image_pdfimage_print
Author Archives: FMTAD

Ommic case: How a French company allegedly handed over military secrets to China and Russia

Ommic case: The story of a French semiconductor company accused of spying for China and Russia

Ommic case by Jacques Gascuel: This article will be updated with any new information on the topic.  

Ommic case: A scandal of military industrial espionage

Ommic, a French semiconductor company, suspected of spying for China and Russia. Alleged delivery of military material and processes for radars, missiles or drones. Economic and political consequences for France and Europe. Questions about the protection and control of dual-use technologies. Article on the Ommic case, the technological secrets, the measures taken by the French government and other cases of military industrial espionage in the world.

2024 Digital Security

Apple M chip vulnerability: A Breach in Data Security

2024 Digital Security

Cybersecurity Breach at IMF: A Detailed Investigation

2024 DataShielder Digital Security PassCypher Phishing

Midnight Blizzard Cyberattack Against Microsoft and HPE: What are the consequences?

2024 Digital Security

PrintListener: How to Betray Fingerprints

2024 Articles Digital Security News

BitLocker Security: Safeguarding Against Cyberattacks

2024 Articles Digital Security News Spying

How to protect yourself from stalkerware on any phone

Ommic case: The story of a French semiconductor company accused of spying for China and Russia

The Ommic case is a scandal of industrial espionage that involves a French company specialized in the manufacture of high-tech semiconductors. According to the charges brought by the French justice, Ommic would have delivered to China and Russia material and processes sensitive to the military, used in particular by the French army. The French general manager of the company, as well as three other people, were indicted in March 2023 for “delivery to a foreign power of processes, documents or files likely to harm the fundamental interests of the Nation”. The French state took temporary control of the company and seized several tens of millions of euros. In June 2023, Ommic was sold to an American owner and changed its name to Macom. This case raises questions about the protection of French technological know-how and the risks associated with the transfer of strategic technologies to foreign powers.

What is Ommic?

Ommic, located near Paris in Limeil-Brévannes, has a history of more than 40 years in material science, semiconductor wafer processing and monolithic microwave integrated circuit (MMIC) design. Its differentiated manufacturing capabilities include several semiconductor processes and products qualified by the European Space Agency (ESA). Ommic uses notably gallium arsenide (GaAs) and gallium nitride (GaN) technologies, which allow to produce high-performance electronic components for high-frequency applications. Ommic counts among its customers major players in the space sector, such as Thales Alenia Space or Airbus Defence and Space.

Why did Macom buy Ommic?

Macom is an American supplier of semiconductor products for the telecommunications, industrial and defense and data center sectors. Macom announced in February 2023 that it had entered into a definitive agreement to acquire the assets and operations of Ommic for approximately 38.5 million euros. Macom sees Ommic’s high-frequency MMIC product portfolio and design capability as an aid to address microwave applications on target markets. Macom also said that acquiring Ommic should allow it to focus more on European markets and expand its wafer production capacity.

What are the technological secrets delivered by Ommic?

According to the information revealed by the French press, Ommic would have delivered to China and Russia material and processes sensitive to the military, which could have been used to manufacture radars, missiles or drones. These would include machine tools capable of engraving GaN wafers, a highly sought-after technology for its performance in terms of power, efficiency and thermal resistance. Ommic would also have transmitted digital files containing integrated circuit plans, source codes or algorithms. These technological secrets would have an estimated value of several hundred million euros.

What are the consequences of the Ommic case?

The Ommic case had legal, economic and political consequences. On the legal level, four people were indicted and placed under judicial control. They face 15 years in prison and 225 000 euros fine.

On the economic level, the French state took temporary control of the company. It also seized several tens of millions of euros. Moreover, it launched an audit to assess the damage to national defense. Additionally, it strengthened the security and competitiveness of the French semiconductor industry.

On the political level, the Ommic case provoked contrasting reactions. Some denounced a national betrayal and a threat to technological sovereignty. Others minimized the scandal and welcomed the takeover by Macom. The French government affirmed its vigilance and reminded that France had other leading players in this field.

The Ommic case also had implications for the world of semiconductors. This is a strategic sector for many applications. The case revealed the vulnerability of some European companies to foreign espionage and competition. The case also highlighted the importance of protecting intellectual property rights and preventing technology transfers. The case also raised questions about Macom’s role and responsibility.

How did Macom react to the Ommic case?

Macom reacted to the Ommic case by expressing its support for the French authorities and its commitment to comply with all applicable laws and regulations. Macom stated that it was not aware of any wrongdoing by Ommic or its employees before or during the acquisition process. Macom also stated that it had conducted a thorough due diligence on Ommic’s business and operations before closing the deal. Macom said that it was cooperating fully with the French authorities and that it was confident that it would be able to demonstrate its good faith and integrity.

Macom also tried to reassure its customers and partners about its ability to continue to provide high-quality products and services based on Ommic’s technologies. Macom said that it had taken steps to ensure the continuity of Ommic’s operations and to preserve its know-how and expertise. Macom also said that it had implemented strict security measures to protect Ommic’s intellectual property and trade secrets from unauthorized access or disclosure.

Macom also emphasized the strategic value of acquiring Ommic for its growth and innovation objectives. Macom said that Ommic’s high-frequency MMIC product portfolio and design capability were complementary to its own offerings and would enable it to address microwave applications on target markets. Macom also said that acquiring Ommic would allow it to focus more on European markets and to expand its wafer production capacity.

Are these measures enough to ensure the security and competitiveness of France in the field of semiconductors?

According to experts, these measures are necessary but not sufficient. It would also be necessary to strengthen European cooperation, which is essential to cope with global competition, especially from China and the United States. It would also be necessary to anticipate technological changes and market needs, which are constantly changing. It would finally be necessary to develop a coherent and ambitious industrial and commercial strategy, which values the assets and specificities of France.

What are the challenges and opportunities that arise for the future?

The challenges are numerous, but so are the opportunities. The field of semiconductors is indeed a key sector for many applications, such as aeronautics, automotive, space, health or digital. The global demand is strong and should continue to grow in the coming years. France has recognized skills and innovative players in this field, who can differentiate themselves by their quality, reliability or performance. France can therefore play a major role in the development and dissemination of tomorrow’s technologies.

What are some other examples of military industrial espionage cases in the world?

Military industrial espionage is the practice of spying on or stealing information from other countries or companies that are involved in the development, production, or sale of military equipment, technology, or services. Military industrial espionage can have serious consequences for national security, economic competitiveness, and international relations.

There are many examples of military industrial espionage cases in the world, involving different actors, methods, and targets. Here are some of them:

  • In 2019, a former engineer at Raytheon, a US defense contractor, was arrested and charged with exporting sensitive missile technology to China. Wei Sun, a Chinese-born US citizen, admitted that he took a laptop containing classified information about Raytheon’s products to China without authorization. He also admitted that he shared some of the information with Chinese professors and students at a university in China1.
  • In 2018, a former employee of the French aerospace company Thales was convicted of spying for China. Henri Dumoulin, a French citizen, was accused of passing confidential documents about radar systems and missile guidance to Chinese intelligence agents. He was sentenced to six years in prison and fined 40,000 euros2.
  • In 2017, a former employee of the German engineering company Siemens was found guilty of selling trade secrets to Russia. Evgeny Kaspersky, a Russian citizen, worked as a software developer at Siemens and had access to the source code of a software used to control gas turbines. He copied the code and sold it to a Russian company that was linked to the Russian military. He was sentenced to two years and nine months in prison3.
  • In 2016, a former employee of the British defense company BAE Systems was arrested and charged with attempting to sell jet fighter secrets to Iran. Simon Finch, a British citizen, worked as a software engineer at BAE Systems and had access to sensitive information about the Typhoon fighter jet. He allegedly tried to sell the information to Iranian officials through an encrypted messaging app. He was later acquitted after claiming that he acted out of frustration over his treatment by BAE Systems.

How to prevent and combat military industrial espionage?

Military industrial espionage is a widespread and dangerous phenomenon for the security and competitiveness of countries and companies involved in the military industry. It involves spying or stealing sensitive information or technology for military purposes. Therefore, it is important to implement effective measures to prevent and combat this type of espionage. These measures may include:

  • Strengthening the protection and control of classified or proprietary information and technology.
  • Enhancing the awareness and education of employees and contractors about the risks and responsibilities.
  • Increasing the cooperation and coordination among national and international authorities and partners.
  • Prosecuting and sanctioning those who engage in or facilitate military industrial espionage.

The Ommic case is not an isolated case of military industrial espionage in the world. There are many cases where countries or companies have tried to appropriate or transfer sensitive information or technology. Some of these technologies are dual-use, meaning that they can have both civilian and military applications. This is the case for data encryption and messaging.

The complexity and dynamics of industrial espionage with a military character

Industrial espionage with a military character is a complex and dynamic phenomenon, which evolves according to technological advances, geopolitical power relations and the strategies of the actors involved. It poses significant challenges for the security and competitiveness of countries and companies that are victims or targets of this practice. It therefore requires constant vigilance and continuous adaptation to prevent and combat this threat.

The Ommic case is a concrete and recent example of industrial espionage with a military character that illustrates one of the methods that this practice can take. It also shows the flaws and risks associated with dual-use technologies, i.e. technologies that can have both civilian and military applications. It invites us to think about the future prospects and challenges posed by industrial espionage with a military character in an increasingly connected and competitive world.

Conclusion: The Ommic case and the challenges of industrial espionage with a military character

Industrial espionage with a military character is a complex and dynamic phenomenon, which evolves according to technological advances, geopolitical power relations and the strategies of the actors involved. It poses significant challenges for the security and competitiveness of countries and companies that are victims or targets of this type of espionage. It therefore requires constant vigilance and continuous adaptation to prevent and combat this threat.

In this article, we have presented the Ommic case, a scandal of industrial espionage with a military character that involves a French company specialized in the manufacture of high-performance electronic components for high-frequency applications. We have explained the facts, the actors, the stakes and the consequences of this case. We have also shown how this case illustrates one form of industrial espionage with a military character by transfer, according to the means and methods used. In the next article, we will address other methods such as infiltration, surveillance, hacking, subversion.

In the next article, we will also talk about the counter-espionage technologies such as those designed, developed and manufactured by Freemindtronic, which include innovative digital security solutions based on quantum cryptography. These solutions allow to protect sensitive data from theft, falsification or corruption, using unbreakable encryption keys and tamper-proof transactions.

We will explain how these solutions can help countries and companies to protect themselves from attacks of industrial espionage with a military character, using cutting-edge and environmentally friendly technologies.

If you want to learn more about how to protect your data and communication from industrial espionage with a military character, stay tuned for our next article on Freemindtronic’s innovative solutions based on quantum cryptography. 

EviVault NFC HSM vs Flipper Zero: The duel of an NFC HSM and a Pentester

EviVault NFC HSM and EviCore NFC HSM Embedded ISO 15693 VS Flipper Zero

EviVault NFC HSM vs Flipper Zero by Jacques Gascuel: This article will be updated with any new information on the topic.  

Unveiling the Encounter: EviVault NFC HSM vs Flipper Zero

This article examines the encounter between EviVault NFC HSM and Flipper Zero. While EviVault NFC HSM securely stores your blockchain keys offline, Flipper Zero serves as a device to test the security of wireless systems and NFC tags. The crucial question remains: Can Flipper Zero break through the defenses of EviVault NFC HSM and access your cryptocurrencies keys? The resounding answer is no, and we will explore the compelling reasons behind this assertion.

2024 Digital Security

Apple M chip vulnerability: A Breach in Data Security

2024 Digital Security

Cybersecurity Breach at IMF: A Detailed Investigation

2024 DataShielder Digital Security PassCypher Phishing

Midnight Blizzard Cyberattack Against Microsoft and HPE: What are the consequences?

2024 Digital Security

PrintListener: How to Betray Fingerprints

2024 Articles Digital Security News

BitLocker Security: Safeguarding Against Cyberattacks

2024 Articles Digital Security News Spying

How to protect yourself from stalkerware on any phone

EviVault NFC HSM vs Flipper Zero: The duel of an NFC HSM and a Pentester

EviVault NFC HSM vs Flipper Zero: this is the question that this article will answer. EviVault NFC HSM is a technology that securely stores your blockchain keys offline. Flipper Zero is a device that tests the security of wireless systems and NFC tags. Can Flipper Zero compromise EviVault NFC HSM and access your cryptocurrencies keys? The answer is no, and this article will explain why.

EviVault NFC HSM vs Flipper Zero is a topic that interests many crypto enthusiasts and security experts. Moreover, it sparks curiosity about the comparison between these two technologies. EviVault NFC HSM is a technology that allows offline physical secure storage of blockchain private keys, cryptocurrencies, wallets, Bitcoin, Ethereum, NFTs, Smart Contracts. Freemindtronic, a company from Andorra that specializes in NFC security solutions, developed it. EviVault NFC HSM uses the EviCore NFC HSM technology, which offers a high level of protection and encryption for your keys and secrets. It also works with Freemindtronic’s NFC HSM devices, which are contactless devices that can store and use your crypto keys and secrets. You can learn more about this technology here: https://freemindtronic.com/evicore-nfc-hsm-the-technology-by-freemindtronic/.

Flipper Zero is a versatile tool for testing the security and cybersecurity of systems, especially for pentesters. However, it can be used for malicious purposes, such as by cybercriminals to hack into digital systems, such as radio protocols, access control systems, hardware and more. At first glance, one might think that Flipper Zero is capable of compromising EviVault NFC HSM by reading or cloning its secrets without contact. However, this is not the case because EviVault NFC HSM has several security mechanisms that prevent any attempt of physical or logical attack.

In this article, we will explain how EviCore NFC HSM can resist effectively to the attacks of pentest tools like Flipper Zero and how it protects your blockchain assets from end to end, focusing on the device level.

How EviCore NFC HSM protects and encrypts your secrets with a secure element

First of all, EviCore NFC HSM is a proprietary technology that uses an NFC HSM to store and protect your secrets. It uses a proprietary protocol called EVI (Encrypted Virtual Interface) based on the ISO 15693 standard (https://www.st.com/resource/en/datasheet/m24lr64e-r.pdf or (https://www.st.com/resource/en/datasheet/st25dv64kc.pdf).

EVI ensures the proper functioning of reading and writing encrypted secrets with an intelligent system of error monitoring for write errors or reading from the secure EEPROM memory. You can find more information about the security standards and algorithms used by EVI here: https://freemindtronic.com/evicore-nfc-hsm-security-information-standards-algorithms-regulatory.

Moreover, EviCore NFC HSM uses other specific encryption algorithms such as AES CTR SHA 256 bits to encrypt and protect your secrets by segmented keys. Meanwhile EVI protects the keys used to access the RF NFC memories with a very strong secret code via AES ECB 128. This secret code prevents unauthorized reading or modification of keys. EVI makes the NFC and RF memories safer to combat invasive or non-invasive attacks from pentest tools like Flipper Zero.

EviCore NFC HSM: a fortress for your secrets EviVault NFC HSM vs Pentester

The NFC HSM EviCore, developed by Freemindtronic, is a technology protected by three patents of invention in their implementation. It is incomparable. It uses its innovative Encrypted Virtual Interface (EVI) protocol to ensure unparalleled security of confidential data in the duel EviVault NFC HSM vs Flipper Zero. This technology, compliant with the ISO 15693 standard, constitutes a multi-layer defense for your information. Seamlessly integrated within it are advanced features such as encryption, authentication, anti-cloning, anti-replay, anti-counterfeiting, and comprehensive black box management.

The Interaction between EVI and the NFC HSM: Securing Secrets in the EviVault NFC HSM vs Flipper Zero Duel

EVI, the Machine-to-Machine (MtoM) interface, collaborates with NFC HSM chips to ensure secure management of encrypted data read and write operations without risk of physical and digital errors. Thus, EVI monitors errors in reading/writing secure EEPROM memory through a sophisticated error tracking system that includes user errors of NFC HSM. In addition, it independently manages various cryptographic tasks such as encryption, decryption, signing, verification, and key generation of access codes to EEPROM memories. It thus strengthens the level of security, resilience and security of encrypted secrets. These are encrypted with other EviCore NFC HSM algorithms. This already constitutes two lines of defense against invasive or non-invasive attacks.

The Importance of External Elements in the EviVault NFC HSM vs Flipper Zero Duel

The encryption methodology of EviCore NFC HSM allows each segment to have a different physical origin in the duel EviVault NFC HSM vs Flipper Zero. This means that it can come from an external element to the NFC HSM, such as a geographic location and/or a password or fingerprint reading and/or a segmented QR code key exceeding 256 bits and/or BSSID and/or an NFC Android phone identifier. In fact, these elements serve as physical origin trust criteria, thus strengthening the validation process to access the secrets stored in the NFC HSM. Thus, this patented technology constitutes a third line of defense against various types of attacks, whether in proximity or at a distance, thanks in particular to encryption by encapsulations including these criteria freely defined by the user.

Superior Encryption and Deterrence against Unauthorized Access in the EviVault NFC HSM vs Flipper Zero Duel

Using high-quality encryption algorithms such as AES CTR SHA 256 bits considered post-quantum, the EviCore NFC HSM technology ensures that secrets remain inaccessible to unauthorized entities in the long term against pentest tools such as in the duel EviVault NFC HSM vs Flipper Zero. In addition, EVI protects the keys of NFC RF memories using AES ECB 128, preventing any unauthorized reading or modification. Thus, with this post-quantum encryption of secrets stored in the NFC HSM, it constitutes the fourth line of defense against attacks, especially invasive ones via pentest tools such as Flipper Zero.

Comprehensive Defense against Cyber Threats in the EviVault NFC HSM vs Flipper Zero Duel

EviCore NFC HSM provides a comprehensive defense strategy against both physical and logical attacks in the EviVault NFC HSM vs Flipper Zero duel. Its defenses include countermeasures against tampering, cloning, side-channel analysis, and reverse engineering. As the battle between EviVault NFC HSM and Flipper Zero intensifies, EviCore NFC HSM remains steadfast in protecting your secrets and ensuring a resilient defense against emerging cyber threats.

The EviCore NFC HSM technology operates without batteries and is activated on-demand, optimizing energy usage by leveraging the NFC signal of an Android phone. This unique feature not only showcases the system’s efficiency but also its environmentally friendly design. With EviCore NFC HSM technology, you get the peace of mind offered by patented and unparalleled security in the security and safety of sensitive data such as blockchain and cryptocurrency private keys in the face of perpetually evolving challenges via pentest tools that are freely accessible and very useful for testing, especially the duality EviVault NFC HSM vs Flipper Zero.

How Flipper Zero reads and emulates NFC cards

Flipper Zero has a Reading NFC cards function that allows it to read, save and emulate NFC cards. An NFC card is a transponder that operates at 13.56 MHz and has a unique number (UID) as well as a part of rewritable memory for storing data. Depending on the card type, memory can be segmented into sectors, pages, applications, etc. When near a reader, the NFC card transmits the requested data.

