2023, Articles, Cyberculture, EviCore HSM OpenPGP Technology, EviCore NFC HSM Browser Extension, EviCore NFC HSM Technology, Legal information, Licences Freemindtronic

Unitary patent system: why some EU countries are not on board

Posted on August 1, 2023March 15, 2024 by FMTAD

01
Aug

Unitary patent system by Jacques Gascuel: This article will be updated with any new information on the topic.

Why some EU countries don’t want the unitary patent

The unitary patent system promises to simplify and unify patent protection in Europe. But not all EU countries are on board. Discover why some countries like Spain have opted out and what it means for inventors.

A modern cybersecurity control center with a diverse team monitoring national cyber threats during the Andorra National Cyberattack Simulation.

2024 Cyberculture Digital Security News Training

Andorra National Cyberattack Simulation: A Global First in Cyber Defense

April 15, 2024

2024 Crypto Currency Cryptocurrency Cyberculture Legal information

EU Sanctions Cryptocurrency Regulation: A Comprehensive Overview

March 15, 2024

2024 Cyberculture Uncategorized

Chinese cyber espionage: a data leak reveals the secrets of their hackers

March 2, 2024

2024 Cyberculture

Cyber Resilience Act: a European regulation to strengthen the cybersecurity of digital products

February 24, 2024

ECHR landmark ruling in favor of encrypted messaging, featuring EviCypher NFC HSM technology by Freemindtronic.

2024 Cyberculture Legal information

Encrypted messaging: ECHR says no to states that want to spy on them

February 21, 2024

Digital image showing a confused user at a computer surrounded by complex password symbols

2024 Articles Cyberculture EviPass Password

Human Limitations in Strong Passwords Creation

January 22, 2024

2023 Articles Cyberculture EviCypher NFC HSM News Technologies

Telegram and the Information War in Ukraine

January 5, 2024

2023 Articles CyberStealth legal Legal information News Spying

The American Intelligence: How It Works

December 26, 2023

Why some EU countries are not on board

What is the unitary patent?

The unitary patent is a new scheme that allows inventors and innovative companies to protect their inventions in 17 EU member states by filing a single request to the European Patent Office (EPO) ¹. It is an alternative option to the classical European patent, which requires individual validation and maintenance in each country where the patent holder wants to benefit from protection ¹. The unitary patent entered into force on 1 June 2023, after the ratification of the Agreement on a Unified Patent Court (UPC Agreement) by 17 states participating in enhanced cooperation ². It is expected that more EU states will join this scheme in the future ¹.

The unitary patent is based on the European patent granted by the EPO under the rules of the European Patent Convention (EPC), so nothing changes in the pre-grant phase and the same high standards of quality search and examination apply. After a European patent is granted, the patent holder can request unitary effect, thereby obtaining a European patent with unitary effect (unitary patent) that provides uniform protection in initially 17 EU member states.

What is the current status of the unitary patent?

The unitary patent system is a new scheme that allows inventors and innovative companies to protect their inventions in 17 EU member states by filing a single request to the European Patent Office (EPO) . It is an alternative option to the classical European patent, which requires individual validation and maintenance in each country where the patent holder wants to benefit from protection . The unitary patent is expected to start in early 2023, after the ratification of the Agreement on a Unified Patent Court (UPC Agreement) by 17 states participating in enhanced cooperation . It is expected that more EU states will join this scheme in the future.

The UPC Agreement

The UPC Agreement is an international treaty that establishes the Unified Patent Court (UPC), a supranational specialised court that will have exclusive jurisdiction to settle disputes relating to unitary patents and European patents . The UPC Agreement was signed by 25 EU member states in 2013, but it requires the ratification by at least 13 states, including France, Germany and Italy, to enter into force.

As of June 2021, 16 states have ratified the UPC Agreement, including France and Italy . Germany has also ratified the UPC Agreement in December 2020, but its ratification is pending before the German Constitutional Court, which has received two constitutional complaints against it . The German government has expressed its intention to deposit its instrument of ratification as soon as possible after the resolution of these complaints . The UK, which was initially one of the mandatory ratifying states, has withdrawn from the unitary patent system after leaving the EU in 2020.

The main obstacle and challenges

The main remaining obstacle for the implementation of the unitary patent system is therefore the outcome of the German constitutional complaints. If they are dismissed or overcome, Germany could deposit its instrument of ratification and trigger the entry into force of the UPC Agreement within three months . However, if they are upheld or delayed, Germany could be prevented from joining the unitary patent or cause further uncertainties and complications for its launch.

Other challenges for the implementation of the unitary patentinclude the practical and logistical arrangements for the operation of the Unified Patent Court, such as the recruitment and training of judges, the establishment of IT systems and facilities, and the adoption of procedural rules and guidelines . Moreover, some legal and political issues may arise from the withdrawal of the UK from the unitary patent, such as the impact on the linguistic regime of the unitary patent, the distribution of the workload and the cases among the different divisions of the Unified Patent Court, and the compatibility of the UPC Agreement with EU law.

What are the advantages?

The unitary patent system offers several advantages for inventors and innovative companies who want to protect their innovations in the EU. Among these advantages, we can mention:

The simplification of the procedure: the patent holder no longer needs to carry out complex and costly procedures with national offices to validate their European patent in each country ¹.
They only need to request unitary effect from the EPO, which is their single interlocutor ² .
The reduction of costs: the patent holder no longer has to pay validation fees, translation fees, representation fees or annual national fees to keep their patent in force in the countries covered by the unitary patent ¹.
They only pay a single annual fee to the EPO, which is calculated according to a progressive scale ³.
The legal certainty: the patent holder benefits from a uniform protection in all countries where the unitary patent takes effect, without risk of fragmentation or divergence between national rights ¹.
They can also enforce their rights before a supranational specialised court, the Unified Patent Court (UPC), which has exclusive jurisdiction to settle disputes relating to infringement and validity of unitary patents.

How does the unitary patent compare with other patent systems?

The unitary patent system is not the only option for obtaining patent protection in multiple countries. There are other regional or international patent systems that offer different advantages and disadvantages for inventors and innovative companies. Here are some examples:

The European Patent Convention (EPC)

The EPC is an international treaty that allows applicants to file a single application at the European Patent Office (EPO) and obtain a European patent that can be validated in up to 38 contracting states . The EPC is not affected by the unitary patent system and will continue to operate in parallel with it. The EPC offers more flexibility than the unitary patent, as applicants can choose which countries they want to validate their European patent in. However, it also involves more costs and formalities than the unitary patent, as applicants have to pay validation fees, translation fees and annual national fees in each country where they want to maintain their European patent.

The Patent Cooperation Treaty (PCT)

The PCT is an international treaty that allows applicants to file a single international application at a national or regional office and obtain an international search report and a preliminary examination report on their invention . The PCT does not grant patents directly, but facilitates the entry into national or regional phases in up to 153 contracting states . The PCT offers more time than the unitary patent system, as applicants can delay their decision on which countries they want to pursue their patent protection in for up to 30 or 31 months from the priority date . However, it also involves more complexity than the unitary patent, as applicants have to comply with different requirements and procedures in each country where they enter the national or regional phase.

The Eurasian Patent Convention (EAPC)

The EAPC is an international treaty that allows applicants to file a single application at the Eurasian Patent Office (EAPO) and obtain a Eurasian patent that can be validated in up to 8 contracting states . The EAPC is not related to the unitary patent system and operates independently from it. The EAPC offers more simplicity than the unitary patent, as applicants do not have to pay any validation fees or translation fees in the countries where they want to validate their Eurasian patent . However, it also involves more risk than the unitary paten system, as applicants cannot opt out of the jurisdiction of the Eurasian Court of Patent Disputes, which can invalidate their Eurasian patent in all contracting states.

How Freemindtronic’s international patents are related to the unitary patent

Freemindtronic is an Andorran company that creates innovative solutions for security, cyber-security and counter-espionage, using contactless technology (NFC). We have several inventions that are protected by international patents in the fields of embedded systems, access control and segmented key authentication. For example, our patented technologies EviCore NFC HSM, which manage encryption keys in an NFC HSM device, EviCore HSM OpenPGP, which manage encryption keys in a security element of phones, EviVault NFC HSM Cold Wallet operating without contact, EviKey NFC a contactless secured USB key and the technology EviCypher NFC HSM which encrypts all types of data. These technologies implement our patents and especially the one based on the segmented key authentication system. The latter received the gold medal of international inventions of Geneva 2021.

Our patent options

Our patents are based on the European patent granted by the European Patent Office (EPO) under the rules of the European Patent Convention (EPC). Therefore, we could benefit from the unitary patent system, which is a new scheme that allows inventors and innovative companies to protect their inventions in 17 EU member states by filing a single request to the EPO. However, we would also have to consider the disadvantages and risks of the unitary patent, such as the risk of total invalidation, the lack of flexibility and the exclusion of some countries. Moreover, we would have to deal with the legal issues of the unitary patent for non-participating countries, such as cross-border infringement cases and jurisdictional conflicts.

Our patent strategy

We have opted for the unitary patent only for our segmented key authentication system, and we have added some non-participating countries to our other European patents. The reasons behind this choice are related to our market strategy, our innovation potential and our risk assessment. For instance, we have decided to use the unitary patent for our segmented key authentication system because we consider it as our core invention and we want to protect it in a uniform and effective way in most EU countries. On the other hand, we have decided to add some non-participating countries to our other European patents because we want to preserve our flexibility and avoid possible invalidation challenges in those countries.

Conclusion

Our international patents are relevant examples of how the unitary patent system can affect inventors and innovative companies in Europe, both positively and negatively. They illustrate the opportunities and challenges that the unitary patent poses for innovation and competitiveness in the EU.

How can legal issues of the unitary patent for non-participating countries be resolved?

The legal issues of the unitary patent system for non-participating countries are complex and not yet fully resolved. One of the main questions is how to deal with cross-border infringement cases involving unitary patents and national patents. For instance, if an inventor from a non-participating country, such as Spain, wants to enforce his rights on his classic European patent in a participating country, such as France, where a unitary patent holder claims to infringe his patent, which law should he consider? Well, the question is not easy to answer, because he will have to take into account many international standards. In the end, this very important aspect will be “subjected” to a very complex situation that will necessarily be defined with the successive application of the law.

Another question is how to ensure a fair balance between the rights and obligations of unitary patent holders and national patent holders in non-participating countries. For example, if a unitary patent holder wants to enforce their rights in a non-participating country, such as Poland, where a national patent holder is allegedly infringing their patent, which court should they go to? Well, the answer is not clear, as it will depend on the interpretation and application of various international agreements. In principle, the unitary patent holder should go to the national court of Poland, but they may face some difficulties or disadvantages in comparison with the national patent holder, such as higher costs, longer procedures or different standards of proof.

One possible way to resolve these legal issues is to harmonise the rules and practices of the unitary patent and the national patent systems in Europe. This could be achieved by adopting common standards and guidelines for patent examination, grant, validity and enforcement, as well as by establishing mechanisms for cooperation and coordination between the UPC and the national courts. Another possible way is to extend the scope and coverage of the unitary patent and the UPC to all EU member states and other EPC contracting states. This could be achieved by encouraging and facilitating their participation in the enhanced cooperation and ratification of the UPC Agreement.

However, these solutions may face some practical and political challenges, such as the lack of consensus or willingness among the different stakeholders, the respect for national sovereignty and diversity, or the compatibility with EU law and international obligations. Therefore, it is important that the unitary patent and its legal implications are carefully monitored and evaluated, and that its benefits and drawbacks are balanced and communicated to all parties involved.

What are the disadvantages?

The unitary patent system is not without disadvantages for some actors in the patent market. Among these disadvantages, we can mention:

The risk of total invalidation: the patent holder faces the possibility that their patent will be cancelled in all countries where it takes effect, if the UPC finds that it does not meet the requirements of patentability. They do not have the possibility to limit or amend their patent to avoid this fatal outcome.
The lack of flexibility: the patent holder cannot choose the countries where they want to protect their invention, nor renounce their patent in some countries to avoid paying fees or to circumvent legal obstacles. They must accept or refuse unitary effect as a whole.
The exclusion of some countries: the patent holder cannot benefit from protection in all EU member states, since some countries have decided not to participate in the unitary patent or have not yet ratified the UPC Agreement ¹.
This is notably the case of Spain, which is one of the few EU countries that does not intend to be part of the unitary patent

What are the best practices or strategies for using or avoiding the unitary patent?

The unitary patent system offers a new opportunity for inventors and innovative companies who want to protect their inventions in Europe. However, it also poses some challenges and risks that need to be carefully considered. Depending on their needs and goals, they may decide to use or avoid the unitary patent, or to combine it with other patent systems. Here are some factors to consider when making this decision:

The scope of protection

The unitary patent system provides a uniform protection in 17 EU member states, which may cover a large part of the European market. However, it does not cover all EU member states, nor non-EU countries that are part of the EPC or the PCT. Therefore, inventors and innovative companies should assess whether the unitary patent covers their target markets, or whether they need to seek additional protection in other countries.

The cost of protection

The unitary patent reduces the cost of protection in Europe, as it eliminates the need to pay validation fees, translation fees and annual national fees in each country where the unitary patent takes effect. However, it also introduces a single annual fee for the unitary patent, which is calculated according to a progressive scale . Therefore, inventors and innovative companies should compare the cost of the unitary patent with the cost of other patent systems, and consider whether they need protection in all countries covered by the unitary patent, or whether they can save money by choosing a smaller number of countries.

The risk of invalidation

The unitary patent increases the risk of invalidation in Europe, as it exposes the unitary patent to a single challenge before the UPC, which can invalidate it in all countries where it takes effect. Moreover, the UPC is a new court that may have some uncertainties and inconsistencies in its interpretation and application of the law. Therefore, inventors and innovative companies should evaluate the strength and validity of their inventions, and consider whether they want to avoid this risk by opting out of the UPC for their European patents, or by using other patent systems that allow them to limit or amend their patents in case of invalidation challenges.

The enforcement of rights

The unitary patent facilitates the enforcement of rights in Europe, as it allows the holders of unitary patents to sue infringers before the UPC, which can grant pan-European injunctions and damages. However, it also exposes them to counterclaims for invalidity before the UPC, which can invalidate their unitary patents in all countries where they take effect. Therefore, inventors and innovative companies should assess the likelihood and impact of infringement and invalidity actions, and consider whether they want to benefit from this facilitation by opting in to the UPC for their European patents, or whether they want to retain more control over their litigation strategy by using national courts or other patent systems.

Why do some EU countries not want to join the unitary patent

The reasons for some EU countries’ exclusion from the unitary patent are diverse. Spain, for example, considers that the linguistic regime of the unitary patent, which relies on the three official languages of the EPO (English, French and German), is discriminatory and harms its economic and cultural interests. It believes that Spanish, which is the second most spoken native language in the world, should be recognised as an official language of the unitary patent, or at least, that the holders of unitary patents should be required to provide a full translation in Spanish of their patents. It also fears that the unitary patent will strengthen the dominant position of the English-speaking and German-speaking countries in the field of innovation and will reduce the development opportunities of Spanish companies.

Croatia, on the other hand, has not joined enhanced cooperation for setting up the unitary patent, because it joined the EU after the launch of this initiative. However, it has expressed its interest in joining the unitary patent in the future.

Poland and the Czech Republic have participated in enhanced cooperation, but have not signed or ratified the UPC Agreement, which is a prerequisite for being part of the unitary patent ² . These countries have invoked economic and legal reasons to justify their withdrawal. Poland has estimated that the unitary patent would have a negative impact on its national budget and on its competitiveness. The Czech Republic has expressed doubts about the compatibility of the unitary patent with EU law and about the quality of automatic translations .

Slovakia has also participated in enhanced cooperation, but has opposed the regulation on the unitary patent and has challenged it before the Court of Justice of the EU (CJEU). It has argued that the regulation was contrary to the principle of equal treatment between the member states and the official languages of the EU. It has also questioned the legal basis of the regulation and its respect for national competences in the field of industrial property. The CJEU rejected its request in 2015.

Hungary has ratified the UPC Agreement in 2018, but has denounced it in 2020, following a decision of its Constitutional Court that declared that the Agreement was incompatible with its Constitution. The Court considered that the Agreement infringed on Hungary’s sovereignty in the matter of intellectual property and that it violated the principle of separation of powers by entrusting the settlement of disputes relating to patents to a supranational court not integrated into the Hungarian judicial system.

Here is a table that summarizes that gives the list of European countries that accept the unitary patent and the European countries that have excluded themselves from the unitary patent:

Country	Status	Reason
Germany	Accepts	Participates in enhanced cooperation and has ratified the UPC Agreement
Austria	Accepts	Participates in enhanced cooperation and has ratified the UPC Agreement
Belgium	Accepts	Participates in enhanced cooperation and has ratified the UPC Agreement
Bulgaria	Accepts	Participates in enhanced cooperation and has ratified the UPC Agreement
Cyprus	Accepts	Participates in enhanced cooperation and has ratified the UPC Agreement
Croatia	Excluded	Has not joined enhanced cooperation
Denmark	Accepts	Participates in enhanced cooperation and has ratified the UPC Agreement
Spain	Excluded	Has opposed enhanced cooperation and has challenged the linguistic regime of the unitary patent
Estonia	Accepts	Participates in enhanced cooperation and has ratified the UPC Agreement
Finland	Accepts	Participates in enhanced cooperation and has ratified the UPC Agreement
France	Accepts	Participates in enhanced cooperation and has ratified the UPC Agreement
Greece	Accepts	Participates in enhanced cooperation and has ratified the UPC Agreement
Hungary	Excluded	Has ratified the UPC Agreement but has denounced it following a decision of its Constitutional Court
Ireland	Accepts	Participates in enhanced cooperation but has not yet ratified the UPC Agreement
Italy	Accepts	Participates in enhanced cooperation and has ratified the UPC Agreement
Latvia	Accepts	Participates in enhanced cooperation and has ratified the UPC Agreement
Lithuania	Accepts	Participates in enhanced cooperation and has ratified the UPC Agreement
Luxembourg	Accepts	Participates in enhanced cooperation and has ratified the UPC Agreement
Malta	Accepts	Participates in enhanced cooperation and has ratified the UPC Agreement
Netherlands	Accepts	Participates in enhanced cooperation and has ratified the UPC Agreement
Poland	Excluded	Participates in enhanced cooperation but has not signed or ratified the UPC Agreement
Portugal	Accepts	Participates in enhanced cooperation and has ratified the UPC Agreement
Czech Republic	Excluded	Participates in enhanced cooperation but has not signed or ratified the UPC Agreement
Romania	Accepts	Participates in enhanced cooperation but has not yet ratified the UPC Agreement
Slovakia	Excluded	Has opposed enhanced cooperation and has challenged the regulation on the unitary patent
Slovenia	Accepts	Participates in enhanced cooperation and has ratified the UPC Agreement
Sweden	Accepts	Participates in enhanced cooperation and has ratified the UPC Agreement

What are the consequences of these countries’ exclusion from the unitary patent?

