Keeper is Fanatical About Data Protection and Password Manager Security
Keeper utilizes best-in-class security with a zero-trust framework and zero-knowledge security architecture to safeguard your information and mitigate the risk of a data breach.
Keeper's Best-In-Class Security
Private Master Password
ONLY the user has knowledge of and access to their Master Password and key that is used to encrypt and decrypt their information.
Keeper protects your information with AES 256-bit encryption and PBKDF2, widely accepted as the strongest encryption available.
User data is encrypted and decrypted at the device level not on Keeper's servers or in the cloud.
Keeper supports multi-factor authentication, biometric login and Keeper DNA which uses the Apple Watch or Android Wear device to confirm your identity.
FIPS 140-2 Validated
Secure/Reliable Cloud Vault
Keeper utilizes Amazon AWS in multiple geographic locations to host and operate the Keeper Vault and architecture providing customers with the fastest and safest cloud storage. Data at rest and in transit is fully isolated in a customer's preferred global data center.
Keeper Security, Inc. (KSI) is passionate about protecting its customer's information with Keeper mobile and desktop security software. Millions of consumers and businesses trust Keeper to secure and access their passwords and private information.
Keeper's software is constantly improved and updated to provide our customers with the latest in technology and protection. This page provides an overview of Keeper's security architecture, encryption methodologies and hosting environment as of the current published version. An overview into the technical details involving our encryption and security methods are described in this document.
Zero-trust begins with password security. KSI creates its products using a zero-trust security framework that is based on not trusting any user within the architecture. Zero-trust assumes that all users and devices could potentially be compromised and thus, each user must be verified and authenticated before they can access a website, application or system. This cybersecurity framework underpins Keeper’s cybersecurity platform. The platform provides IT administrators full visibility into all users, systems and devices they are accessing which helps ensure compliance with industry and regulatory mandates. In order to have a zero-trust framework in an organization, it must have world-class password security that is supported with a zero-knowledge security architecture.
KSI is a Zero-Knowledge security provider. The Keeper user is the only person that has full control over the encryption and decryption of their data. With Keeper, encryption and decryption occurs only on the user's device upon logging into the vault. Each individual record stored in the user's vault is encrypted with a random 256-bit AES key that is generated on the user's device. The record keys are protected by an additional key, called the Data Key. The Data Key is encrypted by a key derived on the device from the user's Master Password. Data stored at rest on the user's device is also encrypted by another 256-bit AES key, called the Client Key. Secure record syncing between the user's devices is also encrypted at the network layer and routed through Keeper's Cloud Security Vault. This multi-tiered encryption model provides the most advanced data protection available in the industry.
The encryption key that is needed to decrypt the data always resides with the Keeper user. KSI cannot decrypt the user's stored data. KSI does not have access to a customer's master password nor does KSI have access to the records stored within the Keeper vault. KSI cannot remotely access a customer's device nor can it decrypt the customer's vault. The only information that Keeper Security has access to is a user's email address, device type and subscription plan details (e.g. Keeper Unlimited). If a user's device is lost or stolen, KSI can assist in accessing encrypted backup files to restore the user's vault once the device is replaced.
Information that is stored and accessed in Keeper is only accessible by the customer because it is instantly encrypted and decrypted locally on the user's device - this includes all native applications, browser-based apps and mobile apps. The method of encryption that Keeper uses is a well-known, trusted algorithm called AES (Advanced Encryption Standard) with a 256-bit key length. Per the Committee on National Security Systems publication CNSSP-15, AES with 256-bit key-length is sufficiently secure to encrypt classified data up to TOP SECRET classification for the U.S. Government. Keeper is FIPS 140-2 certified and validated by NIST CMVP (Certificate #3976 - https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3976)
The cipher keys used to encrypt and decrypt customer records are not stored or transmitted to Keeper's Cloud Security Vault. However, to provide syncing abilities between multiple devices, an encrypted version of this cipher key is stored in the Cloud Security Vault and provided to the devices on a user's account upon successful vault login and multi-factor authentication. This encrypted cipher key can only be decrypted on the device for subsequent use as a data cipher key.
Strong Master Password
It is highly recommended that customers choose a strong Master Password for their Keeper account. This Master Password should not be used anywhere outside of Keeper. Users should never share their Master Password with anyone.
To protect against unauthorized access to your vault, websites, and applications, Keeper also offers Two-Factor Authentication. Two-Factor authentication is an approach to authentication requiring two or more of the three authentication factors: a knowledge factor, a possession factor, and an inherence factor.
Keeper uses something you know (your password) and something you have (the phone in your possession) to provide users extra security in the case where your master password or device is compromised. To do this, we generate TOTPs (Time-based One-Time Passwords).