Flipper Zero can read different types of NFC cards according to their standard and protocol:

  • NFC cards type A: MIFARE Classic®, MIFARE Ultralight® & NTAG®, MIFARE® DESFire®
  • NFC cards type B: Calypso®, CEPAS
  • NFC cards type F: FeliCa™
  • NFC cards type V: ICODE® SLIX
  • Unknown cards: cards not recognized by Flipper Zero

Flipper Zero can also emulate NFC cards by using the data saved in its memory. To do this, you have to select a card from the Saved list then press Emulate. Flipper Zero will then behave like an NFC card and can communicate with a compatible reader.

Flipper Zero can therefore communicate with EviCore NFC HSM technology using the ISO 15693 standard which is supported by the ST25R3916 component it uses. However as we have seen previously this communication is limited and secured by EviVault NFC HSM protection mechanisms. Moreover Flipper Zero can emulate an ISO 15693 card even if the emulator has limitations. Indeed, the ST25R3916 component used by Flipper Zero allows emulation according to the ISO 15693 standard via RFLA (RF/NFC Abstraction Layer). However this emulation has limits to be able to test the NFC HSM of Freemindtronic. This excludes, for example, the possibility of testing the security and carrying out malicious attacks by emulating an ISO 15693 64Kb NFC chip used by the NFC HSMs used by the EviVault NFC HSM technology.

If you want to know more about Flipper Zero’s Reading NFC cards function and its emulation possibilities you can check out the following links:

Flipper Zero’s Capabilities and Limitations in Attacking EviVault NFC HSM

Flipper Zero’s Support of NFC-V Protocol and Emulation

A New Feature in Firmware 0.85.2

Flipper Zero is a multifunctional gadget for hackers that supports NFC technology. It can read, write, clone, and emulate NFC cards using a built-in 13.56 MHz NFC module. Flipper Zero uses a ST25R3916 NFC controller and a RFAL library to handle high-frequency protocols (NFC) and facilitate the development of NFC applications.

Flipper Zero supports the NFC-V (ISO15693) protocol since the firmware version 0.85.2. This protocol is used by some NFC tags, such as transport cards or electronic labels. With this feature, Flipper Zero can read and emulate these tags, which can be useful for testing their security or having fun with them.

The NFC-V protocol is a contactless protocol that operates at 13.56 MHz and allows data transfer at a distance of a few centimeters, with a maximum speed of 26.48 kbit/s. The NFC-V protocol is based on the ISO15693 standard, which defines the physical and logical characteristics of NFC tags. The NFC-V tags are recognized by the NFC Forum as type 5 tags.

To use the NFC-V protocol with Flipper Zero, you need to select the “NFC” option in the main menu, then choose the “NFC-V” mode. Then you need to bring the Flipper Zero close to an NFC-V tag to detect it and display its information. You can then choose to perform different actions on the tag, such as:

  • Read: to read the content of the tag and display it on the screen of Flipper Zero. The tag can contain up to 256 blocks of 4 bytes each.
  • Write: to write data on the tag, by choosing the page and the bytes to modify. The writing can be protected by a password.
  • Clone: to copy the content of the tag into the internal memory of Flipper Zero. Flipper Zero can store up to 8 cloned tags.
  • Emulate: to make the reader believe that Flipper Zero is the original tag. Flipper Zero can emulate any cloned tag.

A Potential Threat for EviVault NFC HSM

This feature also introduces a potential threat for EviVault NFC HSM, as Flipper Zero can now emulate an NFC-V card and try to access its data or functions. However, this threat is not very serious, as EviVault NFC HSM has strong security mechanisms that prevent unauthorized access or tampering.

EviVault NFC HSM is a hardware security module that uses NFC technology to store and manage cryptographic keys. It is designed to protect sensitive data and transactions from unauthorized access or tampering. It can be used as a secure element for authentication, encryption, digital signature, or blockchain applications.

EviVault NFC HSM uses encryption, authentication, protection against cloning and replay, and other techniques to ensure that only authorized devices can interact with it. Even if Flipper Zero can emulate an NFC-V card, it cannot decrypt or modify its data, nor perform any cryptographic operations on it.

Therefore, Flipper Zero’s support of NFC-V emulation does not compromise EviVault NFC HSM’s security or confidentiality.

Documentation

If you want to learn more about Flipper Zero’s support of NFC-V protocol and emulation, you can consult the following documentation:

Flipper Zero’s Lack of Support for Energy Harvesting and Password Protection

Two Features of M24LR64E-R and ST25DV64KC Chips

The M24LR64E-R and ST25DV64KC are dynamic NFC/RFID chips with 64-Kbit EEPROM, energy harvesting, I2C bus and RF ISO 15693 interface. They are used by Freemindtronic for their EviVault NFC HSM products. They have two features that Flipper Zero does not support: energy harvesting and password protection.

Energy harvesting is a function that allows the chip to harvest energy from the RF field and use it to power external components. This can be useful for low-power applications or battery-less devices. The chip has an analog pin for energy harvesting and four sink current configurable ranges.

Password protection is a function that allows the chip to protect its data from unauthorized access or modification by using passwords. The chip has three 64-bit passwords in RF mode and one 64-bit password in I2C mode. The passwords can be used to protect one to four configurable areas of memory in read and/or write mode.

Two Limitations for Flipper Zero in Attacking EviVault NFC HSM

Flipper Zero cannot take advantage of these two features for several reasons:

  • Flipper Zero cannot emulate a tag NFC 15693 with a memory of 64-Kbit, because it does not have enough internal memory to store the content of the tag. It cannot therefore pretend to be the original tag and try to access its data or functions.
  • Flipper Zero cannot clone a tag NFC 15693 with a memory of 64-Kbit, because it does not have enough internal memory to copy the content of the tag. It cannot therefore create a duplicate of the tag and modify it at will.
  • Flipper Zero cannot write on a tag NFC 15693 protected by a password, because it does not know the password. It cannot therefore modify the data of the tag or make them inaccessible.
  • Flipper Zero cannot benefit from the energy harvesting function of the M24LR64E-R and ST25DV64KC chips, because it does not have an analog pin to harvest energy. It cannot therefore power external components with the energy of the tag.

These limitations further reduce Flipper Zero’s capabilities in attacking EviVault NFC HSM. While Flipper Zero can interact with NFC-V devices used by NFC HSM, it cannot emulate them, clone them, write on them. EviVault NFC HSM’s robust security mechanisms ensure that Flipper Zero cannot compromise its security or confidentiality.

Documentation

If you want to learn more about the M24LR64E-R and ST25DV64KC chips and their features, you can consult the following documentation:

Conclusion

In this article, we analyzed how Flipper Zero can test the security of or attack EviVault NFC HSM technology through malicious use. This technology enables secure offline physical storage of blockchain private keys, cryptocurrency wallets, NFTs, and smart contracts. It uses EviCore NFC HSM technology that offers a high level of protection and encryption for your keys and secrets. It also works with Freemindtronic’s NFC HSM devices that are contactless devices that can store and use your cryptocurrency keys and secrets. Flipper Zero is a tool that can read, write, clone and emulate NFC cards using a built-in NFC module. It supports the NFC-V (ISO15693) protocol since June 2023, which allows it to interact with the M24LR64E-R and ST25DV64KC chips used by EviVault NFC HSM. However, Flipper Zero cannot compromise EviVault NFC HSM, because it has robust security mechanisms that prevent unauthorized access or modification of its data or functions. These mechanisms include encryption, authentication, protection against cloning and replay, energy harvesting and password protection. Therefore, EviVault NFC HSM is a reliable and innovative solution for offline storage and use of cryptocurrency keys without risk of hacking or loss.

It is understood that to perform this type of invasive or non-invasive proximity test or attack, you must first physically obtain an NFC HSM with blockchain or cryptocurrency private keys stored via EviVault NFC HSM.

Since it is not possible to emulate a NFC-V NFC HSM of 64 KB iso 15963. That it is not possible to guess the decryption keys encrypted in AES considered post-quantum. In addition, encryption keys are segmented to annoy blockchain and cryptocurrency privates. EviVAult NFC HSM technology allows you to securely store physical offline blockchain private keys as well as their public addresses and public keys. You can use them contactlessly on Android NFC phone or all computers such as Microsoft Windows, Linux and iOS Apple. It also protects them from environmental hazards by using NFC chips coated with defense-grade resin.

To acquire products using EviVault NFC HSM technology, simply check that the product includes this technology. If in doubt, contact Freemindtronic by clicking here.

Comparison table of EviVault NFC HSM and Flipper Zero features

It might be useful to add this table of main features of EviVault NFC HSM and Flipper Zero to show the communication links that allow Flipper Zero to communicate with EviCore NFC HSM technology. Here is the table formatted with the features of EviVault NFC HSM and Flipper Zero.

FeatureEviVault NFC HSMFlipper Zero
Encryption algorithmAES 256 bits and RSA 4096None
Authentication mechanismSegmented key with 9 trust criteriaNone
Protection against cloning and replayYesNo
Power security device and black boxYesNo
Wireless access control systemYesNo
Memory size64 KB EEPROM1024 KB Flash
Memory encryptionYesNo
Memory access lockoutYesNo
Frequencies below 1 MHz13.56 MHz ± 7 kHz13.56 MHz / 125 kHz (LF) and (HF)
NFC standard
  • ISO 15693 and compatible ISO 18000-3 mode 1
  • 423 kHz and 484 kHz
  • 53 kbit/s data rate
NFC-A / ISO14443A, NFC-B / ISO14443B, NFC-F / FeliCa™, NFC-V / ISO15693, NFC-A / ISO14443A, NFC-F / FeliCa™ in card emulation, compliant with MIFARE Classic®
Sub-GHz frequenciesNone315 MHz, 433 MHz, 868 MHz and 915 MHz
BluetoothYes: Protected by RSA 4096 for Freemindtronic’s Android NFC application and by AES-128 CBC from EviKeyboard BLEBluetooth LE 5.0
WifiYes: Protected by RSA 4096 for Freemindtronic’s Android NFC application and unique ECC key for one-time use with the NFC HSM Browser extensionYes, optional
Infrared transmitterNoneYes
RFID reader-emulatorNoneEM-4100 and HID Prox cards only
NFC reader-emulatorNoneYes, but without encryption or authentication
Anti-counterfeitingYes, by unique signature of 128 bits and access to segmented keyNone
iButton reader-emulatorNoneYes
GPIO connectorsNone18
Man-in-the-middle attack by intercepting the NFC signalSecureYes

Note that this table shows the differences between the features of EviVault NFC HSM and Flipper Zero when used to attack EviVault NFC HSM.

Digital signature: How Freemindtronic secures its software

Digital Signature EV Code Signing Certificate from Freemindtronic SL Andorra

Digital signature by Jacques gascuel This article will be updated with any new information on the topic, and readers are encouraged to leave comments or contact the author with any suggestions or additions.  

How Freemindtronic uses digital signature to secure its software

Digital security is the main focus of Freemindtronic. This innovative company offers software that use digital signature. This ensures their reliability and integrity. Some of these software are EviDNS and EviPC. They use NFC technology and asymmetric & symmetric cryptography. These techniques help to create, store and verify digital evidence. In this article, we will see the benefits of digital signature for users.

2024 Articles Cardokey EviSwap NFC NDEF Technology GreenTech Technical News

NFC vCard Cardokey: Revolutionizing Digital Networking

2023 Articles Communications Cybersecurity Digital Security News Technical News

5Ghoul: 5G NR Attacks on Mobile Devices

2023 Articles EviCore HSM OpenPGP Technology EviCore NFC HSM Technology NFC HSM technology Technical News Technologies

Quantum computing RSA encryption: a threat and a solution

Articles News Technical News

Brute Force Attacks: What They Are and How to Protect Yourself

Articles Compagny spying DataShielder Digital Security Industrial spying Military spying NFC HSM technology Spying Technical News Zero trust

Are fingerprint systems really secure? How to protect your data and identity against BrutePrint

Articles Cyberculture NFC HSM technology Technical News

RSA Encryption: How the Marvin Attack Exposes a 25-Year-Old Flaw

2023 Articles EviKey & EviDisk EviKey NFC HSM News NFC HSM technology Technical News

How to secure your SSH key with NFC HSM USB Drive EviKey

Articles Digital Security EviVault Technology NFC HSM technology Technical News

EviVault NFC HSM vs Flipper Zero: The duel of an NFC HSM and a Pentester

What is digital signature?

Digital signature is a process that allows to authenticate the origin and content of a document or a computer program. It relies on the use of a digital certificate, which attests to the identity of the signer, and a private key, which allows to encrypt the data. The private key is stored on a secure physical device, called USB token, which requires a PIN code to be activated. Thus, digital signature protects the private key from theft or loss.

Why choose EV Code Signing Certificate Highest level of Security?

Freemindtronic has chosen the EV Code Signing Certificate Highest level of Security, which is the highest level of security available on the market. This certificate has the following characteristics:

  • It complies with the authentication standards of the CA/Browser Forum and Microsoft specifications, which ensures compatibility with major browsers and operating systems.
  • It establishes the reputation of the signer in Windows 8.0 and later versions, Internet Explorer 9 and later versions, Microsoft Edge, and Microsoft SmartScreen® Application Reputation filter, which increases user confidence by displaying the identity of the signer before running applications.
  • It supports all major 32-bit/64-bit formats, such as Microsoft Authenticode (kernel and user mode files, like .exe, .cab, .dll, .ocx, .msi, .xpi, and .xap), Adobe Air, Apple applications and plug-ins, Java, MS Office Macro and VBA, Mozilla object files, and Microsoft Silverlight applications.
  • It includes a timestamp functionality, which allows to continue using signed applications even after the expiration of the signature certificate.
  • It comes with a free USB token with a 3-year certificate.

How does digital signature benefit users?

By using a high-level digital signature, Freemindtronic guarantees its customers the quality and security of its software, while distinguishing itself from its competitors in the digital security market. Users can enjoy the following benefits:

  • They can verify the authenticity and integrity of Freemindtronic software before installing or running it.
  • They can avoid warnings or errors from browsers or operating systems that may prevent them from using unsigned or poorly signed software.
  • They can trust that Freemindtronic software is free from malware or tampering that could compromise their data or devices.
  • They can access Freemindtronic software even if they are offline or if their internet connection is unstable.
BENEFITSDIGITAL SIGNATURE
Authenticity✔️
Integrity✔️
Reputation✔️
Compatibility✔️
Security✔️
Accessibility✔️

In conclusion, Freemindtronic is a leader in digital security solutions, such as EviDNS and SecureSafe360, which use NFC technology and asymmetric & symmetric cryptography to create, store and verify digital evidence. To ensure that its software is reliable and secure, Freemindtronic uses a high-level digital signature that complies with industry standards and specifications. Users can benefit from this signature by verifying the identity and content of Freemindtronic software before using it. They can also avoid potential problems caused by unsigned or poorly signed software. Finally, they can access Freemindtronic software even when they are not connected to the internet.

PassCypher NFC HSM: Secure and Convenient Password Management

PassCypher NFC HSM contactless hardware password manager Freemindtronic Technology from Andorra

PassCypher NFC HSM by Jacques Gascuel This article will be updated with any new information on the topic, and readers are encouraged to leave comments or contact the author with any suggestions or additions.

Discover Secure Password Management with PassCypher NFC HSM and PassCypher Pro NFC HSM

Protect your passwords with innovative solutions from PassCypher. From contactless management to invention patents, enhanced security, and versatility, find out how PassCypher provides you with a convenient and secure solution for password management. Don’t let data vulnerability be a concern anymore. Dive into our dedicated article on PassCypher products and take control of your password security.

Articles Electronics News Press release Technologies

Freemindtronic’s Legacy: Rediscovering Excellence

2022 CyberStealth Eurosatory 2022 Press release

EviStealth Technology at Eurosatory 2022

2022 Cyber Computer Eurosatory 2022 Press release

Cyber Computer at Eurosatory 2022

2022 Contactless Dual Strongbox Eurosatory 2022 Press release

The Contactless Dual Strongbox for sensitive data at Eurosatory 2022

Press release

Press releases and documents

Press

The Freemindtronic press

Discover our other articles on digital security

PassCypher NFC HSM and PassCypher Pro NFC HSM: Secure and Convenient Password Management

Introduction

PassCypher offers a range of contactless hardware password managers known as PassCypher NFC HSM and PassCypher Pro NFC HSM. These products are protected by three invention patents and incorporate EviPass, EviOTP, and EviCore NFC HSM technologies, along with Freemindtronic’s NFC HSM devices, EviTag, and Evicard. PassCypher allows you to securely and conveniently store and manage passwords, one-time passwords (OTP), and HMAC-based passwords. It eliminates the need for a power source or internet connection. Additionally, PassCypher features a built-in RSA 4096 key manager with a random generator capable of changing the key up to one million times without any risk of error. It seamlessly works on Android NFC-enabled phones with fingerprint access control and is compatible with computers supporting Chromium-based or Firefox-based web browsers with autofill and auto login functionalities. For computer use, users need to install the PassCypher NFC Web Browser Extension and EviDNS software, which acts as a hotspot for pairing the extension with the PassCypher NFC HSM application through the local network. PassCypher is not compatible with Safari.

Features and Benefits

PassCypher’s web browser extension offers several convenient features, including:

Management of Paired Phones

With PassCypher, you can easily manage the phones paired with the EviCore NFC HSM for Web Browser extension. You can add phones to the list of paired devices, manage favorites, make direct calls, and delete paired phones.

Create a New Label (Secret)

PassCypher enables you to create labels containing sensitive information such as login IDs, passwords, OTPs, or HOTPs. You can define the name of the label and use an intelligent random password generator for login IDs and segmented keys. Additionally, PassCypher allows you to create a compatible QR Code for each label.

Digital Post-it

Retrieve labels from the NFC HSM in clear text using the Digital Post-it feature. This enables you to manually use the information for copying and pasting, including login IDs.

Free Tools: Advanced Password Manager

PassCypher offers a real-time entropy state bar based on Shannon’s mathematical function and a passphrase generator. It also includes various features such as checking if your password has been compromised in a data breach, generating personalized password and segmented key labels, and fetching login credentials and cloud keys.

Strongbox Function

The Strongbox function provides automatic anti-phishing protection by verifying the URL before authorizing auto-filling login fields. It leverages EviCore NFC HSM technology to store the URL during the first automatic login to a favorite site. Upon subsequent logins, PassCypher checks if the URL matches the auto-login request, ensuring seamless and secure authentication.

Segmented Key Generator

PassCypher introduces an innovative segmented key generator that requires multiple parties to reconstruct the key. The extension automatically populates the appropriate fields for each key component, ensuring the key’s integrity and security.

Pwned Function (Enhanced Cybersecurity)

Pwned offers proactive monitoring for online credentials. By leveraging a database of compromised usernames and passwords, PassCypher securely checks if your login information has been compromised in past data breaches. This feature helps prevent identity theft by promptly alerting you to compromised credentials and enabling you to change your password immediately.

Secret Phrase Generator (Passphrase)

Generate mnemonic phrases with basic salting using PassCypher’s Secret Phrase Generator. You can customize the number of words in your passphrase and choose special characters for separation. The real-time entropy control based on Shannon’s mathematical function enhances the security of your passphrases.