The exclusion of these countries from the unitary patent has consequences for both the holders of unitary patents and the national patent holders in these countries. For the holders of unitary patents, this means that they cannot protect their inventions in these countries through the unitary patent, but they have to resort to the classical European patent or the national patent . They therefore have to bear the costs and formalities related to the validation and maintenance of their patent in these countries, as well as the risks of a fragmented protection and legal uncertainty . For the national patent holders in these countries, this means that they cannot benefit from the advantages of the unitary patent, but they have to face the increased competition of the holders of unitary patents in the other EU countries . They also have to adapt to the rules and procedures of the UPC, which can be seized by the holders of unitary patents to assert their rights against them or to challenge the validity of their classical European patents .

What are the legal issues of the unitary patent for non-participating countries?

The legal issues of the unitary patent system for non-participating countries are complex and not yet fully resolved. One of the main questions is how to deal with cross-border infringement cases involving unitary patents and national patents. For example, if an inventor from a non-participating country, such as Spain, wants to exercise their rights on their classical European patent in a participating country, such as France, where a unitary patent holder is allegedly infringing their patent, which law should they take into account? Well, the question is not easy to answer, as it will have to take into account many international norms. In the end, this very important aspect will be “subjected” to a very complex situation that will necessarily be defined with the successive application of the law.

Another question is how to ensure a fair balance between the interests of the holders of unitary patents and those of national patent holders in non-participating countries. For instance, if a national patent holder in Spain wants to challenge the validity of a unitary patent that covers an invention similar to theirs, how can they do so without having to go before the UPC, which may not be accessible or convenient for them? Conversely, if a unitary patent holder wants to enforce their rights against a national patent holder in Spain who is allegedly infringing their patent, how can they do so without having to go before a national court that may not be familiar or favourable with the unitary patent? These questions raise issues of jurisdiction, recognition and enforcement of judgments, as well as substantive law harmonisation.

These legal issues are likely to generate uncertainty and litigation for both unitary patent holders and national patent holders in non-participating countries. They may also create barriers and distortions in the internal market and affect innovation and competitiveness. Therefore, it is desirable that these issues are addressed and clarified as soon as possible, either by legislative or judicial means.

Conclusion

The unitary patent is a new scheme that offers a simplified, economical and uniform protection in 17 EU member states. It is accompanied by a Unified Patent Court, which has exclusive jurisdiction to settle disputes relating to unitary patents. The unitary patent has advantages and disadvantages for inventors and innovative companies, depending on their strategy and market. Spain is one of the few EU countries that does not intend to join the unitary patent, mainly for linguistic reasons. Its exclusion has consequences for both unitary patent holders and Spanish actors in the patent market. The unitary patent also raises legal issues for non-participating countries, which are not yet fully resolved.

In conclusion, the unitary patent system is a major innovation in the field of intellectual property in Europe, but it also poses significant challenges for its implementation and acceptance. It aims to foster innovation and competitiveness in the EU, but it also creates disparities and conflicts between participating and non-participating countries. It offers a simplified and uniform protection for inventors and innovative companies, but it also exposes them to risks and uncertainties in cross-border litigation. It is therefore important that the unitary patent is carefully monitored and evaluated, and that its benefits and drawbacks are balanced and communicated to all stakeholders.

(1) https://www.epo.org/applying/european/unitary/unitary-patent.html

(2) https://www.epo.org/applying/european/unitary.html

(3) https://www.gov.uk/guidance/the-unitary-patent-and-unified-patent-court

Articles, Digital Security, EviCypher Technology

Protect US emails from Chinese hackers with EviCypher NFC HSM?

Posted on July 31, 2023August 1, 2023 by FMTAD

31
Jul

Protect your emails from Chinese hackers by Jacques Gascuel: This article will be updated with any new information on the topic.

Protéger les e-mails américains contre les pirates chinois avec la technologie HSM NFC EviCypher

Les courriels et les pièces jointes des institutions américaines font l’objet d’une attaque sans précédent qui proviendrait de pirates chinois. Comment la technologie HSM NFC EviCypher d’Andorre, développée par Freemindtronic, peut-elle les chiffrer sans contact et prévenir la corruption ? Dans cet article, vous découvrirez pourquoi les pirates ne peuvent pas lire les emails et leurs pièces jointes qui sont exfiltrés, notamment ceux du gouvernement américain qui utiliserait cette technologie qui stocke physiquement les clés de chiffrement à l’extérieur. Ainsi, seuls les utilisateurs autorisés qui disposent d’un HSM NFC Freemindtronic avec la bonne clé peuvent les déchiffrer.

Shadowy hacker with a laptop in front of a digital map of Russia highlighted in red, symbolizing the origin of Kapeka Malware.

2024 Digital Security

Kapeka Malware: Comprehensive Analysis of the Russian Cyber Espionage Tool

April 18, 2024

2024 Cyberculture Digital Security News Training

Andorra National Cyberattack Simulation: A Global First in Cyber Defense

April 15, 2024

Illustration of an Apple MacBook with a highlighted M-series chip vulnerability, surrounded by symbols of data security breach and a global impact background.

2024 Digital Security

Apple M chip vulnerability: A Breach in Data Security

March 25, 2024

Digital world map with cybersecurity icons representing the Cybersecurity Breach at IMF.

2024 Digital Security

Cybersecurity Breach at IMF: A Detailed Investigation

March 15, 2024

Digital world map showing cyberattack paths with Midnight Blizzard, Microsoft, HPE logos, email symbols, and password spray illustrations.

2024 DataShielder Digital Security PassCypher Phishing

Midnight Blizzard Cyberattack Against Microsoft and HPE: What are the consequences?

March 10, 2024

PrintListener technology concept with NFC security solutions.

2024 Digital Security

PrintListener: How to Betray Fingerprints

February 22, 2024

A visual representation of BitLocker Security featuring a central lock icon surrounded by elements representing Microsoft, TPM, and Windows security settings.

2024 Articles Digital Security News

BitLocker Security: Safeguarding Against Cyberattacks

February 10, 2024

Digital shield by Freemindtronic repelling cyberattack against Microsoft Exchange

2024 Articles Digital Security News

How the attack against Microsoft Exchange on December 13, 2023 exposed thousands of email accounts

February 8, 2024

How EviCypher NFC HSM technology can protect emails from Chinese hackers

The Chinese hack on US emails: what happened and why it matters

In July 2023, a massive cyberattack targeted email accounts belonging to US government officials, as well as private organizations and universities. The hackers, suspected of being linked to the Chinese government, exploited a vulnerability in Microsoft’s cloud service, called Exchange Server, which allows users to access their emails via the web.

According to Microsoft, the attack affected more than 30,000 organizations in the US and thousands of others around the world. The hackers used a technique called “web shell”, which involves installing malicious software on the compromised servers, giving them remote access to the data and systems of the victims.

Among the victims were the State Department, the Defense Department, the Justice Department, the Energy Department, NASA, FAA, as well as defense companies, NGOs, media and academic institutions. The hackers were able to access the emails and the attachments of the hacked accounts as well as other information stored in their email account such as contacts and calendars.

Microsoft described the attack as “highly sophisticated and targeted” and attributed responsibility to a group named Hafnium which it describes as “a state-sponsored actor backed by China”. The Chinese government denied any involvement and accused Microsoft of “slandering” China.

Microsoft released security patches to fix the vulnerability patches to fix the vulnerability and advised all Exchange Server users to apply them immediately. It also collaborated with US authorities to investigate the incident and help the victims recover from the attack.

The attack raised concerns about the security of cloud computing, which is increasingly used by public and private organizations to store and manage their data. Cloud computing offers benefits such as cost reduction, flexibility and efficiency.

How EviCypher NFC HSM technology could have prevented the Chinese hack on US emails

If you want to protect your emails from Chinese hackers or any other cyber threats, you should consider using EviCypher NFC HSM Technology. It is a technology patented especially in the United States that allows you to store and use your cryptographic keys in a contactless device. It is a simple, efficient and durable solution for securing your data and secrets. In this section, we will explain how EviCypher NFC HSM works, what are its main features and benefits, and how it can help you protect your privacy and security.

What is EviCypher NFC HSM and how does it work?

EviCypher NFC HSM is a technology developed by Freemindtronic, an Andorran company specialized in NFC security. It is based on EviCore NFC HSM, which is a hardware security module that combines hardware encryption and NFC communication protocols to protect your keys and secrets.

With EviCypher NFC HSM, you can store your keys and secrets in a contactless device, such as a card, a sticker or a keychain. The device is powered by the NFC signal of the Android phone. This phone serves as terminal and user interface. The data stored in memory are encrypted contactlessly from the EviCypher NFC HSM application that performs encryption and decryption operations using advanced algorithms, such as AES 256 bits and RSA 4096 bits.

EviCypher NFC HSM also implements anti-cloning and anti-replay mechanisms to prevent unauthorized access or duplication of your secrets. The device has a patented power monitoring and protection device with black box. This device ensures the integrity and availability of the device. The device also has a patented wireless access control system that allows you to define two distinct access profiles: administrator and users, without allowing them to access each other’s secrets without their authorization. The device also has a patented segmented key authentication system that allows you to define up to 9 trust criteria for encrypting your secrets, such as geolocation, BSSID, password or fingerprint.

How EviCypher NFC HSM could have prevented the Chinese hack on US emails?

If the US government had used EviCypher NFC HSM technology with EviCore NFC HSM technology, the Chinese attack would have had no impact. Indeed, even if the hackers had succeeded in exploiting Microsoft Exchange Server’s vulnerability, they would not have been able to access emails and attachments of accounts protected by EviCypher NFC HSM. They would need the corresponding NFC device to decrypt data. Moreover, they would not have been able to clone or replay the NFC signal because EviCypher NFC HSM uses protection techniques against these attacks. Finally, they would not have been able to bypass access control or trust criteria because EviCypher NFC HSM allows you to define custom profiles and parameters for each user.

By using EviCypher NFC HSM, you can encrypt and decrypt your data with your own keys, without relying on any third-party service or provider. You can also use different encryption algorithms, such as AES 256 bits and RSA 4096 bits, to ensure the highest level of security for your data. In addition, you can share and exchange your keys with other users who have EviCypher NFC HSM devices, using secure NFC communication protocols.

How to protect your emails and messages with EviCypher NFC HSM?

You can use EviCypher NFC HSM with different messaging applications, such as:

Webmail services: how to protect your emails and attachments with EviCypher NFC HSM?

You can use EviCypher NFC HSM to encrypt and decrypt your emails and attachments stored in webmail services. For example: Gmail, Yahoo Mail, Proton Mail, Outlook, Roundcube Webmail, HCL Domino Webmail and others. To do this, you need to install the EviCypher Webmail extension on your web browser based on Chromium, such as Chrome. The extension will automatically add buttons to encrypt and decrypt your messages via the NFC device.

Instant messaging services: how to protect your messages with EviCypher NFC HSM?

You can use EviCypher NFC HSM to encrypt and decrypt your messages sent or received from instant messaging services. For example: WhatsApp, Telegram, Signal, Facebook Messenger, Skype and others. To do this, you need to install the EviCypher IM extension on your web browser based on Chromium, such as Chrome. The extension will automatically add buttons to encrypt and decrypt your messages via the NFC device.

SMS: how to protect your SMS messages with EviCypher NFC HSM?

You can use EviCypher NFC HSM to encrypt and decrypt your SMS messages sent or received from your Android phone. To do this, you need to install the EviCypher SMS application on your phone. The application will automatically encrypt and decrypt your SMS messages via the NFC device.

Statistics on email attacks against the US

According to a report by Proofpoint, a cybersecurity company, email is the most common vector for cyberattacks against the US. The report states that in 2022, more than 80% of organizations in the US faced at least one email-based attack, such as phishing, malware or ransomware. The report also reveals that the US is the most targeted country by email threats, accounting for 36% of all global attacks. The report also identifies China as one of the top sources of email attacks, along with Russia, Iran and North Korea.

The report also highlights the impact of email attacks on the US economy and security. The report estimates that email attacks cost US organizations more than $20 billion in 2022, due to data breaches, business disruptions, reputational damage and legal fees. The report also warns that email attacks pose a serious threat to the US national security, as they can compromise sensitive information, disrupt critical infrastructure and undermine public trust.

The report recommends that US organizations adopt a comprehensive and proactive approach to email security, which includes:

Educating employees on how to recognize and avoid email threats
Implementing advanced email security solutions that can detect and block malicious emails
Encrypting sensitive data and using strong passwords
Backing up data regularly and having a recovery plan in case of an attack
Reporting any suspicious or malicious email activity to authorities

What is EviCore HSM OpenPGP and how does it protect your emails from Chinese hackers?

EviCore HSM OpenPGP is a technology that transforms your Android or iPhone into a hardware security module (HSM) for encrypting and storing your cryptographic keys. It leverages the highly secure OpenPGP standard, known for its use by whistleblowers, journalists, activists and privacy advocates.

With EviCore HSM OpenPGP, you can generate and manage your own keys on your phone, without relying on any third-party service or provider. You can also encrypt and decrypt your messages with your own keys, using the EviCypher HSM OpenPGP application that supports various messaging applications, such as email, webmail, SMS, RCS and more.

EviCore HSM OpenPGP also implements anti-cloning and anti-replay mechanisms to prevent unauthorized access or duplication of your keys. The application also has a patented wireless access control system via an NFC HSM EviBadge NFC HSM that allows you to authenticate and encrypt with segmented keys the OpenPGP encryption keys or any other types of keys stored in the phone. It is also possible to add trust criteria that allow you to define up to 7 trust criteria for encrypting messages (email, webmail, SMS, MMS, RCS and others) such as geolocation, BSSID, password, fingerprint, facial recognition, segmented keys between two distinct parties.

By using EviCore HSM OpenPGP, you can protect your emails from Chinese hackers or any other cyber threats. You can also use it with EviCypher NFC HSM devices, which allow you to encrypt and decrypt data in air gap mode.

What are the advantages of EviCore HSM OpenPGP?

EviCore HSM OpenPGP offers several advantages over other encryption solutions, such as:

Simplicity: You don’t need any additional hardware or software to use EviCore HSM OpenPGP. You only need your phone and the EviCypher HSM OpenPGP application.
Efficiency: You can encrypt and decrypt your messages with a single tap on your phone screen. You don’t need to enter any passwords or codes to access your keys.
Durability: You can store your keys securely on your phone memory, export them, import them, back them up on a cloud service or an external storage device. You can also use NFC HSM devices to add other trust criteria with segmented keys stored in the device.
Compatibility: You can use EviCore HSM OpenPGP with different messaging applications, such as email, webmail, SMS, RCS and more. You can also use it with EviCypher NFC HSM devices, which allow you to encrypt and decrypt data in air gap mode.
Security: You can protect your keys and messages from hackers, malware and physical theft. You can also control who can access your keys and messages by defining access profiles and trust criteria.

How EviCypher HSM Technology is protected by patents

EviCypher HSM technology is protected by several patents issued by various countries, including the US. Some of these patents are:

US20210136579: A method for securing data using a contactless device that stores cryptographic keys and performs encryption and decryption operations via NFC communication with an Android phone.
US20100188785: A method for protecting a contactless device from cloning or replay attacks by using a power monitoring and protection device with black box that detects any abnormal power consumption or interruption.
US20180336335: A method for authenticating a contactless device by using a segmented key authentication system that allows defining up to 9 trust criteria for encrypting secrets, such as geolocation, BSSID, password or fingerprint.

These patents demonstrate the innovation and originality of EviCypher HSM Technology, as well as its compliance with the US intellectual property laws. These patents also provide legal protection for EviCypher NFC HSM Technology and EviCypher HSM OpenPGP against any potential infringement or imitation by competitors.

Conclusion

EviCore HSM OpenPGP is a new technology that allows you to turn your phone into a hardware security module for encrypting and storing your cryptographic keys. It is based on the OpenPGP standard, which is widely used for secure communication and data protection. By using EviCore HSM OpenPGP, you can protect your emails from Chinese hackers or any other cyber threats. You can also use it with different messaging applications, such as email, webmail, SMS, RCS and more. Moreover, you can use it with EviCypher NFC HSM devices, which allow you to encrypt and decrypt data in air gap mode.

We hope this article has helped you understand how EviCore HSM OpenPGP works and what are its advantages. If you are interested in learning more about this technology or ordering your own device, please visit the official website of Freemindtronic, the company that developed it. You can also watch this video that explains how EviCore HSM OpenPGP works and how to use it with different messaging applications.

Thank you for reading this article. We hope you have learned something new and useful about how to protect your emails from Chinese hackers with EviCypher NFC HSM technology. If you have any questions or feedback, please feel free to leave a comment below. We would love to hear from you.

If you enjoyed this article and found it helpful, please share it with your friends and family who might be interested in protecting their emails from Chinese hackers or any other cyber threats. Stay safe and secure with EviCypher NFC HSM technology!

Original source: https://www.washingtonpost.com/national-security/2023/07/12/microsoft-hack-china/

Articles, Compagny spying, CyberStealth, Industrial spying, Military spying, News, Spying

Ommic case: How a French company allegedly handed over military secrets to China and Russia

Posted on July 27, 2023July 28, 2023 by FMTAD

27
Jul

Ommic case by Jacques Gascuel: This article will be updated with any new information on the topic.

Ommic case: A scandal of military industrial espionage

Ommic, a French semiconductor company, suspected of spying for China and Russia. Alleged delivery of military material and processes for radars, missiles or drones. Economic and political consequences for France and Europe. Questions about the protection and control of dual-use technologies. Article on the Ommic case, the technological secrets, the measures taken by the French government and other cases of military industrial espionage in the world.

2024 Digital Security

Kapeka Malware: Comprehensive Analysis of the Russian Cyber Espionage Tool

April 18, 2024

2024 Cyberculture Digital Security News Training

Andorra National Cyberattack Simulation: A Global First in Cyber Defense

April 15, 2024

2024 Digital Security

Apple M chip vulnerability: A Breach in Data Security

March 25, 2024

2024 Digital Security

Cybersecurity Breach at IMF: A Detailed Investigation

March 15, 2024

2024 DataShielder Digital Security PassCypher Phishing

Midnight Blizzard Cyberattack Against Microsoft and HPE: What are the consequences?

