows secure access to the CRYPTO-BOX memory (Secure data transactions). Only those users who have the matching CRYPTO-BOX will be allowed to log in to the protected web pages. The contents of a client's CRYPTO-BOX memory can be used by the web applications PHP or JSP pages to control various services, and whether to allow those services to the remote client. Using WebSecurity you will be able to control access to web pages, on line services, databases, or any web based application. WebSecurity enables you to distribute, update, and revoke licenses, certificates, and keys of the clients attached CRYPTO-BOX remotely via an encrypted channel.

Online License Management System from MARX ist an extension to WebSecurity which allows a fully automated distribution of updates for the CRYPTO-BOX via Internet using update scripts.

WebSecurity is based on two main components: CRYPTO-BOX on the client side (end user) and the web server on the vendor's (service provider's) side. Client component, used to access the CRYPTO-BOX is implemented as COM-object for Microsoft Internet Explorer and as a plug-in for Mozilla. The component receives requests (encrypted transactions) from HTML/JavaScript pages, generated by the server and loaded with the browser. Requests are executed by the component and the encrypted result of the transaction is sent back to the server. Every SmarxOS formatted CRYPTO-BOX USB, contains client's private RSA key and distributor's public RSA keys, used for handshake (establishing secure connection and client authentication). In addition to hardware-implemented 128 bit Rijndael encryption, software (Open SSL) 256 bit AES encryption is used. WebSecurity is based on two main components: The CRYPTO-BOX on the client side (end user) and the web server on the vendor's (service provider's) side. The WebSecurity COM object (ActiveX) receives the encrypted requests on the client side through Java Script programs generated by the server and built into HTML pages loaded by the client's browser. The encrypted requests are decrypted and executed by the ActiveX COM object and the encrypted results of the transaction are sent back to the server. On the server side the functional part of the solution is placed into Java classes while the design portion can be built via any popular web authoring tools. The server generates encrypted requests for the CRYPTO-BOX, which are executed on the client side. All sensitive information, such as access codes for the CRYPTO-BOX, is stored safely on the server.

WebSecurity brings tamper - proof authentication, secure storage on the client site with compatibility to your existing and future infrastructure.

The WebSec Server is platform independent, scalable and can be integrated into existing database environments. All sources of the WebSec Server are available, customization can be done very easily.

WebSecurity version 2.0 or higher is based on SmarxOS, so it's compatible with other SmarxOS based applications and solutions.

• Client: compatible with Internet Explorer and Mozilla Firefox on Windows 7/Vista/XP/2000 plus Firefox on Linux
• Server: platform independent - comes with full source code and documentation
• Traffic is encrypted with combination of software (Open SSL) 256 bit AES and hardware 128 bit AES Rijndael
• Secure reading and writing of CRYPTO-BOX memory from remote
• Server built either on PHP or JSP/Java technology - easy integration with existing solutions
• Compatible with Apache, IIS and any other PHP/JSP/Java enabled web server

(IMPORTANT: You need an Evaluation Kit of CRYPTO-BOX USB, configured to run with this test. Click here to download the WebSecurity Client for your Browser and the Configuration Utility.)