Badgeo KF FIDO2
Badgeo KF FIDO2 is a contactless/NFC Keyfob compatible with FIDO2 (CTAP 2.1) and FIDO U2F standards. It provides a strong and simplified authentication solution for the web and the cloud. It offers all professionals easy-to-deploy security solutions in both mobile and desktop environments.
Contactless/NFC Keyfob compatible with FIDO2 (CTAP 2.1)
Credential generation, management and storage inside the smart card
Easy to use and to deploy
No software installation required
Anti-phising protection
In order to replace vulnerable SMS solutions
Badgeo KF FIDO2 is a contactless/NFC Keyfob, manufactured in Europe. It is compatible with the FIDO2 (CTAP 2.1) and FIDO U2F standards of the FIDO Alliance (Fast Identity Online). It is FIDO L2 certified. The FIDO protocol is based on asymmetric cryptographic architectures. It involves the use of a private/public key pair, with the private key always remaining on the Badgeo KF FIDO2 Keyfob. The FIDO2 standard offers secure authentication without the need for a password. Simply tap the Badgeo KF FIDO2 Keyfob on your PC or smartphone, enter your PIN to authenticate and open your session. In this way, the Keyfob easily replaces your password.
It is compatible with Windows 10 / 11 and Microsoft Entra ID. It also supports the FIDO U2F standard, enabling double authentication on online accounts such as social networks, webmails, e-commerce sites and online banking services.
In addition, Badgeo KF FIDO2 incorporates a certified Common Criteria EAL6+ smart card component. The FIDO protocol ensures strong and secure authentication by leveraging the FIDO Keyfob as an authentication device, thereby enhancing the security of online accounts against phishing attacks.
The FIDO protocol ensures strong and secure authentication, protecting online accounts against phishing attacks.
Badgeo KF FIDO2 thus allows users to benefit from high-quality security solutions with maximum protection against phishing and password theft.
Features
Interface(s)
• Contactless ISO/IEC 14443-A & DESFire EV2/EV3
• Contactless / NFC options: ISO 15693 and 125 KHz
Certifications
- Java Card™ smart card certified Common Criteria EAL6+
- FIDO2 L2 certification
- “Cybersecurity Made in Europe” label
Wide compatibility
• Windows 10/11 with Microsoft Entra ID and over 250 online services such as Gmail, Paypal, OVH, WordPress, Dropbox
• Identity federations such as Evidian, Ilex, Okta, Ping Identity
Supported operating systems and browsers
Supported operating systems: Windows, Android, iOS
Browsers: Chrome, Edge, Firefox, Safari
FIDO2.1 features
• credProtect
• hmac-secret
• Resident keys (rk) – Detectable credential
– Maximum number limited by an available persistent memory (200 to 512 bytes per credential)
• User PIN, PIN 1 and PIN 2 protocols
– PIN length between 4 Unicode characters and 63 bytes
– PIN try limit set to 8. After 8 unsuccessful tries, the authenticator must be reset.
– No default value
– Management of specific PIN policies
• Customization options:
– credBlob
– largeBlobKey
– noMcGaPermissionsWithClientPin
– largeBlobs
– minPinLength
– pinUvAuthToken
– ep – Enterprise Attestation
– authnrCfg
– credMgmt
– setMinPINLength
– makeCredUvNotRqd
– alwaysUv
Supported signature-algorithm
ECC P-256 (secp256r1)
Associated optional services
Graphical customization: logo, photo, name, unique number…
Size / Weight
• Length 45.5 mm / width 36.5 mm / height 5.5 mm
• Weight: 11 g