March 10, 2024

2024 Digital Security

PrintListener: How to Betray Fingerprints

February 22, 2024

2024 Articles Digital Security News

BitLocker Security: Safeguarding Against Cyberattacks

February 10, 2024

2024 Articles Digital Security News

How the attack against Microsoft Exchange on December 13, 2023 exposed thousands of email accounts

February 8, 2024

Ommic case: The story of a French semiconductor company accused of spying for China and Russia

The Ommic case is a scandal of industrial espionage that involves a French company specialized in the manufacture of high-tech semiconductors. According to the charges brought by the French justice, Ommic would have delivered to China and Russia material and processes sensitive to the military, used in particular by the French army. The French general manager of the company, as well as three other people, were indicted in March 2023 for “delivery to a foreign power of processes, documents or files likely to harm the fundamental interests of the Nation”. The French state took temporary control of the company and seized several tens of millions of euros. In June 2023, Ommic was sold to an American owner and changed its name to Macom. This case raises questions about the protection of French technological know-how and the risks associated with the transfer of strategic technologies to foreign powers.

What is Ommic?

Ommic, located near Paris in Limeil-Brévannes, has a history of more than 40 years in material science, semiconductor wafer processing and monolithic microwave integrated circuit (MMIC) design. Its differentiated manufacturing capabilities include several semiconductor processes and products qualified by the European Space Agency (ESA). Ommic uses notably gallium arsenide (GaAs) and gallium nitride (GaN) technologies, which allow to produce high-performance electronic components for high-frequency applications. Ommic counts among its customers major players in the space sector, such as Thales Alenia Space or Airbus Defence and Space.

Why did Macom buy Ommic?

Macom is an American supplier of semiconductor products for the telecommunications, industrial and defense and data center sectors. Macom announced in February 2023 that it had entered into a definitive agreement to acquire the assets and operations of Ommic for approximately 38.5 million euros. Macom sees Ommic’s high-frequency MMIC product portfolio and design capability as an aid to address microwave applications on target markets. Macom also said that acquiring Ommic should allow it to focus more on European markets and expand its wafer production capacity.

What are the technological secrets delivered by Ommic?

According to the information revealed by the French press, Ommic would have delivered to China and Russia material and processes sensitive to the military, which could have been used to manufacture radars, missiles or drones. These would include machine tools capable of engraving GaN wafers, a highly sought-after technology for its performance in terms of power, efficiency and thermal resistance. Ommic would also have transmitted digital files containing integrated circuit plans, source codes or algorithms. These technological secrets would have an estimated value of several hundred million euros.

What are the consequences of the Ommic case?

The Ommic case had legal, economic and political consequences. On the legal level, four people were indicted and placed under judicial control. They face 15 years in prison and 225 000 euros fine.

On the economic level, the French state took temporary control of the company. It also seized several tens of millions of euros. Moreover, it launched an audit to assess the damage to national defense. Additionally, it strengthened the security and competitiveness of the French semiconductor industry.

On the political level, the Ommic case provoked contrasting reactions. Some denounced a national betrayal and a threat to technological sovereignty. Others minimized the scandal and welcomed the takeover by Macom. The French government affirmed its vigilance and reminded that France had other leading players in this field.

The Ommic case also had implications for the world of semiconductors. This is a strategic sector for many applications. The case revealed the vulnerability of some European companies to foreign espionage and competition. The case also highlighted the importance of protecting intellectual property rights and preventing technology transfers. The case also raised questions about Macom’s role and responsibility.

How did Macom react to the Ommic case?

Macom reacted to the Ommic case by expressing its support for the French authorities and its commitment to comply with all applicable laws and regulations. Macom stated that it was not aware of any wrongdoing by Ommic or its employees before or during the acquisition process. Macom also stated that it had conducted a thorough due diligence on Ommic’s business and operations before closing the deal. Macom said that it was cooperating fully with the French authorities and that it was confident that it would be able to demonstrate its good faith and integrity.

Macom also tried to reassure its customers and partners about its ability to continue to provide high-quality products and services based on Ommic’s technologies. Macom said that it had taken steps to ensure the continuity of Ommic’s operations and to preserve its know-how and expertise. Macom also said that it had implemented strict security measures to protect Ommic’s intellectual property and trade secrets from unauthorized access or disclosure.

Macom also emphasized the strategic value of acquiring Ommic for its growth and innovation objectives. Macom said that Ommic’s high-frequency MMIC product portfolio and design capability were complementary to its own offerings and would enable it to address microwave applications on target markets. Macom also said that acquiring Ommic would allow it to focus more on European markets and to expand its wafer production capacity.

Are these measures enough to ensure the security and competitiveness of France in the field of semiconductors?

According to experts, these measures are necessary but not sufficient. It would also be necessary to strengthen European cooperation, which is essential to cope with global competition, especially from China and the United States. It would also be necessary to anticipate technological changes and market needs, which are constantly changing. It would finally be necessary to develop a coherent and ambitious industrial and commercial strategy, which values the assets and specificities of France.

What are the challenges and opportunities that arise for the future?

The challenges are numerous, but so are the opportunities. The field of semiconductors is indeed a key sector for many applications, such as aeronautics, automotive, space, health or digital. The global demand is strong and should continue to grow in the coming years. France has recognized skills and innovative players in this field, who can differentiate themselves by their quality, reliability or performance. France can therefore play a major role in the development and dissemination of tomorrow’s technologies.

What are some other examples of military industrial espionage cases in the world?

Military industrial espionage is the practice of spying on or stealing information from other countries or companies that are involved in the development, production, or sale of military equipment, technology, or services. Military industrial espionage can have serious consequences for national security, economic competitiveness, and international relations.

There are many examples of military industrial espionage cases in the world, involving different actors, methods, and targets. Here are some of them:

In 2019, a former engineer at Raytheon, a US defense contractor, was arrested and charged with exporting sensitive missile technology to China. Wei Sun, a Chinese-born US citizen, admitted that he took a laptop containing classified information about Raytheon’s products to China without authorization. He also admitted that he shared some of the information with Chinese professors and students at a university in China ¹.
In 2018, a former employee of the French aerospace company Thales was convicted of spying for China. Henri Dumoulin, a French citizen, was accused of passing confidential documents about radar systems and missile guidance to Chinese intelligence agents. He was sentenced to six years in prison and fined 40,000 euros ².
In 2017, a former employee of the German engineering company Siemens was found guilty of selling trade secrets to Russia. Evgeny Kaspersky, a Russian citizen, worked as a software developer at Siemens and had access to the source code of a software used to control gas turbines. He copied the code and sold it to a Russian company that was linked to the Russian military. He was sentenced to two years and nine months in prison ³.
In 2016, a former employee of the British defense company BAE Systems was arrested and charged with attempting to sell jet fighter secrets to Iran. Simon Finch, a British citizen, worked as a software engineer at BAE Systems and had access to sensitive information about the Typhoon fighter jet. He allegedly tried to sell the information to Iranian officials through an encrypted messaging app. He was later acquitted after claiming that he acted out of frustration over his treatment by BAE Systems.

How to prevent and combat military industrial espionage?

Military industrial espionage is a widespread and dangerous phenomenon for the security and competitiveness of countries and companies involved in the military industry. It involves spying or stealing sensitive information or technology for military purposes. Therefore, it is important to implement effective measures to prevent and combat this type of espionage. These measures may include:

Strengthening the protection and control of classified or proprietary information and technology.
Enhancing the awareness and education of employees and contractors about the risks and responsibilities.
Increasing the cooperation and coordination among national and international authorities and partners.
Prosecuting and sanctioning those who engage in or facilitate military industrial espionage.

The Ommic case is not an isolated case of military industrial espionage in the world. There are many cases where countries or companies have tried to appropriate or transfer sensitive information or technology. Some of these technologies are dual-use, meaning that they can have both civilian and military applications. This is the case for data encryption and messaging.

The complexity and dynamics of industrial espionage with a military character

Industrial espionage with a military character is a complex and dynamic phenomenon, which evolves according to technological advances, geopolitical power relations and the strategies of the actors involved. It poses significant challenges for the security and competitiveness of countries and companies that are victims or targets of this practice. It therefore requires constant vigilance and continuous adaptation to prevent and combat this threat.

The Ommic case is a concrete and recent example of industrial espionage with a military character that illustrates one of the methods that this practice can take. It also shows the flaws and risks associated with dual-use technologies, i.e. technologies that can have both civilian and military applications. It invites us to think about the future prospects and challenges posed by industrial espionage with a military character in an increasingly connected and competitive world.

Conclusion: The Ommic case and the challenges of industrial espionage with a military character

Industrial espionage with a military character is a complex and dynamic phenomenon, which evolves according to technological advances, geopolitical power relations and the strategies of the actors involved. It poses significant challenges for the security and competitiveness of countries and companies that are victims or targets of this type of espionage. It therefore requires constant vigilance and continuous adaptation to prevent and combat this threat.

In this article, we have presented the Ommic case, a scandal of industrial espionage with a military character that involves a French company specialized in the manufacture of high-performance electronic components for high-frequency applications. We have explained the facts, the actors, the stakes and the consequences of this case. We have also shown how this case illustrates one form of industrial espionage with a military character by transfer, according to the means and methods used. In the next article, we will address other methods such as infiltration, surveillance, hacking, subversion.

In the next article, we will also talk about the counter-espionage technologies such as those designed, developed and manufactured by Freemindtronic, which include innovative digital security solutions based on quantum cryptography. These solutions allow to protect sensitive data from theft, falsification or corruption, using unbreakable encryption keys and tamper-proof transactions.

We will explain how these solutions can help countries and companies to protect themselves from attacks of industrial espionage with a military character, using cutting-edge and environmentally friendly technologies.

If you want to learn more about how to protect your data and communication from industrial espionage with a military character, stay tuned for our next article on Freemindtronic’s innovative solutions based on quantum cryptography.

Articles, Digital Security, EviVault Technology, NFC HSM technology, Technical News

EviVault NFC HSM vs Flipper Zero: The duel of an NFC HSM and a Pentester

Posted on July 4, 2023March 25, 2024 by FMTAD

04
Jul

EviVault NFC HSM vs Flipper Zero by Jacques Gascuel: This article will be updated with any new information on the topic.

Unveiling the Encounter: EviVault NFC HSM vs Flipper Zero

This article examines the encounter between EviVault NFC HSM and Flipper Zero. While EviVault NFC HSM securely stores your blockchain keys offline, Flipper Zero serves as a device to test the security of wireless systems and NFC tags. The crucial question remains: Can Flipper Zero break through the defenses of EviVault NFC HSM and access your cryptocurrencies keys? The resounding answer is no, and we will explore the compelling reasons behind this assertion.

2024 Digital Security

Kapeka Malware: Comprehensive Analysis of the Russian Cyber Espionage Tool

April 18, 2024

2024 Cyberculture Digital Security News Training

Andorra National Cyberattack Simulation: A Global First in Cyber Defense

April 15, 2024

2024 Digital Security

Apple M chip vulnerability: A Breach in Data Security

March 25, 2024

2024 Digital Security

Cybersecurity Breach at IMF: A Detailed Investigation

March 15, 2024

2024 DataShielder Digital Security PassCypher Phishing

Midnight Blizzard Cyberattack Against Microsoft and HPE: What are the consequences?

March 10, 2024

2024 Digital Security

PrintListener: How to Betray Fingerprints

February 22, 2024

2024 Articles Digital Security News

BitLocker Security: Safeguarding Against Cyberattacks

February 10, 2024

2024 Articles Digital Security News

How the attack against Microsoft Exchange on December 13, 2023 exposed thousands of email accounts

February 8, 2024

EviVault NFC HSM vs Flipper Zero: The duel of an NFC HSM and a Pentester

EviVault NFC HSM vs Flipper Zero: this is the question that this article will answer. EviVault NFC HSM is a technology that securely stores your blockchain keys offline. Flipper Zero is a device that tests the security of wireless systems and NFC tags. Can Flipper Zero compromise EviVault NFC HSM and access your cryptocurrencies keys? The answer is no, and this article will explain why.

EviVault NFC HSM vs Flipper Zero is a topic that interests many crypto enthusiasts and security experts. Moreover, it sparks curiosity about the comparison between these two technologies. EviVault NFC HSM is a technology that allows offline physical secure storage of blockchain private keys, cryptocurrencies, wallets, Bitcoin, Ethereum, NFTs, Smart Contracts. Freemindtronic, a company from Andorra that specializes in NFC security solutions, developed it. EviVault NFC HSM uses the EviCore NFC HSM technology, which offers a high level of protection and encryption for your keys and secrets. It also works with Freemindtronic’s NFC HSM devices, which are contactless devices that can store and use your crypto keys and secrets. You can learn more about this technology here: https://freemindtronic.com/evicore-nfc-hsm-the-technology-by-freemindtronic/.

Flipper Zero is a versatile tool for testing the security and cybersecurity of systems, especially for pentesters. However, it can be used for malicious purposes, such as by cybercriminals to hack into digital systems, such as radio protocols, access control systems, hardware and more. At first glance, one might think that Flipper Zero is capable of compromising EviVault NFC HSM by reading or cloning its secrets without contact. However, this is not the case because EviVault NFC HSM has several security mechanisms that prevent any attempt of physical or logical attack.

In this article, we will explain how EviCore NFC HSM can resist effectively to the attacks of pentest tools like Flipper Zero and how it protects your blockchain assets from end to end, focusing on the device level.

How EviCore NFC HSM protects and encrypts your secrets with a secure element

First of all, EviCore NFC HSM is a proprietary technology that uses an NFC HSM to store and protect your secrets. It uses a proprietary protocol called EVI (Encrypted Virtual Interface) based on the ISO 15693 standard (https://www.st.com/resource/en/datasheet/m24lr64e-r.pdf or (https://www.st.com/resource/en/datasheet/st25dv64kc.pdf).

EVI ensures the proper functioning of reading and writing encrypted secrets with an intelligent system of error monitoring for write errors or reading from the secure EEPROM memory. You can find more information about the security standards and algorithms used by EVI here: https://freemindtronic.com/evicore-nfc-hsm-security-information-standards-algorithms-regulatory.

Moreover, EviCore NFC HSM uses other specific encryption algorithms such as AES CTR SHA 256 bits to encrypt and protect your secrets by segmented keys. Meanwhile EVI protects the keys used to access the RF NFC memories with a very strong secret code via AES ECB 128. This secret code prevents unauthorized reading or modification of keys. EVI makes the NFC and RF memories safer to combat invasive or non-invasive attacks from pentest tools like Flipper Zero.

EviCore NFC HSM: a fortress for your secrets EviVault NFC HSM vs Pentester

The NFC HSM EviCore, developed by Freemindtronic, is a technology protected by three patents of invention in their implementation. It is incomparable. It uses its innovative Encrypted Virtual Interface (EVI) protocol to ensure unparalleled security of confidential data in the duel EviVault NFC HSM vs Flipper Zero. This technology, compliant with the ISO 15693 standard, constitutes a multi-layer defense for your information. Seamlessly integrated within it are advanced features such as encryption, authentication, anti-cloning, anti-replay, anti-counterfeiting, and comprehensive black box management.

The Interaction between EVI and the NFC HSM: Securing Secrets in the EviVault NFC HSM vs Flipper Zero Duel

EVI, the Machine-to-Machine (MtoM) interface, collaborates with NFC HSM chips to ensure secure management of encrypted data read and write operations without risk of physical and digital errors. Thus, EVI monitors errors in reading/writing secure EEPROM memory through a sophisticated error tracking system that includes user errors of NFC HSM. In addition, it independently manages various cryptographic tasks such as encryption, decryption, signing, verification, and key generation of access codes to EEPROM memories. It thus strengthens the level of security, resilience and security of encrypted secrets. These are encrypted with other EviCore NFC HSM algorithms. This already constitutes two lines of defense against invasive or non-invasive attacks.

The Importance of External Elements in the EviVault NFC HSM vs Flipper Zero Duel

The encryption methodology of EviCore NFC HSM allows each segment to have a different physical origin in the duel EviVault NFC HSM vs Flipper Zero. This means that it can come from an external element to the NFC HSM, such as a geographic location and/or a password or fingerprint reading and/or a segmented QR code key exceeding 256 bits and/or BSSID and/or an NFC Android phone identifier. In fact, these elements serve as physical origin trust criteria, thus strengthening the validation process to access the secrets stored in the NFC HSM. Thus, this patented technology constitutes a third line of defense against various types of attacks, whether in proximity or at a distance, thanks in particular to encryption by encapsulations including these criteria freely defined by the user.

Superior Encryption and Deterrence against Unauthorized Access in the EviVault NFC HSM vs Flipper Zero Duel

Using high-quality encryption algorithms such as AES CTR SHA 256 bits considered post-quantum, the EviCore NFC HSM technology ensures that secrets remain inaccessible to unauthorized entities in the long term against pentest tools such as in the duel EviVault NFC HSM vs Flipper Zero. In addition, EVI protects the keys of NFC RF memories using AES ECB 128, preventing any unauthorized reading or modification. Thus, with this post-quantum encryption of secrets stored in the NFC HSM, it constitutes the fourth line of defense against attacks, especially invasive ones via pentest tools such as Flipper Zero.

Comprehensive Defense against Cyber Threats in the EviVault NFC HSM vs Flipper Zero Duel

EviCore NFC HSM provides a comprehensive defense strategy against both physical and logical attacks in the EviVault NFC HSM vs Flipper Zero duel. Its defenses include countermeasures against tampering, cloning, side-channel analysis, and reverse engineering. As the battle between EviVault NFC HSM and Flipper Zero intensifies, EviCore NFC HSM remains steadfast in protecting your secrets and ensuring a resilient defense against emerging cyber threats.

The EviCore NFC HSM technology operates without batteries and is activated on-demand, optimizing energy usage by leveraging the NFC signal of an Android phone. This unique feature not only showcases the system’s efficiency but also its environmentally friendly design. With EviCore NFC HSM technology, you get the peace of mind offered by patented and unparalleled security in the security and safety of sensitive data such as blockchain and cryptocurrency private keys in the face of perpetually evolving challenges via pentest tools that are freely accessible and very useful for testing, especially the duality EviVault NFC HSM vs Flipper Zero.

