FIDO boasts an extensive certification program which spans various aspects of the underlying standard such as functional certification or certified authenticator protection levels: https://fidoalliance.org/certification/
Despite the apparent distinction between different security levels all the way up to L3+, it is worth noting that L2 is currently the highest available level which requires evaluation and penetration testing conducted by an accredited security laboratory. Furthermore, L2 prescribes conformance with the following prerequisites and quality guidelines:
- Enhanced key management and authenticator security parameters
- Physical security
- Compliance with an Authenticator Allowed Restricted Operation Environment (AROE), e.g. ARM Trust Zone, Intel VT or TPM
- Self-test and firmware update
- Specific cryptographic algorithms providing at least 112 bits of key strength alongside confidentiality, authentication, key protection, digital signatures and random number generation
Our FIDO2 enabled Trustkey G-Series Security Keys are worldwide the only L2 certified hardware authenticators with biometric support. The hardened secure core MCU MS500 at the heart of all our FIDO2 dongles features cryptographic primitives such as AES-256, SHA-256, HMAC, GCM block cipher mode of operation, ECDSA/ECDH as well as a high-performance FIPS140-2 compliant True Random Number Generator (TRNG). The firmware is protected through Secure Boot which checks the firmware’s digital signature on every start while sensitive information such as the biometric fingerprint samples are protected at rest with the help of strong encryption where the underlying keys never leave the secure confines of an HSM or SmartCard like cryptographic co-processor.
Certification: We act responsibly
In addition to our technical expertise, sustainability and social responsibility of our company are of tremendous value to us.
Only the balanced interplay of both components enables us to deliver up-to-date technical services that meet our standards regarding sustainable and socially responsible behaviour.
Therefore, we show our commitment by undergoing yearly assessments and audits conducted by Microsoft (Gold Partner) and Ecovadis (CSR - Corporate Social Responsibility).