Advantages of PassCypher

PassCypher offers numerous advantages to its users:

  1. High-level Security: High-level security: PassCypher provides optimal security with AES 256-bit segmented key post-quantum encryption in NFC HSM memories, zero-knowledge architecture, patented technology and an integrated RSA 4096 key that enhances share security and remote backup of OTP passwords, segmented keys and secret keys.
  2. User-Friendly: PassCypher is easy to use with its contactless NFC card or tag, which can be conveniently placed on smartphones, computers, or other compatible devices.
  3. Environmentally Friendly and Cost-effective: PassCypher eliminates the need for batteries, cables, or power sources, making it eco-friendly and cost-effective.
  4. Versatility: PassCypher can manage passwords, OTPs, and HOTPs, providing two-factor authentication capabilities.
  5. Compatibility: PassCypher is compatible with various operating systems (Windows, Linux, MacOS, Android, iOS) and web browsers based on Chromium or Firefox.
  6. One-time Purchase: There are no financial commitments or subscriptions required to purchase PassCypher products.
  7. Absolute Anonymity: PassCypher follows the principles of zero-trust and plug-and-play, requiring no account creation or collection of personal or hardware information. It ensures complete user anonymity.
  8. Built-in Black Box: The NFC HSM Tag and Card devices feature a black box that records certain events, such as the number of incorrect password attempts, providing traceability and security.
  9. Air Gap Functionality: PassCypher operates in an air gap mode, independent of servers or secret databases. It securely stores all data in real-time on the volatile memory of the phone or computer.
  10. Physically Decentralized Strongbox: The strongbox autofill and auto login feature is securely stored within the Evicypher application on Android phones. This allows for extreme portability across multiple computers, utilizing the energy harvested from the phone’s NFC signal without contact.
Freemindtronic win awards 2021 Next-Gen in Secrets Management with EviCypher & EviToken Technologies
Freemindtronic win awards 2021 Most Innovative in Hardware Password Manager with EviCypher & EviToken Technologies

Freemindtronic Receives Global InfoSec Awards for Innovative PassCypher NFC HSM Technology

Freemindtronic, the proud developer of PassCypher NFC HSM, has been recognized as a winner of the prestigious Global InfoSec Awards during the RSA Conference 2021. The company was honored with three awards, including the titles of “Most Innovative Hardware Password Manager” and “Next-Gen in Secrets Management” by Cyber Defense Magazine. This achievement highlights Freemindtronic’s commitment to delivering cutting-edge cybersecurity solutions. With PassCypher NFC HSM’s advanced technology, users can enjoy secure and convenient password management. Join us as we celebrate this remarkable accomplishment and learn more about the exceptional features that make PassCypher a standout choice for safeguarding sensitive information.

Disadvantages of PassCypher

Despite its many advantages, PassCypher has a few limitations:

  1. NFC Device Requirement: PassCypher requires an NFC-compatible device to function, which may limit its use on certain devices or in specific situations.
  2. Risk of Loss or Theft: Like any portable device, PassCypher can be lost or stolen, necessitating backup and recovery measures.
  3. Incompatibility with Safari: PassCypher is not compatible with the Safari browser, which may be inconvenient for Mac or iPhone users.

Lifecycle

PassCypher has an exceptionally long lifecycle, estimated to be over 40 years without maintenance or a power source. It can handle up to 1,000,000 guaranteed error-free read/write cycles, equivalent to daily use for over a millennium. PassCypher is designed to withstand extreme temperatures ranging from -40°C to +85°C. It is also resistant to shocks, scratches, magnetic fields, X-rays, and its TAG version is enveloped in military-grade resin, surpassing IP89K standards for superior waterproofing. As a result, PassCypher offers exceptional durability and resilience against external factors.

Comparison with Competitors

PassCypher stands out from its competitors in several ways:

  1. Contactless Hardware Manager: PassCypher is the only password manager that operates without requiring physical contact, providing a more convenient and hygienic solution compared to USB keys or biometric readers.
  2. Patent Protection: PassCypher is protected by three international invention patents, ensuring exclusivity and reliability compared to other solutions in the market.
  3. Innovative Technology: PassCypher incorporates EviPass, EviOTP, and EviCore NFC HSM technologies, along with Freemindtronic’s NFC HSM devices, EviTag and Evicard, providing unparalleled performance and features.
  4. RSA 4096 Key Manager: PassCypher is the only password manager that offers an RSA 4096 key manager with a random generator, allowing for one million key changes without the risk of error. This provides an additional level of security and flexibility..
  5. Value Proposition for Customers: PassCypher brings significant value to its customers by enabling them to:
    • Protect their data: PassCypher ensures the security of personal and professional data, guarding against hacking, theft, or loss.
    • Simplify password management: PassCypher centralizes the management of passwords and access codes, offering a user-friendly solution for securely handling them.
    • Securely access online accounts: PassCypher enables secure access to online accounts, even without an internet connection or power source.
    • Benefit from innovative technology: By choosing PassCypher, customers gain access to innovative and patented technology developed by Freemindtronic, a leading company in the NFC HSM field.
    • Flexibly secure secrets: PassCypher offers various options for securely backing up secrets, including cloning between NFC HSM devices (EviCard or EviTag), partial or complete copying between nearby or remote devices using RSA 4096 public key encryption, or encrypted archiving on any encrypted storage media using the RSA 4096 public key of an NFC HSM EviCard or EviTag. This flexibility provides peace of mind and adaptability to customers.
    • Choose the appropriate storage format: PassCypher is available in three different formats with varying secret storage capacities, allowing customers to choose the one that best suits their needs and budget.
    • Multilingual Support: The PassCypher Android application and web browser extension are available in 14 different languages. Users can use PassCypher in their preferred language, including Arabic (AR), Catalan (CA), Chinese (CN), German (DE), English (EN), Spanish (ES), French (FR), Italian (IT), Japanese (JA), Portuguese (PT), Romanian (RO), Russian (RU), Ukrainian (UK), and Bengali (BIN). This feature provides a personalized experience and facilitates the use of PassCypher in various international contexts.

Comparison with Competitors

To better understand the advantages of PassCypher compared to other solutions in the market, here is a comparative table:

FeaturesPassCypher NFC HSMCompetitor ACompetitor B
Contactless ManagementYesYesNo
Invention PatentsYes (3 international patents)NoYes (1 national patent)
NFC HSM TechnologyYes (EviPass, EviOTP, EviCore)NoYes (proprietary technology)
RSA 4096 Key ManagerYesNoYes (RSA 2048 key)
VersatilityPasswords, TOTP, HOTP, FingerprintPasswordsPasswords, Fingerprint
OS CompatibilityWindows, Linux, MacOS, Android, iOSWindows, MacOSWindows, Linux, MacOS, Android
Browser CompatibilityChromium- or Firefox-based browsersChrome, Firefox, SafariChrome, Firefox
One-Time PurchaseYesSubscriptionYes
Data ProtectionAES 256-bit, Zero-knowledge architecture for NFC memoryAES 128-bitAES 256-bit, ECC, RSA 4096
Virtual Keyboard SupportUSB Bluetooth MultilingualNoNo
Biometric AuthenticationFingerprint (from NFC-enabled phone)NoFingerprint (selected devices)
RSA-4096 Key RegenerationYes (up to 1 million times without errors)N/AN/A
PassCypher Pro CompatibilityAll OS, Computers, TVs, NFC-enabled phonesLimited compatibilityLimited compatibility

This table highlights the unique features of PassCypher, such as contactless management, invention patents, NFC HSM technology, RSA 4096 key manager, and extensive compatibility with operating systems and browsers. Compared to competitors, PassCypher offers superior versatility, enhanced security, and flexibility in purchasing options.

Comparison with Competitors

PassCypher stands out from its competitors in several key aspects. Let’s compare PassCypher NFC HSM and PassCypher Pro NFC HSM with two major competitors in the market, Competitor A and Competitor B.

PassCypher NFC HSM vs. Competitor A

PassCypher NFC HSM offers contactless management, protected by three international invention patents, and utilizes advanced NFC HSM technology (EviPass, EviOTP, EviCore). It includes an RSA 4096 key manager, enabling secure key changes and flexibility. PassCypher NFC HSM supports passwords, OTPs, and HOTPs for versatile authentication. It is compatible with various operating systems and browsers, including Windows, Linux, MacOS, Android, and iOS, as well as Chromium and Firefox. PassCypher NFC HSM is available for one-time purchase, providing long-term value and eliminating subscription fees. With AES 256-bit data protection and a zero-knowledge architecture, PassCypher ensures the highest level of security.

In comparison, Competitor A also offers contactless management and AES 128-bit data protection. However, it lacks the extensive patent protection, advanced NFC HSM technology, and RSA 4096 key manager provided by PassCypher. Additionally, Competitor A may have limited compatibility with operating systems and browsers, restricting its usability for some users.

PassCypher NFC HSM vs. Competitor B

PassCypher NFC HSM surpasses Competitor B with its contactless management, three international invention patents, and NFC HSM technology (EviPass, EviOTP, EviCore). It includes an RSA 4096 key manager for secure and flexible key changes. PassCypher NFC HSM supports passwords, OTPs, and HOTPs, providing versatile authentication options. It offers compatibility with a wide range of operating systems and browsers, including Windows, Linux, MacOS, Android, and iOS, as well as Chromium and Firefox. The one-time purchase model of PassCypher NFC HSM eliminates ongoing subscription fees. With AES 256-bit data protection and a zero-knowledge architecture, PassCypher ensures the utmost security for user data.

In comparison, Competitor B offers contactless management, AES 256-bit data protection, and compatibility with multiple operating systems. However, it lacks the advanced NFC HSM technology, invention patents, and RSA 4096 key manager offered by PassCypher, limiting its capabilities and security features.

Conclusion

PassCypher NFC HSM and PassCypher Pro NFC HSM are cutting-edge solutions for secure and convenient password management. With advanced NFC HSM technology, patent protection, and versatile features, PassCypher offers unparalleled security and flexibility. Whether it’s protecting personal or professional data, simplifying password management, or securely accessing online accounts, PassCypher provides a comprehensive solution.

By choosing PassCypher, users gain access to innovative technology, a one-time purchase model, and multilingual support. PassCypher’s ability to securely back up secrets and its compatibility with various operating systems and browsers further enhance its appeal. In comparison to its competitors, PassCypher demonstrates superior versatility, advanced security measures, and a user-friendly approach.

Discover the next level of password management with PassCypher NFC HSM and PassCypher Pro NFC HSM, and experience the peace of mind that comes with secure and convenient password management.

NRE Cost Optimization for Electronics: A Comprehensive Guide

NRE cost optimization for electronics digital computer cyber security by Freemindtronic from Andorra

NRE Cost Optimization for Electronics by Jacques Gascuel This article will be updated with any new information on the topic, and readers are encouraged to leave comments or contact the author with any suggestions or additions.

Summary

NRE cost optimization for electronics is a key factor for ensuring the profitability of electronic product development. NRE cost can be reduced by using different levers and tools, such as optimizing the V-cycle, the WBS, and the schedule, and using the TRL scale to assess the maturity of technologies. Freemindtronic is an example of a company that uses these techniques to optimize NRE cost for its electronic products with PCB, which are based on its patented technologies and offered under license and white label services.

2024 Articles Cardokey EviSwap NFC NDEF Technology GreenTech Technical News

NFC vCard Cardokey: Revolutionizing Digital Networking

2024 Articles Cyberculture EviPass Password

Human Limitations in Strong Passwords Creation

2024 Articles Digital Security EviKey NFC HSM EviPass News SSH

Terrapin attack: How to Protect Yourself from this New Threat to SSH Security

2023 Articles Cyberculture EviCypher NFC HSM News Technologies

Telegram and the Information War in Ukraine

Articles Crypto Currency Cryptocurrency Digital Security EviPass Technology NFC HSM technology Phishing

Ledger Security Breaches from 2017 to 2023: How to Protect Yourself from Hackers

Articles Digital Security EviCore NFC HSM Technology EviPass NFC HSM technology NFC HSM technology

TETRA Security Vulnerabilities: How to Protect Critical Infrastructures

2023 Articles DataShielder Digital Security EviCore NFC HSM Technology EviCypher NFC HSM EviCypher Technology NFC HSM technology

FormBook Malware: How to Protect Your Gmail and Other Data

Articles EviCore NFC HSM Technology legal News Training

Dual-Use Encryption Products: a regulated trade for security and human rights

Discover our other articles on digital security

Efficient NRE Cost Optimization for Electronics

NRE Cost Optimization, in the field of electronic product development, plays a central role. This one-time cost, associated with designing, testing, and developing a new product, has a direct impact on the product’s unit cost and the profit margin. Therefore, estimating and optimizing NRE cost are essential for ensuring the project’s viability and profitability.

NRE cost depends on several factors, such as:

  • The complexity and size of the product
  • The quantity and frequency of the orders
  • The technology, tools, and methods used for designing, manufacturing, and testing the product
  • The software associated with the product
  • The royalty fee paid to the technology provider

The complexity and size of the product can drive up the costs due to the increase in material and labor costs. On the other hand, larger and repeated orders can reduce the NRE cost per unit, as fixed costs are distributed over more units.

In this article, we will explain how to calculate NRE cost for electronic products with PCB (printed circuit boards), which are the core components of any electronic device. We will also present three main levers to reduce NRE cost for electronic products with PCB: optimizing the V-cycle, optimizing the WBS (work breakdown structure), and accelerating schedule. Finally, we will introduce the TRL scale (technology readiness level scale), a tool that can help you optimize NRE cost for electronic products with PCB by assessing and comparing the maturity of different technologies.

We will also show you how Freemindtronic, an Andorran company specialized in security and cybersecurity of computer systems and information systems, uses the TRL scale to optimize NRE cost for its electronic products with PCB. Freemindtronic also offers its technologies under license, including international patents, and provides white label product creation services.

NRE cost optimization for electronics digital cyber security by Freemindtronic from Andorra

How to Calculate NRE Cost for Electronic Products with PCB?

To optimize NRE cost for electronic products with PCB, you need to know how to calculate it. NRE cost can be divided into four main categories:

  • Design cost: this includes the software tools for CAD (computer-aided design), licenses, salaries of designers, etc.
  • Fabrication cost: this includes the materials, equipment, tools, personnel, etc. for manufacturing the electronic components and assembling them into a product.
  • Test cost: this includes the measurement devices, test software, salaries of testers, etc. for verifying the functionality and quality of the product.
  • Software cost: this includes the firmware, drivers, embedded systems, applications, extensions, etc. associated with the product.
  • Royalty cost: this includes the fee paid to the technology provider for using their technology in the product.

To calculate NRE cost for electronic products with PCB, you need to estimate the time and resources required for each category. You can use historical data from previous projects or industry benchmarks as references. You can also use online calculators or software tools to help you estimate NRE cost.

In addition to these categories, you also need to consider the software associated with the PCB,

which ensure its functionality and interaction with the user or other systems. The software associated with the PCB include:

  • Firmware: they are embedded in the PCB and control the behavior of the electronic components. They are usually written in low-level (assembler) or intermediate-level (C, C++, etc.) languages. They are specific to the product and must be adapted to the characteristics of the PCB and the electronic components.
  • Drivers: they are installed on the computer or system that communicates with the PCB. They allow the system to recognize the PCB and transmit data between the PCB and the system. They are usually written in high-level (C#, Java, Python, etc.) languages. They must be compatible with the operating system and communication protocol used.
  • Embedded systems: they are installed on the PCB or on another support (memory card, hard disk, etc.). They allow to manage the functions of the product and provide a user interface. They are usually written in high-level (C#, Java, Python, etc.) languages. They must be adapted to the capabilities of the PCB and the needs of the product.
  • Applications: they are installed on the computer or system that communicates with the PCB. They allow the user to access the functionalities of the product and customize its settings. They are usually written in high-level (C#, Java, Python, Go, Type script, elvet etc.) languages. They must be ergonomic and intuitive for the user.
  • Extensions: they are installed on the computer or system that communicates with the PCB. They allow to add functionalities to the product or connect it to other services or systems. They are usually written in high-level (html, type script, web RTC, Java, java script, etc.) languages. They must be secure and respect compatibility standards.

These software must be designed, developed and tested in parallel with the PCB, in order to guarantee their coherence and performance. They must also be updated regularly to correct any bugs or to bring improvements to the product.

Besides these categories, you also need to consider the tools required for manufacturing and testing the PCB, which depend on the characteristics of the PCB and the requirements of the product. The tools for manufacturing and testing the PCB include:

  • Soldering machines: they allow to assemble electronic components on the PCB by soldering. There are different types of soldering machines, depending on the process used (wave soldering, reflow soldering, selective soldering, etc.).
  • Insertion machines: they allow to insert electronic components through holes in the PCB. They are used for through-hole components, which are fixed by soldering on both sides of the PCB.
  • Placement machines: they allow to place electronic components on the surface of the PCB. They are used for SMD (surface mount device) components, which are fixed by soldering on one side of the PCB.
  • Cutting machines: they allow to cut the PCB according to the desired shape. They are used to separate the different parts of the PCB or to adjust the size of the PCB.
  • Drilling machines: they allow to drill holes in the PCB to insert components or connectors. They are used to make connections between the different layers of the PCB or between the PCB and other elements.
  • Engraving machines: they allow to engrave patterns or inscriptions on the PCB. They are used to identify the PCB or to add technical or aesthetic information to it. For example, you can engrave the serial number, the manufacturer name, or the logo of the product on the PCB.
  • Measurement devices: they allow to verify the electrical and physical characteristics of the PCB. They include various devices such as multimeters, oscilloscopes, logic analyzers, insulation testers, etc. These devices allow you to measure the electrical and physical characteristics of the PCB, such as voltage, current, resistance, capacitance, frequency, etc.
  • Test software: they allow to control the functionality of the PCB and electronic components. They include various software such as simulation software, fault injection software, functional analysis software, etc. These software allow you to test the behavior of the PCB and electronic components under different conditions and scenarios.

These tools must be chosen according to the type and complexity of the PCB, as well as the level of quality required for the product. They must also be calibrated and maintained regularly to ensure their reliability and accuracy.

To illustrate how to calculate NRE cost for electronic products with PCB, let’s take an example of a project that involves developing a new product based on a 4-layer PCB with 1000 components (800 SMD and 200 through-hole). The project duration is 12 months and requires two engineers (one for design and one for test) with a salary of $3000 per month each. The project also requires a CAD software license ($5000), a fabrication service ($5000), a test service ($5000), a software development service ($10 000), and a royalty fee (5% of sales).

The following table shows how to calculate NRE cost for this project:

ItemFormulaCost
Human resources(3 000 + 2 000) x (1 + 0.5) x 2 x 12$90 000
Software tools$10 000
Materials$5 000
Equipment$15 000
Software$10 000
Royalty fee0.05 x 200 000$10 000
Total NRE costSum of above items$140 000

As you can see, NRE cost can be quite high for electronic products with PCB, especially if the product is complex or requires specific technologies or tools. Therefore, it is important to optimize NRE cost by using different levers and tools that can improve the efficiency and quality of the product development process.