How Flipper Zero reads and emulates NFC cards

Flipper Zero has a Reading NFC cards function that allows it to read, save and emulate NFC cards. An NFC card is a transponder that operates at 13.56 MHz and has a unique number (UID) as well as a part of rewritable memory for storing data. Depending on the card type, memory can be segmented into sectors, pages, applications, etc. When near a reader, the NFC card transmits the requested data.

Flipper Zero can read different types of NFC cards according to their standard and protocol:

NFC cards type A: MIFARE Classic®, MIFARE Ultralight® & NTAG®, MIFARE® DESFire®
NFC cards type B: Calypso®, CEPAS
NFC cards type F: FeliCa™
NFC cards type V: ICODE® SLIX
Unknown cards: cards not recognized by Flipper Zero

Flipper Zero can also emulate NFC cards by using the data saved in its memory. To do this, you have to select a card from the Saved list then press Emulate. Flipper Zero will then behave like an NFC card and can communicate with a compatible reader.

Flipper Zero can therefore communicate with EviCore NFC HSM technology using the ISO 15693 standard which is supported by the ST25R3916 component it uses. However as we have seen previously this communication is limited and secured by EviVault NFC HSM protection mechanisms. Moreover Flipper Zero can emulate an ISO 15693 card even if the emulator has limitations. Indeed, the ST25R3916 component used by Flipper Zero allows emulation according to the ISO 15693 standard via RFLA (RF/NFC Abstraction Layer). However this emulation has limits to be able to test the NFC HSM of Freemindtronic. This excludes, for example, the possibility of testing the security and carrying out malicious attacks by emulating an ISO 15693 64Kb NFC chip used by the NFC HSMs used by the EviVault NFC HSM technology.

If you want to know more about Flipper Zero’s Reading NFC cards function and its emulation possibilities you can check out the following links:

Flipper Zero’s Capabilities and Limitations in Attacking EviVault NFC HSM

Flipper Zero’s Support of NFC-V Protocol and Emulation

A New Feature in Firmware 0.85.2

Flipper Zero is a multifunctional gadget for hackers that supports NFC technology. It can read, write, clone, and emulate NFC cards using a built-in 13.56 MHz NFC module. Flipper Zero uses a ST25R3916 NFC controller and a RFAL library to handle high-frequency protocols (NFC) and facilitate the development of NFC applications.

Flipper Zero supports the NFC-V (ISO15693) protocol since the firmware version 0.85.2. This protocol is used by some NFC tags, such as transport cards or electronic labels. With this feature, Flipper Zero can read and emulate these tags, which can be useful for testing their security or having fun with them.

The NFC-V protocol is a contactless protocol that operates at 13.56 MHz and allows data transfer at a distance of a few centimeters, with a maximum speed of 26.48 kbit/s. The NFC-V protocol is based on the ISO15693 standard, which defines the physical and logical characteristics of NFC tags. The NFC-V tags are recognized by the NFC Forum as type 5 tags.

To use the NFC-V protocol with Flipper Zero, you need to select the “NFC” option in the main menu, then choose the “NFC-V” mode. Then you need to bring the Flipper Zero close to an NFC-V tag to detect it and display its information. You can then choose to perform different actions on the tag, such as:

Read: to read the content of the tag and display it on the screen of Flipper Zero. The tag can contain up to 256 blocks of 4 bytes each.
Write: to write data on the tag, by choosing the page and the bytes to modify. The writing can be protected by a password.
Clone: to copy the content of the tag into the internal memory of Flipper Zero. Flipper Zero can store up to 8 cloned tags.
Emulate: to make the reader believe that Flipper Zero is the original tag. Flipper Zero can emulate any cloned tag.

A Potential Threat for EviVault NFC HSM

This feature also introduces a potential threat for EviVault NFC HSM, as Flipper Zero can now emulate an NFC-V card and try to access its data or functions. However, this threat is not very serious, as EviVault NFC HSM has strong security mechanisms that prevent unauthorized access or tampering.

EviVault NFC HSM is a hardware security module that uses NFC technology to store and manage cryptographic keys. It is designed to protect sensitive data and transactions from unauthorized access or tampering. It can be used as a secure element for authentication, encryption, digital signature, or blockchain applications.

EviVault NFC HSM uses encryption, authentication, protection against cloning and replay, and other techniques to ensure that only authorized devices can interact with it. Even if Flipper Zero can emulate an NFC-V card, it cannot decrypt or modify its data, nor perform any cryptographic operations on it.

Therefore, Flipper Zero’s support of NFC-V emulation does not compromise EviVault NFC HSM’s security or confidentiality.

Documentation

If you want to learn more about Flipper Zero’s support of NFC-V protocol and emulation, you can consult the following documentation:

The documentation on NFC in Flipper Zero : https://docs.flipperzero.one/nfc
The document on the RFAL library : https://www.st.com/resource/en/data_brief/stsw-st25rfal002.pdf

Flipper Zero’s Lack of Support for Energy Harvesting and Password Protection

Two Features of M24LR64E-R and ST25DV64KC Chips

The M24LR64E-R and ST25DV64KC are dynamic NFC/RFID chips with 64-Kbit EEPROM, energy harvesting, I2C bus and RF ISO 15693 interface. They are used by Freemindtronic for their EviVault NFC HSM products. They have two features that Flipper Zero does not support: energy harvesting and password protection.

Energy harvesting is a function that allows the chip to harvest energy from the RF field and use it to power external components. This can be useful for low-power applications or battery-less devices. The chip has an analog pin for energy harvesting and four sink current configurable ranges.

Password protection is a function that allows the chip to protect its data from unauthorized access or modification by using passwords. The chip has three 64-bit passwords in RF mode and one 64-bit password in I2C mode. The passwords can be used to protect one to four configurable areas of memory in read and/or write mode.

Two Limitations for Flipper Zero in Attacking EviVault NFC HSM

Flipper Zero cannot take advantage of these two features for several reasons:

Flipper Zero cannot emulate a tag NFC 15693 with a memory of 64-Kbit, because it does not have enough internal memory to store the content of the tag. It cannot therefore pretend to be the original tag and try to access its data or functions.
Flipper Zero cannot clone a tag NFC 15693 with a memory of 64-Kbit, because it does not have enough internal memory to copy the content of the tag. It cannot therefore create a duplicate of the tag and modify it at will.
Flipper Zero cannot write on a tag NFC 15693 protected by a password, because it does not know the password. It cannot therefore modify the data of the tag or make them inaccessible.
Flipper Zero cannot benefit from the energy harvesting function of the M24LR64E-R and ST25DV64KC chips, because it does not have an analog pin to harvest energy. It cannot therefore power external components with the energy of the tag.

These limitations further reduce Flipper Zero’s capabilities in attacking EviVault NFC HSM. While Flipper Zero can interact with NFC-V devices used by NFC HSM, it cannot emulate them, clone them, write on them. EviVault NFC HSM’s robust security mechanisms ensure that Flipper Zero cannot compromise its security or confidentiality.

Documentation

If you want to learn more about the M24LR64E-R and ST25DV64KC chips and their features, you can consult the following documentation:

The datasheet of the M24LR64E-R : https://www.st.com/resource/en/datasheet/m24lr64e-r.pdf
The product page of the M24LR64E-R : https://www.st.com/en/nfc/m24lr64e-r.html
The datasheet of the ST25DV64KC : https://www.st.com/resource/en/datasheet/st25dv64kc.pdf
The product page of the ST25DV64KC : https://www.st.com/en/nfc/st25dv64kc.html

Conclusion
In this article, we analyzed how Flipper Zero can test the security of or attack EviVault NFC HSM technology through malicious use. This technology enables secure offline physical storage of blockchain private keys, cryptocurrency wallets, NFTs, and smart contracts. It uses EviCore NFC HSM technology that offers a high level of protection and encryption for your keys and secrets. It also works with Freemindtronic’s NFC HSM devices that are contactless devices that can store and use your cryptocurrency keys and secrets. Flipper Zero is a tool that can read, write, clone and emulate NFC cards using a built-in NFC module. It supports the NFC-V (ISO15693) protocol since June 2023, which allows it to interact with the M24LR64E-R and ST25DV64KC chips used by EviVault NFC HSM. However, Flipper Zero cannot compromise EviVault NFC HSM, because it has robust security mechanisms that prevent unauthorized access or modification of its data or functions. These mechanisms include encryption, authentication, protection against cloning and replay, energy harvesting and password protection. Therefore, EviVault NFC HSM is a reliable and innovative solution for offline storage and use of cryptocurrency keys without risk of hacking or loss.
It is understood that to perform this type of invasive or non-invasive proximity test or attack, you must first physically obtain an NFC HSM with blockchain or cryptocurrency private keys stored via EviVault NFC HSM.
Since it is not possible to emulate a NFC-V NFC HSM of 64 KB iso 15963. That it is not possible to guess the decryption keys encrypted in AES considered post-quantum. In addition, encryption keys are segmented to annoy blockchain and cryptocurrency privates. EviVAult NFC HSM technology allows you to securely store physical offline blockchain private keys as well as their public addresses and public keys. You can use them contactlessly on Android NFC phone or all computers such as Microsoft Windows, Linux and iOS Apple. It also protects them from environmental hazards by using NFC chips coated with defense-grade resin.
To acquire products using EviVault NFC HSM technology, simply check that the product includes this technology. If in doubt, contact Freemindtronic by clicking here.

Comparison table of EviVault NFC HSM and Flipper Zero features

It might be useful to add this table of main features of EviVault NFC HSM and Flipper Zero to show the communication links that allow Flipper Zero to communicate with EviCore NFC HSM technology. Here is the table formatted with the features of EviVault NFC HSM and Flipper Zero.

Feature	EviVault NFC HSM	Flipper Zero
Encryption algorithm	AES 256 bits and RSA 4096	None
Authentication mechanism	Segmented key with 9 trust criteria	None
Protection against cloning and replay	Yes	No
Power security device and black box	Yes	No
Wireless access control system	Yes	No
Memory size	64 KB EEPROM	1024 KB Flash
Memory encryption	Yes	No
Memory access lockout	Yes	No
Frequencies below 1 MHz	13.56 MHz ± 7 kHz	13.56 MHz / 125 kHz (LF) and (HF)
NFC standard	ISO 15693 and compatible ISO 18000-3 mode 1 423 kHz and 484 kHz 53 kbit/s data rate	NFC-A / ISO14443A, NFC-B / ISO14443B, NFC-F / FeliCa™, NFC-V / ISO15693, NFC-A / ISO14443A, NFC-F / FeliCa™ in card emulation, compliant with MIFARE Classic®
Sub-GHz frequencies	None	315 MHz, 433 MHz, 868 MHz and 915 MHz
Bluetooth	Yes: Protected by RSA 4096 for Freemindtronic’s Android NFC application and by AES-128 CBC from EviKeyboard BLE	Bluetooth LE 5.0
Wifi	Yes: Protected by RSA 4096 for Freemindtronic’s Android NFC application and unique ECC key for one-time use with the NFC HSM Browser extension	Yes, optional
Infrared transmitter	None	Yes
RFID reader-emulator	None	EM-4100 and HID Prox cards only
NFC reader-emulator	None	Yes, but without encryption or authentication
Anti-counterfeiting	Yes, by unique signature of 128 bits and access to segmented key	None
iButton reader-emulator	None	Yes
GPIO connectors	None	18
Man-in-the-middle attack by intercepting the NFC signal	Secure	Yes

Note that this table shows the differences between the features of EviVault NFC HSM and Flipper Zero when used to attack EviVault NFC HSM.

Articles, NFC HSM technology, Technical News

Digital signature: How Freemindtronic secures its software

Posted on July 3, 2023July 4, 2023 by FMTAD

03
Jul

Digital signature by Jacques gascuel This article will be updated with any new information on the topic, and readers are encouraged to leave comments or contact the author with any suggestions or additions.

How Freemindtronic uses digital signature to secure its software

Digital security is the main focus of Freemindtronic. This innovative company offers software that use digital signature. This ensures their reliability and integrity. Some of these software are EviDNS and EviPC. They use NFC technology and asymmetric & symmetric cryptography. These techniques help to create, store and verify digital evidence. In this article, we will see the benefits of digital signature for users.

Cardokey NFC vCard Business: Edit, Read, and Import Contacts Seamlessly on iPhone.

2024 Articles Cardokey EviSwap NFC NDEF Technology GreenTech Technical News

NFC vCard Cardokey: Revolutionizing Digital Networking

March 25, 2024

2023 Articles Communications Cybersecurity Digital Security News Technical News

5Ghoul: 5G NR Attacks on Mobile Devices

December 29, 2023

2023 Articles EviCore HSM OpenPGP Technology EviCore NFC HSM Technology NFC HSM technology Technical News Technologies

Quantum computing RSA encryption: a threat and a solution

November 12, 2023

Articles News Technical News

Brute Force Attacks: What They Are and How to Protect Yourself

November 1, 2023

Articles Compagny spying DataShielder Digital Security Industrial spying Military spying NFC HSM technology Spying Technical News Zero trust

Are fingerprint systems really secure? How to protect your data and identity against BrutePrint

October 23, 2023

NFC HSM Devices and RSA 4096 encryption a new standard for cryptographic security serverless databaseless without database by EviCore NFC HSM from Freemindtronic Andorra

Articles Cyberculture NFC HSM technology Technical News

RSA Encryption: How the Marvin Attack Exposes a 25-Year-Old Flaw

October 3, 2023

NFC HSM USB drive SSH Contactless keys manager EviKey NFC & EviCore NFC HSM Compatible Technologies patented from Freemindtronic Andorra Made in France - JPG

2023 Articles EviKey & EviDisk EviKey NFC HSM News NFC HSM technology Technical News

How to secure your SSH key with NFC HSM USB Drive EviKey

September 16, 2023

EviVault NFC HSM and EviCore NFC HSM Embedded ISO 15693 VS Flipper Zero

Articles Digital Security EviVault Technology NFC HSM technology Technical News

EviVault NFC HSM vs Flipper Zero: The duel of an NFC HSM and a Pentester

July 4, 2023

What is digital signature?

Digital signature is a process that allows to authenticate the origin and content of a document or a computer program. It relies on the use of a digital certificate, which attests to the identity of the signer, and a private key, which allows to encrypt the data. The private key is stored on a secure physical device, called USB token, which requires a PIN code to be activated. Thus, digital signature protects the private key from theft or loss.

Why choose EV Code Signing Certificate Highest level of Security?

Freemindtronic has chosen the EV Code Signing Certificate Highest level of Security, which is the highest level of security available on the market. This certificate has the following characteristics:

It complies with the authentication standards of the CA/Browser Forum and Microsoft specifications, which ensures compatibility with major browsers and operating systems.
It establishes the reputation of the signer in Windows 8.0 and later versions, Internet Explorer 9 and later versions, Microsoft Edge, and Microsoft SmartScreen® Application Reputation filter, which increases user confidence by displaying the identity of the signer before running applications.
It supports all major 32-bit/64-bit formats, such as Microsoft Authenticode (kernel and user mode files, like .exe, .cab, .dll, .ocx, .msi, .xpi, and .xap), Adobe Air, Apple applications and plug-ins, Java, MS Office Macro and VBA, Mozilla object files, and Microsoft Silverlight applications.
It includes a timestamp functionality, which allows to continue using signed applications even after the expiration of the signature certificate.
It comes with a free USB token with a 3-year certificate.

How does digital signature benefit users?

By using a high-level digital signature, Freemindtronic guarantees its customers the quality and security of its software, while distinguishing itself from its competitors in the digital security market. Users can enjoy the following benefits:

They can verify the authenticity and integrity of Freemindtronic software before installing or running it.
They can avoid warnings or errors from browsers or operating systems that may prevent them from using unsigned or poorly signed software.
They can trust that Freemindtronic software is free from malware or tampering that could compromise their data or devices.
They can access Freemindtronic software even if they are offline or if their internet connection is unstable.

BENEFITS	DIGITAL SIGNATURE
Authenticity	✔️
Integrity	✔️
Reputation	✔️
Compatibility	✔️
Security	✔️
Accessibility	✔️

In conclusion, Freemindtronic is a leader in digital security solutions, such as EviDNS and SecureSafe360, which use NFC technology and asymmetric & symmetric cryptography to create, store and verify digital evidence. To ensure that its software is reliable and secure, Freemindtronic uses a high-level digital signature that complies with industry standards and specifications. Users can benefit from this signature by verifying the identity and content of Freemindtronic software before using it. They can also avoid potential problems caused by unsigned or poorly signed software. Finally, they can access Freemindtronic software even when they are not connected to the internet.

2023, EviOTP NFC HSM Technology, EviPass NFC HSM technology, EviPass Technology, NFC HSM technology, PassCypher

PassCypher NFC HSM: Secure and Convenient Password Management

Posted on June 29, 2023February 29, 2024 by FMTAD

29
Jun

PassCypher NFC HSM by Jacques Gascuel This article will be updated with any new information on the topic, and readers are encouraged to leave comments or contact the author with any suggestions or additions.

Discover Secure Password Management with PassCypher NFC HSM and PassCypher Pro NFC HSM

Protect your passwords with innovative solutions from PassCypher. From contactless management to invention patents, enhanced security, and versatility, find out how PassCypher provides you with a convenient and secure solution for password management. Don’t let data vulnerability be a concern anymore. Dive into our dedicated article on PassCypher products and take control of your password security.

Articles Electronics News Press release Technologies

Freemindtronic’s Legacy: Rediscovering Excellence

September 21, 2023

evistealth FOMEC FFOMECBLOT Camouflage Furtif Anonymat

2022 CyberStealth Eurosatory 2022 Press release

EviStealth Technology at Eurosatory 2022

June 9, 2022

Cyber Computer Laptop EviCypher technology embedded contactless NFC hardware from Freemindtronic andorra Eurosatory 2022 exhibition picture web edition

2022 Cyber Computer Eurosatory 2022 Press release

Cyber Computer at Eurosatory 2022

June 9, 2022

Contactless double strongbox with enslaving access evicypher nfc rugged secure usb storage technology

2022 Contactless Dual Strongbox Eurosatory 2022 Press release

The Contactless Dual Strongbox for sensitive data at Eurosatory 2022

June 9, 2022

Europe1 News Press

Europe1 EviCypher, the French invention to fight against cyber attacks

April 11, 2022

2021 Press

Physical barrier to regaining control of the data

June 2, 2021

Eurosatory 2022 Freemindtronic Andorra presents the first time in its history its latest innovations in safety cyber security & anti-spying Soldier NFC phone

Press release

Press releases and documents

May 27, 2021

Press

The Freemindtronic press

May 27, 2021

Discover our other articles on digital security

PassCypher NFC HSM and PassCypher Pro NFC HSM: Secure and Convenient Password Management

Introduction

PassCypher offers a range of contactless hardware password managers known as PassCypher NFC HSM and PassCypher Pro NFC HSM. These products are protected by three invention patents and incorporate EviPass, EviOTP, and EviCore NFC HSM technologies, along with Freemindtronic’s NFC HSM devices, EviTag, and Evicard. PassCypher allows you to securely and conveniently store and manage passwords, one-time passwords (OTP), and HMAC-based passwords. It eliminates the need for a power source or internet connection. Additionally, PassCypher features a built-in RSA 4096 key manager with a random generator capable of changing the key up to one million times without any risk of error. It seamlessly works on Android NFC-enabled phones with fingerprint access control and is compatible with computers supporting Chromium-based or Firefox-based web browsers with autofill and auto login functionalities. For computer use, users need to install the PassCypher NFC Web Browser Extension and EviDNS software, which acts as a hotspot for pairing the extension with the PassCypher NFC HSM application through the local network. PassCypher is not compatible with Safari.