Keeper generates a 10-byte secret key using a cryptographically secure random number generator. This code is valid for about a minute, and is sent to the user by SMS, Duo Security, RSA SecurID, TOTP application, Google Authenticator or Keeper DNA-compatible wearable devices like the Apple Watch or Android Wear.
When using the Google Authenticator or TOTP application on your mobile device, the Keeper server internally generates a QR code containing your secret key, and it is never communicated to a third party. Each time a user deactivates, then reactivates Two-Factor Authentication, a new secret key is generated.
To activate Two-Factor Authentication, visit the Settings or Security screen of the Keeper application. Keeper Business customers can optionally enforce the use of Two-Factor Authentication to log into the vault and supported 2FA methods via the Keeper Admin Console's role enforcement functionality.
FIDO (U2F) Security Keys
Keeper supports FIDO-compatible U2F hardware-based security key devices such as YubiKey as a second factor. Security keys provide a convenient and secure way to perform two-factor authentication without requiring the user to manually enter 6-digit codes. Multiple security keys can be configured for a user's vault. For platforms that do not support security key devices, users may fall back to other configured 2FA methods. To configure a security key and other two-factor authentication methods, visit the 'Settings' screen of the Keeper application.
Emergency Access (Digital Legacy)
Keeper's consumer product supports the ability to add up to 5 emergency contacts to grant vault access in the event of an emergency or death. Once a specified wait time has elapsed, the emergency contact will gain access to the user's vault. The process of sharing a vault is Zero-Knowledge, and the user's Master Password is never directly shared. 2048-bit RSA encryption is utilized to share a 256-bit AES key with the emergency contact, at the expiration of the wait time set by the originating user. Therefore, the emergency contact must have a Keeper account (and a public/private key pair) to accept the invitation.
During account signup, users may be asked to select a Security Question and Answer or another type of recovery method. Also during signup, Keeper generates a Data Key which is used to encrypt and decrypt the Record Keys stored with each of the vault records. The user's Data Key is encrypted with a key derived from the Master Password using PBKDF2 with 100,000 rounds, and each Record Key is encrypted with the Data Key. Each record in the user's vault has individual, different Record Keys.
The way account recovery works (with the Security Question method) is by storing a second copy of the user's data key that is encrypted with the selected Security Answer. To complete a vault recovery, the user is required to enter an email verification code, and also the Two-Factor Authentication code (if enabled on the account). We recommend creating a strong security question and answer, as well as turning on Keeper's Two-Factor Authentication feature from the 'Settings' screen. Different recovery methods may be available to users based on the configuration of the Keeper business account, such as a recovery key or multiple split keys. Additionally, account recovery can be disabled by the customer. Two-Factor Authentication can also be enforced for Keeper Business customers via the Keeper Admin Console.
Business and Enterprise customers are provided a zero-knowledge method of account recovery for their users using Keeper's Account Transfer policy.
Data is encrypted and decrypted on the user's device, not on the Cloud Security Vault. We call this "Client Encryption" because the client (e.g. iPhone, Android Device, Desktop App, etc.) is performing local encryption and decryption of data. The Cloud Security Vault stores 256-bit encrypted ciphertext which is essentially useless to an intruder. Even if the data is captured when it's transmitted between the client device and Cloud Security Vault, it cannot be decrypted or utilized to attack or compromise the user's private data.
Breaking or hacking a symmetric 256-bit key would require 2128 times the computing power of a 128-bit key. In theory, this would take a device that would require 3×1051 years to exhaust the 256-bit key space.
Each user has a public and private 2048-bit RSA key pair that is used for sharing other keys (such as record keys, folder keys and team keys) between users. Shared information is encrypted with the recipient's public key. The recipient decrypts the shared information with their private key. This allows a user to share records only with the intended recipient, since only the recipient is able to decrypt it.
Keeper uses PBKDF2 with HMAC-SHA256 to convert the user's Master Password to a 256-bit encryption key with up to 100,000 rounds. PBKDF2 iterations are based on the device platform and managed by the user in Keeper's 'Advanced Settings' screen.
All secret keys such as each user's RSA private key and Data Key are all encrypted prior to storage or transmission. For consumers and business users who login with a Master Password, a key is derived from the Master Password to decrypt any stored keys. For enterprise customers who login with an SSO identity provider, encrypted keys are provided to the device after successful authentication and the user's private keys are used to decrypt the Data Key and other vault keys. Since Keeper's Cloud Security Vault does not have access to the user's Master Password or encryption keys, we cannot decrypt any of your stored keys or data.
Keeper's Cloud Security Vault
The Cloud Security Vault refers to KSI's proprietary software and network architecture that is physically hosted within Amazon Web Services (AWS) infrastructure in multiple data centers throughout the world.
