Badgeo Dual FIDO2
Badgeo Dual FIDO2 is a dual-interface smart card (contact and contactless/NFC) compliant with FIDO2 (CTAP 2.1) and FIDO U2F standards and certified FIDO2 L2. It enables strong and streamlined authentication for web and cloud services. It provides professionals with security solutions that are easy to deploy in both mobile and desktop environments.
FIDO2 (CTAP2.1) compatible contact and contactless/NFC smart card
Credential generation, management and storage inside the smart card
Easy to use and to deploy
No software installation required
Anti-phising protection
(in order to replace vulnerable SMS and OTP solutions)
Badgeo Dual FIDO2 is a dual-interface smart card (contact and contactless/NFC), designed and manufactured in Europe. It supports the FIDO2 (CTAP 2.1) and FIDO U2F standards from the FIDO Alliance (Fast Identity Online) and is certified FIDO2 L2.
The FIDO protocol is based on asymmetric cryptographic architectures. It involves the use of a private/public key pair, with the private key always remaining on the Badgeo Dual FIDO2 smart card. The FIDO2 standard offers secure authentication without the need for a password. Simply insert the Badgeo Dual FIDO2 smart card into your PC or tap it on your PC or smartphone and enter your PIN to authenticate and and open your session. In this way, the smart card easily replaces your password.
It is compatible with Windows 10 / 11 and Microsoft Entra ID. It also supports the FIDO U2F standard, enabling double authentication on online accounts such as social networks, webmails, e-commerce sites and online banking services. In addition, Badgeo Dual FIDO2 incorporates a certified Common Criteria EAL6+ smart card component.
The FIDO protocol ensures strong and secure authentication by leveraging the FIDO smart card as an authentication device, thereby enhancing the security of online accounts against phishing attacks.
Badgeo Dual FIDO2 thus allows users to benefit from high-quality security solutions with maximum protection against phishing and password theft
Features
Interface(s)
• Contact ISO/IEC 7816
• Contactless ISO/IEC 14443-A & DESFire EV2/EV3
• Contactless options / NFC : ISO 15693 and 125 KHz
Certifications
- Java Card™ smart card certified Common Criteria EAL6+
- FIDO2 L2 certification
- “Cybersecurity Made in Europe” label
Wide compatibility
• Windows 10/11 with Microsoft Entra ID and over 250 online services such as Gmail, Paypal, OVH, WordPress, Dropbox
• Identity federations such as Evidian, Ilex, Okta, Ping Identity
Supported operating systems and browsers
Supported operating systems: Windows, Android, iOS
Browsers: Chrome, Edge, Firefox, Safari
FIDO2.1 features
• credProtect
• hmac-secret
• Resident keys (rk) – Detectable credential
– Maximum number limited by an available persistent memory (200 to 512 bytes per credential)
• User PIN, PIN 1 and PIN 2 protocols
– PIN length between 4 Unicode characters and 63 bytes
– PIN try limit set to 8. After 8 unsuccessful tries, the authenticator must be reset.
– No default value
– Management of specific PIN policies
• Customization options:
– credBlob
– largeBlobKey
– noMcGaPermissionsWithClientPin
– largeBlobs
– minPinLength
– pinUvAuthToken
– ep – Enterprise Attestation
– authnrCfg
– credMgmt
– setMinPINLength
– makeCredUvNotRqd
– alwaysUv
Supported signature-algorithm
ECC P-256 (secp256r1)
Associated optional services
Graphical customization: logo, photo, name, unique number…
Size / Weight
• Length 85.6 mm / width 54 mm / height 0.76 mm
• Weight: 5 g