In the present PC environment, viruses, spyware and malware may be present in PCs, which may compromise valuable data or transactions. Universal Serial Bus (“USB”) devices like secure token may perform cryptography, secure key generation and storage. However, secure tokens still require the application to be run on the PC with the plan information and data to access this feature and this leave the plain information and data before encryption vulnerable to attack. IBM's® USB secure stick, the Zone Trusted Information Channel, has an on-board processor used to create a secure socket layer (“SSL”) channel, but not for running a secure application. The application is still using the host PC memory and leaves a memory trace on the host PC that is vulnerable to a virus or spyware attack.
Penprotect™ software for a host PC uses encryption to protect files within a USB flash drive, flash memory, or USB stick. But Penprotect software does not protect the encrypted files once they are decrypted and running on the host PC. Furthermore, the same encrypted files stored in the USB memory stick require Penprotect software to be installed on another PC before they can be accessed, so the encrypted files are not portable.
Livetoken™ is a USB drive with a Linux Operating System (“OS”) and a secure chip installed on it to store the keys and passwords. However, Livetoken's design requires the host PC to be rebooted to run the OS on the USB drive. Furthermore, the Linux OS is very dependent on the host PC hardware configuration, and will not work on any other host PC.
U3™ technology from Sandisk allows a portable application in a USB flash drive to be used only on a Windows XP® or Windows Vista® PC. This provides only application portability, but not security for the application and data execution on the host PC because U3 technology uses the host PC memory to execute the portable application. This leaves the U3 technology open for attack from a virus or spyware.
Current wireless device designs have all the software layers running on the handset main processor with the telephony hardware, radio hardware, Bluetooth, Audio Codec, Wireless Fidelity (“WiFi”), General Packet Radio Service (“GPRS”), display screen, camera hardware, and associated software applications. The application and the runtime environment are dependent on the particular handset hardware architecture. Accordingly, all applications and run-time environments of the device are likely not portable or compatible among devices with different hardware architectures.