Features and Benefits

PassCypher’s web browser extension offers several convenient features, including:

Management of Paired Phones

With PassCypher, you can easily manage the phones paired with the EviCore NFC HSM for Web Browser extension. You can add phones to the list of paired devices, manage favorites, make direct calls, and delete paired phones.

Create a New Label (Secret)

PassCypher enables you to create labels containing sensitive information such as login IDs, passwords, OTPs, or HOTPs. You can define the name of the label and use an intelligent random password generator for login IDs and segmented keys. Additionally, PassCypher allows you to create a compatible QR Code for each label.

Digital Post-it

Retrieve labels from the NFC HSM in clear text using the Digital Post-it feature. This enables you to manually use the information for copying and pasting, including login IDs.

Free Tools: Advanced Password Manager

PassCypher offers a real-time entropy state bar based on Shannon’s mathematical function and a passphrase generator. It also includes various features such as checking if your password has been compromised in a data breach, generating personalized password and segmented key labels, and fetching login credentials and cloud keys.

Strongbox Function

The Strongbox function provides automatic anti-phishing protection by verifying the URL before authorizing auto-filling login fields. It leverages EviCore NFC HSM technology to store the URL during the first automatic login to a favorite site. Upon subsequent logins, PassCypher checks if the URL matches the auto-login request, ensuring seamless and secure authentication.

Segmented Key Generator

PassCypher introduces an innovative segmented key generator that requires multiple parties to reconstruct the key. The extension automatically populates the appropriate fields for each key component, ensuring the key’s integrity and security.

Pwned Function (Enhanced Cybersecurity)

Pwned offers proactive monitoring for online credentials. By leveraging a database of compromised usernames and passwords, PassCypher securely checks if your login information has been compromised in past data breaches. This feature helps prevent identity theft by promptly alerting you to compromised credentials and enabling you to change your password immediately.

Secret Phrase Generator (Passphrase)

Generate mnemonic phrases with basic salting using PassCypher’s Secret Phrase Generator. You can customize the number of words in your passphrase and choose special characters for separation. The real-time entropy control based on Shannon’s mathematical function enhances the security of your passphrases.

Advantages of PassCypher

PassCypher offers numerous advantages to its users:

High-level Security: High-level security: PassCypher provides optimal security with AES 256-bit segmented key post-quantum encryption in NFC HSM memories, zero-knowledge architecture, patented technology and an integrated RSA 4096 key that enhances share security and remote backup of OTP passwords, segmented keys and secret keys.
User-Friendly: PassCypher is easy to use with its contactless NFC card or tag, which can be conveniently placed on smartphones, computers, or other compatible devices.
Environmentally Friendly and Cost-effective: PassCypher eliminates the need for batteries, cables, or power sources, making it eco-friendly and cost-effective.
Versatility: PassCypher can manage passwords, OTPs, and HOTPs, providing two-factor authentication capabilities.
Compatibility: PassCypher is compatible with various operating systems (Windows, Linux, MacOS, Android, iOS) and web browsers based on Chromium or Firefox.
One-time Purchase: There are no financial commitments or subscriptions required to purchase PassCypher products.
Absolute Anonymity: PassCypher follows the principles of zero-trust and plug-and-play, requiring no account creation or collection of personal or hardware information. It ensures complete user anonymity.
Built-in Black Box: The NFC HSM Tag and Card devices feature a black box that records certain events, such as the number of incorrect password attempts, providing traceability and security.
Air Gap Functionality: PassCypher operates in an air gap mode, independent of servers or secret databases. It securely stores all data in real-time on the volatile memory of the phone or computer.
Physically Decentralized Strongbox: The strongbox autofill and auto login feature is securely stored within the Evicypher application on Android phones. This allows for extreme portability across multiple computers, utilizing the energy harvested from the phone’s NFC signal without contact.

Freemindtronic win awards 2021 Next-Gen in Secrets Management with EviCypher & EviToken Technologies

Freemindtronic win awards 2021 Most Innovative in Hardware Password Manager with EviCypher & EviToken Technologies

Freemindtronic Receives Global InfoSec Awards for Innovative PassCypher NFC HSM Technology

Freemindtronic, the proud developer of PassCypher NFC HSM, has been recognized as a winner of the prestigious Global InfoSec Awards during the RSA Conference 2021. The company was honored with three awards, including the titles of “Most Innovative Hardware Password Manager” and “Next-Gen in Secrets Management” by Cyber Defense Magazine. This achievement highlights Freemindtronic’s commitment to delivering cutting-edge cybersecurity solutions. With PassCypher NFC HSM’s advanced technology, users can enjoy secure and convenient password management. Join us as we celebrate this remarkable accomplishment and learn more about the exceptional features that make PassCypher a standout choice for safeguarding sensitive information.

Disadvantages of PassCypher

Despite its many advantages, PassCypher has a few limitations:

NFC Device Requirement: PassCypher requires an NFC-compatible device to function, which may limit its use on certain devices or in specific situations.
Risk of Loss or Theft: Like any portable device, PassCypher can be lost or stolen, necessitating backup and recovery measures.
Incompatibility with Safari: PassCypher is not compatible with the Safari browser, which may be inconvenient for Mac or iPhone users.

Lifecycle

PassCypher has an exceptionally long lifecycle, estimated to be over 40 years without maintenance or a power source. It can handle up to 1,000,000 guaranteed error-free read/write cycles, equivalent to daily use for over a millennium. PassCypher is designed to withstand extreme temperatures ranging from -40°C to +85°C. It is also resistant to shocks, scratches, magnetic fields, X-rays, and its TAG version is enveloped in military-grade resin, surpassing IP89K standards for superior waterproofing. As a result, PassCypher offers exceptional durability and resilience against external factors.

Comparison with Competitors

PassCypher stands out from its competitors in several ways:

Contactless Hardware Manager: PassCypher is the only password manager that operates without requiring physical contact, providing a more convenient and hygienic solution compared to USB keys or biometric readers.
Patent Protection: PassCypher is protected by three international invention patents, ensuring exclusivity and reliability compared to other solutions in the market.
Innovative Technology: PassCypher incorporates EviPass, EviOTP, and EviCore NFC HSM technologies, along with Freemindtronic’s NFC HSM devices, EviTag and Evicard, providing unparalleled performance and features.
RSA 4096 Key Manager: PassCypher is the only password manager that offers an RSA 4096 key manager with a random generator, allowing for one million key changes without the risk of error. This provides an additional level of security and flexibility..
Value Proposition for Customers: PassCypher brings significant value to its customers by enabling them to:
- Protect their data: PassCypher ensures the security of personal and professional data, guarding against hacking, theft, or loss.
- Simplify password management: PassCypher centralizes the management of passwords and access codes, offering a user-friendly solution for securely handling them.
- Securely access online accounts: PassCypher enables secure access to online accounts, even without an internet connection or power source.
- Benefit from innovative technology: By choosing PassCypher, customers gain access to innovative and patented technology developed by Freemindtronic, a leading company in the NFC HSM field.
- Flexibly secure secrets: PassCypher offers various options for securely backing up secrets, including cloning between NFC HSM devices (EviCard or EviTag), partial or complete copying between nearby or remote devices using RSA 4096 public key encryption, or encrypted archiving on any encrypted storage media using the RSA 4096 public key of an NFC HSM EviCard or EviTag. This flexibility provides peace of mind and adaptability to customers.
- Choose the appropriate storage format: PassCypher is available in three different formats with varying secret storage capacities, allowing customers to choose the one that best suits their needs and budget.
- Multilingual Support: The PassCypher Android application and web browser extension are available in 14 different languages. Users can use PassCypher in their preferred language, including Arabic (AR), Catalan (CA), Chinese (CN), German (DE), English (EN), Spanish (ES), French (FR), Italian (IT), Japanese (JA), Portuguese (PT), Romanian (RO), Russian (RU), Ukrainian (UK), and Bengali (BIN). This feature provides a personalized experience and facilitates the use of PassCypher in various international contexts.

Comparison with Competitors

To better understand the advantages of PassCypher compared to other solutions in the market, here is a comparative table:

Features	PassCypher NFC HSM	Competitor A	Competitor B
Contactless Management	Yes	Yes	No
Invention Patents	Yes (3 international patents)	No	Yes (1 national patent)
NFC HSM Technology	Yes (EviPass, EviOTP, EviCore)	No	Yes (proprietary technology)
RSA 4096 Key Manager	Yes	No	Yes (RSA 2048 key)
Versatility	Passwords, TOTP, HOTP, Fingerprint	Passwords	Passwords, Fingerprint
OS Compatibility	Windows, Linux, MacOS, Android, iOS	Windows, MacOS	Windows, Linux, MacOS, Android
Browser Compatibility	Chromium- or Firefox-based browsers	Chrome, Firefox, Safari	Chrome, Firefox
One-Time Purchase	Yes	Subscription	Yes
Data Protection	AES 256-bit, Zero-knowledge architecture for NFC memory	AES 128-bit	AES 256-bit, ECC, RSA 4096
Virtual Keyboard Support	USB Bluetooth Multilingual	No	No
Biometric Authentication	Fingerprint (from NFC-enabled phone)	No	Fingerprint (selected devices)
RSA-4096 Key Regeneration	Yes (up to 1 million times without errors)	N/A	N/A
PassCypher Pro Compatibility	All OS, Computers, TVs, NFC-enabled phones	Limited compatibility	Limited compatibility

This table highlights the unique features of PassCypher, such as contactless management, invention patents, NFC HSM technology, RSA 4096 key manager, and extensive compatibility with operating systems and browsers. Compared to competitors, PassCypher offers superior versatility, enhanced security, and flexibility in purchasing options.

Comparison with Competitors

PassCypher stands out from its competitors in several key aspects. Let’s compare PassCypher NFC HSM and PassCypher Pro NFC HSM with two major competitors in the market, Competitor A and Competitor B.

PassCypher NFC HSM vs. Competitor A

PassCypher NFC HSM offers contactless management, protected by three international invention patents, and utilizes advanced NFC HSM technology (EviPass, EviOTP, EviCore). It includes an RSA 4096 key manager, enabling secure key changes and flexibility. PassCypher NFC HSM supports passwords, OTPs, and HOTPs for versatile authentication. It is compatible with various operating systems and browsers, including Windows, Linux, MacOS, Android, and iOS, as well as Chromium and Firefox. PassCypher NFC HSM is available for one-time purchase, providing long-term value and eliminating subscription fees. With AES 256-bit data protection and a zero-knowledge architecture, PassCypher ensures the highest level of security.

In comparison, Competitor A also offers contactless management and AES 128-bit data protection. However, it lacks the extensive patent protection, advanced NFC HSM technology, and RSA 4096 key manager provided by PassCypher. Additionally, Competitor A may have limited compatibility with operating systems and browsers, restricting its usability for some users.

PassCypher NFC HSM vs. Competitor B

PassCypher NFC HSM surpasses Competitor B with its contactless management, three international invention patents, and NFC HSM technology (EviPass, EviOTP, EviCore). It includes an RSA 4096 key manager for secure and flexible key changes. PassCypher NFC HSM supports passwords, OTPs, and HOTPs, providing versatile authentication options. It offers compatibility with a wide range of operating systems and browsers, including Windows, Linux, MacOS, Android, and iOS, as well as Chromium and Firefox. The one-time purchase model of PassCypher NFC HSM eliminates ongoing subscription fees. With AES 256-bit data protection and a zero-knowledge architecture, PassCypher ensures the utmost security for user data.

In comparison, Competitor B offers contactless management, AES 256-bit data protection, and compatibility with multiple operating systems. However, it lacks the advanced NFC HSM technology, invention patents, and RSA 4096 key manager offered by PassCypher, limiting its capabilities and security features.

Conclusion
PassCypher NFC HSM and PassCypher Pro NFC HSM are cutting-edge solutions for secure and convenient password management. With advanced NFC HSM technology, patent protection, and versatile features, PassCypher offers unparalleled security and flexibility. Whether it’s protecting personal or professional data, simplifying password management, or securely accessing online accounts, PassCypher provides a comprehensive solution.
By choosing PassCypher, users gain access to innovative technology, a one-time purchase model, and multilingual support. PassCypher’s ability to securely back up secrets and its compatibility with various operating systems and browsers further enhance its appeal. In comparison to its competitors, PassCypher demonstrates superior versatility, advanced security measures, and a user-friendly approach.
Discover the next level of password management with PassCypher NFC HSM and PassCypher Pro NFC HSM, and experience the peace of mind that comes with secure and convenient password management.

To contact us click here

2023, Articles, Cyberculture, Technologies

NRE Cost Optimization for Electronics: A Comprehensive Guide

Posted on June 21, 2023February 20, 2024 by FMTAD

21
Jun

NRE Cost Optimization for Electronics by Jacques Gascuel This article will be updated with any new information on the topic, and readers are encouraged to leave comments or contact the author with any suggestions or additions.

Summary

NRE cost optimization for electronics is a key factor for ensuring the profitability of electronic product development. NRE cost can be reduced by using different levers and tools, such as optimizing the V-cycle, the WBS, and the schedule, and using the TRL scale to assess the maturity of technologies. Freemindtronic is an example of a company that uses these techniques to optimize NRE cost for its electronic products with PCB, which are based on its patented technologies and offered under license and white label services.

2024 Articles Cardokey EviSwap NFC NDEF Technology GreenTech Technical News

NFC vCard Cardokey: Revolutionizing Digital Networking

March 25, 2024

2024 Articles Cyberculture EviPass Password

Human Limitations in Strong Passwords Creation

January 22, 2024

SSH handshake with Terrapin attack and EviKey NFC HSM

2024 Articles Digital Security EviKey NFC HSM EviPass News SSH

Terrapin attack: How to Protect Yourself from this New Threat to SSH Security

January 11, 2024

2023 Articles Cyberculture EviCypher NFC HSM News Technologies

Telegram and the Information War in Ukraine

January 5, 2024

Articles Crypto Currency Cryptocurrency Digital Security EviPass Technology NFC HSM technology Phishing

Ledger Security Breaches from 2017 to 2023: How to Protect Yourself from Hackers

December 16, 2023

TETRA Security Vulnerabilities secured by EviPass or EviCypher NFC HSM Technologies from Freemindtronic-Andorra

Articles Digital Security EviCore NFC HSM Technology EviPass NFC HSM technology NFC HSM technology

TETRA Security Vulnerabilities: How to Protect Critical Infrastructures

November 27, 2023

2023 Articles DataShielder Digital Security EviCore NFC HSM Technology EviCypher NFC HSM EviCypher Technology NFC HSM technology

FormBook Malware: How to Protect Your Gmail and Other Data

November 23, 2023

Articles EviCore NFC HSM Technology legal News Training

Dual-Use Encryption Products: a regulated trade for security and human rights

November 17, 2023

Discover our other articles on digital security

Efficient NRE Cost Optimization for Electronics

NRE Cost Optimization, in the field of electronic product development, plays a central role. This one-time cost, associated with designing, testing, and developing a new product, has a direct impact on the product’s unit cost and the profit margin. Therefore, estimating and optimizing NRE cost are essential for ensuring the project’s viability and profitability.

NRE cost depends on several factors, such as:

The complexity and size of the product
The quantity and frequency of the orders
The technology, tools, and methods used for designing, manufacturing, and testing the product
The software associated with the product
The royalty fee paid to the technology provider

The complexity and size of the product can drive up the costs due to the increase in material and labor costs. On the other hand, larger and repeated orders can reduce the NRE cost per unit, as fixed costs are distributed over more units.

In this article, we will explain how to calculate NRE cost for electronic products with PCB (printed circuit boards), which are the core components of any electronic device. We will also present three main levers to reduce NRE cost for electronic products with PCB: optimizing the V-cycle, optimizing the WBS (work breakdown structure), and accelerating schedule. Finally, we will introduce the TRL scale (technology readiness level scale), a tool that can help you optimize NRE cost for electronic products with PCB by assessing and comparing the maturity of different technologies.

We will also show you how Freemindtronic, an Andorran company specialized in security and cybersecurity of computer systems and information systems, uses the TRL scale to optimize NRE cost for its electronic products with PCB. Freemindtronic also offers its technologies under license, including international patents, and provides white label product creation services.

NRE cost optimization for electronics digital cyber security by Freemindtronic from Andorra

How to Calculate NRE Cost for Electronic Products with PCB?

To optimize NRE cost for electronic products with PCB, you need to know how to calculate it. NRE cost can be divided into four main categories:

Design cost: this includes the software tools for CAD (computer-aided design), licenses, salaries of designers, etc.
Fabrication cost: this includes the materials, equipment, tools, personnel, etc. for manufacturing the electronic components and assembling them into a product.
Test cost: this includes the measurement devices, test software, salaries of testers, etc. for verifying the functionality and quality of the product.
Software cost: this includes the firmware, drivers, embedded systems, applications, extensions, etc. associated with the product.
Royalty cost: this includes the fee paid to the technology provider for using their technology in the product.

To calculate NRE cost for electronic products with PCB, you need to estimate the time and resources required for each category. You can use historical data from previous projects or industry benchmarks as references. You can also use online calculators or software tools to help you estimate NRE cost.