After the user authenticates on their device, the encrypted ciphertext from the Keeper Cloud Security Vault is synchronized down to the device, then decrypted at the device level using the key derived from the user's Master Password (or the SSO-generated key). When changes are made to any record on the user's account (or to any record shared with other privileged users), a push notification is sent from the Keeper Cloud Security Vault to the user's device, instructing the device to perform an incremental sync. If the user is logged in, the local device will then perform an incremental sync and decrypt the record changes locally on the device. Record version history is maintained for every change made to a record.
Keeper maintains full encrypted version history of every record stored in the user's vault, providing confidence that no critical data is ever lost. From the Keeper client application, users can examine the record history and perform a restore of any individual vault record. If a stored password or file in Keeper is changed or deleted, users always have the ability to perform a point-in-time restore.
Customers who purchase Keeper Business are provided an extra layer of control over their users and devices. Keeper administrators are provided access to a cloud-based administrative console which allows full control over user on-boarding, off-boarding, role-based permissions, delegated administration, teams, Active Directory/LDAP integration, Two-Factor Authentication, Single Sign-On and security enforcement policies. Keeper's role-based enforcement policies are fully customizable and scalable to any sized organization.
At the encryption layer, every record (e.g. password or credential) stored in the Keeper platform has a unique record identifier (Record UID). Each record is encrypted with a record key. Shared folders have a shared folder key, each team has a team key and a public/private key pair, and every user has a user data key, client key, and public/private key pair. Every role that requires the transferability of the user's account has a role enforcement key and a public/private key pair. Data at rest on the user's device is encrypted with the user's client key. The user's data key and client key are encrypted with the user's Master Password.
Records created by a user have the record key encrypted with the user's data key. Records are added to a shared folder by encrypting the record key with the shared folder key. Records are directly shared to a user by encrypting the record key with the user's public key. Users are added to a shared folder by encrypting the shared folder key with the user's public key. Teams are added to a shared folder by encrypting the shared folder key with the team's public key. Users are added to a team by encrypting the team key with the user's public key.
Roles, Teams, Shared Folders and Delegated Admin
Keeper for Business provides a secure and robust set of controls over organizational units, roles, teams and shared folders. The powerful back-end controls of Keeper provide the most robust security layers that provide least-privilege access and full delegated administration.
For Roles that enforce the transferability of a user's account:
The enforcement key is encrypted with each admins' public key that is allowed to perform the transfer. Separate enforcements applied to separate groups of users may be designated to be transferred by separate groups of admins.
The user's data key (for users in a role to which the enforcement is applied) is encrypted with the role enforcement's public key (Referenced below as the user’s shared data key).
An account to be transferred is performed by locking then transferring and deleting a user's account. This ensures the operation is not performed secretly. The user's shared data key is retrieved by the admin and decrypted. This is used to decrypt all the record keys, team keys, and folder keys the transferred user had access to and those keys are shared with the public key of the user being transferred to. The admin does not receive the record and folder data, but instead simply transferred the keys. Only the recipient gets access to the record and folder data.
All encryption is performed client side, and at no time does Keeper have the ability to decrypt the information being shared or transferred. Additionally, at no time is a user's client key shared. Therefore, the data cached on a user’s device cannot be decrypted without the user’s master password. A user who is removed from a team, shared folder, or direct share will not receive new data from the team, shared folder, or record. Although the record, folder and team keys are compromised to the admin, the keys are not usable for gaining access to the underlying record or folder data.
Several different administrative privileges may be assigned to portions of a hierarchical tree that allows the members of the privileged role to perform operations in our Keeper Admin Console.
Server-side and client-side enforcement policies may also be applied to roles to dictate the behavior of the client for groups of individuals.
Teams enables easy distribution of shared folders to groups of users.
Permission protection and encryption protection are two very different models of our security. Because permission protection does not require the exchange of keys, permissions could be changed by Keeper personnel with sufficient authority such that a user who cannot edit a record he/she has access to could be given the ability to edit the record. Once a key is compromised with a user it becomes a matter of permission for the underlying data, not encryption.
Keeper Active Directory / LDAP Bridge
The Keeper Bridge integrates with Active Directory and LDAP servers for provisioning and onboarding of users. Keeper Bridge communication is first authorized by an admin with the privilege to manage the bridge. A transmission key is generated and shared with Keeper for all subsequent communication. The use of the transmission key is the authorization for all operations performed by the bridge except for the initialization of the Bridge. The transmission key may be regenerated at any time, and it will automatically rotate every 30 days.
The transmission key is only for transmission which means a compromised key may be reinitialized or revoked without any loss of data or permission.
Keeper Bridge may not give privileges to a role or user. It may add a user to a privileged role, as long as no enforcement keys are needed. Keeper Bridge may not elevate itself or a user above the portion of the tree it is managing. Not all operations are available to the Bridge, i.e. the Bridge can disable an active user, but may not delete the user. The admin will have to choose if the user is to be deleted or transferred.
