The KAYMERA 360° solution is based on hardened, off the shelf smartphone devices, installed with a proprietary secured version of the Android OS and backed by a secured communication and content management infrastructure with the ability to effectively protect against a wide range of mobile threats while providing maximum usability and standard smartphone functionality.

1.1        Solution Key-Benefits

The solution Key-Benefits includes the following:

• Seamless integration into the phone native Android OS, providing ultimate security with maximum usability and transparency.
• Total protection against voice, text and data communication interception as well as Trojan Attacks, MITM attacks, Applications accessing private/confidential information or physical extraction of data in cases of loss/theft/unauthorized physical access.
• Seamless network signature, standard “off-the-shelf” high end devices.
• Data leakage prevention
• Real time device risk and security posture monitoring
• Organizational mobile security management system

1.2        Solution High-Level Architecture

The solution High-Level Architecture is described in Figure 1.

Figure 1: KAYMERA Solution High-Level Architecture

 

2           KAYMERA 360° Solution Description

This section describes the solution components and specifications.

2.1        KAYMERA OS – The End-User Device

The end user device is based on the KAYMERA OS, a highly secured operating system, built from the bottom up to maximize device protection with highest standards of usability as provided by the stock Android platform.

2.1.1      Device Protection

The device is protected from all known attack capabilities, including:

• Network Interception: All voice, SMS and internet communications are protected.
• WiFi: protected from interception, data manipulation and infection.
• Data extraction: protected from physical extraction means.
• Trojan horses (APTs) and Malware attacks: full permission control policy over an hardened OS.

2.1.2      Risks Detection

When the device is under attack or in a risky environment, real time alerts will notify the user on its mobile device, with optional suggested mitigation. This will allow the user to identify when his device is under attack and act accordingly.

Integration with SOC and SIEM solutions is available as an optional item through KAYMERA API.

2.1.3      Maximizing usability

The KAYMERA OS is available on a set of high-end devices. Currently supported models: LG Nexus X5, Huawei Nexus P6 and Google Pixel/Pixel XL.

The KAYMERA OS keeps the highest standards of usability by using the latest versions of the Android OS platform. By that, KAYMERA OS allows you with:

• Stock Android Experience.
• No pre-installed vendor bloatware.
• Support for latest versions through Secured Off-the-Air (OTA) updates from KAYMERA.

Figure 2: Google Pixel with KAYMERA OS

2.2        KAYMERA Management Application (Optional)

The KAYMERA Management Application allows IT and Security Managers with complete control over the end-users’ mobile environment for mobile security purposes, including:

• System management console with multi-tenancy support
• Full network monitoring and device management
• Enforcement of the organization risk policies
• Reports generation

Figure 2: KAYMERA 360° Management Interface

2.3        Technical Specifications

The KAYMERA 360° Technical Specifications are described in Table 1 below.

Table 1: KAYMERA 360° Technical Specifications

Item	Description
SECURED DEVICE		§ High-end off-the-shelf Android smartphone in accordance with KAYMERA supported devices list. § Encrypted storage securing data-at-rest. § Protection against physical extraction of data. § Remote wipe. § Remote device locking.
SECURED COMMUNICATION		§ Strongly encrypted voice calls in highest quality. § Integrated encrypted messaging: immediate messaging, secure attachment sharing and time limited self-destructing messages. § Always-on persistent VPN. § PKI cryptosystem stored in a hardware protected keystore. § Robust encryption framework leveraging 2048 bit RSA cryptosystem with AES 256bit symmetric session keys.
SECURED OS		§ The core of KAYMERA’s robust layered defense system: Encrypt, Protect, Prevent, Detect. § Resource control framework for prevention of data leakage and misuse of device resources. § Immune to advanced persistent threats and malware.
DEVICE MANAGEMENT FRAMEWORK		§ Centralized mobile device security management framework. § Manage and enforce app permissions, security protocols and policies on a corporate, group and device level. § Dashboard view of threat and device activity in the network. § Real time security posture and risk level assessment and deployment of countermeasures.
PERSONAL SECURITY		§ Sensors that monitor and alert in real-time on device penetration attempts and Man-in-the-middle attacks. § Embedded personal alarm system (Panic Mode).

2.4    Solution Components

The solution main components are described in Error! Reference source not found..

Table 2: Solution Main Component

Item	Description
Kaymera OS based Smartphone	§ End user handset § A predefined set of supported mobile devices installed with KAYMERA’s proprietary secured version of the Android OS – the Secured Kaymera OS.
Management	§ System management console with multi-tenancy support § Enables full network monitoring and device management § Enforcement of organization and risk policies § Reports Generation
Secured PBX Server	§ Handles secured communication from and to Kaymera devices connected to the virtual network § Provides the ability to communicate to non-secured devices seamlessly from the KAYMERA devices in a semi-secured manner by terminating encryption on the Secured VoIP infrastructure‘s end and continuing through open cellular or landline channel using SIP Trunk Services § Enables integration into commercial IP based organizational landline PBX systems
Secured Media Proxy Servers	§ Provides a high quality of service for VoIP based conversations for wide GEO coverage. § Bridges multiple devices connected to different networks in different GEO locations § Improves system scalability and communication performance § Provides global functionality of network secured communication with best performance and quality in mind.
Secure Data Gateway	§ Manages and balances secure data connection across all secured devices § Enables high availability and best usage of bandwidth and infrastructure.

