v1.0 PKard Toolkit for Android secure app development environment

The royalty free PKard® Toolkit for Android is commercial US software that supports secure Android tablet and smartphone app development for in-house and Independent Software Vendors (ISVs).  New apps participate in a secure Android app ecosystem. PKard for Android is based on the market leading PKard for iOS community including well over twenty thousand early adopters -- the largest production group in the market.

The Toolkit is specifically built for rapid secure mobile development, where many apps need to cooperate seamlessly with readers and cards.  PKard for Android provides a secure browser and an authentication agent that coordinates the reader and card access between multiple PKard-enabled apps. The kit builds upon the well-known Java Cryptographic Extension (JCE) and Java Secure Socket Extension (JSSE) for rapid development and maintenance allowing developer's a high degree of code reuse for cryptography and PKI features. The toolkit includes a validated FIPS 140-2 build of openSSL which is used for all cryptographic operations. Thursby sponsored and assisted the OpenSSL Project in achieving the world’s first FIPS / NIST 140-2 validation for iOS back in 2012, later extended to Mac OS X and Android. 


  • Royalty-free license for redistribution and use in binary forms
  • Android 5.0 or higher
  • Device agnostic - any micro USB equipped Android tablet or smartphone with host-mode support
  • Card reader agnostic - supports USB based readers that appear as a CCID device
  • Card type agnostic  - CAC, CAC Dual Persona, PIV, PIV-I and other popular card types
  • App agnostic  - access to reader hardware and cards is coordinated across multiple apps
  • Credential form-factor agnostic - including smart cards, soft tokens and derived certificates (where permitted)
  • Optional third party VPN, MAS, MAM, MDM or Samsung KNOX integration
  • Secure enterprise policy management
  • FIPS 140-2 validation, AES 256 encryption DIT (Data In Transit) and DAR (Data At Rest)
  • Mature and widely used commercial software base, an eight-year history in smart cards and tens of thousands of production users
  • Made and supported in the USA by specialists from Arlington, Texas

Android app developer requirements

  • Android tablet or smartphone equipped with Industry-standard micro USB port (host mode) and Android 4.1 or higher
  • Thursby or third party licensed smart card reader (where required)
  • Provisioned test smart card, soft or derived certificate (matched to test server logins)
  • Mac, Linux or Windows laptop or desktop with current Android SDK tools with at least platform 19 to get started

Secure policy developer requirements

  • Physical or virtual instance of Microsoft Windows 7 or higher
  • Secure mobile policies are developed under Windows and can be used for both iOS and Android


  • PKard toolkit for Apple & Android

            PKard toolkit for Apple & Android

Our history in strong security

Thursby has been delivering enterprise integration, management and security for over a quarter century, with strong security at the world’s largest user of PKI, secure web and email, the DoD, over the past decade.  Thursby were invited by Apple to harden Mac OS X for use by the US Army worldwide in 2006, extending CAC and PIV support across the US Government for GFE (government furnished equipment) workstations and laptops, as well as home users and their personal devices .   The same technology was brought to the iPad, iPhone and iOS in 2011, now live for tens of thousands of productions users, and coming to Android in early 2014, reflecting the growth in secure enterprise usage of those new mobile platforms.

Adding new smart card types

  • For a new smart card type, 95% of the stack is already in place


  • Royalty free PKard Toolkit for iOS secure app development environment - here

More information