Badgeo FIDO2 + QSCD
Badgeo FIDO2 + QSCD is a contact smart card with middleware. It is designed for FIDO and PKI applications. It is compatible with FIDO2 (CTAP 2.1) and FIDO U2F standards, and uses an eIADS QSCD (Qualified electronic Signature Creation Device) certified PKI applet. It meets European security requirements (eIDAS, QSCD, PSD2, etc.). It provides both strong authentication on the Web and in the Cloud, and a qualified electronic signature. It offers all professionals high security solutions that are easy to deploy.
Smart card / Applet
Contact smart card (ISO 7816) / eIDAS QSCD-certified PKI applet / FIDO2 (CTAP 2.1) + FIDO U2F compatible applet
Smart card certified common criteria EAL6+
Easy to use and to deploy
(no software installation on the client workstation)
Highest level of security
(protection against phishing and preservation of electronic document integrity)
Badgeo FIDO2 + QSCD is a contact smart card manufactured in Europe. It integrates a certified eIDAS QSCD PKI applet, as well as the FIDO2 (CTAP 2.1) and FIDO U2F standards of the FIDO Alliance (Fast Identity Online). The FIDO protocol is based on asymmetric cryptographic architectures. It involves the use of a private/public key pair, with the private key always remaining on the Badgeo FIDO2 + QSCD card. The FIDO2 standard offers secure authentication without the need for a password. Simply insert the Badgeo FIDO2 + QSCD smart card into your PC or contact smart card reader and enter your PIN to authenticate and and open your session. In this way, the smart card easily replaces your password.
It is compatible with Windows 10 / 11 and Azure Active Directory (Azure AD). It also supports the FIDO U2F standard, enabling double authentication on online accounts such as social networks, webmails, e-commerce sites and online banking services.
In addition, Badgeo FIDO2 + QSCD incorporates a certified Common Criteria EAL6+ smart card component. The FIDO protocol ensures strong and secure authentication by leveraging the FIDO smart card as an authentication device, thereby enhancing the security of online accounts against phishing attacks. The eIDAS-qualified electronic signature guarantees the authenticity of the author, the integrity of the signed document, as well as its non-repudiation, in accordance with European standards and regulations regarding electronic signatures.
With Badgeo FIDO2 + QSCD, users benefit from high-quality logical security solutions as well as an extremely reliable qualified electronic signature solution, while remaining user-friendly.
Features
Smart card(s)
Certified Common Criteria EAL6+
Contact ISO/IEC 7816
Contactless ISO 15693 with DESFire EV3 (option)
Credential number limited by available persistent memory (256 to 512 bytes per credential)
FIDO2.0 / FIDO2.1 features
Online services that natively integrate the FIDO2 standard: Microsoft Azure Active Directory (Azure AD), Windows 10 / 11…
- signature-algorithm:
ECC NIST P-256 / SECG secp256r1 (256 bits) - Options :
clientPIN, PIN protocol 1 and PIN protocol 2
– PIN length between 4 and 63 bytes
– PIN try limit set to 8. After 8 unsuccessful tries, the authenticator must be reset
– No default value
ep – Enterprise Attestation (personalization option)
All supported options and extensions (pinUvAuthToken, authnrCfg, largeBlobs…) - Extensions :
credProtect
hmac-secret
credBlob (personalization option)
largeBlobKey (personalization option)
minPinLength (personalization option)
QSCD features
- Crypto-algorithms:
RSA 2K (2048 bits)
RSA 3K (3072 bits)
RSA 4K (4096 bits)
ECC NIST P-256 / SECG secp256r1 (256 bits)
ECC NIST P-384 / SECG secp384r1 (384 bits)
ECC NIST P-521 / SECG secp521r1 (521 bits) - Options :
PIN
– PIN length between 5 and 15 bytes
– PIN try limit set to 3
PUK
– PUK length between 5 and 15 bytes
– PUK try limit set to 3
Supported operating systems and browsers
Operating Systems:
– QSCD : Windows, Mac and Linux
– FIDO: Windows
Browsers: Chrome, Chromium, Vivaldi, Opera, Mozilla Firefox, Microsoft Edge (via WebAuthn/FIDO2 CTAP)
Associated optional services
- Graphical customization: logo, photo, name, unique number…
- Physical access with DESFire EV3 (ISO 15693)
Size / Weight
Format ID-1: Length 85.60 mm / Width 53.98 mm / Thickness 0.76 mm / Weight 5g