2.5        Requirements for Software as a service (SaaS) implementation

KAYMERA will provide a secured mobile device solution to be used by the customer in a software as a service structure, leveraging KAYMERA’s existing supporting infrastructure. The KAYMERA supporting infrastructure will be served by KAYMERA and will be specifically configured to serve the Customer requirements according to project scope, in a Software-As-A-Service structure.

KAYMERA will provide the software licenses, software and HW components, implementation services, configuration and support required for the setup of the Infrastructure, based on the purchased KAYMERA solution scope.

2.5.1      Handset Devices Licenses

KAYMERA will provide the licensing, software and installation of the secured Kaymera OS through the modification of Customer’s pre-owned supported Android devices (the Devices) which shall be connected to the Infrastructure which shall be hosted and managed by Kaymera. For the avoidance of any doubt, the Customer is responsible for purchasing and for providing the Devices to KAYMERA as part of the project scope setup phase and following KAYMERA’s specifications, in order for Kaymera to modify and setup the system on behalf of the Customer.

2.5.2      Infrastructure, System Connectivity and Hosing Services

KAYMERA expert will setup and connect customer’s modified Devices to the KAYMERA infrastructure, which will be setup and configured accordingly. The supporting Infrastructure will be built, managed and owned by KAYMERA, in a hosted Software-As-A-Service structure.

2.5.3      SaaS Implementation Requirements

The Customer requirements for SaaS implementation are described in Table 3.

Table 3: SaaS Implementation Requirements

	Item	Description
	Supported mobile devices	Customer owned, following KAYMERA’s supported devices guidelines.
	SIM cards and subscription	SIM cards with best quality postpaid 3G/LTE accounts per device, with unlimited data plan.

3           Pricing Information

This section describes the pricing information of the proposed solution for Software as a Service (SaaS) implementation model.

• All prices do not include shipment, VAT, customs or any other tax.
• All Prices are in USD.
• The proposal validity is until April 30, 2017.
• Mobile devices are not provided by KAYMERA.
• Minimum contract term commitment will be no less than 2 years.

3.1        Price

The total price for the proposed solution is 3,600 USD for the duration of 1 year.

3.1.1      Price Breakdown

KAYMERA SaaS Model Price Breakdown is described in Table 4.

Table 4: SaaS Model Price Breakdown

Item	Number of licenses	Monthly price	Total Price (USD)
End-User KAYMERA OS Software License	3	100 USD	3,600 USD for a 1 – year license
Professional Service
Support Services	§ KAYMERA OS device installation § Over-the-air OS Upgrades and updates § Customer support over e-mail/phone § Configuration adjustments § Management training (If applicable)		Included

3.1.2      Optional Items

Optional items pricing breakdown is described in Table 5.

Table 5: Optional Items

Optional Items
Management Console on Kaymera Cloud	Management Interface access, single seat license, single concurrent session, annual fee	5000 USD per year
Management Console on a Private cloud for Fiscalia	Management Interface access, single seat license, single concurrent session, annual fee	25,000 USD per year
Set up Fee (In case a cloud management solution is required)		10,000 USD
Mobile device hardware	Nexus 5X / Nexus 6P / Pixel/Pixel XL	500 / 700 / 900/1100 USD per device

4           Additional Terms and Conditions

 

1. The implementation scope will be delivered within 30 business days from reception of payment.

 

2. Customer Obligations:
   1. The customer shall own the mobile devices and provide them for KAYMERA to modify.
   2. The customer will provide an active SIM card per device with sufficient data, voice and SMS plans.

 

3. Proprietary and Confidential Information:
   1. The Customer is required to keep any confidential information of the Company in strict confidence and not to disclose it to any third party without the prior written consent of the Company.
   2. The terms of this proposal are confidential.

 

4. Product Use and Software Licenses
   1. All the intellectual property rights with respect to the products and services, including, but not limited to, all patents, trademarks, copyrights, service marks, trade names, technology, know how, moral rights and trade secrets, all applications for any of the foregoing, and all permits, grants and licenses or other rights relating to the products and services are and shall remain the sole property of the Company or its affiliates (as applicable).
   2. The software and the documentation are owned by KAYMERA and/or its affiliates and/or its suppliers and are protected by patent, trade secrets, trademarks, and copyright laws and international treaty provisions. To the extent applicable following the execution of the purchase and service agreement, KAYMERA will grant to Customer, a non-exclusive and non-transferable limited license to use the software.

 

5. Taxes:
   1. The prices in this proposal do not include any customs, duties, value added tax or any other assessments which may be levied by the relevant authorities. Any such amounts, whether withheld at source or otherwise, will be paid by the Customer. In order to avoid any doubt, in the event that taxes are withheld, then such withholding taxes shall be added to the payment due to KAYMERA, and the proposal price shall be grossed up to include such taxes.

 

6. Limitation of Liability:

Regardless of whether any remedy herein fails of its essential purpose, in no event will KAYMERA be liable for damages for lost information, lost savings, lost profits or business interruption, any indirect, incidental, special or consequential damages arising out of or relating in any way to this proposal, the products and the use thereof, or any services, , whether alleged as a breach of contract or tortious conduct, even if the other party has been advised of the possibility of such damages. In no event will KAYMERA be liable in damages or otherwise in excess of purchase price set forth in the proposal.