Three Main Levers to Reduce NRE Cost for Electronic Products with PCB

To optimize NRE cost for electronic products with PCB, you need to know how to reduce it. NRE cost can be reduced by using different levers and tools that can improve the efficiency and quality of the product development process. In this section, we will present three main levers to reduce NRE cost for electronic products with PCB:

  • Optimizing the V-cycle: this is to optimize the design process of the product, which follows a V-shaped model that consists of four main phases: definition, design, verification, and validation. Optimizing the V-cycle relies on the following sub-levers:

Defining clearly and precisely the customer needs and product specifications, which are translated into functional and technical requirements for the product. This helps to avoid ambiguity and misunderstanding, and to align the expectations of all stakeholders. Designing modular and scalable product, which allows reusing existing components or technologies and adapting easily to future changes or improvements. This helps to reduce the design cost and time, and to increase the flexibility and adaptability of the product. Making prototypes and mock-ups, which allow testing the product in real conditions and collecting customer feedback. This helps to validate the feasibility and functionality of the product, and to identify and correct any errors or defects before mass production. Planning rigorously and realistically the project, taking into account technical, financial, and temporal constraints, and anticipating possible contingencies. This helps to optimize the use of resources, to avoid delays and budget overruns, and to manage risks effectively. Monitoring and controlling regularly the project, using performance indicators and appropriate project management tools, which measure the progress of the project and identify deviations from the initial plan. This helps to ensure the quality and efficiency of the project execution, and to take corrective actions if needed. Validating systematically the product at each stage of the V-cycle, using appropriate methods and test criteria, which ensure compliance and quality of the product. This helps to verify that the product meets the customer needs and product specifications, and to obtain certification or approval from relevant authorities.

  • Optimizing the WBS (work breakdown structure): this is to structure the project into sub-projects, tasks, and activities, which are hierarchized and detailed according to their level of complexity and dependence. Optimizing the WBS relies on the following sub-levers:

Decomposing logically and coherently the project, respecting the principle of sum of parts equal to whole, that is, each element of WBS must contribute to achieving global project. This helps to clarify the scope and objectives of the project, and to avoid duplication or omission of work. Defining clearly and precisely deliverables associated with each element of WBS, specifying expected features, responsibilities, deadlines, and costs. This helps to define the expected outcomes of each element of WBS, and to assign roles and responsibilities to each actor of the project. Assigning resources needed for each element of WBS, taking into account skills, availability, and costs of human, material, and financial resources. This helps to allocate resources efficiently and effectively to each element of WBS, and to optimize the cost and quality of the project. Coordinating and communicating among different actors of project, using collaborative tools and agile methods, which promote information exchange and problem solving. This helps to ensure the coherence and consistency of the project, and to foster the collaboration and innovation among different actors.

  • Accelerating schedule: this is to reducethe total duration of project by optimizing use of available resources and minimizing idle times. Accelerating schedule relies on following sub-levers:Reducing duration of critical tasks that have direct impact on end date of project. For this, we can use techniques such as crashing (increasing resources assigned to a task) or fast-tracking (performing tasks in parallel instead of sequentially). This helps to shorten the critical path of the project, which determines the minimum time required for completing the project. Increasing parallelism of non-critical tasks that do not affect the end date of project, but can reduce the total duration of project. For this, we can use techniques such as overlapping (starting a task before the previous one is completed) or splitting (dividing a task into smaller subtasks that can be performed in parallel). This helps to increase the concurrency of tasks in the project, which reduces idle times and improves resource utilization. Eliminating or minimizing slack time of tasks that is the difference between the earliest and latest start or finish times of a task. For this, we can use techniques such as resource leveling (balancing the demand and supply of resources over the project duration) or resource smoothing (adjusting the resource allocation to reduce peaks and valleys in resource usage). This helps to optimize the slack time of tasks, which can be used to absorb uncertainties or delays, or to improve quality or performance.

These levers and tools can help you optimize NRE cost for electronic products with PCB by reducing errors, delays, and budget overruns by improving the quality and efficiency of the product development process. They can also increase customer satisfaction and confidence by demonstrating the compliance and quality of the product at each stage of development.

How to Use the TRL Scale to Optimize NRE Cost for Electronic Products with PCB?

Another tool that can help you optimize NRE cost for electronic products with PCB is the TRL scale, or technology readiness level scale. The TRL scale is a tool for measuring or indicating the maturity of a technology. It was originally developed by NASA in the 1990s as a means to manage the technological risk of its programs. The TRL scale can help you optimize NRE cost for electronic products with PCB by providing a common language and framework for assessing and comparing the maturity of different technologies in the context of a specific application, implementation, and operational environment. The TRL scale also helps you identify gaps and risks in your technology development process, and plan appropriate actions and resources to address them.

The TRL scale ranges from 1 to 9, with 9 being ready for commercialization. The TRL scale describes the performance history of a given system, subsystem, or component relative to a set of levels that correspond to different stages of development.

The following table summarizes the main characteristics and criteria of each TRL level:

The following table summarizes the main characteristics and criteria of each TRL level:

TRLDefinitionDescriptionCriteria
1Basic principles observedScientific research begins and results are translated into future research and developmentPublication or report of basic principles
2Technology concept formulatedBasic principles are applied to practical applications and experimental proof of concept is obtainedPublication or report of applied research
3Analytical and experimental critical function and/or characteristic proof-of-conceptActive research and design begin and proof-of-concept model is constructedAnalytical studies and laboratory tests
4Component/subsystem validation in laboratory environmentComponent pieces are tested with each other in a simulated environmentComponent integration and testing
5Component/subsystem validation in relevant environmentBreadboard technology is tested in a realistic environment with simulated interfacesSystem-level testing in relevant environment
6System/subsystem model or prototype demonstration in a relevant environmentFully functional prototype or representational model is demonstrated in a realistic environment with actual interfacesSystem-level testing in relevant environment
7System prototype demonstration in an operational environmentWorking model or prototype is demonstrated in an extreme environment with all interfacesSystem-level testing in operational environment
8Actual system completed and qualified through test and demonstrationTechnology has been tested and “flight qualified” and is ready for implementation into an existing technology or technology systemSystem-level testing in operational environment
9Actual system proven through successful mission operationsTechnology has been “flight proven” during a successful mission and meets all performance requirementsSystem-level testing in operational environment

What are the Benefits of Using the TRL Scale for Freemindtronic?

By using the TRL scale, Freemindtronic was able to achieve the following benefits:

  • Providing a common language and framework for assessing and comparing the maturity of its technology with other technologies on the market.
  • Identifying gaps and risks in its technology development process and planning appropriate actions and resources to address them.
  • Reducing errors, delays, and budget overruns by improving the quality and efficiency of its product development process.
  • Increasing customer satisfaction and confidence by demonstrating the compliance and quality of its product at each stage of development.

Freemindtronic also offers its technologies under license, including international patents, and provides white label product creation services. This allows its customers to protect their products and services created in their brand and embedding Freemindtronic’s technologies. In addition, they benefit from territorial protection in terms of international intellectual property. Freemindtronic also offers the possibility of negotiating an NRE royalty with its customers, depending on the added value of its technology and market conditions. Moreover, Freemindtronic has designed a mutualized offer of its NRE costs, distributed among all its customers under licenses. This has the effect of reducing the royalty cost attached to the NRE. This also has the effect of making affordable access to the different licenses, especially patented ones, which produce a low impact on the products marketed.

Freemindtronic guarantees an industrial quality of its products,

manufactured with industrial grade electronic components. It also ensures a complete traceability of the manufacture of its offline products and end-to-end cybersecurity from HSMs, from design to end user.

Conclusion and Contact Information

We hope that this article has given you some useful insights on how to optimize NRE cost for electronic products with PCB by using different levers and tools. We also hope that you have learned how to use the TRL scale to optimize NRE cost for electronic products with PCB by assessing and comparing the maturity of different technologies.

We also showed you how Freemindtronic, an Andorran company specialized in security and cybersecurity of computer systems and information systems, uses the TRL scale to optimize NRE cost for its electronic products with PCB. Freemindtronic also offers its technologies under license, including international patents, and provides white label product creation services.

If you have any questions or comments, please feel free to contact us. We will be happy to assist you with your project.

Thank you for your attention.

Securing IEO STO ICO IDO and INO: The Challenges and Solutions

Securing IEO STO ICO IDO INO the challenges and solutions EviCore NFC HSM by Freemindtronic

  Securing IEO STO ICO IDO and INO by Jacques Gascuel This article will be updated with any new information on the topic, and readers are encouraged to leave comments or contact the author with any suggestions or additions.

Enhancing Security: Securing IEO STO ICO IDO and INO

Cryptocurrencies are digital assets that can be used to buy goods and services, invest in projects, or trade on online platforms. In this article, we will explore the importance of securing IEOs, STOs, ICOs, IDOs, and INOs and how you can protect your investments using EviCore NFC HSM technology.

2024 Digital Security

Apple M chip vulnerability: A Breach in Data Security

2024 Digital Security

Cybersecurity Breach at IMF: A Detailed Investigation

2024 DataShielder Digital Security PassCypher Phishing

Midnight Blizzard Cyberattack Against Microsoft and HPE: What are the consequences?

2024 Digital Security

PrintListener: How to Betray Fingerprints

2024 Articles Digital Security News

BitLocker Security: Safeguarding Against Cyberattacks

2024 Articles Digital Security News Spying

How to protect yourself from stalkerware on any phone

Discover our other articles on digital security

Securing IEO STO ICO IDO and INO: How to Protect Your Crypto Investments

Cryptocurrencies are digital assets that can be used to purchase goods and services, invest in projects, or trade on online platforms. They are built on blockchain technology, which is a decentralized system that records and verifies transactions without intermediaries. However, to securely and conveniently store your private keys and seed phrases, thus ensuring the security of your funds in Securing IEO STO ICO IDO and INO, you need a wallet that stores your private keys and seed phrases. These pieces of data enable you to access and control your funds on the blockchain

But how can you securely and conveniently store your private keys and seed phrases in Securing IEO STO ICO IDO and INO? How can you prevent losing them or falling victim to hackers or scammers? And how can you participate in various forms of cryptocurrency crowdfunding, such as ICOs, IEOs, STOs, IDOs, and INOs, without risking your funds?

In this article, we will address these questions and explain how to protect your private keys and starter phrases using NFC (Near Field Communication) HSM. We will also compare different cryptocurrency crowdfunding models and show how to store your private keys and starter phrases with EviCore NFC HSM technology for each of these models.

By reading this article, you will learn:

  • What ICOs, IEOs, and STOs are and how to participate in Securing IEO STO ICO IDO and INO.
  • The significance of seed phrases and private keys in Securing IEO STO ICO IDO and INO.
  • The features and functionality of EviCore HSM technology in Securing IEO STO ICO IDO and INO.
  • How to securely store your seed phrases and private keys using EviCore NFC HSM technology across various use cases in Securing IEO STO ICO IDO and INO.

If you have an interest in cryptocurrencies and want to understand how to secure your funds with EviCore HSM technology in Securing IEO STO ICO IDO and INO, please continue reading!

What are ICOs, IEOs, STOs, IDOs and INOs?

Cryptocurrencies are virtual digital assets that rely on blockchain technology, a decentralized and encrypted ledger that records all transactions conducted on the network. Cryptocurrencies enable their user community to engage in transactions without the use of traditional currencies and also fund innovative projects through cryptocurrency fundraisers.

A cryptocurrency fundraiser involves issuing tokens in exchange for cryptocurrencies. Tokens are digital units that represent a right or value associated with the funded project. There are various types of cryptocurrency fundraisers based on factors such as the nature of the tokens issued, the platform used for transactions, the involvement of trusted third parties, and the level of regulatory oversight. Let’s take a closer look at the main types of cryptocurrency fundraisers in Securing IEO STO ICO IDO and INO:

ICO (Initial Coin Offering)

An ICO is a fundraising operation in which a company issues tokens that investors subscribe to mainly with cryptocurrencies. These tokens can have different functions, depending on the project funded:

  • Utility tokens, which give access to a service or a platform developed by the company.
  • Governance tokens, which allow holders to participate in the strategic decisions of the project.
  • Security tokens, which represent a share of the capital or the revenues of the company.

An ICO usually takes place in several stages:

  • The presale, where investors can buy the tokens at a discounted price, often with a minimum amount required.
  • The public sale, where the tokens are made available to the general public, often with a maximum amount to be raised.
  • The distribution, where the tokens are sent to investors on their wallets..

The advantages of an ICO for investors are:

  • The possibility to support innovative and promising projects.
  • The possibility to benefit from a high capital gain if the project succeeds and the value of the tokens increases.
  • The possibility to diversify your portfolio with digital assets.

The disadvantages of an ICO for investors are:

  • The risk of losing all or part of your investment if the project fails or if the tokens lose their value.
  • The risk of falling for a scam or a fraud, as ICOs are poorly regulated and controlled. The risk of not being able to resell your tokens easily, as there is not always a liquid secondary market.Depending on the country where the ICO takes place, there may be rules to follow, especially in terms of investor protection, anti-money laundering or taxation. Therefore, it is advisable to check the legal status and the compliance of the ICO before investing. Some countries have banned or restricted ICOs, while others have issued guidelines or regulations to ensure their transparency and security.

IEO (Initial Exchange Offering)

An IEO is a fundraising operation in which a company issues tokens on a cryptocurrency exchange platform. The exchange acts as an intermediary between the company and investors, providing security, liquidity, and visibility for the token sale. Investors can purchase tokens using cryptocurrencies or fiat money, depending on the exchange.

An IEO typically involves a single stage:

  • Public sale: Tokens are sold on the exchange platform within a limited time frame and at a fixed price.

Advantages of IEOs for investors include:

  • Enhanced security, liquidity, and visibility compared to ICOs.
  • Access to vetted and quality projects that have been approved by the exchange.
  • Ability to trade tokens immediately after the sale on the same exchange.

Disadvantages of IEOs for investors include:

  • Dependence on a centralized intermediary that controls the token sale process and charges fees.
  • Need to comply with stricter rules and regulations imposed by the exchange and jurisdiction.
  • Risk of missing out on opportunities due to high demand and limited token supply.

STO (Security Token Offering)

An STO is a fundraising operation in which a company issues tokens that represent securities, such as shares or bonds. These tokens are backed by real assets, and investors can purchase them using cryptocurrencies or fiat money, depending on the platform.

STOs typically involve one or more stages:

  • Private sale: Accredited investors can buy tokens at a discounted price, often with a minimum investment requirement.
  • Public sale: Qualified investors can purchase tokens at a fixed price, often with a maximum fundraising amount.

Advantages of STOs for investors include:

  • Opportunity to invest in regulated and compliant projects that offer legal protection and transparency.
  • Potential for real value and returns from the underlying assets of the company.
  • Access to new markets and opportunities that were previously reserved for institutional investors.

Disadvantages of STOs for investors include:

  • Need for accreditation or qualification based on strict criteria set by regulators and platforms.
  • Lack of liquidity and availability compared to utility tokens or cryptocurrencies.
  • Complexity and cost associated with issuing and managing security tokens on blockchain platforms.

IDO (Initial Dex Offering)

An IDO is a fundraising operation in which a company issues tokens on a decentralized protocol for exchanging cryptocurrencies, known as a DEX (Decentralized Exchange). Investors can purchase tokens directly on the DEX without going through a centralized platform or intermediary.

Advantages of IDOs for investors include:

  • Speed and simplicity of the process, as it does not require identity verification or prior fund deposits.
  • Transparency and security of transactions, as they are conducted on the blockchain without reliance on a trusted third party.
  • Liquidity and accessibility of tokens, which are immediately available on the secondary market and can be exchanged for other cryptocurrencies.

Disadvantages of IDOs for investors include:

  • Technical and operational risks associated with decentralized protocols that may have vulnerabilities or bugs.
  • Regulatory and legal risks due to the lack of a clear and harmonized legal framework for cryptocurrency fundraisers.
  • Volatility and speculation risks arising from high demand and limited token supply.

INO (Initial NFT Offering)

An INO is a fundraising operation in which a company issues non-fungible tokens, called NFTs (Non-Fungible Tokens). NFTs are unique and indivisible digital assets that can represent works of art, collectibles, virtual or real goods. Investors can purchase NFTs using cryptocurrencies on specialized platforms.

Advantages of INOs for investors include:

  • Support for creative and original projects that leverage the blockchain’s potential to create value.
  • Possibility to benefit from exclusive and inalienable ownership rights over NFTs, certified by the blockchain and immune to duplication or falsification.
  • Opportunity to resell NFTs on a growing and demanding secondary market.

Disadvantages of INOs for investors include:

  • Risk of overvaluation and speculative bubbles due to the current frenzy around NFTs and their artificial scarcity.
  • Potential for counterfeiting and plagiarism, as effective legal protection for copyrights and trademarks is lacking.
  • Environmental and ethical concerns related to the high energy consumption and negative externalities generated by the blockchain.

Comparison Table of Different Cryptocurrency Crowdfunding Models

Below is a comprehensive table comparing different crowdfunding models in cryptocurrency:

Crowdfunding modelDefinitionAdvantagesDisadvantages
ICOFundraising in cryptocurrency by issuing tokens that can have various functionsSupport innovative projects, benefit from high potential gain, diversify portfolioRisk losing investment, fall for scam, not be able to resell tokens easily, face regulatory uncertainty
IEOFundraising in cryptocurrency by issuing tokens on an exchange platform that acts as a trusted intermediaryBenefit from better security, liquidity and visibility than ICOs, access a wider pool of investors and projectsDepend on a centralized intermediary, pay higher fees, comply with stricter rules, face platform risk
STOFundraising in cryptocurrency by issuing tokens that represent securities such as shares or bondsInvest in regulated and compliant projects, benefit from real value and returns, access new markets and opportunities, reduce intermediation costsBe accredited or qualified, face lack of liquidity and availability, deal with complexity and cost, follow different regulations depending on jurisdictions
IDOFundraising in cryptocurrency by issuing tokens on a decentralized exchange protocol that eliminates intermediariesEnjoy speed and simplicity of the process, ensure transparency and security of transactions, access liquidity and accessibility of tokensFace technical and operational risk, cope with regulatory and legal risk, deal with volatility and speculation
INOFundraising in cryptocurrency by issuing non-fungible tokens that represent unique and indivisible digital assetsSupport creative and original projects, benefit from exclusive and inalienable ownership of NFTs, resell NFTs on a growing and demanding marketDeal with overvaluation and speculative bubble, encounter counterfeiting and plagiarism issues, consider environmental and ethical impact

Comprehensive Table of Blockchains Supporting ICOs, IEOs, STOs, IDOs, and INOs

Here is a table showcasing the support for ICOs, IEOs, STOs, IDOs, and INOs across different blockchains, focusing on Securing IEO STO ICO IDO and INO:

BlockchainICO supportIEO supportSTO supportIDO supportINO supportBIP32 supportBIP39 supportBIP44 support
EthereumYesYesYesYesYesYesYesYes
Binance Smart Chain (BSC)YesYesYesYesYesYesYesYes
Cardano (ADA)NoNoNoYesNoYesYesYes
Solana (SOL)YesYesNoNoNoYesNoYes
Avalanche (AVAX)YesYesYesNoNoYesYesNo
Cosmos (ATOM)YesYesYesYesYesYesYesNo
Algorand (ALGO)YesYesYesYesYesYesYesNo
Stellar (XLM)YesNoYesNoNoYesYesYes

What are seed phrases and private keys?