Single Sign-On (SAML 2.0) authentication
Keeper can be configured by Keeper Business customers to authenticate a user into their Keeper vault using standard SAML 2.0 identity products. Keeper is a pre-configured service provider in every major SSO Identity Provider such as Google Apps, Microsoft Azure, Okta, Ping Identity and others. The mechanism that Keeper utilizes to authenticate users into their vault in a Zero-knowledge environment is the patent-pending implementation called Keeper SSO Connect®. Keeper SSO Connect® is a software application that Keeper Business administrators install on their own infrastructure (either on-premise or cloud), which serves as a SAML 2.0 service provider endpoint. When activated on a particular organizational unit, Keeper SSO Connect® manages all of the encryption keys for Keeper Business end-users. Upon successful authentication in to the business Single Sign-On Identity Provider, the user is logged into Keeper with the necessary encryption keys to decrypt their vault. Keeper SSO Connect® software operates on Windows, Mac and Linux environments.
SSO Connect® Cloud
Keeper SSO Connect® Cloud provides Keeper Enterprise customers with a method of authenticating a user and decrypting stored data in a zero-knowledge encrypted vault, with authentication provided through a 3rd party identity provider (IdP) utilizing standard SAML 2.0 protocols in a fully cloud environment.
In this implementation, a user can authenticate through their SSO identity provider and then decrypt the ciphertext of their vault locally on their device. Each device has its own EC (Elliptic Curve) public/private key pair and encrypted data key. Each user has their own Data Key. To sign into a new device, the user must utilize existing devices to perform an approval or an administrator with the privilege can approve a new device.
The importance of this capability is that the user can decrypt their vault using an encrypted key stored in the Keeper cloud. Zero knowledge is preserved because the Keeper cloud is unable to decrypt the user's Data Key on their device. The Data Key ("DK") of the user is decrypted with the device private key ("DPRIV"), and the Encrypted Data Key ("EDK") is only provided to the user upon successful authentication from their designated identity provider (e.g. Okta, Azure, AD FS).
For SSO Connect® Cloud users, an Elliptic Curve private key is generated and stored locally on each device. For Chromium-based web browsers, the Keeper Vault stores the local device EC private key ("DPRIV") as a non-exportable CryptoKey. On iOS and Mac devices, the key is stored in the device KeyChain. Where available, Keeper utilizes secure storage mechanisms.
The Device Private Key is not directly utilized to encrypt or decrypt vault data. Upon successful authentication from the Identity Provider, a separate key (that is not stored) is utilized for decryption of the vault data. Offline extraction of the local Device Private Key cannot decrypt a user's vault.
Different devices/platforms have varying levels of security, and so in order to provide optimal security we recommend using an up-to-date Chromium-based web browser.
As general protection against compromised device attacks, we also recommend that all devices (such as desktop computers) are protected with disk-level encryption and up-to-date anti-malware software.
SSO Device Approvals
To sign into a new device, the user must utilize existing devices to perform an approval or an administrator with the privilege can approve a new device. New devices generate a new set of public/private keys, and the approving device encrypts the user's data key with the public key of the new device. The new device’s encrypted data key (EDK) is provided to the requesting user/device and then the user is able to decrypt their data key, which then decrypts the user's vault data. Within the decrypted vault data the user can decrypt their other private encryption keys such as record keys, folder keys, team keys, etc.
The importance of this capability is that the user can decrypt their vault using an encrypted key stored by the Keeper cloud, and does not require any on-prem or user-hosted application services to manage the encryption keys. Zero knowledge is preserved because the Keeper cloud is unable to decrypt the user's Data Key on their device. The Data Key of the user is decrypted with the device private key (DPRIV), and the EDK is only provided to the user upon successful authentication from their designated identity provider (e.g. Okta, Azure, AD FS).
From an administrator's perspective, the benefits are: easy setup and no required hosted software to manage encryption keys as described in Keeper's current SSO Connect® encryption model.
The only workflow change in this model (compared to on-prem implementation of Keeper SSO Connect®) is that the user must perform new device approval on an active device, or delegate the responsibility to a Keeper Administrator to perform device approval.
Keeper SSO Connect® On-Prem
SSO Connect® On-Prem is a self-hosted integration that requires either a Windows or Linux hosted application server. In order to maintain Zero Knowledge security and ensure a seamless SSO experience for users, Keeper SSO Connect® must be installed on the customer's server. Windows, Mac and Linux environments are fully supported with High Availability (HA) load balancing operational modes.
Keeper SSO Connect® automatically generates and maintains the Master Password for each provisioned user, which is a randomly generated 256-bit key. This Master Password is encrypted with the SSO Key. The SSO Key is encrypted with the Tree Key. The SSO Key is retrieved from the server upon Keeper SSO Connect® service startup, and then decrypted using the Tree Key, which is stored locally on the server to support automatic service startup. Communication between SSO Connect® and Keeper's Cloud Security Vault is protected with a Transmission Key. SAML communications are cryptographically signed and are protected by the RSA-SHA256 or ECDSA-SHA256 signature algorithm depending on the type of encryption key (RSA or ECC) provided by the customer.
