• +886 2-2934-3166
  • This email address is being protected from spambots. You need JavaScript enabled to view it.

Passwordless Authen

Since the Internet was invented, users have adopted passwords to protect their privacy. However, as there are more and more service providers on the Internet, the number of passwords that everyone needs to manage has also increased. Now passwords are no longer protecting personal privacy. The safeguard may, instead, be the biggest threat to our privacy.

On the one hand, the number of passwords managed by individuals has been increasing to the extent that they are easily lost or forgotten. Hackers then use passwords to steal information or pry into privacy. According to a research report (Verizon Data Breach Investigations Report), 81% of data breaches resulted from passwords.

In recent years, many big tech companies have dismissed passwords, no longer regarding it as the main fortress. They proposed a unified standard framework to allow users to perform authentication without the need to set passwords. FIDO (Fast Identity Online) Alliance that promotes this authentication framework was established in 2012. They devised a set of open and interoperable authentication standards, expecting to protect users from the threat deriving from passwords. So far, there are more than 250 members, including the initiators such as PayPal, Infineon, Google, and Microsoft. It has become a new open standard that the entire industry continues to promote in order to meet the future trend.

IKV-Tech has successively obtained FIDO2 L1 and L2 certification for authenticators in 2021. In the world, there are only four vendors, IKV-Tech included, reaching the L2 security level. Through ODM, IKV-Tech assists companies in designing security keys that comply with FIDO2 L1 and L2. The mode of user presence adopts cognition-based and behavior-oriented “Touch Pattern” rather than fingerprint. By doing so, we considerably reduce the hardware cost but maintain the security level, which lowers the entry barrier for enterprises to deploy password-less authentication.

I. FIDO Certified Security Chip

The security chip with “FIDO inside” aims to reduce customers’ cost in deploying password-less authentication and to enable them to flexibly embed the security chip to a wide range of purpose-built hardware devices. In this regard, our customers’ product can timely go to market as a password-less or multi-factor authenticator.

II. FIDO Certified USB Security Key

IKV-Tech has aggregated the experience of more than a decade of USB security key design. Successively acquiring FIDO2 L1 and L2 certification in 2021, they build password-less and multi-factor security keys branded with customers’ logos.

We have successfully provided for many vendors “FIDO Certification Embedded” security chips and USB security keys. It saves our customers investment in research and development to create FIDO certified products meeting international authentication standards.

Our security chip is easy to use becasue

  • it supports a variety of form factors, including the smallest SIM, microSD, USB, PCIe
  • a unique hardware root is in every system for identification and authentication
  • customizability enables security by design, compliance security by default
  • countermeasures are implemented to tackle a wide range of security issues
  • a unique 32-bit CPU based on the ARM® SecurCore™ SC300™ controller is inside

Use Case Application

Privileged Access Management

Deploying enterprise-grade data access control with “password-less” authentication to resist phishing and unauthorized access

IoT Authentication

FIDO Certified Security Chip can be integrated into IoT devices for server-to-client mutual authentication to ward off counterfeit and fake data

Cloud Service Authentication

Service providers can offer password-less authentication for user login to resist phishing and data breaches

FIDO Enabler - Security Chip with FIDO Inside

Image
The FIDO strong authentication framework may be a revolutionary practice raising security to a higher level. The reason why it is not a revolutionary “technique” is that strong authentication based on the asymmetric cryptography system has been existing for decades. What FIDO Alliance does is to “assemble” hardware vendors, software vendors, service providers, operating systems, browsers and some consortiums for one aim – replacing vulnerable password-based authentication with the crypto-based one. The benefits accrue to data protection during data transferring, sharing and storage, audit logging, secure logon and access control. FIDO-certified solutions flip a new page of data protection allowing for greater awareness and transparency than accounts and passwords. Especially hardware USB authenticators, despite the downside being the additional efforts to safekeep the device, are sure to root out phishing and unauthorized access

For vendors who intend to implement the FIDO authentication framework on hardware authenticator in any form factor, we provide the ready-to-go crypto core, allowing for FIDO-compliant asymmetric cryptographic algorithms, FIDO-certified authentication mechanism and other value-added cryptographic functions. It is compatible with fingerprint authenticators, USB security keys, security cards, etc



Why is our security chipTrustworthyReliableRobust?

I. Manufactured by world-known companies (Infineon) 

Security chips own many patents, including cryptographic algorithm, tamper resistant, secure COS and sensors that detect intrusive and non-intrusive attacks. Though many companies buy intellectual properties trying to devise a SoC that equals a standard security chip, it turns out that the cost is several times higher than gains.
II. Equipped with an accelerator and safe storages

The absence of accelerators leads to poor performance in the encrypting process since cryptographic algorithms usually involve computing big numbers. For security concern, the accelerator functions only in the secure areas of chips to boost the overall performance of security services. Storages are likewise very important, especially for cryptographic keys and confidential information. 
III. Capability of detecting and resisting intrusion

Means of intrusion vary with hackers’ tricks. Without appropriate design and implementation, devices are very likely to be attacked within seconds once vulnerabilities are exposed. Smart cards are an example.
IV. Strictly controlled channel by the original manufacturer

The market of security chips usually involves export control; only by NDA and certification can the access be obtained, and regular inspection is also needed. Security chips available on DigiKey or Mouser have been cracked and proven extremely vulnerable.
V. Acquisition of international certificates

  1. FIPS 140-2 Validation Certificate 
  2. ISO 15408 Certification
  3. Common Criteria EAL

These three mainstream certificates cost considerably high, from hundreds of thousands of US dollars to millions.

Image

The market of security chips is very challenging; for manufacturers, precaution and countermeasures are in any time needed to satisfy clients’ requirements in this ever changing world, so our skills should always keep up with hackers’ newest tactics. Besides internationally accredited security chips, we also localize and customize our services, such as risk assessment, cost benefit analysis (CBA) and penetration test.

Lastly, to provide robust security chips and reliable solutions, IKV-Tech collaborates with world-known manufacturer, Infineon, to resell and develop the finest security chips. 

Send your message

Image

Address: No. 218, Section 6, Roosevelt Rd,

Wenshan District, Taipei City, 116 

TEL:+886-2-29343166

FAX:+886-2-29343167

 
Copyright © 2020 InfoKeyVault Technology. All rights reserved.