Seed phrases and private keys are essential for accessing and controlling your funds in cryptocurrency. If they are lost or stolen, you may permanently lose access to your cryptocurrencies.

Seed phrase

A seed phrase, also known as a secret phrase, is a sequence of words, typically consisting of 12 or 24 words, that allows you to restore your crypto wallet in case of loss or theft. These words are selected in a specific order from a dictionary containing thousands of words. The seed phrase is essentially a more human-readable representation of a private key and can generate an unlimited number of public-private key pairs.

The public key is the address to which you can receive cryptocurrencies on the blockchain, similar to an IBAN for a bank account. The private key enables you to control the funds associated with a public key and initiate transactions from that address. Public and private keys are always generated as pairs.

The seed phrase is crucial for accessing your wallet and funds, and it must be kept secure and confidential. If lost or stolen, there is no way to recover it or block access to your funds.

Private key

A private key is a string of random letters and numbers generated by your wallet when it is created. It is used for encrypting and decrypting data using public-key cryptography. The private key grants access to your funds and enables you to initiate transactions on the blockchain.

A private key looks like this: 5Kb8kLf9zgWQnogidDA76MzPL6TsZZY36hWXMssSzNydYXYB9KF

You should never share your private key with anyone or store it digitally or online. If your private key is lost or stolen, you will lose access to your funds permanently.

How to Secure Your Funds in Securing IEO STO ICO IDO and INO

To participate in an ICO, IEO, STO, IDO, or INO and ensure the security of your funds in Securing IEO STO ICO IDO and INO, you need a wallet that is compatible with the tokens being issued and the accepted cryptocurrency. There are different types of wallets available, each offering varying levels of security and convenience.

Online Wallets (Web Wallets): These wallets are accessible through a web browser. While they are easy to use, they are susceptible to hacking and theft. It is important to choose a reputable and secure online wallet.

Mobile Wallets: These wallets are installed on smartphones and provide convenience for daily transactions. However, they are vulnerable to malware and the risk of losing the phone. Ensure you have proper security measures in place for your mobile wallet, such as enabling device passcodes and biometric authentication.

Software Wallets: These wallets are downloaded and installed on a computer. They offer greater security compared to online or mobile wallets, but their reliability depends on the security of the hardware and software. Keep your computer updated with the latest security patches and use reputable wallet software.

Hardware Wallets: These physical devices are specifically designed for storing private keys. They provide the highest level of security by isolating private keys from the internet. Hardware wallets, such as Ledger or Trezor, are recommended for secure storage of your private keys in Securing IEO STO ICO IDO and INO.

Regardless of the type of wallet you choose, there are some basic rules to follow to secure your funds in Securing IEO STO ICO IDO and INO:

  1. Never share your seed phrase or private key with anyone, and avoid storing them digitally or online.
  2. Make a backup copy of your seed phrase or private key on a physical medium such as paper, metal, or plastic. Store them in secure locations.
  3. Use a strong password and PIN code to protect your wallet from unauthorized access.
  4. Regularly update your wallet software to fix any bugs or vulnerabilities.
  5. Utilize reputable antivirus and firewall software to protect your device from malware and hackers.

By following these security practices, you can significantly reduce the risk of losing your funds and ensure the safety of your investments in Securing IEO STO ICO IDO and INO.

Now, let’s explore how you can enhance the security and simplicity of your cryptocurrency transactions by using EviCore NFC HSM technology.

EviCore NFC HSM is a solution that safeguards your seed phrases and private keys in cryptocurrency using Near Field Communication (NFC) technology. With EviCore NFC HSM, you can store your seed phrases and private keys in an encrypted NFC tag or card, protected by a segmented key. This tag or card allows you to restore your wallet on any NFC-compatible device without exposing your sensitive data to the internet.

EviCore NFC HSM is compatible with major cryptocurrency wallets such as Ledger, Trezor, Metamask, Trust Wallet, and more. It also works seamlessly with popular cryptocurrency exchange platforms like Binance, Coinbase, and Kraken. This ensures optimal security and ease of managing your funds in cryptocurrency.

Here’s a step-by-step guide on how to use EviCore NFC HSM to secure your seed phrases and private keys in cryptocurrency:

  1. Download the application that incorporates the EviCore NFC HSM technology on your NFC-compatible Android smartphone.
  2. Pair the NFC HSM device with your smartphone using the unique pairing key.
  3. Translate to English: Add the seed phrase by simply clicking on the multi-language BIP39 words provided during the creation of your secure cryptocurrency wallet, without typing anything on the keyboard, as EviCore NFC HSM performs real-time checksum verification of the seed phrase before securely encrypting and storing it in the NFC device.
  4. You can also add the private key derived from the seed phrase without entering or scanning its QR code through the Android NFC application, which will automatically encrypt and store it in the NFC device in less than 5 seconds. You just need to indicate beforehand which blockchain your derived key belongs to before the registration pro

By utilizing EviCore NFC HSM, you can secure your seed phrases and private keys with maximum security and unparalleled ease of use. You no longer need to worry about losing or having your sensitive data stolen, as you can store them in a physical device that can be carried with you wherever you go. Additionally, you can securely share your seed phrases and private keys with others using encrypted RSA-4096 public keys or segmented key authentication, making it easier to transmit funds to your heirs.

EviCore NFC HSM technology is the ideal solution for securing your seed phrases and private keys in cryptocurrency, enabling you to fully embrace the opportunities offered by cryptocurrencies while minimizing unnecessary risks. If you’re interested in this innovative solution, visit Freemindtronic’s website or contact them for more information.

Additionally, if you’re seeking an alternative method to secure your crypto fundraising, you may consider EviCore HSM OpenPGP technology. This technology transforms your Android or iPhone into a hardware security module (HSM) for encrypting and storing your crypto keys. It leverages the highly secure OpenPGP standard, known for its reliability and security. To learn more about this technology and how it can help you safely fund your blockchain project, you can refer to this article link

Conclusion

In this article, we have provided insights into participating in various forms of cryptocurrency crowdfunding, including ICOs, IEOs, STOs, IDOs, and INOs. We have emphasized the importance of securing your seed phrases and private keys in Securing IEO STO ICO IDO and INO and introduced EviCore NFC HSM technology as a solution. By adopting EviCore NFC HSM, you can enhance the security and simplicity of your cryptocurrency transactions while mitigating risks. We hope this article has been informative and valuable to you. Should you have any questions or comments, feel free to leave them below.

Thank you for reading, and happy investing in Securing IEO STO ICO IDO and INO!

EviCore NFC HSM Credit Cards Manager | Secure Your Standard and Contactless Credit Cards

NFC Hardware Wallet Credit Card Manager PCI DSS Compliant EviToken Technology working contactless by nfc phone online autofill payment from Freemindtronic Andorra

EviCore NFC HSM Credit Cards Manager by Jacques Gascuel This article will be updated with any new information on the topic, and readers are encouraged to leave comments or contact the author with any suggestions or additions.

Discover EviCore NFC HSM: the revolutionary technology to secure your financial secrets

EviCore NFC HSM is a patented technology that allows you to store and manage your financial secrets in a secure electronic safe. With EviCore NFC HSM, you benefit from wireless access control, segmented key authentication and protection against cyberattacks. Find out how EviCore NFC HSM can enhance your financial security in this article.

2024 Digital Security

Apple M chip vulnerability: A Breach in Data Security

2024 Digital Security

Cybersecurity Breach at IMF: A Detailed Investigation

2024 DataShielder Digital Security PassCypher Phishing

Midnight Blizzard Cyberattack Against Microsoft and HPE: What are the consequences?

2024 Digital Security

PrintListener: How to Betray Fingerprints

2024 Articles Digital Security News

BitLocker Security: Safeguarding Against Cyberattacks

2024 Articles Digital Security News Spying

How to protect yourself from stalkerware on any phone

Discover our other articles on digital security

EviCore NFC HSM Credit Cards Manager is a powerful solution designed to secure and manage both standard and contactless credit cards. In this article, we will explore the features, benefits, and compliance of EviCore NFC HSM Credit Cards Manager in protecting your valuable payment cards

Standard and contactless credit cards are convenient and fast ways to pay for goods and services. They use NFC (Near Field Communication) technology to communicate with a compatible contactless card reader. You just have to tap or bring your card close to the reader, and the transaction is done in seconds.

However, standard and contactless credit cards also pose security risks. For example, someone could use an NFC scanner to read your card information remotely or use a fake reader to capture your card data. Moreover, if you lose your card or if it is stolen, someone could use it to make unauthorized purchases without your PIN or signature.

Fortunately, there is a solution that can help you protect your standard and contactless credit cards from these threats. It is called Credit Cards Manager. It is a function of EviCore NFC HSM or EviCore HSM OpenPGP technology that allows you to manage your standard and contactless credit cards securely. It uses NFC technology to communicate with your computer or mobile device. You can store up to 200 credit cards in the memory of Freemindtronic’s NFC HSM device or in the secure keystore of phones encrypted via EviCore. The number of records depends on the types of products developed with these technologies and the amount of information to be stored encrypted. You can also select the card you want to use for each transaction. The Credit Cards Manager function relies on EviBank technology, dedicated to securing payment systems including bank cards.

Exploring EviCore NFC HSM Credit Cards Manager

Credit Cards Manager is a function of EviCore NFC HSM or EviCore HSM OpenPGP technology that allows you to manage your standard and contactless credit cards securely. It uses NFC technology to communicate with your computer or mobile device.

You can store up to 200 credit cards in the memory of Freemindtronic’s NFC HSM device or in the secure keystore of phones encrypted via EviCore. The number of records depends on the types of products developed with these technologies and the amount of information to be stored encrypted.

You can also select the card you want to use for each transaction. The Credit Cards Manager function relies on EviBank technology, dedicated to securing payment systems including bank cards.

These technologies are available under patent license from Freemindtronic. They are compatible with various formats of Freemindtronic’s NFC HSM device (link). These technologies can be embedded in products designed and developed on demand in white label for Freemindtronic’s partners such as Fullsecure and Keepser.

In this article, we will focus on using Credit Cards Manager with an NFC HSM device in the form of a secure electronic card (NFC HSM Card). It is a hardware security module (HSM) that uses a highly secure and encrypted AES-256 post-quantum NFC eprom memory to protect and manage secrets (including digital keys such as an RSA-4096 key, AES-256 key, and ECC key), perform encryption and decryption functions, strong authentication, and other cryptographic functions.

What are the Benefits of using Credit Cards Manager?

Credit Cards Manager offers several benefits for managing standard and contactless credit cards, such as:

  1. Strongbox function for anti-phishing protection and smart login: The Strongbox function offers advanced protection against phishing attempts by securely filling in credit card information on websites. It verifies the authenticity of websites and ensures that sensitive data is only automatically filled in on reliable and verified platforms. It also intelligently automates the process of filling in credit card information and logging into original websites.
  2. Secure manager for credit cards: The Credit Cards Manager function uses the NFC HSM Card device to physically protect bank cards and verify their validity before authorizing their encrypted storage in the device’s memory. It also allows users to customize access levels for each stored card and define geographic access limitations.
  3. Battery-free operation and longevity: The NFC HSM Card device operates without a battery, using the NFC signal from smartphones for power. This energy-efficient design ensures that the device retains stored data for up to 40 years without maintenance or external power sources. The device also has an intelligent OCR scanner for credit cards that is compatible with all bank cards in the world. It helps the user fill in the information fields of the card to be stored encrypted in AES-256 post-quantum in the device. It also prevents keyloggers and spyware from accessing card information on the phone.
  4. COVID contactless security and compliance: Credit Cards Manager helps you avoid physical contact with your bank cards and payment terminals, reducing the risk of COVID-19 transmission. You can make secure contactless payments online, without needing your bank cards with or without NFC technology. You can also use auto-filling remotely via the local network or by sharing a connection via your phone. This feature improves convenience and protects your health.
  5. NFC contactless security and compliance: Credit Cards Manager protects your bank cards from being scanned or read by malicious NFC devices. The NFC HSM Card device shields other credit cards from being detected by an NFC scanner when they are juxtaposed to the device. The device uses an anti-collision system that prevents other cards from being read by the NFC reader of the bank card. It also has a copper ground plane that short-circuits the NFC signals of credit cards when they are juxtaposed on or under the NFC HSM CARD. This is an effective physical protection of cards against all risks of attempted remote non-invasive attack.
  6. Air gap security: Credit Cards Manager uses air gap security, physically isolating itself from computer networks. This ensures that the encrypted data of the NFC HSM Card device is stored exclusively in its non-volatile memory, preventing unauthorized access. By protecting itself from remote attacks, Credit Cards Manager strengthens protection against cyber threats. The use of information is encrypted end-to-end from the NFC HSM Card. All communication protocols are automatically encrypted from the NFC device. The sharing of bank card information contained encrypted in the device’s memory can be shared in air gap via a QR Code encrypted in RSA-4096 generated and managed from the NFC HSM CARD device. This sharing can also be shared encrypted in NFC Beam or in proximity between NFC Android phones.
  7. Protection against fraudulent use: Credit Cards Manager ensures that your bank card information is not stored on computer systems, phones, or online shopping sites. This protects your privacy and anonymity. The encrypted data is transmitted securely to the computer system, protecting it from potential threats and unauthorized access. You can also erase sensitive data such as the CCV of bank cards since saved in the NFC HSM Card devices. Advantageously, the CVV physically erased from the bank card secures it from the risk of illicit use, especially online.

The Benefits of Using Credit Cards Manager

BenefitsFeatures
Strongbox function for anti-phishing protection and smart login
  • Advanced protection against phishing attempts by securely filling in credit card information on websites.
  • Verification of website authenticity and automatic filling of sensitive data only on reliable and verified platforms.
  • Intelligent automation of credit card information filling and login process to original websites.
Secure manager for credit cards
  • Physical protection of bank cards and verification of their validity before authorizing their encrypted storage in the device’s memory.
  • Customization of access levels for each stored card and definition of geographic access limitations.
Battery-free operation and longevity
  • Use of smartphone NFC signal for power, without battery or external power sources.
  • Retention of stored data for up to 40 years without maintenance.
  • Intelligent OCR scanner for credit cards compatible with all bank cards in the world.
  • Protection against keyloggers and spyware on the phone.
COVID contactless security and compliance
  • Avoidance of physical contact with bank cards and payment terminals, reducing COVID-19 transmission risk.
  • Secure contactless payments online, without needing bank cards with or without NFC technology.
  • Auto-filling remotely via local network or phone connection.
  • Improved convenience and health protection.
NFC contactless security and compliance
  • Protection of bank cards from being scanned or read by malicious NFC devices.
  • Shielding of other credit cards from being detected by an NFC scanner when juxtaposed to the device.
  • Anti-collision system and copper ground plane to prevent other cards from being read by the NFC reader of the bank card.
  • Effective physical protection of cards against all risks of attempted remote non-invasive attack.
Air gap security
  • Physical isolation from computer networks, preventing unauthorized access to encrypted data of the device.
  • Protection against remote attacks, strengthening protection against cyber threats.
  • End-to-end encryption of information from the NFC HSM Card.
  • Sharing of encrypted bank card information in air gap via QR Code, NFC Beam or proximity between NFC Android phones.
Protection against fraudulent use
  • Guarantee that bank card information is not stored on computer systems, phones or online shopping sites.
  • Protection of privacy and anonymity.
  • Secure transmission of encrypted data to computer system, protecting it from potential threats and unauthorized access.
  • Possibility to erase sensitive data such as CCV from NFC HSM Card devices.

Managing Standard and Contactless Credit Cards with EviCore NFC HSM Credit Cards Manager

To use Credit Cards Manager, follow these steps:

  1. Download the Freemindtronic app compatible with EviCore NFC HSM technology on your NFC phone and the extension if you want to use it on your computer as well.
  2. Connect the NFC HSM Card device to your computer or mobile device via NFC technology.
  3. Register your credit cards in the application using the intelligent OCR scanner or by manually entering the card information.
  4. Select the credit card you want to use for each transaction and confirm the various trust criteria that you have added, such as a password, PIN code, geozone, or fingerprint.
  5. Enjoy secure contactless payments and online shopping with the NFC HSM Card device and the Strongbox function.

Section Break: Why is Credit Cards Manager Compliant with PCI DSS?

Credit Cards Manager is compliant with PCI DSS because it meets the requirements of the Payment Card Industry Data Security Standard (PCI DSS). This cybersecurity standard applies to any entity that stores, processes, or transmits cardholder data, such as credit card numbers. The PCI DSS aims to protect cardholder data from unauthorized access, fraud, and theft.

The PCI DSS includes 12 requirements for compliance, organized into six related groups called control objectives:

  1. Build and maintain a secure network and systems.
  2. Protect cardholder data.
  3. Maintain a vulnerability management program.
  4. Implement strong access control measures.
  5. Regularly monitor and test networks.
  6. Maintain an information security policy.

Credit Cards Manager complies with these requirements by implementing various features and security measures, such as the secure manager for credit cards, battery-free operation and longevity, COVID contactless security and compliance, air gap security, and protection against fraudulent use. By following PCI DSS, Credit Cards Manager demonstrates adherence to best practices for data security and the protection of cardholder data.

In conclusion, Credit Cards Manager is a secure and compliant solution for managing your standard and contactless credit cards. With its advanced features, robust security measures, and powerful Strongbox function, it offers enhanced data protection and convenience. Secure your credit cards with Credit Cards Manager today.

References

Remote activation of phones by the police: an analysis of its technical, legal and social aspects

Remote activation of phones by the police

Remote activation of phones by the police by Jacques Gascuel This article will be updated with any new information on the topic, and readers are encouraged to leave comments or contact the author with any suggestions or additions.

How does remote activation of phones by the police work?

An article of the bill on justice 2023-2027 raises controversy. It allows remote activation of mobile phones and capture of images or sound without the owner’s consent, for cases of organized crime or terrorism. How does this intelligence technique work? What are the conditions to use it? What are its advantages and disadvantages? What is the situation in other countries? We explain everything in this article.

2024 Digital Security

Apple M chip vulnerability: A Breach in Data Security

2024 Digital Security

Cybersecurity Breach at IMF: A Detailed Investigation

2024 DataShielder Digital Security PassCypher Phishing

Midnight Blizzard Cyberattack Against Microsoft and HPE: What are the consequences?

2024 Digital Security

PrintListener: How to Betray Fingerprints

2024 Articles Digital Security News

BitLocker Security: Safeguarding Against Cyberattacks

2024 Articles Digital Security News Spying

How to protect yourself from stalkerware on any phone

Discover our other articles on digital security

What is the new bill on justice and why is it raising concerns about privacy?