In addition to these categories, you also need to consider the software associated with the PCB,

which ensure its functionality and interaction with the user or other systems. The software associated with the PCB include:

Firmware: they are embedded in the PCB and control the behavior of the electronic components. They are usually written in low-level (assembler) or intermediate-level (C, C++, etc.) languages. They are specific to the product and must be adapted to the characteristics of the PCB and the electronic components.
Drivers: they are installed on the computer or system that communicates with the PCB. They allow the system to recognize the PCB and transmit data between the PCB and the system. They are usually written in high-level (C#, Java, Python, etc.) languages. They must be compatible with the operating system and communication protocol used.
Embedded systems: they are installed on the PCB or on another support (memory card, hard disk, etc.). They allow to manage the functions of the product and provide a user interface. They are usually written in high-level (C#, Java, Python, etc.) languages. They must be adapted to the capabilities of the PCB and the needs of the product.
Applications: they are installed on the computer or system that communicates with the PCB. They allow the user to access the functionalities of the product and customize its settings. They are usually written in high-level (C#, Java, Python, Go, Type script, elvet etc.) languages. They must be ergonomic and intuitive for the user.
Extensions: they are installed on the computer or system that communicates with the PCB. They allow to add functionalities to the product or connect it to other services or systems. They are usually written in high-level (html, type script, web RTC, Java, java script, etc.) languages. They must be secure and respect compatibility standards.

These software must be designed, developed and tested in parallel with the PCB, in order to guarantee their coherence and performance. They must also be updated regularly to correct any bugs or to bring improvements to the product.

Besides these categories, you also need to consider the tools required for manufacturing and testing the PCB, which depend on the characteristics of the PCB and the requirements of the product. The tools for manufacturing and testing the PCB include:

Soldering machines: they allow to assemble electronic components on the PCB by soldering. There are different types of soldering machines, depending on the process used (wave soldering, reflow soldering, selective soldering, etc.).
Insertion machines: they allow to insert electronic components through holes in the PCB. They are used for through-hole components, which are fixed by soldering on both sides of the PCB.
Placement machines: they allow to place electronic components on the surface of the PCB. They are used for SMD (surface mount device) components, which are fixed by soldering on one side of the PCB.
Cutting machines: they allow to cut the PCB according to the desired shape. They are used to separate the different parts of the PCB or to adjust the size of the PCB.
Drilling machines: they allow to drill holes in the PCB to insert components or connectors. They are used to make connections between the different layers of the PCB or between the PCB and other elements.
Engraving machines: they allow to engrave patterns or inscriptions on the PCB. They are used to identify the PCB or to add technical or aesthetic information to it. For example, you can engrave the serial number, the manufacturer name, or the logo of the product on the PCB.
Measurement devices: they allow to verify the electrical and physical characteristics of the PCB. They include various devices such as multimeters, oscilloscopes, logic analyzers, insulation testers, etc. These devices allow you to measure the electrical and physical characteristics of the PCB, such as voltage, current, resistance, capacitance, frequency, etc.
Test software: they allow to control the functionality of the PCB and electronic components. They include various software such as simulation software, fault injection software, functional analysis software, etc. These software allow you to test the behavior of the PCB and electronic components under different conditions and scenarios.

These tools must be chosen according to the type and complexity of the PCB, as well as the level of quality required for the product. They must also be calibrated and maintained regularly to ensure their reliability and accuracy.

To illustrate how to calculate NRE cost for electronic products with PCB, let’s take an example of a project that involves developing a new product based on a 4-layer PCB with 1000 components (800 SMD and 200 through-hole). The project duration is 12 months and requires two engineers (one for design and one for test) with a salary of $3000 per month each. The project also requires a CAD software license ($5000), a fabrication service ($5000), a test service ($5000), a software development service ($10 000), and a royalty fee (5% of sales).

The following table shows how to calculate NRE cost for this project:

Item	Formula	Cost
Human resources	(3 000 + 2 000) x (1 + 0.5) x 2 x 12	$90 000
Software tools	–	$10 000
Materials	–	$5 000
Equipment	–	$15 000
Software	–	$10 000
Royalty fee	0.05 x 200 000	$10 000
Total NRE cost	Sum of above items	$140 000

As you can see, NRE cost can be quite high for electronic products with PCB, especially if the product is complex or requires specific technologies or tools. Therefore, it is important to optimize NRE cost by using different levers and tools that can improve the efficiency and quality of the product development process.

Three Main Levers to Reduce NRE Cost for Electronic Products with PCB

To optimize NRE cost for electronic products with PCB, you need to know how to reduce it. NRE cost can be reduced by using different levers and tools that can improve the efficiency and quality of the product development process. In this section, we will present three main levers to reduce NRE cost for electronic products with PCB:

Optimizing the V-cycle: this is to optimize the design process of the product, which follows a V-shaped model that consists of four main phases: definition, design, verification, and validation. Optimizing the V-cycle relies on the following sub-levers:

Defining clearly and precisely the customer needs and product specifications, which are translated into functional and technical requirements for the product. This helps to avoid ambiguity and misunderstanding, and to align the expectations of all stakeholders. Designing modular and scalable product, which allows reusing existing components or technologies and adapting easily to future changes or improvements. This helps to reduce the design cost and time, and to increase the flexibility and adaptability of the product. Making prototypes and mock-ups, which allow testing the product in real conditions and collecting customer feedback. This helps to validate the feasibility and functionality of the product, and to identify and correct any errors or defects before mass production. Planning rigorously and realistically the project, taking into account technical, financial, and temporal constraints, and anticipating possible contingencies. This helps to optimize the use of resources, to avoid delays and budget overruns, and to manage risks effectively. Monitoring and controlling regularly the project, using performance indicators and appropriate project management tools, which measure the progress of the project and identify deviations from the initial plan. This helps to ensure the quality and efficiency of the project execution, and to take corrective actions if needed. Validating systematically the product at each stage of the V-cycle, using appropriate methods and test criteria, which ensure compliance and quality of the product. This helps to verify that the product meets the customer needs and product specifications, and to obtain certification or approval from relevant authorities.

Optimizing the WBS (work breakdown structure): this is to structure the project into sub-projects, tasks, and activities, which are hierarchized and detailed according to their level of complexity and dependence. Optimizing the WBS relies on the following sub-levers:

Decomposing logically and coherently the project, respecting the principle of sum of parts equal to whole, that is, each element of WBS must contribute to achieving global project. This helps to clarify the scope and objectives of the project, and to avoid duplication or omission of work. Defining clearly and precisely deliverables associated with each element of WBS, specifying expected features, responsibilities, deadlines, and costs. This helps to define the expected outcomes of each element of WBS, and to assign roles and responsibilities to each actor of the project. Assigning resources needed for each element of WBS, taking into account skills, availability, and costs of human, material, and financial resources. This helps to allocate resources efficiently and effectively to each element of WBS, and to optimize the cost and quality of the project. Coordinating and communicating among different actors of project, using collaborative tools and agile methods, which promote information exchange and problem solving. This helps to ensure the coherence and consistency of the project, and to foster the collaboration and innovation among different actors.

Accelerating schedule: this is to reducethe total duration of project by optimizing use of available resources and minimizing idle times. Accelerating schedule relies on following sub-levers:Reducing duration of critical tasks that have direct impact on end date of project. For this, we can use techniques such as crashing (increasing resources assigned to a task) or fast-tracking (performing tasks in parallel instead of sequentially). This helps to shorten the critical path of the project, which determines the minimum time required for completing the project. Increasing parallelism of non-critical tasks that do not affect the end date of project, but can reduce the total duration of project. For this, we can use techniques such as overlapping (starting a task before the previous one is completed) or splitting (dividing a task into smaller subtasks that can be performed in parallel). This helps to increase the concurrency of tasks in the project, which reduces idle times and improves resource utilization. Eliminating or minimizing slack time of tasks that is the difference between the earliest and latest start or finish times of a task. For this, we can use techniques such as resource leveling (balancing the demand and supply of resources over the project duration) or resource smoothing (adjusting the resource allocation to reduce peaks and valleys in resource usage). This helps to optimize the slack time of tasks, which can be used to absorb uncertainties or delays, or to improve quality or performance.

These levers and tools can help you optimize NRE cost for electronic products with PCB by reducing errors, delays, and budget overruns by improving the quality and efficiency of the product development process. They can also increase customer satisfaction and confidence by demonstrating the compliance and quality of the product at each stage of development.

How to Use the TRL Scale to Optimize NRE Cost for Electronic Products with PCB?

Another tool that can help you optimize NRE cost for electronic products with PCB is the ^TRL scale, or technology readiness level scale. The TRL scale is a tool for measuring or indicating the maturity of a technology. It was originally developed by NASA in the 1990s as a means to manage the technological risk of its programs. The TRL scale can help you optimize NRE cost for electronic products with PCB by providing a common language and framework for assessing and comparing the maturity of different technologies in the context of a specific application, implementation, and operational environment. The TRL scale also helps you identify gaps and risks in your technology development process, and plan appropriate actions and resources to address them.

The TRL scale ranges from 1 to 9, with 9 being ready for commercialization. The TRL scale describes the performance history of a given system, subsystem, or component relative to a set of levels that correspond to different stages of development.

The following table summarizes the main characteristics and criteria of each TRL level:

TRL	Definition	Description	Criteria
1	Basic principles observed	Scientific research begins and results are translated into future research and development	Publication or report of basic principles
2	Technology concept formulated	Basic principles are applied to practical applications and experimental proof of concept is obtained	Publication or report of applied research
3	Analytical and experimental critical function and/or characteristic proof-of-concept	Active research and design begin and proof-of-concept model is constructed	Analytical studies and laboratory tests
4	Component/subsystem validation in laboratory environment	Component pieces are tested with each other in a simulated environment	Component integration and testing
5	Component/subsystem validation in relevant environment	Breadboard technology is tested in a realistic environment with simulated interfaces	System-level testing in relevant environment
6	System/subsystem model or prototype demonstration in a relevant environment	Fully functional prototype or representational model is demonstrated in a realistic environment with actual interfaces	System-level testing in relevant environment
7	System prototype demonstration in an operational environment	Working model or prototype is demonstrated in an extreme environment with all interfaces	System-level testing in operational environment
8	Actual system completed and qualified through test and demonstration	Technology has been tested and “flight qualified” and is ready for implementation into an existing technology or technology system	System-level testing in operational environment
9	Actual system proven through successful mission operations	Technology has been “flight proven” during a successful mission and meets all performance requirements	System-level testing in operational environment

What are the Benefits of Using the TRL Scale for Freemindtronic?

By using the TRL scale, Freemindtronic was able to achieve the following benefits:

Providing a common language and framework for assessing and comparing the maturity of its technology with other technologies on the market.
Identifying gaps and risks in its technology development process and planning appropriate actions and resources to address them.
Reducing errors, delays, and budget overruns by improving the quality and efficiency of its product development process.
Increasing customer satisfaction and confidence by demonstrating the compliance and quality of its product at each stage of development.

Freemindtronic also offers its technologies under license, including international patents, and provides white label product creation services. This allows its customers to protect their products and services created in their brand and embedding Freemindtronic’s technologies. In addition, they benefit from territorial protection in terms of international intellectual property. Freemindtronic also offers the possibility of negotiating an NRE royalty with its customers, depending on the added value of its technology and market conditions. Moreover, Freemindtronic has designed a mutualized offer of its NRE costs, distributed among all its customers under licenses. This has the effect of reducing the royalty cost attached to the NRE. This also has the effect of making affordable access to the different licenses, especially patented ones, which produce a low impact on the products marketed.

Freemindtronic guarantees an industrial quality of its products,

manufactured with industrial grade electronic components. It also ensures a complete traceability of the manufacture of its offline products and end-to-end cybersecurity from HSMs, from design to end user.

Conclusion and Contact Information
We hope that this article has given you some useful insights on how to optimize NRE cost for electronic products with PCB by using different levers and tools. We also hope that you have learned how to use the TRL scale to optimize NRE cost for electronic products with PCB by assessing and comparing the maturity of different technologies.
We also showed you how Freemindtronic, an Andorran company specialized in security and cybersecurity of computer systems and information systems, uses the TRL scale to optimize NRE cost for its electronic products with PCB. Freemindtronic also offers its technologies under license, including international patents, and provides white label product creation services.
If you have any questions or comments, please feel free to contact us. We will be happy to assist you with your project.
Thank you for your attention.

To contact us click here

Articles, Cryptocurrency, Digital Security, Technical News

Securing IEO STO ICO IDO and INO: The Challenges and Solutions

Posted on June 14, 2023March 25, 2024 by FMTAD

14
Jun

Securing IEO STO ICO IDO and INO by Jacques Gascuel This article will be updated with any new information on the topic, and readers are encouraged to leave comments or contact the author with any suggestions or additions.

Enhancing Security: Securing IEO STO ICO IDO and INO

Cryptocurrencies are digital assets that can be used to buy goods and services, invest in projects, or trade on online platforms. In this article, we will explore the importance of securing IEOs, STOs, ICOs, IDOs, and INOs and how you can protect your investments using EviCore NFC HSM technology.

2024 Digital Security

Kapeka Malware: Comprehensive Analysis of the Russian Cyber Espionage Tool

April 18, 2024

2024 Cyberculture Digital Security News Training

Andorra National Cyberattack Simulation: A Global First in Cyber Defense

April 15, 2024

2024 Digital Security

Apple M chip vulnerability: A Breach in Data Security

March 25, 2024

2024 Digital Security

Cybersecurity Breach at IMF: A Detailed Investigation

March 15, 2024

2024 DataShielder Digital Security PassCypher Phishing

Midnight Blizzard Cyberattack Against Microsoft and HPE: What are the consequences?

March 10, 2024

2024 Digital Security

PrintListener: How to Betray Fingerprints

February 22, 2024

2024 Articles Digital Security News

BitLocker Security: Safeguarding Against Cyberattacks

February 10, 2024

2024 Articles Digital Security News

How the attack against Microsoft Exchange on December 13, 2023 exposed thousands of email accounts

February 8, 2024

Discover our other articles on digital security

Securing IEO STO ICO IDO and INO: How to Protect Your Crypto Investments

Cryptocurrencies are digital assets that can be used to purchase goods and services, invest in projects, or trade on online platforms. They are built on blockchain technology, which is a decentralized system that records and verifies transactions without intermediaries. However, to securely and conveniently store your private keys and seed phrases, thus ensuring the security of your funds in Securing IEO STO ICO IDO and INO, you need a wallet that stores your private keys and seed phrases. These pieces of data enable you to access and control your funds on the blockchain

But how can you securely and conveniently store your private keys and seed phrases in Securing IEO STO ICO IDO and INO? How can you prevent losing them or falling victim to hackers or scammers? And how can you participate in various forms of cryptocurrency crowdfunding, such as ICOs, IEOs, STOs, IDOs, and INOs, without risking your funds?

In this article, we will address these questions and explain how to protect your private keys and starter phrases using NFC (Near Field Communication) HSM. We will also compare different cryptocurrency crowdfunding models and show how to store your private keys and starter phrases with EviCore NFC HSM technology for each of these models.

By reading this article, you will learn:

What ICOs, IEOs, and STOs are and how to participate in Securing IEO STO ICO IDO and INO.
The significance of seed phrases and private keys in Securing IEO STO ICO IDO and INO.
The features and functionality of EviCore HSM technology in Securing IEO STO ICO IDO and INO.
How to securely store your seed phrases and private keys using EviCore NFC HSM technology across various use cases in Securing IEO STO ICO IDO and INO.

If you have an interest in cryptocurrencies and want to understand how to secure your funds with EviCore HSM technology in Securing IEO STO ICO IDO and INO, please continue reading!

What are ICOs, IEOs, STOs, IDOs and INOs?

Cryptocurrencies are virtual digital assets that rely on blockchain technology, a decentralized and encrypted ledger that records all transactions conducted on the network. Cryptocurrencies enable their user community to engage in transactions without the use of traditional currencies and also fund innovative projects through cryptocurrency fundraisers.

A cryptocurrency fundraiser involves issuing tokens in exchange for cryptocurrencies. Tokens are digital units that represent a right or value associated with the funded project. There are various types of cryptocurrency fundraisers based on factors such as the nature of the tokens issued, the platform used for transactions, the involvement of trusted third parties, and the level of regulatory oversight. Let’s take a closer look at the main types of cryptocurrency fundraisers in Securing IEO STO ICO IDO and INO:

ICO (Initial Coin Offering)

An ICO is a fundraising operation in which a company issues tokens that investors subscribe to mainly with cryptocurrencies. These tokens can have different functions, depending on the project funded:

Utility tokens, which give access to a service or a platform developed by the company.
Governance tokens, which allow holders to participate in the strategic decisions of the project.
Security tokens, which represent a share of the capital or the revenues of the company.

An ICO usually takes place in several stages:

The presale, where investors can buy the tokens at a discounted price, often with a minimum amount required.
The public sale, where the tokens are made available to the general public, often with a maximum amount to be raised.
The distribution, where the tokens are sent to investors on their wallets..

The advantages of an ICO for investors are:

The possibility to support innovative and promising projects.
The possibility to benefit from a high capital gain if the project succeeds and the value of the tokens increases.
The possibility to diversify your portfolio with digital assets.

The disadvantages of an ICO for investors are:

The risk of losing all or part of your investment if the project fails or if the tokens lose their value.
The risk of falling for a scam or a fraud, as ICOs are poorly regulated and controlled. The risk of not being able to resell your tokens easily, as there is not always a liquid secondary market.Depending on the country where the ICO takes place, there may be rules to follow, especially in terms of investor protection, anti-money laundering or taxation. Therefore, it is advisable to check the legal status and the compliance of the ICO before investing. Some countries have banned or restricted ICOs, while others have issued guidelines or regulations to ensure their transparency and security.

IEO (Initial Exchange Offering)

An IEO is a fundraising operation in which a company issues tokens on a cryptocurrency exchange platform. The exchange acts as an intermediary between the company and investors, providing security, liquidity, and visibility for the token sale. Investors can purchase tokens using cryptocurrencies or fiat money, depending on the exchange.

An IEO typically involves a single stage:

Public sale: Tokens are sold on the exchange platform within a limited time frame and at a fixed price.

Advantages of IEOs for investors include:

Enhanced security, liquidity, and visibility compared to ICOs.
Access to vetted and quality projects that have been approved by the exchange.
Ability to trade tokens immediately after the sale on the same exchange.

Disadvantages of IEOs for investors include:

Dependence on a centralized intermediary that controls the token sale process and charges fees.
Need to comply with stricter rules and regulations imposed by the exchange and jurisdiction.
Risk of missing out on opportunities due to high demand and limited token supply.

STO (Security Token Offering)

An STO is a fundraising operation in which a company issues tokens that represent securities, such as shares or bonds. These tokens are backed by real assets, and investors can purchase them using cryptocurrencies or fiat money, depending on the platform.

