Name: SecureUSB® KP
Availability: InStock

Overview

Wear resistant Keypad

Special coating covers the keys on the keypad which masks key usage that can be used to aid a potential attacker guess the most commonly used keys.

Certified Secure with FIPS Compliant Design

Full disk hardware encryption is just a start of keeping your data completely safe should it ever get into the wrong hands. While the hardware design is impenetrable we don’t stop there, all user data and crypto parameters are encrypted as well.

The SecureUSB® KP contain an independent processor, crypto processor as well as other security components to create a unique and patent pending design. Every vital piece of electronics is covered with a tough epoxy coating cementing the critical components in an indistinguishable solid capsule.

While this epoxy is effectively impossible to remove without destroying the independent components, it does not however affect the functionality of each component nor reduce the overall performance, it simply makes the electronics impossible to separate and reverse engineer.

OS and Platform Independent

The SecureUSB® KP will work on any host operating system (Microsoft Windows, MacOS, iOS, Linux, Chrome, Thin Clients, Zero Clients, Android & Embedded Systems). This means this is the perfect backup solution for DVRs, Game Consoles, Laptops, PCs, Servers, Workstations and any other device with USB ports. There are no drivers or software to update, all encryption and authentication is performed directly on the drive.

Preloaded with Antivirus

Keep your SecureUSB® KP virus free with a pre-loaded 1 year license for the USB Antivirus by ESET real-time Heuristic Scanning. Even if not connected to the internet the ESET engine will recognize malicious files based on a custom algorithm and deny saving them to the SecureUSB® KP. Unlike desktop antivirus software the USB Antivirus is designed for mobile devices and does not require any installation on the host system.

Full Disk Hardware Encryption

There is absolutely no communication between the host Operating System (Windows, Linux, MacOS or similar) and the drive until the User enters the correct PIN via on-board keypad. Only at this time will the USB controller be unlocked to initiate communication between the drive and host OS. Hardware encryption also eliminates loss in data read/write speeds unlike software based data encryption which can slow performance by 30% or more. Even if the hard drive is extracted from the enclosure starting at sector 0 all data is encrypted all the way to the last Logical Block, rest assured there is no way to decrypt the data without the 256-bit key.

256 bit AES XTS Mode

The data encryption process consists of 14 different rounds of encryption to make your original data unrecognizable to an unauthorized user. SecureUSB® KP encryption for data at rest is implemented using the XTS block cipher mode since it circumvents multiple weaknesses of the older AES modes, such as CBC and ECB.

USB 3.0 Super Speed

USB 3.0 uses two unidirectional data paths: one to receive data and the other to transmit. The “SuperSpeed” bus provides for a transfer mode at a nominal rate of 5.0 Gbit/s while being backwards compatible with USB 2.0 for older hardware.

Brute Force Anti-Hacking Self Destruct Feature

Entering an incorrect password ten consecutive times will trigger the brute force hacking detection which will crypto-erase the passwords, all User data and drive formatting. The drive will remain functional but will require reformatting and all data which resided on the device including any identifiable user parameters will be unrecoverable.

IMPORTANT – If the User PIN is forgotten there are no techniques to retrieve the key. There are absolutely no back-doors and all data will be erased permanently.

BadUSB Protection

Since the SecureUSB® KP is hardware encrypted the USB controller is locked until it correct user pin is entered. This unique design does not allow for any malicious firmware modifications/updates preventing the BadUSB exploit.

Admin and User modes

Setting up an Admin PIN will allow the Admin to regain access to the data if the User is no longer available and well as set policies such as Read-Only and Inactivity AutoLock.

Read Only Mode

Optional Read-Only mode prevents Writing, Deleting, Saving or editing any Files to the device until Read/Write is enabled.

Bootable Drive

Saving a boot files and drivers required to load a PC, Laptop or Workstation on a SECUREUSB® KP® will keep your system image fully encrypted until you’re ready to load the machine. Upon successful User Authentication the SecureUSB® KP performs identical to a non-secure USB or Hard Drive.

Inactivity AutoLock

To protect against unauthorized access when the drive is connected to a host computer and unattended, the Drive can be set to automatically lock after a pre-set amount of time of inactivity. The default state of the Inactivity Lock is OFF. This feature can be set to activate (lock) at predefined times between 1 and 60 minutes.