The bill on justice is a legislative project. It aims to modernize and simplify justice in France. It covers civil, criminal, administrative and digital justice. It also strengthens the investigation and prosecution of serious offenses, such as terrorism and organized crime.

One measure authorizes remote activation of phones by the police for some investigations. Article 3 “An unfailing commitment to better prevent radicalization and fight against terrorism” of the bill includes this measure. It modifies article 706-102-1 of the code of criminal procedure. This article defines how to activate remotely any electronic device that can emit, transmit, receive or store data.

This measure raises privacy concerns because it lets the police access personal or professional data in phones without the owners’ or possessors’ consent or knowledge. It also lets the police locate, record or capture sounds and images from phones without notification or justification. This measure may violate fundamental rights and freedoms, such as privacy, confidentiality, dignity, presumption of innocence and right to a fair trial.

What is remote activation of phones and how does it work?

Remote activation of phones by the police is an intelligence technique that allows law enforcement agencies to access data or record sounds and images from phones without the consent or knowledge of the phone users. This technique can be used for criminal investigations or national security purposes.

To remotely activate phones, law enforcement agencies need three factors: compatibility, connectivity, and security of the phones. They need to be compatible with the software or hardware that enables remote activation. They need to be connected to a network or a device that allows remote access. They need to have security flaws or vulnerabilities that can be exploited or bypassed.

Law enforcement agencies can remotely activate phones by three methods: exploiting vulnerabilities, installing malware, or using spyware on phones. Exploiting vulnerabilities means taking advantage of security flaws or weaknesses in the phone’s operating system, applications, or protocols. Installing malware means putting malicious software on the phone that can perform unauthorized actions or functions. Using spyware means employing software or hardware that can monitor or control the phone’s activity or data.

By remotely activating phones, law enforcement agencies can access data such as contacts, messages, photos, videos, location, browsing history, or passwords. They can also record sounds and images such as conversations, ambient noises, or camera shots. They can do this in real time or later by retrieving the data from the phone’s memory or storage.

What is the French bill on remote activation of phones by the police and what are its implications?

The French bill on remote activation of phones by the police is a legislative text that was promulgated on 25 May 2021. It is part of the justice orientation and programming bill for 2023-2027, which aims to modernize the justice system and reinforce its efficiency and independence.

The bill introduces a new article in the code of criminal procedure, which allows the judge of liberties and detention (at the request of the prosecutor) or the examining magistrate to order the remote activation of an electronic device without the knowledge or consent of its owner or possessor for the sole purpose of locating it in real time. This measure can be applied for crimes or misdemeanors punishable by at least five years’ imprisonment, a fairly broad criterion.

The bill also allows the judge of liberties and detention (at the request of the prosecutor) or the examining magistrate to order the remote activation of an electronic device without the knowledge or consent of its owner or possessor for the purpose of recording sounds and images from it. This measure can be applied only for crimes relating to organized crime and terrorism.

These measures cannot concern parliamentarians, journalists, lawyers, magistrates and doctors, nor the defendants when they are in the judge’s office or with their lawyer.

The bill also specifies that the remote activation of an electronic device must be done in a way that does not alter its functioning or data, and that the data collected must be destroyed within six months after their use.

The bill aims to provide law enforcement agencies with more tools and information to prevent, investigate and prosecute crimes, especially in cases where phones are encrypted, hidden or destroyed. It also aims to harmonize the French legislation with other countries that have used or considered this technique, such as the United States, Germany, Italy, Israel, Canada, China, France, and the United Kingdom.

However, the bill also raises ethical and social challenges, as it involves a trade-off between security and privacy, as well as between effectiveness and legitimacy. It may undermine the right to respect for private life and the right to a fair trial, which are guaranteed by the European Convention on Human Rights and the French Constitution. It may also expose law enforcement agencies to legal or technical challenges or dangers, such as encryption technologies that can prevent or hinder remote activation. It may also create distrust or resistance among phone users or providers, who may use encryption technologies or legal remedies to protect their data or communications.

The bill has been criticized by several actors, such as lawyers, human rights defenders, digital rights activists, journalists and academics. They have denounced its lack of proportionality, necessity and oversight. They have also questioned its effectiveness and legitimacy. They have called for its withdrawal or amendment.

The bill is still subject to constitutional review by the Constitutional Council before its final promulgation.

How did the Senate vote on the bill and where to find the official sources?

The Senate adopted this measure on October 20, 2021, with some amendments. The Senate voted in favor of this measure by 214 votes against 121. The Senate also added some safeguards to this measure, such as limiting its duration to four months renewable once and requiring prior authorization from an independent judge.

The National Assembly still has to examine the bill before adopting it definitively. The National Assembly may approve, reject or modify this measure. The final text may differ from the one that the Senate voted.

The examination of the bill by the National Assembly will start on December 6, 2021. You can follow the progress of the bill on the website of the National Assembly. You can also find the official text of the bill and the report of the Senate on their respective websites. You can also consult the website of the Ministry of Justice for more information on the bill and its objectives.

What are the benefits and risks of remote activation of phones?

This technique can affect citizens’ and suspects’ behavior in different ways.

On one hand, it can deter people from serious offenses. It exposes them to a higher risk of detection and identification. It reduces their incentives for criminal activities.

On the other hand, it can also make people more cautious or paranoid. It increases their uncertainty and fear. It leads them to avoid electronic devices, encrypt their communications, or use countermeasures such as jamming devices.

This technique can also impact public safety and security positively and negatively.

On one hand, it can improve the efficiency and effectiveness of law enforcement agencies. It provides them with more information and evidence. It helps them prevent, investigate and prosecute crimes.

On the other hand, it can also pose risks for human rights and civil liberties. It allows intrusive and covert surveillance. It violates privacy, confidentiality and dignity. It can also be subject to abuse, misuse or error by law enforcement agents or hackers.

Finally, it can create a feeling of insecurity and mistrust towards institutions, which can access personal or professional data in phones. It can also harm respect for presumption of innocence by placing permanent suspicion on people targeted by this technique. It can also infringe on protection of journalistic sources or right to information by discouraging whistleblowers or witnesses from speaking freely. It can finally encourage people concerned to adopt avoidance or circumvention strategies, such as changing phones regularly, using encrypted applications or switching to airplane mode.

These strategies can reduce the actual effectiveness of this technique for preventing terrorism and organized crime.

What are the arguments in favor of remote activation of phones?

Some people support this technique because they think it has several advantages for law enforcement and public security.

How can remote activation of phones violate privacy and data protection?

One of the main arguments against this technique is that it can violate privacy and data protection for individuals and groups. Privacy and data protection are fundamental rights recognized by international standards and laws. They ensure human dignity and autonomy.

Remote activation of phones violates privacy and data protection by letting law enforcement agencies access personal or professional data without the owners’ or possessors’ consent or knowledge. It also lets law enforcement agencies access sensitive or confidential data without notification or justification. It also lets law enforcement agencies access excessive or irrelevant data without limitation or proportionality.

For example, remote activation of phones could let the police access medical records, financial transactions, political opinions, religious beliefs, sexual preferences, or other intimate information on a device or a communication. It could also let the police access information that is not related to the investigation or that is out of scope on a device or a communication. It could also let the police access information that is not necessary or appropriate for the investigation or that is disproportionate to the seriousness of the offense on a device or a communication.

How can remote activation of phones improve access to justice and evidence?

Another argument in favor of this technique is that it can improve access to justice and evidence for law enforcement agencies and victims of crimes. Justice and evidence ensure the rule of law and the protection of rights.

Remote activation of phones improves access to justice and evidence by letting law enforcement agencies obtain information that is otherwise inaccessible or difficult to obtain. It also lets law enforcement agencies obtain information that is more reliable and accurate than other sources. It also lets law enforcement agencies obtain information that is timelier and more relevant than other sources.

For example, remote activation of phones could help the police access data that is encrypted or password-protected on a device or a communication. It could also help the police access data that is authentic and verifiable on a device or a communication. It could also help the police access data that is up-to-date and pertinent on a device or a communication.

What are the arguments against remote activation of phones?

Some people oppose this technique because they think it has several disadvantages for human rights and civil liberties.

How can remote activation of phones violate privacy and data protection?

One of the main arguments against this technique is that it can violate privacy and data protection for individuals and groups. Privacy and data protection are fundamental rights recognized by international standards and laws. They ensure human dignity and autonomy.

Remote activation of phones violates privacy and data protection by letting law enforcement agencies access personal or professional data without the owners’ or possessors’ consent or knowledge. It also lets law enforcement agencies access sensitive or confidential data without notification or justification. It also lets law enforcement agencies access excessive or irrelevant data without limitation or proportionality.

For example, remote activation of phones could let the police access medical records, financial transactions, political opinions, religious beliefs, sexual preferences, or other intimate information on a device or a communication. It could also let the police access information that is not related to the investigation or that is out of scope on a device or a communication. It could also let the police access information that is not necessary or appropriate for the investigation or that is disproportionate to the seriousness of the offense on a device or a communication.

How can remote activation of phones undermine the presumption of innocence and the right to a fair trial?

Another argument against this technique is that it can undermine the presumption of innocence and the right to a fair trial for individuals and groups. The presumption of innocence and the right to a fair trial are fundamental rights recognized by international standards and laws. They ensure justice and accountability.

Remote activation of phones undermines the presumption of innocence and the right to a fair trial by letting law enforcement agencies access data that they can use against individuals or groups without any legal basis or due process. It also lets law enforcement agencies access data that they can manipulate or falsify by law enforcement agents or hackers. It also lets law enforcement agencies access data that individuals or groups can challenge or contest.

For example, remote activation of phones could let the police access data that they can incriminate individuals or groups without any warrant or authorization from a judge. It could also let the police access data that they can alter or corrupt by law enforcement agents or hackers. It could also let the police access data that individuals or groups can dispute or refute.

How can remote activation of phones create a risk of abuse and misuse by the authorities?

Another argument against this technique is that it can create a risk of abuse and misuse by the authorities for individuals and groups. Abuse and misuse are illegal or unethical actions that violate rights and obligations. They damage trust and legitimacy.

Remote activation of phones creates a risk of abuse and misuse by the authorities by letting law enforcement agencies access data that they can use for purposes other than those authorized or intended. It also lets law enforcement agencies access data that they can share or disclose to third parties without any oversight or control. It also lets law enforcement agencies access data that they can retain or store for longer than necessary or permitted.

For example, remote activation of phones could let the police access data that they can use for political, personal, commercial, or other interests on a device or a communication. It could also let the police access data that they can transfer or leak to other agencies, organizations, media, or individuals on a device or a communication. It could also let the police access data that they can keep or archive for indefinite periods on a device or a communication.

What are the alternatives and safeguards for remote activation of phones?

Some people suggest that there are alternatives and safeguards for remote activation of phones that can balance security and privacy.

What are the existing legal tools to access phone data with judicial authorization?

One of the alternatives for remote activation of phones is to use existing legal tools to access phone data with judicial authorization. Judicial authorization is a legal requirement that ensures respect for rights and obligations. An independent and impartial judge grants it after evaluating the necessity and proportionality of the request.

Existing legal tools to access phone data with judicial authorization include search warrants, wiretaps, geolocation orders, data requisitions, and international cooperation agreements. These tools let law enforcement agencies obtain information from phones in a lawful and transparent manner. They also provide legal protection and recourse for individuals and groups.

For example, search warrants let law enforcement agencies physically seize phones and extract data from them with judicial authorization. Wiretaps let law enforcement agencies intercept calls and messages from phones with judicial authorization. Geolocation orders let law enforcement agencies track the location of phones with judicial authorization. Data requisitions let law enforcement agencies request data from phone operators or service providers with judicial authorization. International cooperation agreements let law enforcement agencies exchange data with foreign authorities with judicial authorization.

What are the principles and conditions for remote activation of phones according to the bill?

One of the safeguards for remote activation of phones is to follow the principles and conditions for remote activation of phones according to the bill. The bill on justice sets some rules and limits for this technique to prevent abuse and misuse.

The principles and conditions for remote activation of phones according to the bill include:

  • The technique can only be used for terrorism and organized crime investigations.
  • An independent judge who authorizes it must supervise the technique. The technique can only last for four months renewable once.
  • The technique must respect necessity, proportionality, subsidiarity, and legality.
  • Parliament and independent authorities must oversee and control the technique.
  • Experts and stakeholders must evaluate and review the technique.

These principles and conditions aim to ensure a reasonable and accountable use of this technique. They also aim to protect the rights and interests of individuals and groups.

What are the possible ways to limit or challenge remote activation of phones?

Another safeguard for remote activation of phones is to use possible ways to limit or challenge remote activation of phones by individuals or groups. These ways can help protect rights and interests, as well as ensure accountability and transparency.

Some of the possible ways to limit or challenge remote activation of phones are:

  • Using encryption technologies:

    Encryption technologies can make data on phones unreadable or inaccessible to law enforcement agencies, even if they remotely activate them. Encryption technologies can also protect communications from law enforcement agencies’ interception or recording. For example, using end-to-end encryption apps, such as Signal or WhatsApp, can prevent law enforcement agencies from accessing messages or calls on phones.

  • Using security features:

    Security features can prevent law enforcement agencies from installing or activating software or applications on phones that enable remote activation. Security features can also detect or remove software or applications that enable remote activation. For example, using antivirus software, firewalls, passwords, biometrics, or VPNs can prevent law enforcement agencies from accessing phones.

  • Using legal remedies:

    Legal remedies can let individuals or groups contest or oppose remote activation of phones by law enforcement agencies. Legal remedies can also let individuals or groups seek compensation or redress for damages caused by remote activation of phones. For example, using judicial review, administrative appeals, complaints, lawsuits, or human rights mechanisms can challenge law enforcement agencies’ actions or decisions regarding remote activation of phones.

How does this technique compare with other countries?

Law enforcement agencies in other countries, such as the United States, Germany, Italy, Israel, Canada, China, France, and the United Kingdom, have used or considered remote activation of phones by the police. This technique is not new or unique. However, the legal framework, the technical methods, and the ethical and social implications of this technique vary from country to country..

How does remote activation of phones by the police work in different countries?

Remote activation of phones by the police is an intelligence technique that varies from country to country. It depends on the legal framework, the technical methods and the ethical issues of each country. Here are some examples of how it works in different countries.

  • In the United States, this technique is known as “roving bugs” or “mobile device tracking”. The Foreign Intelligence Surveillance Act (FISA) authorizes it for national security purposes and Title III of the Omnibus Crime Control and Safe Streets Act for criminal investigations. It requires a court order based on probable cause and limited in scope and duration. It can locate or record sounds and images from phones. It can be done by installing malware or exploiting vulnerabilities on phones.
  • In Germany, this technique is known as “Quellen-TKÜ” or “source telecommunications surveillance”. The Code of Criminal Procedure and the Telecommunications Act regulate it for criminal investigations and the Federal Intelligence Service Act for national security purposes. It requires a court order based on reasonable suspicion and proportionality. It can intercept communications from phones. To do so, it installs software or uses spyware on phones.
  • In Italy, this technique is known as “Trojan horse” or “spyware”. The Code of Criminal Procedure and the Data Protection Code regulate it for criminal investigations. It requires a court order based on serious indications of guilt and necessity. It can access data or record sounds and images from phones. To do so, it installs software or uses spyware on phones.
  • In Israel, this technique is known as “IMSI catchers” or “stingrays”. The Wiretapping Law and the Privacy Protection Law regulate it for criminal investigations and the Security Service Law for national security purposes. It requires a court order based on reasonable grounds and proportionality. It can locate or intercept communications from phones. To do so, it uses devices that mimic cell towers and trick phones into connecting to them.
  • In Canada, this technique is known as “cell site simulators” or “IMSI catchers”. The Criminal Code and the Charter of Rights and Freedoms regulate it for criminal investigations. It requires a court order based on reasonable grounds and proportionality. It can locate or intercept communications from phones. To do so, it uses devices that mimic cell towers and trick phones into connecting to them.
  • In China, this technique is known as “network interception” or “remote control”. The Criminal Procedure Law and the Cybersecurity Law regulate it for criminal investigations and national security purposes. It does not require a court order but only an approval from a higher authority. It can access data or record sounds and images from phones. To do so, it installs software or uses spyware on phones.
  • In France, real-time geolocation is regulated by the Criminal Procedure Code and the Intelligence Law for criminal and national security investigations. Article 706-102-1 of the Criminal Procedure Code allows police officers and agents to use a technical device to access, record, store and transmit computer data without the consent of the persons concerned. This requires a court order based on serious reasons and proportionality. Article 230-32 of the Criminal Procedure Code states that “Any technical means for real-time location, throughout the national territory, of a person, without his consent, a vehicle or any other object, without the consent of its owner or possessor, may be used if this operation is required by necessity: “. This also requires a court order based on serious reasons and proportionality.
  • In the United Kingdom, this technique is known as “equipment interference” or “hacking”. The Investigatory Powers Act regulates it for criminal investigations and national security purposes. It requires a warrant based on necessity and proportionality. It can access data or record sounds and images from phones. To do so, it installs software or uses spyware on phones.

How does remote activation of phones by the police raise ethical and social challenges?

Remote activation of phones by the police raises ethical and social challenges in different contexts and situations because it involves a trade-off between security and privacy, as well as between effectiveness and legitimacy.

Security versus privacy

On one hand, remote activation of phones by the police can enhance security by providing law enforcement agencies with more information and evidence to prevent, investigate, and prosecute crimes. It can also deter criminals from using phones to plan or commit crimes.

On the other hand, remote activation of phones by the police can undermine privacy by letting law enforcement agencies access personal or professional data without consent or knowledge. It can also violate human rights and civil liberties by letting law enforcement agencies monitor or record sounds and images without notification or justification.

Effectiveness versus legitimacy

On one hand, remote activation of phones by the police can be effective by increasing the chances of finding relevant information or evidence on phones that may be encrypted, hidden, or destroyed. It can also be efficient by reducing the costs and risks of physical surveillance or interception.

On the other hand, remote activation of phones by the police can be illegitimate by violating the legal framework, the technical methods, or the oversight and control mechanisms that regulate this technique in each country. It can also be counterproductive by creating distrust or resistance among phone users or providers, who may use encryption technologies or legal remedies to protect their data or communications.

The ethical and social challenges of remote activation of phones by the police depend on the legal framework, the technical methods, and the oversight and control mechanisms that regulate this technique in each country. They also depend on the cultural and political values, the public opinion, and the media coverage that shape the perception and acceptance of this technique in each country.

Some of the ethical and social challenges of remote activation of phones by the police are how to :

  • balance security and privacy in the use of this technique?
  • ensure compliance with fundamental rights and freedoms in the use of this technique?
  • prevent abuse, misuse, or error in the use of this technique?
  • provide legal protection and recourse for individuals or groups affected by this technique?
  • ensure accountability and transparency in the use of this technique?
  • evaluate the effectiveness and legitimacy of this technique?
  • foster trust and cooperation between law enforcement agencies and phone users in the use of this technique?

