Winkeo-C FIDO2
Winkeo-C FIDO2 is a USB Type-C security key that enables strong and multi-factor authentication with online services and applications from fixed and mobile terminals (PCs, smartphones and tablets). It complies with the FIDO2 (CTAP 2.0) and FIDO U2F specifications. It is FIDO2 Passwordless authentication compatible. It offers a very high level of security and protects your access from “phishing” attacks or password theft.
USB-C security key compatible with FIDO2 (CTAP 2.0)
Credential generation, management and storage inside the smart card
Easy to use and to deploy
(no software installation on the client workstation)
Anti-Phishing protection
(in order to replace vulnerable solutions based on one-time passwords or OTP)
The FIDO2 and FIDO U2F standards rely on architectures based on asymmetric cryptography and electronical certificates. The FIDO2 standard allows you to authenticate yourself without a password in complete security. Winkeo-C FIDO2 easily replaces your Windows 10 / 11 password. You have just to insert the USB key, enter your PIN and you are connected (natively integrated into Microsoft Azure Active Directory / Azure AD and Windows 10 / 11). The FIDO U2F standard enables double authentication to online accounts: social networks, webmails, e-commerce sites, online banks…
Moreover, the security key contains a smart card component certified Common Criteria EAL5+. The implementation of the FIDO standard as well as the integration of a highly secure smart card component thus guarantee a very high level of security.
The Winkeo-C security key was proven and recognized as reliable by ANSSI (the French National Cybersecurity Agency ) and received the Security visa in 2022 (Certificate ANSSI-CSPN-06/2022). In addition, NEOWAVE is a Microsoft partner for its passwordless authentication solutions (FIDO2).
Features
Interface
USB-C HID
Certifications
- Smart card (QFN format) certified Common Criteria EAL5+
- “Cybersecurity Made in Europe” label
Wide compatibility
• Windows 10/11 with Microsoft Entra ID and over 250 online services such as Gmail, PayPal, OVH, WordPress, and Dropbox
• Identity federations such as Evidian, Ilex, Okta, and Ping Identity
Supported operating systems and browsers
Operating Systems: Windows, Mac OS, Linux, Android, iOS
Browsers: Chrome, Edge, Firefox, Safari
FIDO2 features
• credProtect
• hmac-secret
• Resident keys (rk) – Detectable credential
– Maximum number limited by an available persistent memory (200 to 512 bytes per credential)
• User PIN, PIN 1 and PIN 2 protocols
– PIN length between 4 Unicode characters and 63 bytes
– PIN try limit set to 8. After 8 unsuccessful tries, the authenticator must be reset.
– No default value
– Management of specific PIN policies
• Customization options:
– credBlob
– largeBlobKey
– noMcGaPermissionsWithClientPin
– largeBlobs
– minPinLength
– pinUvAuthToken
– ep – Enterprise Attestation
– authnrCfg
– credMgmt
– setMinPINLength
– makeCredUvNotRqd
– alwaysUv
Associated optional services
Graphical customization: logo, photo, name, unique number …
Size / Weight
• Length 23.5 mm (26.1 mm with cap) / Width 14.4 mm / Thickness 6.5 mm
• Weight: 3 g