Badgeo NFC FIDO2
Badgeo FIDO2 is a contactless/NFC smart card compatible with FIDO2 and FIDO U2F standards and certified FIDO2 L2. It provides a strong and simplified authentication solution for the web and the cloud. It offers all professionals easy-to-deploy security solutions in both mobile and desktop environments.
Smart cards
Contactless ISO/IEC 14443-A, DESFire EV2 and/or ISO 15693
Credential generation, management and storage inside the smart card
Easy to use and to deploy
No software installation required
Anti-phising protection
In order to replace vulnerable SMS, OTP or TOTP solutions
Badgeo NFC FIDO2 is a contactless/NFC smart card, designed and manufactured in Europe. It supports the FIDO2 (CTAP 2.1) and FIDO U2F standards from the FIDO Alliance (Fast Identity Online) and is certified FIDO2 L2.
The FIDO protocol is based on asymmetric cryptographic architectures. It involves the use of a private/public key pair, with the private key always remaining on the Badgeo NFC FIDO2 smart card. The FIDO2 standard offers secure authentication without the need for a password. Simply tap the Badgeo NFC FIDO2 smart card on your PC or smartphone and enter your PIN to authenticate and and open your session. In this way, the smart card easily replaces your password.
It is compatible with Windows 10 / 11 and Microsoft Entra ID. It also supports the FIDO U2F standard, enabling double authentication on online accounts such as social networks, webmails, e-commerce sites and online banking services. In addition, Badgeo NFC FIDO2 incorporates a certified Common Criteria EAL6+ smart card component.
The FIDO protocol ensures strong and secure authentication by leveraging the FIDO smart card as an authentication device, thereby enhancing the security of online accounts against phishing attacks.
Badgeo NFC FIDO2 thus allows users to benefit from high-quality security solutions with maximum protection against phishing and password theft.
Features
Interface(s)
• Contactless ISO/IEC 14443-A & DESFire EV2/EV3
• Contactless options / NFC : ISO 15693 and 125 KHz
Smart card(s)
Certified Common Criteria EAL6+
Wide compatibility
• Windows 10/11 with Microsoft Entra ID and over 250 online services such as Gmail, Paypal, OVH, WordPress, Dropbox
• Identity federations such as Evidian, Ilex, Okta, Ping Identity
Supported operating systems and browsers
Supported operating systems: Windows, Android, iOS
Browsers: Chrome, Edge, Firefox, Safari
FIDO2.1 features
• credProtect
• hmac-secret
• Resident keys (rk) – Detectable credential
– Maximum number limited by an available persistent memory (200 to 512 bytes per credential)
• User PIN, PIN 1 and PIN 2 protocols
– PIN length between 4 Unicode characters and 63 bytes
– PIN try limit set to 8. After 8 unsuccessful tries, the authenticator must be reset.
– No default value
– Management of specific PIN policies
• Customization options:
– credBlob
– largeBlobKey
– noMcGaPermissionsWithClientPin
– largeBlobs
– minPinLength
– pinUvAuthToken
– ep – Enterprise Attestation
– authnrCfg
– credMgmt
– setMinPINLength
– makeCredUvNotRqd
– alwaysUv
Supported signature-algorithm
ECC P-256 (secp256r1)
Associated optional services
Graphical customization: logo, photo, name, unique number…
Size / Weight
• Length 85.6 mm / width 54 mm / height 0.76 mm
• Weight: 5 g