Capacity	4 GB – 64 GB
Data transfer speed	Up to 130 MB per second read. Up to 43MB per second write
Security Module Validation	FIPS 140-2 Level-3 (certification pending)
Authentication method	Keypad
Authentication mode	User Authentication onboard Keypad
Interface	USB 3.0/3.1
Cryptographic Processes	AES-XTS 256 Bit Hardware Encryption (OS independent)
Data Protection	Real time military grade AES – XTS 256-bit Full-Disk
Waterproof	IP57 (Certification Pending)
Tamper-proof	FIPS 140-2 Level 3 Compliant Design
Brute-force defence	Data destruction after 10 consecutive incorrect PIN entry attempts
Immune to Bad USB	Yes, no firware updates allowed
Roles/Permissions	1 Admin / 1 User
Read Only Mode	Yes
Inactivity Autolock	Yes, predefined times between 0 and 60 minutes
OS Compatability	Microsoft, iOS, Android, Linux, Chrome, Thin Clients, Embedded Systems (No software or drivers needed)
Regulatory Approvals	FCC, CE
Warranty	3 Year (limited)

Product Documentation

Below is the complete documentation of SecureDrive KP Encrypted Flash Drive.

SecureDrive KP Encrypted Flash Drive – Product Manual (1MB PDF)
SecureDrive KP Encrypted Flash Drive – Quick Start Guide (40KB PDF)

Product Videos

Frequently Asked Questions

Does my data or encryption key get passed over Bluetooth signal?

No. Bluetooth is simply the communication channel. The authentication is handled via secure server/app exchange. Your data or the encryption key cannot be extracted by any side channel attacks or Bluetooth listener.

How do I unlock/lock the drive?

You must download the DataLock® app from the app store. After installing it you will be able to pair the device (make sure your Bluetooth is turned ON). Once synced, you can use the App to login.

Once you have successfully logged in you will be able to change user settings and swipe LEFT on the device name to lock it. Once the device is locked you must re-login in order to mount the drive.

Where do I get the app?

The DataLock® and DataLock®+ are available to download via the Apple Store or Google Play. Type in “DataLock” in the search to find and install the app on any mobile device.

Can I use my FaceID or TouchID to unlock my device?

Yes, using the DataLock® app you can select to authenticate via Touch ID or Face ID (Apple only).

If I forget my password, does anyone have a copy or can I reset it?

NO! There are absolutely no back-doors or resets. After 10 consecutive incorrect attempts the anti-hacking brute force self-defense mechanism will engage wiping all user data and drive attributes.

If I reset my drive can I still use it or is it destroyed?

The drive will revert to factory settings, unformatted, default drive name and all user data will be gone. The drive requires formatting for continued use.

If I reset my drive can SecureData get my files back?

NO! Resetting the drive will activate a crypto erase command which will delete then regenerate the encryption key. Once the key is gone there is absolutely no way to get it back. Even though there will be encrypted data on the drive, there is no viable way to decrypt it.

If I lost my drive, can I reset it remotely to delete my data?

Yes! If the drive is added to the subscription based Remote Management console even if you lose the drive you can wipe the data on it remotely.

Can I add remote management later?

Yes, this is the uniqueness of our SECUREDRIVE BT product line. You can switch from DataLock® (non-remote managed) to DataLock® + (remote managed) status without installing any software, the device will just need to be provisioned using the DataLock® Admin app.

Do I need Internet or Cell signal to use the BT Drive app?

While using the DataLock® app you do NOT need to be connected to the Internet or WIFI in order to unlock the drive.

Alternatively, if your device is remote managed you must unlock it via DataLock®+ app which will require Internet or Cell service turned ON. However, the admin can enable the offline mode in the DataLock®+ app which will not require any Internet or Cell Signal.

What smartphones, smartwatches or wearables does it work with?

The SECUREDRIVE BT will work with any modern mobile device. Here are a few product lines it is tested with.

iOS Smartphones:

iPhones: 5S, 6, 6 Plus, 6S, 6S Plus, 7, 7Plus, 8, 8 Plus, X
iPads: 3rd generation, 4th generation
iPad minis: mini, mini 2, mini 3
iPad Air: Air, Air 2

Android Smartphones:

Most Android phones running version 4.4 or above will work with DataLock® app.

Google Nexus 4, Google Nexus 5, Google Nexus 6
Samsung Galaxy S4, Samsung Galaxy S4 mini, Samsung Galaxy S5, Samsung Galaxy S6, Samsung Galaxy S7, Samsung Galaxy S8
One Plus X
Sony Xperia Z, Sony Xperia Z3 Compact
HTC One mini 2

SecureUSB® KP