Arxan Technologies


Arxan Technologies is an American technology company specializing in anti-tamper and digital rights management for Internet of Things, mobile, and other applications. Arxan's security products are used to prevent tampering or reverse engineering of software, thus preventing access or modifications to said software that are deemed undesirable by its developer. The company reports that applications secured by it are running on over 500 million devices. Its products are used across a range of industries, including mobile payments & banking, automotive, healthcare and gaming.

History

Arxan is privately held and private equity-backed. In the fall of 2013, TA Associates, a private equity firm, completed a majority investment in Arxan Technologies. Previously, the company received Series B funding in 2003, followed by $13 million in Series C funding in 2007 and a Series D funding of $4 million in 2009. Early investors included Trident Capital, EDF Ventures, Legend Ventures, Paladin Capital, Dunrath Capital, TDF Fund and Solstice Capital.
Arxan was founded in 2001 by Eric Davis and Purdue University researchers, Mikhail Atallah, Tim Korb, John Rice and Hoi Chang. The first funding came from Richard Early and Dunrath Capital. Rich Early subsequently became Arxan's first CEO. The company's early intellectual property was licensed from Purdue University. The company's initial focus was on defense anti-tamper applications. Following the sale of its defense technology unit, Arxan Defense Systems, to Microsemi in 2010, Arxan focused on commercial applications.
In April 2020, Arxan Technologies joined CollabNet VersionOne and XebiaLabs to form Digital.ai, a software company with the stated aim of 'pulling software development, business agility and application security into a single platform'.

Products

Arxan offers a number of Anti-Tamper Software products for application and cryptographic key protection. These include:
In May 2012, the company announced comprehensive support for Android application protection and hardening against tampering and piracy. In June 2014, Arxan announced that its mobile application protection offerings will be sold by IBM as part of IBM's portfolio of security products.
Arxan's products are based on patented security techniques for code hardening, tamper-proofing, key security and node locking. The core technology consists of a multi-layered, interconnected network of Guards that each perform a specific security function and are embedded into application binaries to make programs tamper-aware, tamper-resistant, and self-healing. The company claims a three-layer protection paradigm of defend, detect and react as a differentiating approach.
By detecting when an attack is being attempted and responding to detected attacks with alerts and repairs, this protection helps secure software against hacking attacks and threats such as:
Arxan's IoT products insert the anti-tamper protection into the firmware of the device itself, causing parts of the code to continually check eachother for integrity. If any tamper attempt is detected, Arxan's product can either attempt to restore the code to its original form, stop the firmware from running entirely, send a notification to the developer or any combination of the three.

DRM

Its DRM solutions have been compared to their competitor Denuvo, with both working to provide a layer of anti-tamper security on top of already existing copy protection mechanisms added by the developer. This results in a multi-layered approach in which the original DRM software protects the software from unauthorized copying, modification or use, while Arxan prevents any attempt to remove or alter said protection. However, much like with Denuvo's application of it, this approach has also been criticised for increasing the use of system resources. Arxan has previously expressed strong confidence that its DRM solutions would not be cracked, but in fact cracks or bypasses for Arxan products have been shown to exist; in one example Zoo Tycoon Ultimate Animal Collection was successfully cracked in 2018 while using a five-layer approach featuring UWP, XbLA, MSStore, EAppX and Arxan protection simultaneously. Several more bypasses of Arxan's protection have since emerged in 2018 and 2019, with Arxan-protected Gears 5 being cracked by a scene group less than two weeks following its original release.

Media and awards