BreachWatch constantly scans Keeper records against public data breaches and alerts the user within the vault. BreachWatch is a Zero Knowledge architecture that uses a number of layered techniques to protect our customer’s information. In summary:
- A secure, keyed, cryptographic hash function and anonymization are used to perform a comparison of passwords against a database of breached account information.
- Customer passwords are processed with a hardware security module (HSM) and a non-exportable secret key before being checked against breached passwords or stored on BreachWatch servers.
- Keeper customers interact with BreachWatch using anonymized BreachWatch IDs that are unlinked from other Keeper customer identifiers.
- BreachWatch separates usernames and passwords into separate services with distinct, anonymized IDs to unlink usernames and domains from passwords.
- BreachWatch customers never upload domain information; only downloading domains.
Figure 1. The path of a customer’s hashed password data through BreachWatch. Only passwords hardened with an HSM and a non-exportable key are stored on BreachWatch servers. BreachWatch customers use anonymized IDs when interacting with BreachWatch servers.
To build a secure service, Keeper split BreachWatch into three services; one each for checking domains, usernames, passwords and username+password pairs. Keeper client applications contact each of these backend services using an encrypted REST API.
BreachWatch customers download a list of domains that have been breached and perform the checking locally.
Username and Password Scanning
Client devices connect to BreachWatch and upload a list of hashed usernames (or passwords) along with a client-selected, random identifier (separate identifiers for the username- and password-checking services). These password hashes are processed on upload with HMAC using a hardware security module (HSM) and a secret key stored in the HSM marked as non-exportable (meaning the HSM will only process the HMAC locally and the key cannot be extracted). These HMAC’d inputs (usernames or passwords) are compared against the breach datasets which have been processed with the same HMAC and key. Any matches are reported to the client device. Any values that don’t match are stored alongside the client’s anonymized ID.
As new breached usernames and passwords are added to the system, they are processed with HMAC on the HSM, added to the BreachWatch dataset, and compared against the stored client values. Any matches queue an alert for that client ID.
Clients check-in periodically to BreachWatch and present their BreachWatch IDs. Any queued messages are downloaded and clients upload any new or changed usernames and passwords which are processed the same way.
Security of the BreachWatch services is trust-on-first-use (TOFU). That is, clients must assume that the BreachWatch server is not malicious (that is, not actively compromised by an attacker) when the client uploads their hashed values. Once these values are processed with an HSM they are secured against offline cracking attempts. In other words, if an attacker steals the dataset of stored client values, they cannot crack those values offline without the HMAC key stored in the HSM.
If a breach of a password is detected, the client device sends a username+password combination hash to the BreachWatch servers which then performs the same HMAC hash comparison to determine if a combination of username+password was breached, and if so, the domains related to those breaches are returned so the client device can determine if username+password+domain is matched. If all three parameters match on the client device, the user is alerted as to the severity of the breach.
When BreachWatch is activated for business and enterprise customers, the end-user vaults are scanned automatically, every time a users logs in with Keeper. The BreachWatch summary data scanned on the user's device is encrypted with the Enterprise public key and decrypted by the enterprise administrator when logging into the Keeper Admin Console. This encrypted information includes the email address, number of high-risk records, number of resolved records and number of ignored records. The Keeper administrator is able to view user-level summary statistics within the Admin Console user interface.
Event Logging and Reporting
When integrated with the Advanced Reporting & Alerts module, Keeper end-user devices may also be optionally configured to transmit detailed real-time events into 3rd party SIEM solutions and the Keeper Admin Console reporting interface. The event data contains email address, record UID, IP address and device information (events do not include any decrypted record data, since Keeper is a Zero-Knowledge platform and cannot decrypt user data).
By default, detailed BreachWatch event data is not sent to the Advanced Reporting & Alerts Module or any connected external logging systems. To activate event-level reporting of BreachWatch data to the Advanced Reporting & Alerts Module you must enable the event role enforcement policy under the specific role > Enforcement Policies > Vault Features screen. Once activated, the end-user client devices will begin sending this event data. Since integration with 3rd party SIEM solutions is transmitted from the Keeper backend to the target SIEM, this event information is therefore readable by the target SIEM and could be used to identify which records and which users within the organization have high-risk passwords. If the Keeper Administrator does not wish to transmit record-level event data to the Keeper Advanced Reporting & Alerts Module, this setting can be left disabled.
Offline Mode allows users to have access to their vault when they are not able to connect online to Keeper or to their SSO Identity Provider. This capability is available on Keeper's mobile app, desktop application and extended to Business users on popular web browsers.