What is the impact of encryption technologies on this technique?

Encryption technologies are methods or systems that make data unreadable or inaccessible to unauthorized parties. Encryption technologies can have a significant impact on remote activation of phones by the police, as they can make this technique more difficult, risky, or controversial.

How can encryption technologies make remote activation of phones by the police more difficult or impossible?

Encryption technologies can make remote activation of phones by the police more difficult or impossible by preventing law enforcement agencies from accessing data or communications on phones, even if they remotely activate them. Encryption technologies can also protect phones from malware or spyware that enable remote activation.

For example, end-to-end encryption, which some apps such as Signal or WhatsApp use, can prevent law enforcement agencies from intercepting or reading messages or calls on phones, as only the sender and the receiver have the keys to decrypt them. Device encryption, which some operating systems such as iOS or Android use, can prevent law enforcement agencies from extracting or viewing data on phones, as they require a password or a biometric authentication to unlock them.

How can encryption technologies make remote activation of phones by the police more risky or harmful?

Encryption technologies can make remote activation of phones by the police more risky or harmful by exposing law enforcement agencies to legal or technical challenges or dangers. Encryption technologies can also harm phone users by compromising their security or privacy.

For example, breaking encryption, which law enforcement agencies sometimes do to access data or communications on phones, can expose them to legal challenges, as it may violate laws or regulations that protect encryption or privacy. It can also expose them to technical dangers, as it may weaken the security of phones or networks and create vulnerabilities for hackers or criminals. Hacking encryption, which law enforcement agencies sometimes do to install malware or spyware on phones, can harm phone users by compromising their security or privacy, as it may allow unauthorized access to their data or functions.

How can encryption technologies make remote activation of phones by the police more controversial or unacceptable?

Encryption technologies can make remote activation of phones by the police more controversial or unacceptable by raising ethical and social issues or debates. Encryption technologies can also create conflicts or tensions between law enforcement agencies and phone users or providers.

For example, undermining encryption, which law enforcement agencies sometimes request to facilitate remote activation of phones, can raise ethical and social issues or debates, as it may affect human rights and civil liberties, such as privacy, confidentiality, dignity, presumption of innocence, and right to a fair trial. It can also create conflicts or tensions between law enforcement agencies and phone users or providers. They may have different interests or values regarding encryption and security.

How does EviCore NFC HSM technology developed by Freemindtronic offer a high level of protection for phone users?

Remote activation of phones by the police can be facilitated by exploiting security flaws, installing malware, or requesting backdoors in encryption technologies. However, some encryption technologies may be resistant to these measures and offer a higher level of protection for phone users. One of them is the EviCore NFC HSM technology developed by Freemindtronic.

This technology lets users create their own encryption keys in a random way and store them in a physical device that communicates with the phone via NFC (Near Field Communication). The device also lets users define their own trust criteria that must be met to use the keys or their segments. The encryption is done in post-quantum AES-256 mode from either a device compatible with the EviCore NFC HSM technology or from an encrypted enclave in the phone created in the Key chain (Apple) or the Key store (Android) via the EviCore HSM OpenPGP technology. The encryption keys are segmented and superior to 256 bits. Moreover, they are physically externalized from computer systems. Everything is designed by Freemindtronic to effectively fight against espionage and corruption of telephone, computer, communication and information systems. Finally, without a server, without a database, even in air gap and airplane mode works EviCore NFC HSM or EviCore HSM OpenPGP technology. Everything is designed to work in volatile memory to leave no trace in telephone and computer systems.

This technology offers a high level of security and privacy for phone users who want to protect their data from unauthorized access, including by the police. It also offers a high level of performance and usability for phone users who want to encrypt or over-encrypt all types of messaging in the world, including SMS and MMS. It also works with other applications that use encryption, such as email, cloud storage or blockchain.

Furthermore, this technology is designed to be totally anonymous, autonomous, unconnected, without a database, without collecting any information of any kind on the identity of the user, nor on the hardware, nor on the terminals used. The technology is designed to be totally isolated and totally independent of the security of the terminal used whether it is connected or not. Freemindtronic does not keep the unique pairing keys for each NFC HSM device. And even if it did, the user at installation will automatically generate segmented complementary keys for encryption with administrator and user passwords. Each NFC device has a unique 128-bit signature dedicated to fighting against counterfeiting of NFC devices. It is also used as a key segment. The secret stored in eprom memories or in enclaves of the phone and/or computer can be individually secured by other segmented keys characterized by additional trust criteria such as a geozone, a random hexadecimal code via an existing or generated QR code or Bar Code via EviCore HSM. It is therefore physically impossible for Freemindtronic but under judicial assignment to decrypt data encrypted via EviCore HSM technologies even with a quantum computer.

Conclusion

Remote activation of phones by the police is an intelligence technique. It aims to fight terrorism and crime by accessing data or sounds and images from phones without consent or knowledge. Law enforcement agencies in various countries have used or considered this technique. For example, France, the United States, Germany, Italy, Israel, Canada, China, and the United Kingdom. However, this technique raises technical, legal, ethical, and social challenges. They need to be addressed.

On the technical side, remote activation of phones by the police depends on three factors: compatibility, connectivity, and security of the phones. It can be done by three methods: exploiting vulnerabilities, installing malware, or using spyware on phones.For example, EviCore NFC HSM technology developed by Freemindtronic protects data and communications on phones from remote activation by the police. Encryption technologies can make this technique more difficult or impossible by preventing law enforcement agencies from accessing data or communications on phones, even if they remotely activate them.

On the legal side, remote activation of phones by the police requires a legal framework that regulates its use and scope. Laws or regulations can authorize it and specify the conditions and criteria for its application. Legal remedies can also challenge it and contest or oppose its validity or legality.

On the ethical side, remote activation of phones by the police involves a trade-off between security and privacy, as well as between effectiveness and legitimacy. It can enhance security by providing more information and evidence to law enforcement agencies to prevent, investigate, and prosecute crimes. It can also undermine privacy by letting law enforcement agencies access personal or professional data without notification or justification.

On the social side, remote activation of phones by the police raises issues or debates that affect human rights and civil liberties. For example, privacy, confidentiality, dignity, presumption of innocence, and right to a fair trial. It can also create conflicts or tensions between law enforcement agencies and phone users or providers, as they may have different interests or values regarding encryption and security.

Therefore, remote activation of phones by the police is a complex and controversial technique that requires a careful and balanced approach that respects the rights and interests of all parties involved. The French bill on remote activation of phones by the police and the EviCore NFC HSM Open PGP technology developed by Freemindtronic illustrate the complex and evolving relationship between intelligence and encryption in the digital age. They raise questions about finding a balance. It is between security and privacy, between public interest and individual rights, between innovation and regulation.

: According to Okta, privacy is the right to control how your information is viewed and used, while security is protection from threats or dangers (https://www.okta.com/identity-101/privacy-vs-security/).

: According to Carnegie Endowment for International Peace, finding a balance between security and privacy requires addressing technical, legal, and social questions (https://carnegieendowment.org/2019/09/10/moving-encryption-policy-conversation-forward-pub-79573).

: According to Springboard, finding a balance between innovation and regulation requires cooperation among stakeholders and respect for human rights (https://www.springboard.com/blog/cybersecurity/privacy-vs-security-how-to-balance-both/).

Protect Meta Account Identity Theft with EviPass and EviOTP

A man holding a resident card of a person in Andorra, wearing a badge of an identity card of a Spanish woman and surrounded by other identity cards of different countries including France and on his left a hacker in front of his computer with a phone

Protect Meta Account identity theft by Jacques Gascuel This article will be updated with any new information on the topic, and readers are encouraged to leave comments or contact the author with any suggestions or additions.

How to Spot and Avoid Phishing Attacks on Meta

Have you ever wondered what would happen if someone hacked your Meta account and used it for malicious purposes? Identity theft is a serious threat that affects millions of internet users worldwide. It can harm your reputation, finances, privacy, and even your safety. That’s why it’s essential to protect your Meta account from identity theft.

Articles Crypto Currency Digital Security EviSeed EviVault Technology News

Enhancing Crypto Wallet Security: How EviSeed and EviVault Could Have Prevented the $41M Crypto Heist

Articles EviVault Technology News Uncategorized

Why choose a Cold Wallet NFC HSM to secure your cryptocurrencies?

Articles Digital Security EviVault Technology NFC HSM technology Technical News

EviVault NFC HSM vs Flipper Zero: The duel of an NFC HSM and a Pentester

Articles EviVault Technology Phishing

Cryptbot malware steals data cryptocurrencies

Protecting Your Meta Account from Identity Theft

Meta is a family of products that includes Facebook, Instagram, Messenger, WhatsApp, Oculus, and more. These products allow you to connect with people, share content, play games, shop online, and explore new realities. However, they also store a lot of personal information that can be exploited by hackers if you don’t secure your account properly.

Identity theft of online accounts is a growing problem that affects many Meta users. Hackers use various techniques to illegally obtain user credentials and two-factor authentication information. This results in financial, legal, and psychological consequences for the victims, who find themselves deprived of their digital identity. In this article, we explain how to protect your Meta account from identity theft, with a focus on the security of your passwords and your two-factor authentication. We also present real testimonials of identity theft on Meta, which illustrate the seriousness of this problem and the importance of protecting yourself. Finally, we introduce you to an innovative solution that allows you to manage OTP tokens (One Time Password) securely and contactlessly thanks to an NFC device (Near Field Communication).

Identity theft on meta how to protect your meta account from identity theft by Freemindtronic from Andorra

Creating Strong and Unique Passwords to Safeguard Your Meta Account

To enhance the security of your Meta account, it’s crucial to create strong and unique passwords. A strong password is the first line of defense against identity theft. Use a combination of uppercase and lowercase letters, numbers, and special characters. Avoid using obvious personal information, such as your name or date of birth. Furthermore, avoid reusing the same password on multiple accounts, as this makes it easier for hackers to gain unauthorized access. Consider using a secure password manager such as EviPass, offered by Freemindtronic, to store your passwords securely and regularly check their integrity.

Enhancing Meta Account Security with Two-Factor Authentication (2FA)

Enhancing the security of your Meta account is crucial, and enabling two-factor authentication (2FA) is an effective way to achieve that. In the security and login settings of your Meta account, you have access to a range of 2FA methods. Each method has its own advantages and considerations, empowering you to select the most suitable option for your needs.

Table: Comparison of Different 2FA Methods on Meta

2FA MethodAdvantagesDisadvantages
Security KeyHighly secure, doesn’t require internet connectionExpensive, susceptible to loss or forgetfulness, requires USB or NFC port
Authentication AppMore secure than SMS, compatible with multiple accountsRisk of smartphone loss or theft, requires prior installation
SMSSimple and quickRisk of phone number hacking, reliance on mobile network
Authentication ApplicationsEnhanced security, generates secure 2FA codesRisk of smartphone loss or theft
EviPassHighly secure, contactless, compatible with multiple accounts, no prior installation requiredRequires purchase of EviPass device

The Ultimate Solution – EviPass and EviOTP for Meta Account Protection

EviPass, powered by Freemindtronic’s EviOTP technology, offers the best of both worlds with its PassCypher product. PassCypher combines two technologies: EviPass Hardware and/or Digital Manager, compatible with Freemindtronic’s NFC HSM devices. It also incorporates the EviOTP technology, a secret key manager for OTP and HOTP, enabling the generation of OTP codes. With PassCypher, you can experience highly secure and contactless 2FA. It eliminates the need for prior installation and provides a seamless user experience. By securely storing and generating OTP secret keys using EviOTP technology, PassCypher ensures end-to-end authentication. Please note that the PassCypher device, which includes EviPass and EviOTP technologies, needs to be purchased to utilize this comprehensive solution.

Being Vigilant Against Phishing Attacks to Secure Your Meta Account

Hackers often use phishing techniques to trick you into disclosing your credentials. Be vigilant about suspicious emails or messages asking for your credentials or personal information. Do not click on dubious links and always check the website address before entering your information. If you receive a suspicious message claiming to be from Meta, report it immediately.

Regularly Updating Security Information for Meta Account Protection

To maintain optimal security, it is important to update your security information regularly, such as your recovery email address and phone number. This information will allow you to regain access to your account in case of identity theft or password forgetfulness. Make sure you choose secure and easily accessible recovery information that only you have access to.

Implementing EviOTP for Enhanced Meta Account Security against Identity Theft

One innovative solution for securing your Meta account is EviOTP by Freemindtronic. EviOTP utilizes contactless technology and NFC devices to securely manage OTP tokens (One Time Passwords). By enabling two-factor authentication with EviOTP, you are required to provide an additional code along with your password when logging into your Meta account. This method offers optimal protection against phishing attacks and identity theft, as your OTP tokens are stored and encrypted within the NFC device, physically isolated from your computer and phone systems.

Table: Advantages and disadvantages 2FA

2FA MethodProsCons
SMSSimple and fastRisk of hacking your phone number, dependence on mobile network
Authentication AppMore secure than SMS, compatible with multiple accountsRisk of losing or stealing your smartphone, requires prior installation
Security KeyVery secure, does not require internet connectionExpensive, easy to lose or forget, requires USB or NFC port
EviOTPVery secure, contactless, compatible with multiple accounts, does not require prior installationRequires purchasing the EviOTP device

Considering the different options available, each 2FA method offers unique benefits and drawbacks. Security keys provide a high level of security but may be costly and prone to loss. Authentication apps offer increased security and compatibility, but the risk of smartphone theft exists. SMS codes are simple and fast but carry the risk of phone number hacking. Authentication applications like Google Authenticator or Microsoft Authenticator generate secure codes but are still susceptible to smartphone loss. Finally, EviOTP stands out as a highly secure, contactless option compatible with multiple accounts, although it requires purchasing the EviOTP device.

EviOTP – The Ultimate 2FA Solution

For the ultimate 2FA solution, EviOTP by Freemindtronic offers unmatched security and convenience. EviOTP combines contactless technology, compatibility with multiple accounts, and a seamless user experience. It eliminates the need for prior installation and configuration, making it ready to use right out of the box. By securely storing and generating OTP secret keys, EviOTP ensures end-to-end authentication. To benefit from EviOTP, please note that the EviOTP device must be purchased.

To enable two-factor authentication with Contactless OTP Manager, you must follow these steps:

  1. Download and install the PassCypher application embedding the EviPass technology and especially EviOTP on your NFC-compatible Android mobile device from the Google Play Store.
  2. Log in to your Meta account on a computer or mobile browser.
  3. Go to the security and login settings of your Meta account and click on “Use two-factor authentication”.
  4. Choose the option “Authentication application” and follow the instructions on the screen.
  5. Open the PassCypher application on your mobile device and bring your Contactless OTP Manager device close to the phone to scan the QR code displayed by Meta.
  6. Enter the six-digit code generated by Contactless OTP Manager in the “Security Code” field on Meta and click on “Next”.
  7. Save the recovery codes provided by Meta in case of loss or theft in your Contactless OTP Manager device that you also use to generate codes to authenticate yourself.

Beware of phishing attacks

Hackers often use phishing techniques to trick you into disclosing your credentials. Be vigilant about suspicious emails or messages asking for your credentials or personal information. Do not click on dubious links and always check the website address before entering your information. If you receive a suspicious message claiming to be from Meta, report it immediately.

Update your security information regularly

To maintain optimal security, it is important to update your security information regularly, such as your recovery email address and phone number. This information will allow you to regain access to your account in case of identity theft or password forgetfulness. Make sure you choose secure and easily accessible recovery information only by you.

Real Testimonials of Meta Account Identity Theft and Steps to Protect Yourself

Identity theft is a phenomenon that affects more and more internet users worldwide. According to a study by the Federal Trade Commission, consumers reported losing more than $5.8 billion to fraud in 2021, an increase of more than 70% over the previous year. Among the most common types of fraud are identity theft scams, which aim to steal the login information of users on various Meta products, such as Instagram, Facebook, Messenger, WhatsApp or Oculus. These information can then be used to harm the reputation, finances or privacy of the victims.

Finding real testimonials of identity theft on Meta is not always easy. Indeed, victims may feel ashamed of being fooled, afraid of the consequences or simply not know who to turn to report the problem or ask for help. That’s why we have gathered in this section some true and verified stories that illustrate the different possible scenarios of identity theft on Meta. These stories are presented in the form of small short paragraphs that are easy to read and explain how the victims discovered the hacking, how they reacted and what were the consequences.

We hope that these testimonials will help you to become aware of the risks associated with identity theft on Meta and to adopt good practices to protect your personal data online. If you are a victim or witness of identity theft, do not hesitate to report the problem to the competent authorities and ask for help from specialized services.

  • Marie found June 6, 2021 Marie’s Instagram account was hacked by scammers. They tricked her into giving them her login information. They used her account to ask her followers for money. Marie reported the hack to Instagram and warned her contacts. She finally got her account and her 2,000 followers back. She learned to be more careful online.
  • A woman from France had her Instagram account hacked by scammers who tried to extort money from her followers. She contacted Meta, but received no response. She then contacted a cybersecurity expert who helped her recover her account and her 6,000 followers.
  • Muriel, a regular user of Meta, was a victim of identity theft on her personal account as well as on her Meta Business Manager account. Despite activating two-factor authentication, hackers managed to bypass security measures, leaving Muriel in a difficult situation. Unable to receive the necessary help from Meta, she shared her experience on social networks, hoping to find a contact within Meta who could help her solve this frustrating problem.
  • In December 2021, Meta filed a lawsuit against the bad actors who allegedly created over 39,000 websites that resembled the login pages of Instagram, Facebook, Messenger, and WhatsApp. The defendants used these websites to deceive users and collect their login information. They also infringed Meta’s trademarks by using its logos and names on their fake pages.
  • In February 2023, a couple was victim of a phishing scam that targeted META users. They received an email that seemed to come from the social network and asked them to confirm their credentials and password to avoid the closure of their account. When they clicked on the link, they were redirected to a fake login page that recorded their data. A few days later, they noticed that their account had been hacked and that fraudulent purchases had been made with their credit card linked to their META account.
  • In October 2022, a woman discovered that her Instagram account had been hacked and that a scammer had used her identity to blackmail her followers. He sent them messages pretending to be her and asking for nude photos or money. He threatened to expose their private conversations or photos if they did not comply. The victim reported the hack to Instagram and warned her contacts about the scam.
  • In October 2021, a man was sentenced to 18 months in prison with a suspended sentence for having impersonated several personalities on social networks, including the president of the French Republic Emmanuel Macron. He created fake META (ex-Facebook) accounts and sent private messages to internet users asking them for money or services. He also tried to extort personal information from journalists and politicians by pretending to be their relatives or collaborators.
  • In February 2020, a woman discovered that her META account had been hacked and that a scammer had used her identity to trick her friends. He sent them messages pretending to be her and asking them for financial help for an emergency. He then asked them to send him PCS recharge codes (prepaid cards) that he could use to buy goods or services online. The victim filed a complaint and alerted her contacts about the hack.
  • French case of Loïc: Loïc suffered identity theft on Meta for a grueling period of 17 years. Hackers opened numerous bank accounts in his name, took out consumer loans and used his information to benefit from social and tax benefits. Loïc recounted his ordeal during an interview with Olivier Delacroix on Europe 1 on January 15th, 2019. For years, he had to provide proof of identity and fight with administrations, banks and bailiffs to restore the truth and regain control of his digital identity.
  • Case of Julie: Julie was a victim of identity theft on her Meta account by her ex-partner. He managed to access her account by cloning her SIM card, changing her security information and posting defamatory messages in her name. Julie quickly became aware of the situation and immediately filed a complaint with the competent authorities. She also contacted the Cybermalveillance.gouv.fr service to get help in the process of recovering her account and protecting her online reputation.
  • Thomas’s Instagram account was hacked by a hacker who impersonated him and sent rude messages to his contacts. He managed to recover his account with the help of a cybersecurity expert.
  • Benoît fell victim to a scam on WhatsApp. He received a message from a friend who asked him to lend him money urgently. He agreed and sent 500 euros by bank transfer. He realized too late that it was an impostor who had hacked his friend’s account.
  • Clara was a victim of identity theft on her Facebook account. She received a notification that told her she had won a free trip and asked her to click on a link to claim it. She followed the link and entered her Facebook credentials. She realized too late that it was a trap to steal her data and use it to create fake profiles in her name.
  • David was a victim of identity theft on his Oculus account. He received an email that told him he had been selected to test a new virtual reality game and asked him to download an app on his smartphone. He downloaded the app and scanned a QR code with his Oculus headset. He realized too late that it was a malicious software that had stolen his login information and used his account to buy games without his permission.
  • Emma was a victim of identity theft on her Meta Workplace account. She received a message from a colleague who asked her to send him confidential documents related to an ongoing project. She trusted him and sent the documents by email. She realized too late that it was an impostor who had hacked her colleague’s account and used the documents to harm the company.
  • Another real case of identity theft on Meta is that of Aaron Elekes. This film and TV producer had his Facebook account hacked by scammers who impersonated him and his contacts. Despite his efforts to recover his account, he did not receive the necessary help from Meta. He had to create several new accounts under his name, which caused him a lot of stress and frustration. This testimonial shows how important it is to protect your Meta account from identity theft.
  • Other real examples of identity theft on Meta include:
    • A company called Meta that accuses Meta (formerly Facebook) of unlawfully seizing its mark, name and identity.
    • The risks associated with identity theft on Meta, such as the loss of personal data, the spread of false information, the contact scam or the infringement of copyright.

