Enabling trusted authentication
For over 30 years, Swiss-based LEGIC Identsystems has enabled companies from around the world to deploy solutions with demanding security requirements. Based on key management, trusted services and secure, contactless semiconductors, the LEGIC Security Platform provides end-to-end security for smartphone- and smartcard-based access, mobility, shared resource and industrial IoT applications.
We tailor our platform to suit you. We know from experience that every project is different, and that each customer has their own requirements. Flexibility is therefore our guiding principle: You are free to choose the features you want.
ID systems are highly complex. We strive to make your design as easy as possible. We are just as uncomplicated as our solutions. As LEGIC customers, you will receive expert advice and support via our well-rounded consultancy service.
With the unique LEGIC Orbit and Master-Token System-Control, your system’s security is in your hands. Instead of insecure passwords, control of your system is linked to secure smart devices based on Hardware Root of Trust.
Rely on our strong network. You have a long-term approach, and so do we. You should not have to worry about the future of your mobility system. As part of a solid partner network, you can rely on a team to protect your technology investment.
Executive Committee: since 2015
Education: Master of Industrial Engineering and Management
Executive Committee: since 2002
Education: Graduated Engineer in Electronics and Software Engineering
LEGIC stands for LEG = Legitimation + integrated Circuit (IC). It is pronounced "LE" as in the start of "Legitimation", and "GIC" as in the second syllable of "maGIC",
LEGIC Identsystems AG is headquartered in Wetzikon, Switzerland, approximately 25 kilometers outside of Zürich. The company has sales offices in the USA, UK, Germany and China.
LEGIC has been a trusted supplier of authentication and secure credential management platforms consisting of software services and semiconductor components to leading corporations worldwide for more than 30 years. LEGIC introduced the world's first commercially available contactless identification solution based on 13.56 MHz in 1992.
There are over 100 thousand installations of LEGIC’s security platforms running worldwide.
LEGIC’s advant and neon technology for smartcard / smartphone authentication and credential management have never been compromised.
LEGIC’s security platform is ideal for enabling applications that require secure, contactless management of the interaction between people and things. Customer applications enabled by the LEGIC Security Platform include:
- Access control to buildings, rooms and IT equipment such as terminals and printers.
- Applications where many users share high-value resources such as car or IT resource sharing
- Applications requiring managed access to machines and sensitive information such as healthcare or financial data terminals
- Smart city applications that enable autonomous permissioned control of a building’s operations in response to specific occupant requirements
- Closed-loop ePayment applications such as corporate canteen or vending services
All credential data stored on a smartcard is encrypted via AES (128/256 Bit), 3DES, DES, or LEGIC encryption. LEGIC Security Modules are pre-programmed with corresponding decryption keys stored in an integrated secure element, meaning they never leave secure environments in an unencrypted form. Keys are also modified after each session eliminating so-called replay attacks.
Smartcards are extremely robust with long lifetime (e.g. can survive in the washing machine). They need no power supply, or software updates. Smartcards support short-range contactless communication, typically 20 cm but can be customized to meet application requirements. This is ideal for high-security apps requiring close-proximity such as e-payment and access control. Smartcards are also low-cost and double as visual identification (photo ID badge).
Smartphones support long-range contactless communications based on Bluetooth Low Energy (10+ m), which is well suited for longer distance applications such as remote control of lighting, heating, etc. or opening garage doors. Android smartphones also support NFC, which also gives them the benefits of close-range communication. Smartphone-based apps can also be instantly downloaded and used which is ideal, as an example, for real-time granting of building or room access and employee onboarding. Smartphone apps can also be integrated with LEGIC’s authentication and credential management software to create graphical-rich 3rd party applications. Smartphones also allow Instant, remotely updatable/revocable permissioning, and have multifactor authentication hardware/software built-in to support fingerprint and facial recognition.
Apple iOS and Android are supported.
The platform also supports bi-directional encrypted messaging between cloud app and edge devices. This may include any binary data such as text, files, code, etc. It also supports Firmware Update Over the Air (FOTA), and secure hosting of application software in hardware secure element (in addition to encryption key storage).
Between cloud & smartphone; HTTPS over TLS 1.2. Between smartphone and IIoT edge devices (via a LEGIC Security Module); mutual authentication with AES-128 session keys. Between the Security Module and the host controller of the IIoT device, communication is encrypted via AES-128/256 or 3DES. Credential data passing over all these links are further encrypted using symmetrical encryption keys based on AES-128 that are stored in a Hardware Security Module of LEGIC’s Trusted Service.
V4.2+ Bluetooth Low Energy, RFID and Near Field Communication (NFC) standards ISO 14443 A, ISO 15693, LEGIC RF standard, Inside Secure, Sony Felica, and ST SR series, Apple ECP 2.0
Credentials are data uniquely associated with an individual user. Credentials include data defining a person’s unique identity, when and where and for how long a user may use a device, which applications are available to the user, e-money balance for e-payment applications, data access privileges, etc. Credentials are provisioned by an (optional) cloud management system and securely stored on a users’ smartcard or smartphone to give them managed access to devices, data and infrastructure.
127 for 4k advant smartcards, for smartphones you are only limited by the memory size of the smartphone.
Security can be scaled up with smartphones by using mobile OS security features like fingerprint/facial recognition, or with an ID solution provider defined PIN that is entered via the smartphone. For smartcard based applications, measures can be implemented on the reader terminal (biometrical sensors, PIN pad, etc.). For both solutions, any combination can be implemented.
LEGIC Connect runs in AWS cloud hosted data centers located in Switzerland and Germany. Hardware Security Modules (HSMs) are run in secure, audited environments within Swiss borders only.