The capability works by making a copy of the vault to the user's local device. The vault data stored offline is AES-GCM encrypted with a 256-bit “Client Key” that is generated randomly and protected by PBKDF2-HMAC-SHA512 with up to 100,000 iterations and a random salt. The salt and iterations are stored locally. When the user enters their Master Password, a key is derived using the salt and iterations and an attempt is made to decrypt the Client Key. The Client Key is then used to decrypt the stored record cache. If Self-Destruct protection is enabled on the user's vault, 5 failed attempts to login will automatically wipe all locally stored vault data.
KSI utilizes Amazon AWS in North America, Europe and Australia, for localized data privacy and geographic segregation to host and operate the Keeper solution and architecture. Utilizing Amazon AWS allows Keeper to seamlessly scale resources on-demand and provide customers with the fastest and safest cloud storage environment. KSI operates both multi-zone and multi-region environments to maximize uptime and provide the fastest response time to customers.
The Keeper Cloud Security Vault is protected by an API which authenticates each request from the client device. On the client device, a 256-bit "Authentication Key" is derived from the Master Password using PBKDF2-HMAC-SHA256 and a random salt. An "Authentication Hash" is generated by hashing the "Authentication Key" using SHA-256. To login, the Authentication Hash is compared against a stored Authentication Hash on the Cloud Security Vault. After login, a session token is generated and used by the client device for subsequent requests. This authentication token must be renewed every 30 minutes, or upon the request of the server.
Transport Layer Encryption
KSI supports 256-bit and 128-bit TLS to encrypt all data transport between the client application and KSI's cloud-based storage. This is the same level of encryption trusted by millions of individuals and businesses everyday for web transactions requiring security, such as online banking, online shopping, trading stocks, accessing medical information and filing tax returns.
KSI deploys TLS certificates signed by Digicert using the SHA2 algorithm, the most secure signature algorithm currently offered by commercial certificate authorities. SHA2 is significantly more secure than the more widely used SHA1, which could be exploited due to mathematical weakness identified in the algorithm. SHA2 helps protect against the issuance of counterfeit certificates that could be used by an attacker to impersonate a website.
KSI also supports Certificate Transparency (CT), a new initiative by Google to create a publicly auditable record of certificates signed by certificate authorities. CT helps guard against issuance of certificates by unauthorized entities. CT is currently supported in the latest versions of the Chrome web browser. More information about Certificate Transparency can be found at: https://www.certificate-transparency.org. Keeper supports the following TLS cipher suites:
Keeper clients implement Key Pinning, a security mechanism which prevents impersonation by attackers using fraudulent digital certificates.
Cross-Site Scripting (XSS) Attack Protection
The Keeper Web Vault implements a strict Content Security Policy that restricts the origin of outbound requests and prevents all scripts from being executed, except those explicitly sourced from Keeper, including inline scripts and event-handling HTML attributes, reducing or eliminating most vectors for cross-site scripting attacks.
Access to the KeeperSecurity.com and KeeperSecurity.eu domain names is restricted to HTTPS with TLS v1.2 and is enforced by HTTP Strict Transport Security. This prevents a wide array of packet sniffing, data modification, and man-in-the-middle attacks.
Within the Keeper Browser Extension, Keeper will not prompt users to login to their vault from within the page frame area. Login to the extension occurs within the Browser Extension toolbar area of the browser. Login to the vault on the web browser will always occur either on the KeeperSecurity.com domain, KeeperSecurity.eu domain or from the Keeper browser extension toolbar which exists outside of the content page.
The Keeper Browser extension on Chrome, Firefox, Edge and Opera utilize iFrames for injection of record data on the login screens of websites to ensure that no malicious website has access to injected content. Record content injected into iFrames is also limited to the vault records stored in the user's vault which match the domain of the target website. Keeper will not offer Autofill of login or password data unless the website domain matches the website domain field of the Keeper vault record.
The Internet Explorer Extension uses a separate native application window for logging in and accessing records. These separate windows are not subject to XSS attacks because they are not accessible from the browser. This allows the Extension in Internet Explorer to provide a login window from inside the page. The extension will not show records unless the records match the website address root domain.
3rd party browser extensions may have elevated permissions in web browsers and can access information within the page. Therefore, it is recommended that Keeper administrators prevent users from installing unapproved 3rd party browser extensions from the browser's respective app store.
iOS Keychain, Touch ID® and Face ID®
Touch ID and Face ID on iOS devices allows you to access your Keeper vault using your biometrics. To provide this convenient feature, a randomly generated 256-bit "biometric key" is stored in the iOS Keychain. The iOS Keychain item created for this functionality is not designated to synchronize to the iCloud Keychain and thus will not leave your iOS mobile device.
It is highly recommended that you use a complex Master Password and enable Multi-factor authentication in order to provide maximum security for your encrypted Keeper Vault. Using Touch ID and Face ID makes it more convenient to use a complex Master Password on your iOS mobile device. It is also recommended that you set a passcode longer than the minimum 4-digits to secure the iOS Keychain.