STOs typically involve one or more stages:

Private sale: Accredited investors can buy tokens at a discounted price, often with a minimum investment requirement.
Public sale: Qualified investors can purchase tokens at a fixed price, often with a maximum fundraising amount.

Advantages of STOs for investors include:

Opportunity to invest in regulated and compliant projects that offer legal protection and transparency.
Potential for real value and returns from the underlying assets of the company.
Access to new markets and opportunities that were previously reserved for institutional investors.

Disadvantages of STOs for investors include:

Need for accreditation or qualification based on strict criteria set by regulators and platforms.
Lack of liquidity and availability compared to utility tokens or cryptocurrencies.
Complexity and cost associated with issuing and managing security tokens on blockchain platforms.

IDO (Initial Dex Offering)

An IDO is a fundraising operation in which a company issues tokens on a decentralized protocol for exchanging cryptocurrencies, known as a DEX (Decentralized Exchange). Investors can purchase tokens directly on the DEX without going through a centralized platform or intermediary.

Advantages of IDOs for investors include:

Speed and simplicity of the process, as it does not require identity verification or prior fund deposits.
Transparency and security of transactions, as they are conducted on the blockchain without reliance on a trusted third party.
Liquidity and accessibility of tokens, which are immediately available on the secondary market and can be exchanged for other cryptocurrencies.

Disadvantages of IDOs for investors include:

Technical and operational risks associated with decentralized protocols that may have vulnerabilities or bugs.
Regulatory and legal risks due to the lack of a clear and harmonized legal framework for cryptocurrency fundraisers.
Volatility and speculation risks arising from high demand and limited token supply.

INO (Initial NFT Offering)

An INO is a fundraising operation in which a company issues non-fungible tokens, called NFTs (Non-Fungible Tokens). NFTs are unique and indivisible digital assets that can represent works of art, collectibles, virtual or real goods. Investors can purchase NFTs using cryptocurrencies on specialized platforms.

Advantages of INOs for investors include:

Support for creative and original projects that leverage the blockchain’s potential to create value.
Possibility to benefit from exclusive and inalienable ownership rights over NFTs, certified by the blockchain and immune to duplication or falsification.
Opportunity to resell NFTs on a growing and demanding secondary market.

Disadvantages of INOs for investors include:

Risk of overvaluation and speculative bubbles due to the current frenzy around NFTs and their artificial scarcity.
Potential for counterfeiting and plagiarism, as effective legal protection for copyrights and trademarks is lacking.
Environmental and ethical concerns related to the high energy consumption and negative externalities generated by the blockchain.

Comparison Table of Different Cryptocurrency Crowdfunding Models

Below is a comprehensive table comparing different crowdfunding models in cryptocurrency:

Crowdfunding model	Definition	Advantages	Disadvantages
ICO	Fundraising in cryptocurrency by issuing tokens that can have various functions	Support innovative projects, benefit from high potential gain, diversify portfolio	Risk losing investment, fall for scam, not be able to resell tokens easily, face regulatory uncertainty
IEO	Fundraising in cryptocurrency by issuing tokens on an exchange platform that acts as a trusted intermediary	Benefit from better security, liquidity and visibility than ICOs, access a wider pool of investors and projects	Depend on a centralized intermediary, pay higher fees, comply with stricter rules, face platform risk
STO	Fundraising in cryptocurrency by issuing tokens that represent securities such as shares or bonds	Invest in regulated and compliant projects, benefit from real value and returns, access new markets and opportunities, reduce intermediation costs	Be accredited or qualified, face lack of liquidity and availability, deal with complexity and cost, follow different regulations depending on jurisdictions
IDO	Fundraising in cryptocurrency by issuing tokens on a decentralized exchange protocol that eliminates intermediaries	Enjoy speed and simplicity of the process, ensure transparency and security of transactions, access liquidity and accessibility of tokens	Face technical and operational risk, cope with regulatory and legal risk, deal with volatility and speculation
INO	Fundraising in cryptocurrency by issuing non-fungible tokens that represent unique and indivisible digital assets	Support creative and original projects, benefit from exclusive and inalienable ownership of NFTs, resell NFTs on a growing and demanding market	Deal with overvaluation and speculative bubble, encounter counterfeiting and plagiarism issues, consider environmental and ethical impact

Comprehensive Table of Blockchains Supporting ICOs, IEOs, STOs, IDOs, and INOs

Here is a table showcasing the support for ICOs, IEOs, STOs, IDOs, and INOs across different blockchains, focusing on Securing IEO STO ICO IDO and INO:

Blockchain	ICO support	IEO support	STO support	IDO support	INO support	BIP32 support	BIP39 support	BIP44 support
Ethereum	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes
Binance Smart Chain (BSC)	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes
Cardano (ADA)	No	No	No	Yes	No	Yes	Yes	Yes
Solana (SOL)	Yes	Yes	No	No	No	Yes	No	Yes
Avalanche (AVAX)	Yes	Yes	Yes	No	No	Yes	Yes	No
Cosmos (ATOM)	Yes	Yes	Yes	Yes	Yes	Yes	Yes	No
Algorand (ALGO)	Yes	Yes	Yes	Yes	Yes	Yes	Yes	No
Stellar (XLM)	Yes	No	Yes	No	No	Yes	Yes	Yes

What are seed phrases and private keys?

Seed phrases and private keys are essential for accessing and controlling your funds in cryptocurrency. If they are lost or stolen, you may permanently lose access to your cryptocurrencies.

Seed phrase

A seed phrase, also known as a secret phrase, is a sequence of words, typically consisting of 12 or 24 words, that allows you to restore your crypto wallet in case of loss or theft. These words are selected in a specific order from a dictionary containing thousands of words. The seed phrase is essentially a more human-readable representation of a private key and can generate an unlimited number of public-private key pairs.

The public key is the address to which you can receive cryptocurrencies on the blockchain, similar to an IBAN for a bank account. The private key enables you to control the funds associated with a public key and initiate transactions from that address. Public and private keys are always generated as pairs.

The seed phrase is crucial for accessing your wallet and funds, and it must be kept secure and confidential. If lost or stolen, there is no way to recover it or block access to your funds.

Private key

A private key is a string of random letters and numbers generated by your wallet when it is created. It is used for encrypting and decrypting data using public-key cryptography. The private key grants access to your funds and enables you to initiate transactions on the blockchain.

A private key looks like this: 5Kb8kLf9zgWQnogidDA76MzPL6TsZZY36hWXMssSzNydYXYB9KF

You should never share your private key with anyone or store it digitally or online. If your private key is lost or stolen, you will lose access to your funds permanently.

How to Secure Your Funds in Securing IEO STO ICO IDO and INO

To participate in an ICO, IEO, STO, IDO, or INO and ensure the security of your funds in Securing IEO STO ICO IDO and INO, you need a wallet that is compatible with the tokens being issued and the accepted cryptocurrency. There are different types of wallets available, each offering varying levels of security and convenience.

Online Wallets (Web Wallets): These wallets are accessible through a web browser. While they are easy to use, they are susceptible to hacking and theft. It is important to choose a reputable and secure online wallet.

Mobile Wallets: These wallets are installed on smartphones and provide convenience for daily transactions. However, they are vulnerable to malware and the risk of losing the phone. Ensure you have proper security measures in place for your mobile wallet, such as enabling device passcodes and biometric authentication.

Software Wallets: These wallets are downloaded and installed on a computer. They offer greater security compared to online or mobile wallets, but their reliability depends on the security of the hardware and software. Keep your computer updated with the latest security patches and use reputable wallet software.

Hardware Wallets: These physical devices are specifically designed for storing private keys. They provide the highest level of security by isolating private keys from the internet. Hardware wallets, such as Ledger or Trezor, are recommended for secure storage of your private keys in Securing IEO STO ICO IDO and INO.

Regardless of the type of wallet you choose, there are some basic rules to follow to secure your funds in Securing IEO STO ICO IDO and INO:

Never share your seed phrase or private key with anyone, and avoid storing them digitally or online.
Make a backup copy of your seed phrase or private key on a physical medium such as paper, metal, or plastic. Store them in secure locations.
Use a strong password and PIN code to protect your wallet from unauthorized access.
Regularly update your wallet software to fix any bugs or vulnerabilities.
Utilize reputable antivirus and firewall software to protect your device from malware and hackers.

By following these security practices, you can significantly reduce the risk of losing your funds and ensure the safety of your investments in Securing IEO STO ICO IDO and INO.

Now, let’s explore how you can enhance the security and simplicity of your cryptocurrency transactions by using EviCore NFC HSM technology.

EviCore NFC HSM is a solution that safeguards your seed phrases and private keys in cryptocurrency using Near Field Communication (NFC) technology. With EviCore NFC HSM, you can store your seed phrases and private keys in an encrypted NFC tag or card, protected by a segmented key. This tag or card allows you to restore your wallet on any NFC-compatible device without exposing your sensitive data to the internet.

EviCore NFC HSM is compatible with major cryptocurrency wallets such as Ledger, Trezor, Metamask, Trust Wallet, and more. It also works seamlessly with popular cryptocurrency exchange platforms like Binance, Coinbase, and Kraken. This ensures optimal security and ease of managing your funds in cryptocurrency.

Here’s a step-by-step guide on how to use EviCore NFC HSM to secure your seed phrases and private keys in cryptocurrency:

Download the application that incorporates the EviCore NFC HSM technology on your NFC-compatible Android smartphone.
Pair the NFC HSM device with your smartphone using the unique pairing key.
Translate to English: Add the seed phrase by simply clicking on the multi-language BIP39 words provided during the creation of your secure cryptocurrency wallet, without typing anything on the keyboard, as EviCore NFC HSM performs real-time checksum verification of the seed phrase before securely encrypting and storing it in the NFC device.
You can also add the private key derived from the seed phrase without entering or scanning its QR code through the Android NFC application, which will automatically encrypt and store it in the NFC device in less than 5 seconds. You just need to indicate beforehand which blockchain your derived key belongs to before the registration pro

By utilizing EviCore NFC HSM, you can secure your seed phrases and private keys with maximum security and unparalleled ease of use. You no longer need to worry about losing or having your sensitive data stolen, as you can store them in a physical device that can be carried with you wherever you go. Additionally, you can securely share your seed phrases and private keys with others using encrypted RSA-4096 public keys or segmented key authentication, making it easier to transmit funds to your heirs.

EviCore NFC HSM technology is the ideal solution for securing your seed phrases and private keys in cryptocurrency, enabling you to fully embrace the opportunities offered by cryptocurrencies while minimizing unnecessary risks. If you’re interested in this innovative solution, visit Freemindtronic’s website or contact them for more information.

Additionally, if you’re seeking an alternative method to secure your crypto fundraising, you may consider EviCore HSM OpenPGP technology. This technology transforms your Android or iPhone into a hardware security module (HSM) for encrypting and storing your crypto keys. It leverages the highly secure OpenPGP standard, known for its reliability and security. To learn more about this technology and how it can help you safely fund your blockchain project, you can refer to this article link

Conclusion

In this article, we have provided insights into participating in various forms of cryptocurrency crowdfunding, including ICOs, IEOs, STOs, IDOs, and INOs. We have emphasized the importance of securing your seed phrases and private keys in Securing IEO STO ICO IDO and INO and introduced EviCore NFC HSM technology as a solution. By adopting EviCore NFC HSM, you can enhance the security and simplicity of your cryptocurrency transactions while mitigating risks. We hope this article has been informative and valuable to you. Should you have any questions or comments, feel free to leave them below.

Thank you for reading, and happy investing in Securing IEO STO ICO IDO and INO!

Digital Security, EviToken Technology, Technical News

EviCore NFC HSM Credit Cards Manager | Secure Your Standard and Contactless Credit Cards

Posted on June 14, 2023March 25, 2024 by FMTAD

14
Jun

EviCore NFC HSM Credit Cards Manager by Jacques Gascuel This article will be updated with any new information on the topic, and readers are encouraged to leave comments or contact the author with any suggestions or additions.

Discover EviCore NFC HSM: the revolutionary technology to secure your financial secrets

EviCore NFC HSM is a patented technology that allows you to store and manage your financial secrets in a secure electronic safe. With EviCore NFC HSM, you benefit from wireless access control, segmented key authentication and protection against cyberattacks. Find out how EviCore NFC HSM can enhance your financial security in this article.

2024 Digital Security

Kapeka Malware: Comprehensive Analysis of the Russian Cyber Espionage Tool

April 18, 2024

2024 Cyberculture Digital Security News Training

Andorra National Cyberattack Simulation: A Global First in Cyber Defense

April 15, 2024

2024 Digital Security

Apple M chip vulnerability: A Breach in Data Security

March 25, 2024

2024 Digital Security

Cybersecurity Breach at IMF: A Detailed Investigation

March 15, 2024

2024 DataShielder Digital Security PassCypher Phishing

Midnight Blizzard Cyberattack Against Microsoft and HPE: What are the consequences?

March 10, 2024

2024 Digital Security

PrintListener: How to Betray Fingerprints

February 22, 2024

2024 Articles Digital Security News

BitLocker Security: Safeguarding Against Cyberattacks

February 10, 2024

2024 Articles Digital Security News

How the attack against Microsoft Exchange on December 13, 2023 exposed thousands of email accounts

February 8, 2024

Discover our other articles on digital security

EviCore NFC HSM Credit Cards Manager is a powerful solution designed to secure and manage both standard and contactless credit cards. In this article, we will explore the features, benefits, and compliance of EviCore NFC HSM Credit Cards Manager in protecting your valuable payment cards

Standard and contactless credit cards are convenient and fast ways to pay for goods and services. They use NFC (Near Field Communication) technology to communicate with a compatible contactless card reader. You just have to tap or bring your card close to the reader, and the transaction is done in seconds.

However, standard and contactless credit cards also pose security risks. For example, someone could use an NFC scanner to read your card information remotely or use a fake reader to capture your card data. Moreover, if you lose your card or if it is stolen, someone could use it to make unauthorized purchases without your PIN or signature.

Fortunately, there is a solution that can help you protect your standard and contactless credit cards from these threats. It is called Credit Cards Manager. It is a function of EviCore NFC HSM or EviCore HSM OpenPGP technology that allows you to manage your standard and contactless credit cards securely. It uses NFC technology to communicate with your computer or mobile device. You can store up to 200 credit cards in the memory of Freemindtronic’s NFC HSM device or in the secure keystore of phones encrypted via EviCore. The number of records depends on the types of products developed with these technologies and the amount of information to be stored encrypted. You can also select the card you want to use for each transaction. The Credit Cards Manager function relies on EviBank technology, dedicated to securing payment systems including bank cards.

Exploring EviCore NFC HSM Credit Cards Manager

Credit Cards Manager is a function of EviCore NFC HSM or EviCore HSM OpenPGP technology that allows you to manage your standard and contactless credit cards securely. It uses NFC technology to communicate with your computer or mobile device.

You can store up to 200 credit cards in the memory of Freemindtronic’s NFC HSM device or in the secure keystore of phones encrypted via EviCore. The number of records depends on the types of products developed with these technologies and the amount of information to be stored encrypted.

You can also select the card you want to use for each transaction. The Credit Cards Manager function relies on EviBank technology, dedicated to securing payment systems including bank cards.

These technologies are available under patent license from Freemindtronic. They are compatible with various formats of Freemindtronic’s NFC HSM device (link). These technologies can be embedded in products designed and developed on demand in white label for Freemindtronic’s partners such as Fullsecure and Keepser.

In this article, we will focus on using Credit Cards Manager with an NFC HSM device in the form of a secure electronic card (NFC HSM Card). It is a hardware security module (HSM) that uses a highly secure and encrypted AES-256 post-quantum NFC eprom memory to protect and manage secrets (including digital keys such as an RSA-4096 key, AES-256 key, and ECC key), perform encryption and decryption functions, strong authentication, and other cryptographic functions.

What are the Benefits of using Credit Cards Manager?

Credit Cards Manager offers several benefits for managing standard and contactless credit cards, such as:

Strongbox function for anti-phishing protection and smart login: The Strongbox function offers advanced protection against phishing attempts by securely filling in credit card information on websites. It verifies the authenticity of websites and ensures that sensitive data is only automatically filled in on reliable and verified platforms. It also intelligently automates the process of filling in credit card information and logging into original websites.
Secure manager for credit cards: The Credit Cards Manager function uses the NFC HSM Card device to physically protect bank cards and verify their validity before authorizing their encrypted storage in the device’s memory. It also allows users to customize access levels for each stored card and define geographic access limitations.
Battery-free operation and longevity: The NFC HSM Card device operates without a battery, using the NFC signal from smartphones for power. This energy-efficient design ensures that the device retains stored data for up to 40 years without maintenance or external power sources. The device also has an intelligent OCR scanner for credit cards that is compatible with all bank cards in the world. It helps the user fill in the information fields of the card to be stored encrypted in AES-256 post-quantum in the device. It also prevents keyloggers and spyware from accessing card information on the phone.
COVID contactless security and compliance: Credit Cards Manager helps you avoid physical contact with your bank cards and payment terminals, reducing the risk of COVID-19 transmission. You can make secure contactless payments online, without needing your bank cards with or without NFC technology. You can also use auto-filling remotely via the local network or by sharing a connection via your phone. This feature improves convenience and protects your health.
NFC contactless security and compliance: Credit Cards Manager protects your bank cards from being scanned or read by malicious NFC devices. The NFC HSM Card device shields other credit cards from being detected by an NFC scanner when they are juxtaposed to the device. The device uses an anti-collision system that prevents other cards from being read by the NFC reader of the bank card. It also has a copper ground plane that short-circuits the NFC signals of credit cards when they are juxtaposed on or under the NFC HSM CARD. This is an effective physical protection of cards against all risks of attempted remote non-invasive attack.
Air gap security: Credit Cards Manager uses air gap security, physically isolating itself from computer networks. This ensures that the encrypted data of the NFC HSM Card device is stored exclusively in its non-volatile memory, preventing unauthorized access. By protecting itself from remote attacks, Credit Cards Manager strengthens protection against cyber threats. The use of information is encrypted end-to-end from the NFC HSM Card. All communication protocols are automatically encrypted from the NFC device. The sharing of bank card information contained encrypted in the device’s memory can be shared in air gap via a QR Code encrypted in RSA-4096 generated and managed from the NFC HSM CARD device. This sharing can also be shared encrypted in NFC Beam or in proximity between NFC Android phones.
Protection against fraudulent use: Credit Cards Manager ensures that your bank card information is not stored on computer systems, phones, or online shopping sites. This protects your privacy and anonymity. The encrypted data is transmitted securely to the computer system, protecting it from potential threats and unauthorized access. You can also erase sensitive data such as the CCV of bank cards since saved in the NFC HSM Card devices. Advantageously, the CVV physically erased from the bank card secures it from the risk of illicit use, especially online.