These real testimonials of identity theft on Meta illustrate the severity of the problem and highlight the importance of taking adequate security measures to protect your account. By following the tips mentioned above, such as creating strong passwords, enabling two-factor authentication and using innovative solutions like EviPass and EviOTP, you can enhance the security of your Meta account and significantly reduce the risks of identity theft.

Conclusion: Safeguard Your Meta Account from Identity Theft

Protecting your Meta account from identity theft is essential to preserve your online security. By following the recommended security measures, such as creating strong and unique passwords, enabling two-factor authentication and using innovative solutions like EviPass and EviOTP from Freemindtronic, you enhance the security of your account and reduce the risks of identity theft. Also be vigilant about phishing attempts and make sure to update your security information regularly. Use the tools and technologies at your disposal to enhance the security of your Meta account. By following these tips, you will be able to fully enjoy your experience on Meta with peace of mind.

Protect your digital identity and take the necessary steps to secure your Meta account now. Don’t let hackers steal your online identity. Be proactive in your approach to security and make protecting your account a top priority.

By adopting strong security measures and staying informed about the latest techniques used by hackers, you can minimize the risks of identity theft and protect your digital life on Meta. Make sure you implement the recommendations presented in this article and don’t hesitate to explore more advanced security solutions to further enhance the protection of your account. Your online security is in your hands, so act now to protect your Meta account from identity theft.

Protect your digital identity and take the necessary steps to secure your Meta account now. Don’t let hackers steal your online identity. Be proactive in your approach to security and make protecting your account a top priority.

By adopting strong security measures and staying informed about the latest techniques used by hackers, you can minimize the risks of identity theft and protect your digital life on Meta. Make sure you implement the recommendations presented in this article and don’t hesitate to explore more advanced security solutions to further enhance the protection of your account. Your online security is in your hands, so act now to protect your Meta account from identity theft.

Remember that securing your Meta account is not limited to these measures. Stay vigilant, educate yourself on the latest security practices and be proactive in protecting your digital identity. By taking these precautions, you can fully enjoy your experience on Meta safely and peacefully.

EviPass the ultimate offline NFC hardware password manager passwordless manager by Freemindtronic Andorra

About Freemindtronic

Freemindtronic is a company specialized in digital security solutions based on NFC technology (Near Field Communication). Founded in 2017 by Jean-Marc Zanni, an expert in embedded systems engineering, Freemindtronic offers innovative products such as EviPass and EviOTP that allow users to manage their passwords and OTP tokens securely and contactlessly. Freemindtronic’s solutions are designed for individuals and professionals who want to protect their digital identity from cyberattacks and identity theft.

How BIP39 helps you create and restore your Bitcoin wallets

BIP39 EviSeed post Freemindtronic from Andorra web site

BIP39 by Jacques gascuel This article will be updated with any new information on the topic, and readers are encouraged to leave comments or contact the author with any suggestions or additions.  

BIP39: how to create and restore your Bitcoin wallets securely

Do you want to know how BIP39 helps you manage your cryptographic keys with a simple mnemonic phrase? Find out in this article how this standard works and how to use it to protect your bitcoins.

2024 Digital Security

Apple M chip vulnerability: A Breach in Data Security

2024 Digital Security

Cybersecurity Breach at IMF: A Detailed Investigation

2024 DataShielder Digital Security PassCypher Phishing

Midnight Blizzard Cyberattack Against Microsoft and HPE: What are the consequences?

2024 Digital Security

PrintListener: How to Betray Fingerprints

2024 Articles Digital Security News

BitLocker Security: Safeguarding Against Cyberattacks

2024 Articles Digital Security News Spying

How to protect yourself from stalkerware on any phone

How BIP39 helps you create and restore your Bitcoin wallets

Do you struggle to manage your cryptocurrency wallets? Are you looking for a simple and secure solution to create and restore your wallets? You are not alone. According to a study, more than 20% of cryptocurrency users have lost access to their funds because of a forgotten or stolen private key. Fortunately, there is an innovative solution to avoid this problem: BIP39 and mnemonic phrases. In this article, we will explain what BIP39 is, how it works, what are its advantages and disadvantages, and which wallets support it.

What is BIP39 and how does it work?

BIP39, also known as Bitcoin Improvement Proposal 39, proposes a novel method to simplify the creation and recovery of cryptocurrency wallets. It relies on the use of mnemonic phrases, which are sequences of words easy to remember generated from a predefined list of words. These mnemonic phrases serve to derive the private keys that allow you to access your funds. The use of this method greatly simplifies the management and backup of wallets, avoiding the need to memorize complex private keys.

BIP39 is part of the many BIPs (Bitcoin Improvement Proposals) that aim to improve the Bitcoin protocol. It was proposed in 2013 by Marek Palatinus, Pavol Rusnak, Aaron Voisine and Sean Bowe. It was implemented on Bitcoin in 2014 and has been adopted by many other cryptocurrency projects since then. You can consult the official document of BIP39 here (link to https://github.com/bitcoin/bips/blob/master/bip-0039.mediawiki).

The benefits of BIP39

BIP39 has many benefits for cryptocurrency users. First of all, it simplifies considerably the process of creating and recovering wallets. Thanks to mnemonic phrases, it becomes easier to backup and restore your wallets in case of need. Moreover, these mnemonic phrases are generally more user-friendly, as they are composed of words in natural language, which makes them easier to remember.

Another important benefit is compatibility. Many hardware and software wallets support BIP39, which offers great flexibility in choosing the wallet suitable for your needs. Whether you prefer a physical wallet or a software solution, there is a high chance that you can find a wallet compatible with BIP39.

The drawbacks of BIP39

Despite its many benefits, BIP39 also has some drawbacks. The main drawback lies in the security of the mnemonic phrase. Given that the mnemonic phrase is the key to access your funds, its loss or theft can result in the total loss of your cryptocurrencies. It is therefore crucial to take appropriate security measures to protect your mnemonic phrase, such as secure backup in an offline location.

Another drawback is the dependence on wallet software compatible with BIP39. It is important to verify that the wallet you use supports BIP39 before generating your mnemonic phrase. Otherwise, you may not be able to access your funds with another wallet that uses the same protocol.

Cold wallet vs hardware wallet: what’s the difference?

If you own cryptocurrencies, you need a wallet to store and manage them. But not all wallets are the same. In this article, we will explain the difference between a cold wallet and a hardware wallet, and how to choose the best one for your needs.

What is a cold wallet?

A cold wallet is a type of hardware wallet that is very secure: it never interacts with any smart contract or external source; it only stores assets and executes transfers between your other wallets. For example, a hardware wallet that is not used to explore Web3 can be considered a cold wallet.

What is a hardware wallet?

A hardware wallet is a physical device that stores your private keys in an isolated environment from an internet connection. This is important, because anyone who has access to your private keys has access to your crypto. A hardware wallet also allows you to sign transactions; enabling you to interact with different blockchain networks.

What is the difference between a cold wallet and a hardware wallet?

The main difference between a cold wallet and a hardware wallet is the level of interaction with smart contracts and external sources. A cold wallet is safer than a hardware wallet active online, because it does not face any threat from interactions with smart contracts.

Here is a summary table of the advantages and disadvantages of each type of wallet:

Cold WalletHardware Wallet
+ Very secure+ Secure
+ Ideal for long-term storage+ Ideal for Web3 exploration
– Not convenient for frequent transactions– Less secure than a cold wallet
– Can be lost or damaged– Can be hacked by malicious smart contracts

What standard is used to generate the mnemonic phrase or mnemonic code?

Another important aspect to consider when choosing a wallet is the standard used to generate the mnemonic phrase or mnemonic code. This is a group of easy-to-remember words that serves as a backup for your wallet in case of loss or destruction. The most common standard is BIP39, which is used by many deterministic (HD) wallets and not only by Bitcoin wallets. It has also been adopted for use in many other cryptocurrency projects.

Cold wallets and hardware wallets generally use BIP39 for master key generation. Some hardware wallets also use other BIPs to improve the security and functionality of their wallets. For example:

  • The Trezor Model T uses BIP32, BIP39, BIP44 and SLIP39. SLIP39 is an improvement of BIP39 that allows creating split backups (Shamir Backup) for increased security.
  • The Coldcard uses BIP32, BIP39 and BIP174. BIP174 is a standardized format for partially signed transactions (PSBT) that allows signing transactions offline.

What are the different types of cold wallets and hardware wallets?

There are different types of cold wallets and hardware wallets, and some can belong to both categories. For example, the Keepser is an NFC cold wallet that uses BIP39 to save seed phrases generated by other wallets or blockchains. It is therefore a type of hardware wallet that comes in the form of a contactless card that communicates with an application on your smartphone. The Keepser only protects cryptocurrency private keys, and not other types of private keys. It also allows printing private keys and seed phrases in the form of encrypted QR codes, which can be scanned by the Keepser application to restore wallets. The Keepser uses EviVault and EviSeed technology developed by Freemindtronic, a company specialized in cybersecurity and custom product design.

It is therefore important to check what standards are supported by the wallet you choose and how they affect the security and compatibility of your wallet.

How to choose a BIP39-compatible wallet

Update 29/05/2023

To fully enjoy the benefits of BIP39, it is essential to choose a wallet compatible with this feature. Many hardware and software wallets support BIP39, offering a simplified and secure experience. To help you in your choice, we have created a comprehensive table that compares the best wallets compatible with BIP39:

How to secure your mnemonic phrase with EviSeed?

If you use a BIP39-compatible wallet, you must imperatively protect your mnemonic phrase against any loss or theft. An innovative solution for this is EviSeed, developed by Freemindtronic. EviSeed is an electronic device that allows you to store your mnemonic phrase in a secure and resistant NFC card against physical or logical attacks.

EviSeed offers several advantages over traditional backup methods on paper or metal:

  • It is easy to use: just approach your NFC card from a compatible smartphone to display your mnemonic phrase.
  • It is secure: it uses a patented algorithm that encrypts your mnemonic phrase with a personal PIN code.
  • It is durable: it resists shocks, water, fire and magnetic fields.

EviSeed is compatible with all wallets that support BIP39, such as Ledger, Trezor or Metamask. You can order your EviSeed on Freemindtronic’s official website (link to https://freemindtronic.com/eviseed/en/).

Some real-life examples of people who lost their keys

You may think that losing your mnemonic phrase is a rare or unlikely case. Think again! Many people have already experienced this misadventure, sometimes with dramatic consequences. Here are some real-life examples taken from the media:

  • Stefan Thomas, a programmer living in San Francisco, owns 7 002 Bitcoin that he cannot recover because he lost the password of his IronKey hard drive, which contains the private keys of his wallet1. He only has two attempts left before his hard drive locks permanently.
  • James Howells, a British computer scientist, accidentally threw away his hard drive containing 7 500 Bitcoin in 20132. He tried unsuccessfully to find his hard drive in a municipal landfill.
  • Brad Yasar, an entrepreneur living in Los Angeles, mined thousands of Bitcoin at the beginning of the project3. But he forgot his passwords and failed to access his wallets despite hundreds of hours spent trying.
  • Luke Dashjr, one of the original developers of Bitcoin Core, said he lost more than 200 Bitcoin after his PGP key was compromised on December 31, 20224. He claimed he did not know how hackers were able to access his key.

These examples show well the importance of using a reliable and secure method to backup your mnemonic phrase. With EviSeed, you can avoid this kind of situation and enjoy your cryptocurrencies peacefully.

Other standards related to BIP39

BIP39 is not the only standard that concerns the generation and management of cryptocurrency wallets. There are other standards that are related to BIP39 or that propose alternatives to it. Here are some examples:

  • The BIP32 is another standard that describes how to generate deterministic wallets from a master key. The BIP32 allows creating a hierarchy of derived keys from a single master key, which facilitates the organization and backup of wallets. The BIP32 uses a hash function to derive keys, which ensures that keys are unpredictable and independent from each other. The BIP39 is a method to create a master key from a mnemonic phrase. The two standards are often used together to create deterministic wallets from mnemonic phrases.
  • The BIP44 is an extension of the BIP32 that defines a hierarchical structure for deterministic wallets. It allows managing multiple accounts and multiple currencies with a single mnemonic phrase. The BIP44 defines five levels of derivation: purpose, currency, account, address type, and address index. The purpose is fixed at 44’ to indicate that the wallet follows the BIP44. The currency is a numerical code that identifies the currency used (for example, 0’ for Bitcoin, 60’ for Ethereum). The account is a number that allows separating funds according to personal criteria (for example, 0’ for the main account, 1’ for the secondary account). The address type is a bit that indicates if the wallet uses external addresses (0) or internal addresses (1). External addresses are those that are used to receive payments, while internal addresses are those that are used to send changes. The address index is a number that identifies each address within the address type. For example, the address m/44’/0’/0’/0/0 corresponds to the first external address of the first Bitcoin account of the wallet.
  • The SLIP39 (Shamir’s Secret-Sharing for Mnemonic Codes) is an alternative to BIP39 that allows splitting a mnemonic phrase into several parts that must be combined to restore the master key. The SLIP39 uses Shamir’s secret-sharing scheme, a cryptographic algorithm that allows distributing a secret into several pieces, called shares, such that a minimum number of shares is required to reconstruct the secret. For example, one can split a mnemonic phrase into five shares, of which three are required to restore it. This allows increasing security and redundancy of the wallet, by avoiding that one single share is enough to access funds or that one single share lost makes the wallet irrecoverable.
  • The Electrum Seed Version System is a system used by Electrum wallet to generate and verify mnemonic phrases. It differs from BIP39by several aspects: it uses a different word list, it does not use a checksum but a version code, it allows generating mnemonic phrases of variable lengths (12, 18 or 24 words), it allows deriving keys and addresses from a hash of the mnemonic phrase without depending on a fixed word list, it supports different types of mnemonic phrases according to the type of wallet (standard, multisig or segwit).
  • The Monero Seed Format is a format used by Monero wallet to generate and verify mnemonic phrases. It differs from BIP39 by several aspects: it uses a different word list, it uses a different checksum based on CRC32, it allows generating mnemonic phrases of 13 or 25 words depending on the seed length (128 or 256 bits), it allows deriving keys and addresses from the seed without depending on a fixed word list.

The segmented key authentication technology

Another innovative technology that allows to protect sensitive data such as mnemonic phrases by using encryption keys that are stored on different supports is the segmented key authentication technology. This technology was invented by Jacques Gascuel, a Frenchman living in Andorra, founder of the Andorran company Freemindtronic, is also patented in the USA under number US11281759B2 in 2020.

According to the invention, the encryption keys of the mnemonic phrases are segmented into several parts, which allows to store them on different supports such as contactless devices, phones, computers or a paper print with a QR code. Each mnemonic phrase is associated with an NFC HSM device and/or an EviCore OpenPGP HSM from Freemindtronic, which contains a part of the encryption key, which can be a pairing key. This part allows to decrypt the mnemonic phrase when the other parts are gathered. The other parts can be validated in different ways, such as a password, a fingerprint, a geofence or an identifier of the phone or network, etc. The technology allows to create different segmentation combinations for each mnemonic phrase. To reconstruct the encryption key and access the mnemonic phrase, one must approach the NFC HSM device from the phone and validate the other parts according to the order chosen by the user or automatically if all conditions are met.

According to one of the implementations of the invention, the key segments chosen by the user to constitute the decryption key can be of physical or digital origin. For example, the user can choose a key segment that corresponds to a geofence, thus allowing to decrypt the mnemonic phrase without requiring any other action, apart from being physically in the right geographical area. Of course, this key segment is associated with at least another key segment, such as the identifier of the user’s phone. This greatly improves user experience without compromising security level, as there are other default authentication factors integrated into NFC devices, such as also segmented pairing key, NFC identifier, unique 128-bit key, administrator and/or user password, as well as phone fingerprint.

Finally, an advantage of this technology is that key segments can be entrusted to various third parties without any risk. For example, a third party can hold a key segment without knowing what type of segment he owns, whether it is a BSSID, a geofence or a phone identifier that will receive a donation. There is virtually no limit to this. It is an effective solution for donations and inheritances, where the notary or lawyer can have a geofence key segment that he can only use in a specific place defined in a will or under the supervision of a bailiff.

Conclusion

In summary, BIP39 is a major improvement proposal to simplify the management of cryptocurrency wallets. Thanks to the use of mnemonic phrases, it offers a user-friendly and secure solution to create and recover your wallets. However, it is crucial to protect your mnemonic phrase against any loss or theft, and to choose a reliable and compatible wallet with BIP39.

We hope that this article has helped you understand better the functioning and benefits of BIP39. If you have any questions or comments, we would love to help you in the section below. Simplify your cryptocurrency management experience with BIP39!