Relock CloudΒΆ
Relock is an advanced software cryptographic authenticator that allows you to add invisible strong factor of authentication to your applications. It provides an extra layer of security directly in the browser, without adding friction for your users. It covers all identities in a single roll-out and was designed to comply with strict regulatory requirements for AAL2/AAL3 and Strong Customer Authentication.
The system uses cryptographic one-time keys that are renewed and verified on demand, ensuring that every access and even every user interaction can be independently verified. It is scalable, efficient, and configurable for high availability, making it ideal for high assurance and uncompromised performance.
- Executive Summary
- Technical Overview
- The State of Play
- Bearer Session Model
- Continuous Cryptographic Trust
- Cryptographic Design
- Continuous Access Evaluation (CAEP)
- Relock System Properties
- Core Technical Characteristics
- Client-Side Secret Storage
- Security Assurance Under Fatal Compromise
- Method Comparison
- Regulatory Alignment
- Compliance Matrix
- Technical Summary
- Deployment Options
- Simple Integration
- SameSite Integration
- JavaScript Agent Integration
- Reverse Proxy Setup (Required)
- HTTP Strict Transport Security (HSTS)
- Relock.js Library Integration
- Content Security Policy (CSP) with Nonces
- Subresource Integrity (SRI)
- MPA Web Applications
- Multi-Tab Browsing Support
- SPA Web Applications
- Key Established Event
- Established Event Payload
- Backend-Side Request Verification
- Basic Request Authentication
- Critical Request Authentication
- Relock Gateway Status Codes
- Login and Logout a User in the Gateway
- Zero-Trust Remember-Me
- Best Practices for Secure Deployment