The iOS Keychain is used by iOS and apps to securely store credentials. iOS apps use the iOS Keychain to store a variety of sensitive information, including website passwords, keys, credit card numbers and Apple Pay™ information. Keeper does not use the iOS Keychain to store your Keeper records - all Keeper records are protected with 256-bit AES encryption and are securely stored in the Keeper Vault. The iOS Keychain is also encrypted with 256-bit AES encryption using the device's passcode. Even if the device is lost or stolen or an attacker obtains physical access to the mobile device, they will be unable to access any stored Keeper information. The iOS Keychain cannot be decrypted without the passcode and the Keeper Vault cannot be decrypted without the user's Keeper Master Password.
Keeper natively supports Windows Hello, Touch ID, Face ID and Android biometrics. Customers who normally login to their Keeper Vault using a Master Password or Enterprise SSO Login (SAML 2.0) can also login to their devices using a biometric. Biometrics must be enabled by the Keeper Administrator in the role policy. Offline access can also be achieved with a biometric for both Master Password and SSO-enabled users when this feature is activated.
When biometric login is enabled on a device, a key is randomly generated locally and stored in the secure enclave (e.g. Keychain) of the device. The user's Data Key is encrypted with the biometric key. Upon successful biometric authentication, the key is retrieved and the user is able to decrypt their vault.
The Apple Watch Favorite feature allows the viewing of selected records on a paired Apple Watch. Keeper records must be explicitly enabled to allow viewing on the Apple Watch. A paired Apple Watch communicates with the Keeper Watch Extension that transparently runs in a sandboxed space separate from the iOS Keeper App. The Keeper Watch Extension also uses iOS Keychain to securely store and access keys to enable it to seamlessly and securely communicate with the iOS Keeper app.
Keeper DNA is a new and innovative addition to multi-factor authentication. When used with a paired Apple Watch, Keeper DNA provides a multi-factor authentication method that is unparalleled in convenience and security. Keeper DNA uses secure tokens stored in the Keeper Vault to generate time-based codes for multi-factor authentication. These time-based authentication requests can be approved and sent automatically from the Apple Watch (or Android Wear device) with a tap on the screen of the watch or entered manually by the user. Multiple layers of encryption, Touch ID and multi-factor authentication help make Keeper DNA the most elegant, secure and advanced authentication method available.
Compliance & Audits
Certified SOC 2 Compliant
Customer vault records are protected using stringent and tightly monitored internal control practices. Keeper is certified as SOC 2 Type 2 compliant in accordance with the AICPA Service Organization Control framework. SOC 2 certification helps ensure that your vault is kept secure through the implementation of standardized controls as defined in the AICPA Trust Service Principles framework.
ISO 27001 Certified (Information Security Management System)
Keeper is ISO 27001 certified, covering the Keeper Security Information Management System which supports the Keeper Enterprise Platform. Keeper's ISO 27001 certification is scoped to include the management and operation of the digital vault and cloud services, software and application development, and protection of digital assets for the digital vault and cloud services.
Keeper is GDPR compliant and we are committed to ensuring our business processes and products continue to maintain compliance for our customers in the European Union. Click here to learn more about Keeper's GDPR compliance and download data processing agreements.
Protection of Patient Medical Data
Keeper software is compliant with global, medical data protection standards covering, without limitation, HIPAA (Health Insurance Portability and Accountability Act) and DPA (Data Protection Act).
HIPAA Compliance and Business Associate Agreements
Keeper is a SOC2-certified and ISO 27001-certified zero-knowledge security platform that is HIPAA compliant. Strict adherence and controls covering privacy, confidentiality, integrity and availability are maintained. With this security architecture, Keeper cannot decrypt, view or access any information, including ePHI, stored in a user’s Keeper Vault. For the foregoing reasons, Keeper is not a Business Associate as defined in the Health Insurance Portability and Accountability Act (HIPAA), and therefore, is not subject to a Business Associate Agreement.
To learn more about the additional benefits for healthcare providers and health insurance companies, please read this entire Security Disclosure and visit our Enterprise Guide.
Keeper performs periodic pen testing with 3rd party experts including NCC Group, Secarma, Rhino Security, Cybertest and independent security researchers against all of our products and systems. Keeper has also partnered with Bugcrowd to manage its vulnerability disclosure program (VDP).
Third-Party Security Scanning & Penetration Tests
KSI is tested daily by McAfee Secure to ensure that the Keeper web application and KSI's Cloud Security Vault are secure from known remote exploits, vulnerabilities and denial-of-service attacks. McAfee Secure badges may be found on the Keeper website to verify daily testing of the Keeper website, Web application, and Cloud Security Vault.
