AES 256

SurePassID Universal MFA uses military-grade encryption to secure all secret data, including data at rest.


Advanced Encryption Standard (AES) is a specification for the encryption of electronic data established by the U.S. National Institute of Standards and Technology (NIST). AES is a symmetric-key algorithm, meaning the same key is used for both encrypting and decrypting the data. View the NIST specification of AES here.

AES is the only publicly-accessible cipher approved by the U.S. National Security Agency (NSA) for top secret information when used in an NSA-approved Hardware Security Module (HSM).

How SurePassID uses AES 256

All secret data in the SurePassID Universal MFA platform, including data at rest, is encrypted with AES 256 symmetric encryption keys. By default these symmetric encryption keys are protected by PKI infrastructure.

Alternatively, the SurePassID Universal MFA platform can use a FIPS 140-2 Host Security Module (HSM, identical to a Hardware Security Module).

If required for overseas deployment, an export-grade cipher (i.e. one based on 40-bit cryptography) can be substituted for AES 256.

Maximize Security

AES 256 encryption of secret data ensures that you can securely deploy SurePassID Universal MFA anywhere.

Comply With Requirements

Defense, aerospace, and financial companies require AES 256 encryption for compliance. SurePassID automatically provides it.

Reduce Costs

Implementing end-to-end AES 256 encryption can be costly. SurePassID Universal MFA makes it universal – by default.

Ready to experience the SurePassID difference?

Contact us and bring our MFA expertise to bear on your unique requirements. Or begin our free trial and see how easy it is to secure your universe with SurePassID Universal MFA.

Contact Us
Start Your Free Trial