ThunderSEC 3.0 is a professional solution for those organizations that have secure mobile office needs, such as government, financial organizations, energy enterprise etc. We provide hardware-level protection and security technology for operating system enhancement. ThunderSEC 3.0 provides multiple protections covering mobile device, OS, applications, data and network. This solution can protect system security, data security and network security. Under the protection of ThunderSEC 3.0, enterprise data and information are safer. ThunderSEC 3.0 has passed the security test by the National Software Testing Organization. It is widely used in the government, energy, public security, military and telecommunications and other industries.


Security hardware support
With good relationship with chip vendors and OEMs, Thundersoft develops the professional solution which uses TrustZone technology, fingerprint security technology, and secure micro-SD technology. It is based on hardware layer to ensure the root of the device is trusted, the secret key and the algorithm are trusted.

Support ARM® TrustZone®

ThunderSEC 3.0 support ARM® TrustZone® technology, these important features are based on TrustZone®:

Secure boot: to ensure that the device is reliable, to prevent the terminal from being malicious getting-root after manufacture.

Security domain consistency check: preventing the application installed and running in the security domain from being tampered.

Security application core security: protecting user data by providing secure applications such as enterprise address book, text message encryption, and Email encryption.

Fingerprint authentication: collecting Fingerprint and authenticating in TEE.

Support biometric identification (fingerprint, iris)

Support biometric identification (fingerprint, iris) The fingerprint sensor integrated in cell phone is becoming more and more popular, fingerprint information is not only a key but also the ID. Fingerprint technology can be used in higher security requirements of authentication, such as payment or commercial signature. How to ensure fingerprint subsystem and the fingerprint data runtime secure is a big challenge. ThunderSEC 3.0 can provide the comprehensive security guarantee by using TrustZone,TEE technology and secure micro-SD,

Thndersoft invested Nok Nok Labs, a founder of FIDO alliance. ThunderSEC 3.0 also supports FIDO technology, which is in use throughout the world owing to independent process between authentication and transaction.

Support secure micro-SD in which an intelligent card is embedded.

Secure micro-SD is a special type of hardware that is widely used in financial, confidential fields for key management and data encryption. For the intelligent card inside with EAL 4+ security level, secure micro-SD is good at anti-physical attack and higher level of security certification.
Thundersoft is doing well with the leading security companies that provide secure elements. Using secure elements in our solution, ThundersSEC can provide some special functions, such as the combination of SIM with mobile phone(one SIM is mapping one specific phone and vice-versa ),SIM is bound with secure domain and secure applications.
Secure micro-SD is generally hardware-designed for SM1, SM2 and SM3, SM4, RSA, DES, AES, etc. Secure micro-SD is suitable for China encryption algorithm requirements.



Operating System Security
ThunderSEC 3.0 provides the features of isolation and encryption at the OS layer. It provides isolation environment for enterprise applications and multi-layer encryption for enterprise sensitive information. It provides a more powerful device management function to meet the various requirements during the full life cycle of enterprise equipment management. It also provides SDK for 3rd party EMM/MDM management system.

Isolation of dual domains

For the isolation requirements from government, financial, operator and the special enterprises such as energy enterprise, ThunderSEC provides isolation solution based the operating system layer isolation and TrustZone®. The supported Android OS versions contains 4.4 ,5.0,5.1 and 6.0. These features are:

Application Isolation:It protects users ' privacy by isolating enterprise and personal calls, contacts, text messages, photos and other applications. It provides an independent security domain and user can manage their application life-cycle including installation, operation, uninstallation in that domain. The pre-load secure Appstore is the only way for application installation.
Data isolation:It Isolates enterprise and personal data, the enterprise data cannot be accessible by personal applications.
Network isolation:The network traffic from different domains is isolated. In the secure domain, the secure VPN and VPDN will be auto-connected for secure communication.
Secure Domain Authentication:ThunderSEC supports various authentication methods containing PIN, pattern, password, fingerprint, Iris, and use TEE function to protect the authentication process. It supports various functions to handle the entrance of secure domain, such as icon , notification , dialing(secret number) and so on.
Consistency check:ThunderSEC check consistency for secure domain and installed application in secure domain every 5 minutes. The checking process is protected by TEE function.
Secure launcher. ThundeSEC provides a secure launcher application as secure entry in secure domain, the UI is significantly different from the personal domain.
Domain binding SIM card(optional). On dual SIM card devices, ThunderSEC can bind the secure domain to one specific SIM card slot to separate the business data and personal data.

System security management enhancement

With the growth of enterprise mobile terminals, not only the mobile devices but also the applications and data, both of their security needs to be managed and controlled. ThunderSEC is suitable because it provides a series of security management enhancement features including OS security management enhancements and secure domain management.




Secure applications
For enterprise customers, beyond the security of devices, applications and data management, the most valuable thing for them is to provide the secure and easy-to-use applications to match their business needs. ThunderSEC 3.0 provides a variety of general security applications to meet these requirements, including data encryption (file, photo, input method, etc.), communication encryption (VPN, encrypted text messages, VoIP and Email, etc), secure office (enterprise contacts , unified Authentication, etc.) and so on .Combined with another product ThunderEMM, the user can push secure applications, messages and documents from the enterprise private cloud.

Mobile Phone Against Losing

After setting a family and friend number, ThunderSEC 3.0 can lock your device, change the password, sound an alarm and locate through SMS.

File Safe Box

This feature can encrypt the photos and files through AES-128 encryption algorithm to protect your privacy.

Mobile Phone Manager

It can manage: Self-rebooting; Power saving; Traffic; Internet accessing in application; notice……

IME Encryption

Encrypt the input text and see the decrypted text on other device where installed the product. It can work with Wechat etc.

Secure Center

Manage center for secure cloud management ( organization-user-device secure policy) and device secure management (domain and apps)

VPN Pool

Provide VPN remote push and application and VPN settings auto-binding.

Unified Authentication

Provide log-on and verification service, ID key for encrypted text message, e-mail and enterprise contacts and ID for enterprise data synchronization and secured application push.

Enterprise Contacts Encryption

Manage the data of organization, personal information and contacts in cloud, provide phone number encrypted store and transfer, support call center based encrypted callback and conference call and VoIP.

Text Message Encryption

Provide safer text message encryption mechanism through Asymmetric Cryptography algorithm based on ID, which doesn’t need to access key server during sending and receiving.

Email Encryption

Provide safer Email encryption mechanism through Asymmetric Cryptography algorithm based on ID which doesn’t need to access key server during sending and receiving. It supports many popular mail servers such as POP3, IMAP and Exchange.

Secure Application Push

Support silent installation and uninstallation, forcibly application push.

Encrypted IP phone

Based on SIP, low latency, high load for thousand users level.

Customized Secure Smart Phone (For sale)
To provide safe mobile office to enterprise and government users, Thundersoft cooperate with big smart phone OEM to produce high quality customized secure smart phone. By working with secure encrypted TF card, the user can get “boot and play” safe mobile office. In addition, Thundersoft provides NRE service to the customers who have special and higher security level needs.

2016 Premium Secure Smart Phone
Screen: 5.5-inch
Cellular: Dual SIM Card, all kinds of networks
OS: Android 5.0
CPU: Qualcomm Snapdragon 615 (MSM 8939)
Kernel number:Eight Kernel
Capacity: RAM 2GB, EMMC 32GB
Battery: 2910mAh
Camera: 13-megapixel

Customized development support:
Customized back cover, On-Off animation, wallpaper, application layout and pre-installed applications



Other Customized Secure Phone
Lenovo
Coolpad
TCL
InFocus


Awards
In December 2015, ThunderSEC won METIS AWARD-- Best solution on mobile software&hardware platform.








TOP