A comprehensive external security scan is conducted monthly on the Keeper website, Keeper web application, and Keeper Cloud Security Vault by McAfee Secure. Keeper staff periodically initiate on-demand external scans through McAfee Secure.
Payment Processing and PCI Compliance
KSI uses PayPal and Stripe for securely processing credit and debit card payments through the KSI payment website. PayPal and Stripe are PCI-DSS compliant transaction processing solutions.
KSI is certified PCI-DSS compliant by McAfee Secure.
EU-US Privacy Shield
The Keeper web client, Android App, Windows Phone App, iPhone/iPad App and browser extensions have been certified Privacy Shield compliant with the U.S. Department of Commerce's EU-U.S. Privacy Shield program, meeting the European Commission's Directive on Data Protection.
For more information about the U.S. Department of Commerce U.S. Privacy Shield program, see https://www.privacyshield.gov
FIPS 140-2 Validated
Keeper utilizes FIPS 140-2 validated encryption modules to address rigorous government and public sector security requirements. Keeper’s encryption has been certified by the NIST CMVP and validated to the FIPS 140 standard by accredited third party laboratories. Keeper has been issued certificate #3967 under the NIST CMVP
U.S. Department of Commerce Export Licensed Under EAR
Keeper is certified by the U.S. Department of Commerce Bureau of Industry and Security under Export Commodity Classification Control Number 5D992, in compliance with Export Administration Regulations (EAR).
For more information about EAR: https://www.bis.doc.gov
24x7 Remote Monitoring
Keeper is monitored 24x7x365 by a global third-party monitoring network to ensure that our website and Cloud Security Vault are available worldwide.
If you have any questions regarding this security disclosure, please contact us.
Phishing or Spoofed Emails
If you receive an email purporting to be sent from KSI and you are unsure if it is legitimate, it may be a “phishing email” where the sender's email address is forged or “spoofed”. In that case, an email may contain links to a website that looks like KeeperSecurity.com but is not our site. The website may ask you for your Keeper Security master password or try to install unwanted software on your computer in an attempt to steal your personal information or access your computer. Other emails contain links that may redirect you to other potentially dangerous web sites. The message may also include attachments, which typically contain unwanted software called "malware." If you are unsure about an email received in your inbox, you should delete it without clicking any links or opening any attachments.
If you wish to report an email purporting to be from KSI that you believe is a forgery or you have other security concerns involving other matters with KSI, please contact us.
Hosting Infrastructure Certified to the Strictest Industry Standards
The Keeper website and cloud storage runs on secure Amazon Web Services (AWS) cloud computing infrastructure. The AWS cloud infrastructure which hosts Keeper's system architecture has been certified to meet the following third-party attestations, reports and certifications:
- SOC 1 / SSAE 16 / ISAE 3402
- SOC 2
- SOC 3
- PCI DSS Level 1
- ISO 27001
- FIPS 140-2
Vulnerability Reporting and Bug Bounty Program
Keeper Security is committed to the industry best practice of responsible disclosure of potential security issues. We take your security and privacy seriously are committed to protecting our customers’ privacy and personal data. KSI’s mission is to build world’s most secure and innovative security apps, and we believe that bug reports from the worldwide community of security researchers is a valuable component to ensuring the security of KSI’s products and services.
Keeping our users secure is core to our values as an organization. We value the input of good-faith researchers and believe that an ongoing relationship with the cybersecurity community helps us ensure their security and privacy, and makes the Internet a more secure place. This includes encouraging responsible security testing and disclosure of security vulnerabilities.
Keeper's Vulnerability Disclosure Policy sets out expectations when working with good-faith researchers, as well as what you can expect from us.
If security testing and reporting is done within the guidelines of this policy, we:
- Consider it to be authorized in accordance with Computer Fraud and Abuse Act,
- Consider it exempt from DMCA, and will not bring a claim against you for bypassing any security or technology controls,
- Consider it legal, and will not pursue or support any legal action related to this program against you,
- Will work with you to understand and resolve the issue quickly, and
- Will recognize your contributions publicly if you are the first to report the issue and we make a code or configuration change based on the issue.
If at any time you are concerned or uncertain about testing in a way that is consistent with the Guidelines and Scope of this policy, please contact us at firstname.lastname@example.org before proceeding.
To encourage good-faith security testing and disclosure of discovered vulnerabilities, we ask that you:
- Avoid violating privacy, harming user experience, disrupting production or corporate systems, and/or destroying data,
- Perform research only within the scope set out by the Bugcrowd vulnerability disclosure program linked below, and respect systems and activities which are out-of-scope,
- Contact us immediately at email@example.com if you encounter any user data during testing, and
- You give us reasonable time to analyze, confirm and resolve the reported issue before publicly disclosing any vulnerability finding.
Submitting a Report
Keeper has partnered with Bugcrowd to manage our vulnerability disclosure program.
Please submit reports through [https://bugcrowd.com/keepersecurity].