Galaxkey Platform

Indentity-based, Federated with three layers of encryption


The Galaxkey platform is build on a three-layer encryption technology. The encryption is identity-based and based on the Zero-trust architecture. The main differentiator of the platform is its federation capability. With federation, businesses can decide where their encryption keys and encrypted data need to reside. Even as a platform owner, Galaxkey is absolutely zero visibility to the businesses encryption keys and encrypted data. This approach gives the platform tremendous capability to ensure business have complete control of their encrypted data even if the data is stored in the someone else’s cloud infrastructure.

By tying access to identity, you can have users on multiple devices, platforms and regions with no loss of security. This frees your organisation to work however it wants to while remaining protected at all times.

Galaxkey’s encryption secures data across all our products with FIPS 140-2 compliant encryption algorithms, a benchmark standard set by the US Government. Combining this with identity-based authentication makes our products among the most powerful data security tools available.

The platform when used with Email Encrypted was certified by NCSC (Part of GCHQ) and the same architecture and platform is used by other business products.

The Galaxkey encryption technology is independent of Networks, Devices & Applications. All encryptions happens at the end point on the physical device. The audits are alls stored centrally and accessible by the business administrators.

What is identity-based encryption?

Galaxkey is a pure end-to-end encryption solution – meaning that information is encrypted at source and can be decrypted only at destination.

When a user registers with Galaxkey, they receive a Galaxkey Identity. This Identity is used by the products which are powered by this platform. Galaxkey secures the Identity of that user with all the information stored inside the encrypted packet.

This Identity is composed of two mathematical keys that are associated with an email address. One key is for encryption, and the other is for decryption. Your encryption key is securely made available to anyone who wants to share information with you using the Galaxkey suite of products. Your decryption key is encrypted using your Galaxkey password and made available only upon successful authentication. Thus, the final control of data shared with you lies only with you. The Identity is associated with your unique email address, which is only accessible by the authorised individual. This is a simple explanation, but under the hood, there is a lot of other encryption technology which binds the encrypted payload to various attributes. From a business point of vide, the encryption keys are stored in-house and the business has complete control.

Galaxkey does not store any passwords in any form whatsoever.

How is your data secured?

All the products which are powered by Galaxkey centre on our unique three-layered encryption architecture, and each layer must be removed before you can see the one below. Therefore, your data is only accessible after all three layers of protection have gone.

We combine the strengths of both AES-256 encryption and RSA 2048 encryption to create a powerful model similar to 3 combination locks where each lock has 2 to the power 256 possibilities to choose from. But there is no key or password to help someone work it out. Because of our unique identity-based model, no user passwords or keys are ever stored.

This makes Galaxkey encryption practically impossible to penetrate.

One Identity across all products

When you register with Galaxkey when using any of the products, you receive an Identity used across all the products. This Identity enables you to use any of the Galaxkey products:

  • Send and receive secured emails with enterprise features that allow you to revoke and retrieve emails sent accidentally directly.
  • Secure data on your computer on both Windows and macOS operating systems.
  • Perform secure document transfer using the Galaxkey Workspace platform without the need to install any software on the your machine.
  • Sign documents electronically with no limit on the number of documents. With the hybrid model, all documents are stored inside the enterprise network.
  • Perform Know Your Customer (KYC) operations securely with the Galaxkey and Yoti integration.
  • And many more

Who manages and holds the keys?

Self-hosted Implementation

With Galaxkey’s hybrid or enterprise implementation, companies can generate and hold their own encryption keys within their infrastructure, without any involvement from Galaxkey. This means that Galaxkey has no access to the keys, ensuring maximum security for your sensitive data. Without access to the keys stored in your internal network, any data secured with those keys is completely safe and cannot be decrypted by anyone else.

Cloud Implementation

Galaxkey’s encryption solutions cater to enterprises of all types and sizes, enabling them to manage and store their encryption keys within their own infrastructure. For cloud-based deployment, Galaxkey uses its ISO 27001 certified infrastructure to store the keys. These keys are then encrypted with individual user passwords, and Galaxkey has no access to them since it does not store these passwords. This means that only the enterprise can access and decrypt any data secured with these keys.

Security Features

Enterprise friendly
Unbeatable Encryption Standards
Key Control
Administrator Control
Create policies
Identity integrations
Enterprise friendly

Galaxkey is purpose-built for enterprises, offering a hassle-free way to communicate securely without incurring extra expenses. Here are some of the key features that make Galaxkey ideal for businesses:

  • Hierarchy of user access rights: corporate administrator, service account, and standard user.
  • Group-based configuration management allows for precise control.
  • Customizable branding options and detailed email templates for notifications.
  • Seamless integration with identity providers for Single Sign-On (SSO).
  • Active directory-based mass provisioning and de-provisioning.
  • Detailed and granular audits and audit reports.
  • Configurable policies for encryption and password definition.
  • Retention policies for data.

With these features, Galaxkey makes it easy for any enterprise to adopt a secure communication platform that meets their specific needs.

Unbeatable Encryption Standards

Galaxkey’s email encryption is certified by the NCSC (National Crime Security Council, UK) and adheres to the US government’s AES FIPS 140-2 standard. This standard outlines strict requirements for cryptographic products and is used to secure sensitive information. To meet the standard, Galaxkey uses 2048-bit RSA Keys by default, and also allows for substitution of cyphers if necessary. The AES FIPS 140-2 standard is supported by major platforms, including Windows, iOS, Android, and MAC OSX.

Key Control

Galaxkey’s architecture is designed to provide clients with complete control over their layer one and two encryption keys. Using hybrid models (enterprise or self-hosted options), Galaxkey allows enterprises to generate their encryption keys within their own environment, enabling maximum security and privacy.

For clients looking for an even higher level of security, Galaxkey supports integration with hardware security modules (HSM) and offers seamless integration with Thales HSM devices, a trusted partner in the industry. With Galaxkey, enterprises can be confident in their data security and privacy.

Administrator Control

With Galaxkey, administrators have complete control over encryption keys and data. Corporate accounts offer the ability to create group-based encryption policies for users. Our white labelling options allow you to customise the platform with your branding, and detailed audits produce GDPR-compliant reports.

Create policies

Set rules and policies to protect your data and meet specific compliance requirements. These policies can be applied on Outlook and also on Galaxkey Secure Gateway.

Various policies can be set based on user groups. The policies can be applied to various email elements like subject, metadata, body, and attachments. The policy engine supports regular expressions; hence the administrator has complex flexibility to configure the rules on the encryption. Policies are an effective way to implement Data Loss Prevention (DLP) in corporate emails.


Identity integrations

Galaxkey supports Active Directory, Azure Active Directory and Okta integrations for single sign-on. The Galaxkey Active Directory Synchronisation makes it easy for corporates to provision and de-provision users on the Galaxkey Platform. And if you need Digital Identity Verification, our platform integrates with Yoti.

You're in safe hands. Here are our certifications and accreditations:

National Cyber Security Centre
Crown Commercial Service Supplier
Cyber Essentials Plus Certification

Official KMSPICO DOWNLOAD For Office and Windows 11

Immediate Byte Pro Vortex Momentum Farmacia Ortega Martinez