The Benefits of Using Credit Cards Manager

Benefits	Features
Strongbox function for anti-phishing protection and smart login	Advanced protection against phishing attempts by securely filling in credit card information on websites. Verification of website authenticity and automatic filling of sensitive data only on reliable and verified platforms. Intelligent automation of credit card information filling and login process to original websites.
Secure manager for credit cards	Physical protection of bank cards and verification of their validity before authorizing their encrypted storage in the device’s memory. Customization of access levels for each stored card and definition of geographic access limitations.
Battery-free operation and longevity	Use of smartphone NFC signal for power, without battery or external power sources. Retention of stored data for up to 40 years without maintenance. Intelligent OCR scanner for credit cards compatible with all bank cards in the world. Protection against keyloggers and spyware on the phone.
COVID contactless security and compliance	Avoidance of physical contact with bank cards and payment terminals, reducing COVID-19 transmission risk. Secure contactless payments online, without needing bank cards with or without NFC technology. Auto-filling remotely via local network or phone connection. Improved convenience and health protection.
NFC contactless security and compliance	Protection of bank cards from being scanned or read by malicious NFC devices. Shielding of other credit cards from being detected by an NFC scanner when juxtaposed to the device. Anti-collision system and copper ground plane to prevent other cards from being read by the NFC reader of the bank card. Effective physical protection of cards against all risks of attempted remote non-invasive attack.
Air gap security	Physical isolation from computer networks, preventing unauthorized access to encrypted data of the device. Protection against remote attacks, strengthening protection against cyber threats. End-to-end encryption of information from the NFC HSM Card. Sharing of encrypted bank card information in air gap via QR Code, NFC Beam or proximity between NFC Android phones.
Protection against fraudulent use	Guarantee that bank card information is not stored on computer systems, phones or online shopping sites. Protection of privacy and anonymity. Secure transmission of encrypted data to computer system, protecting it from potential threats and unauthorized access. Possibility to erase sensitive data such as CCV from NFC HSM Card devices.

Managing Standard and Contactless Credit Cards with EviCore NFC HSM Credit Cards Manager

To use Credit Cards Manager, follow these steps:

Download the Freemindtronic app compatible with EviCore NFC HSM technology on your NFC phone and the extension if you want to use it on your computer as well.
Connect the NFC HSM Card device to your computer or mobile device via NFC technology.
Register your credit cards in the application using the intelligent OCR scanner or by manually entering the card information.
Select the credit card you want to use for each transaction and confirm the various trust criteria that you have added, such as a password, PIN code, geozone, or fingerprint.
Enjoy secure contactless payments and online shopping with the NFC HSM Card device and the Strongbox function.

Section Break: Why is Credit Cards Manager Compliant with PCI DSS?

Credit Cards Manager is compliant with PCI DSS because it meets the requirements of the Payment Card Industry Data Security Standard (PCI DSS). This cybersecurity standard applies to any entity that stores, processes, or transmits cardholder data, such as credit card numbers. The PCI DSS aims to protect cardholder data from unauthorized access, fraud, and theft.

The PCI DSS includes 12 requirements for compliance, organized into six related groups called control objectives:

Build and maintain a secure network and systems.
Protect cardholder data.
Maintain a vulnerability management program.
Implement strong access control measures.
Regularly monitor and test networks.
Maintain an information security policy.

Credit Cards Manager complies with these requirements by implementing various features and security measures, such as the secure manager for credit cards, battery-free operation and longevity, COVID contactless security and compliance, air gap security, and protection against fraudulent use. By following PCI DSS, Credit Cards Manager demonstrates adherence to best practices for data security and the protection of cardholder data.

In conclusion, Credit Cards Manager is a secure and compliant solution for managing your standard and contactless credit cards. With its advanced features, robust security measures, and powerful Strongbox function, it offers enhanced data protection and convenience. Secure your credit cards with Credit Cards Manager today.

References

2023, Articles, Digital Security, Technical News

Remote activation of phones by the police: an analysis of its technical, legal and social aspects

Posted on June 11, 2023March 25, 2024 by FMTAD

11
Jun

Remote activation of phones by the police by Jacques Gascuel This article will be updated with any new information on the topic, and readers are encouraged to leave comments or contact the author with any suggestions or additions.

How does remote activation of phones by the police work?

An article of the bill on justice 2023-2027 raises controversy. It allows remote activation of mobile phones and capture of images or sound without the owner’s consent, for cases of organized crime or terrorism. How does this intelligence technique work? What are the conditions to use it? What are its advantages and disadvantages? What is the situation in other countries? We explain everything in this article.

2024 Digital Security

Kapeka Malware: Comprehensive Analysis of the Russian Cyber Espionage Tool

April 18, 2024

2024 Cyberculture Digital Security News Training

Andorra National Cyberattack Simulation: A Global First in Cyber Defense

April 15, 2024

2024 Digital Security

Apple M chip vulnerability: A Breach in Data Security

March 25, 2024

2024 Digital Security

Cybersecurity Breach at IMF: A Detailed Investigation

March 15, 2024

2024 DataShielder Digital Security PassCypher Phishing

Midnight Blizzard Cyberattack Against Microsoft and HPE: What are the consequences?

March 10, 2024

2024 Digital Security

PrintListener: How to Betray Fingerprints

February 22, 2024

2024 Articles Digital Security News

BitLocker Security: Safeguarding Against Cyberattacks

February 10, 2024

2024 Articles Digital Security News

How the attack against Microsoft Exchange on December 13, 2023 exposed thousands of email accounts

February 8, 2024

Discover our other articles on digital security

What is the new bill on justice and why is it raising concerns about privacy?

The bill on justice is a legislative project. It aims to modernize and simplify justice in France. It covers civil, criminal, administrative and digital justice. It also strengthens the investigation and prosecution of serious offenses, such as terrorism and organized crime.

One measure authorizes remote activation of phones by the police for some investigations. Article 3 “An unfailing commitment to better prevent radicalization and fight against terrorism” of the bill includes this measure. It modifies article 706-102-1 of the code of criminal procedure. This article defines how to activate remotely any electronic device that can emit, transmit, receive or store data.

This measure raises privacy concerns because it lets the police access personal or professional data in phones without the owners’ or possessors’ consent or knowledge. It also lets the police locate, record or capture sounds and images from phones without notification or justification. This measure may violate fundamental rights and freedoms, such as privacy, confidentiality, dignity, presumption of innocence and right to a fair trial.

What is remote activation of phones and how does it work?

Remote activation of phones by the police is an intelligence technique that allows law enforcement agencies to access data or record sounds and images from phones without the consent or knowledge of the phone users. This technique can be used for criminal investigations or national security purposes.

To remotely activate phones, law enforcement agencies need three factors: compatibility, connectivity, and security of the phones. They need to be compatible with the software or hardware that enables remote activation. They need to be connected to a network or a device that allows remote access. They need to have security flaws or vulnerabilities that can be exploited or bypassed.

Law enforcement agencies can remotely activate phones by three methods: exploiting vulnerabilities, installing malware, or using spyware on phones. Exploiting vulnerabilities means taking advantage of security flaws or weaknesses in the phone’s operating system, applications, or protocols. Installing malware means putting malicious software on the phone that can perform unauthorized actions or functions. Using spyware means employing software or hardware that can monitor or control the phone’s activity or data.

By remotely activating phones, law enforcement agencies can access data such as contacts, messages, photos, videos, location, browsing history, or passwords. They can also record sounds and images such as conversations, ambient noises, or camera shots. They can do this in real time or later by retrieving the data from the phone’s memory or storage.

What is the French bill on remote activation of phones by the police and what are its implications?

The French bill on remote activation of phones by the police is a legislative text that was promulgated on 25 May 2021. It is part of the justice orientation and programming bill for 2023-2027, which aims to modernize the justice system and reinforce its efficiency and independence.

The bill introduces a new article in the code of criminal procedure, which allows the judge of liberties and detention (at the request of the prosecutor) or the examining magistrate to order the remote activation of an electronic device without the knowledge or consent of its owner or possessor for the sole purpose of locating it in real time. This measure can be applied for crimes or misdemeanors punishable by at least five years’ imprisonment, a fairly broad criterion.

The bill also allows the judge of liberties and detention (at the request of the prosecutor) or the examining magistrate to order the remote activation of an electronic device without the knowledge or consent of its owner or possessor for the purpose of recording sounds and images from it. This measure can be applied only for crimes relating to organized crime and terrorism.

These measures cannot concern parliamentarians, journalists, lawyers, magistrates and doctors, nor the defendants when they are in the judge’s office or with their lawyer.

The bill also specifies that the remote activation of an electronic device must be done in a way that does not alter its functioning or data, and that the data collected must be destroyed within six months after their use.

The bill aims to provide law enforcement agencies with more tools and information to prevent, investigate and prosecute crimes, especially in cases where phones are encrypted, hidden or destroyed. It also aims to harmonize the French legislation with other countries that have used or considered this technique, such as the United States, Germany, Italy, Israel, Canada, China, France, and the United Kingdom.

However, the bill also raises ethical and social challenges, as it involves a trade-off between security and privacy, as well as between effectiveness and legitimacy. It may undermine the right to respect for private life and the right to a fair trial, which are guaranteed by the European Convention on Human Rights and the French Constitution. It may also expose law enforcement agencies to legal or technical challenges or dangers, such as encryption technologies that can prevent or hinder remote activation. It may also create distrust or resistance among phone users or providers, who may use encryption technologies or legal remedies to protect their data or communications.

The bill has been criticized by several actors, such as lawyers, human rights defenders, digital rights activists, journalists and academics. They have denounced its lack of proportionality, necessity and oversight. They have also questioned its effectiveness and legitimacy. They have called for its withdrawal or amendment.

The bill is still subject to constitutional review by the Constitutional Council before its final promulgation.

How did the Senate vote on the bill and where to find the official sources?

The Senate adopted this measure on October 20, 2021, with some amendments. The Senate voted in favor of this measure by 214 votes against 121. The Senate also added some safeguards to this measure, such as limiting its duration to four months renewable once and requiring prior authorization from an independent judge.

The National Assembly still has to examine the bill before adopting it definitively. The National Assembly may approve, reject or modify this measure. The final text may differ from the one that the Senate voted.

The examination of the bill by the National Assembly will start on December 6, 2021. You can follow the progress of the bill on the website of the National Assembly. You can also find the official text of the bill and the report of the Senate on their respective websites. You can also consult the website of the Ministry of Justice for more information on the bill and its objectives.

What are the benefits and risks of remote activation of phones?

This technique can affect citizens’ and suspects’ behavior in different ways.

On one hand, it can deter people from serious offenses. It exposes them to a higher risk of detection and identification. It reduces their incentives for criminal activities.

On the other hand, it can also make people more cautious or paranoid. It increases their uncertainty and fear. It leads them to avoid electronic devices, encrypt their communications, or use countermeasures such as jamming devices.

This technique can also impact public safety and security positively and negatively.

On one hand, it can improve the efficiency and effectiveness of law enforcement agencies. It provides them with more information and evidence. It helps them prevent, investigate and prosecute crimes.

On the other hand, it can also pose risks for human rights and civil liberties. It allows intrusive and covert surveillance. It violates privacy, confidentiality and dignity. It can also be subject to abuse, misuse or error by law enforcement agents or hackers.

Finally, it can create a feeling of insecurity and mistrust towards institutions, which can access personal or professional data in phones. It can also harm respect for presumption of innocence by placing permanent suspicion on people targeted by this technique. It can also infringe on protection of journalistic sources or right to information by discouraging whistleblowers or witnesses from speaking freely. It can finally encourage people concerned to adopt avoidance or circumvention strategies, such as changing phones regularly, using encrypted applications or switching to airplane mode.

These strategies can reduce the actual effectiveness of this technique for preventing terrorism and organized crime.

What are the arguments in favor of remote activation of phones?

Some people support this technique because they think it has several advantages for law enforcement and public security.

How can remote activation of phones violate privacy and data protection?

One of the main arguments against this technique is that it can violate privacy and data protection for individuals and groups. Privacy and data protection are fundamental rights recognized by international standards and laws. They ensure human dignity and autonomy.

Remote activation of phones violates privacy and data protection by letting law enforcement agencies access personal or professional data without the owners’ or possessors’ consent or knowledge. It also lets law enforcement agencies access sensitive or confidential data without notification or justification. It also lets law enforcement agencies access excessive or irrelevant data without limitation or proportionality.

For example, remote activation of phones could let the police access medical records, financial transactions, political opinions, religious beliefs, sexual preferences, or other intimate information on a device or a communication. It could also let the police access information that is not related to the investigation or that is out of scope on a device or a communication. It could also let the police access information that is not necessary or appropriate for the investigation or that is disproportionate to the seriousness of the offense on a device or a communication.

How can remote activation of phones improve access to justice and evidence?

Another argument in favor of this technique is that it can improve access to justice and evidence for law enforcement agencies and victims of crimes. Justice and evidence ensure the rule of law and the protection of rights.

Remote activation of phones improves access to justice and evidence by letting law enforcement agencies obtain information that is otherwise inaccessible or difficult to obtain. It also lets law enforcement agencies obtain information that is more reliable and accurate than other sources. It also lets law enforcement agencies obtain information that is timelier and more relevant than other sources.

For example, remote activation of phones could help the police access data that is encrypted or password-protected on a device or a communication. It could also help the police access data that is authentic and verifiable on a device or a communication. It could also help the police access data that is up-to-date and pertinent on a device or a communication.

What are the arguments against remote activation of phones?

Some people oppose this technique because they think it has several disadvantages for human rights and civil liberties.

How can remote activation of phones violate privacy and data protection?

How can remote activation of phones undermine the presumption of innocence and the right to a fair trial?

Another argument against this technique is that it can undermine the presumption of innocence and the right to a fair trial for individuals and groups. The presumption of innocence and the right to a fair trial are fundamental rights recognized by international standards and laws. They ensure justice and accountability.

Remote activation of phones undermines the presumption of innocence and the right to a fair trial by letting law enforcement agencies access data that they can use against individuals or groups without any legal basis or due process. It also lets law enforcement agencies access data that they can manipulate or falsify by law enforcement agents or hackers. It also lets law enforcement agencies access data that individuals or groups can challenge or contest.

For example, remote activation of phones could let the police access data that they can incriminate individuals or groups without any warrant or authorization from a judge. It could also let the police access data that they can alter or corrupt by law enforcement agents or hackers. It could also let the police access data that individuals or groups can dispute or refute.

How can remote activation of phones create a risk of abuse and misuse by the authorities?

Another argument against this technique is that it can create a risk of abuse and misuse by the authorities for individuals and groups. Abuse and misuse are illegal or unethical actions that violate rights and obligations. They damage trust and legitimacy.

Remote activation of phones creates a risk of abuse and misuse by the authorities by letting law enforcement agencies access data that they can use for purposes other than those authorized or intended. It also lets law enforcement agencies access data that they can share or disclose to third parties without any oversight or control. It also lets law enforcement agencies access data that they can retain or store for longer than necessary or permitted.

For example, remote activation of phones could let the police access data that they can use for political, personal, commercial, or other interests on a device or a communication. It could also let the police access data that they can transfer or leak to other agencies, organizations, media, or individuals on a device or a communication. It could also let the police access data that they can keep or archive for indefinite periods on a device or a communication.

What are the alternatives and safeguards for remote activation of phones?

Some people suggest that there are alternatives and safeguards for remote activation of phones that can balance security and privacy.

What are the existing legal tools to access phone data with judicial authorization?

One of the alternatives for remote activation of phones is to use existing legal tools to access phone data with judicial authorization. Judicial authorization is a legal requirement that ensures respect for rights and obligations. An independent and impartial judge grants it after evaluating the necessity and proportionality of the request.

Existing legal tools to access phone data with judicial authorization include search warrants, wiretaps, geolocation orders, data requisitions, and international cooperation agreements. These tools let law enforcement agencies obtain information from phones in a lawful and transparent manner. They also provide legal protection and recourse for individuals and groups.

For example, search warrants let law enforcement agencies physically seize phones and extract data from them with judicial authorization. Wiretaps let law enforcement agencies intercept calls and messages from phones with judicial authorization. Geolocation orders let law enforcement agencies track the location of phones with judicial authorization. Data requisitions let law enforcement agencies request data from phone operators or service providers with judicial authorization. International cooperation agreements let law enforcement agencies exchange data with foreign authorities with judicial authorization.

What are the principles and conditions for remote activation of phones according to the bill?

One of the safeguards for remote activation of phones is to follow the principles and conditions for remote activation of phones according to the bill. The bill on justice sets some rules and limits for this technique to prevent abuse and misuse.

The principles and conditions for remote activation of phones according to the bill include:

The technique can only be used for terrorism and organized crime investigations.
An independent judge who authorizes it must supervise the technique. The technique can only last for four months renewable once.
The technique must respect necessity, proportionality, subsidiarity, and legality.
Parliament and independent authorities must oversee and control the technique.
Experts and stakeholders must evaluate and review the technique.

These principles and conditions aim to ensure a reasonable and accountable use of this technique. They also aim to protect the rights and interests of individuals and groups.

What are the possible ways to limit or challenge remote activation of phones?

Another safeguard for remote activation of phones is to use possible ways to limit or challenge remote activation of phones by individuals or groups. These ways can help protect rights and interests, as well as ensure accountability and transparency.

Some of the possible ways to limit or challenge remote activation of phones are:

Using encryption technologies:
Encryption technologies can make data on phones unreadable or inaccessible to law enforcement agencies, even if they remotely activate them. Encryption technologies can also protect communications from law enforcement agencies’ interception or recording. For example, using end-to-end encryption apps, such as Signal or WhatsApp, can prevent law enforcement agencies from accessing messages or calls on phones.
Using security features:
Security features can prevent law enforcement agencies from installing or activating software or applications on phones that enable remote activation. Security features can also detect or remove software or applications that enable remote activation. For example, using antivirus software, firewalls, passwords, biometrics, or VPNs can prevent law enforcement agencies from accessing phones.
Using legal remedies:
Legal remedies can let individuals or groups contest or oppose remote activation of phones by law enforcement agencies. Legal remedies can also let individuals or groups seek compensation or redress for damages caused by remote activation of phones. For example, using judicial review, administrative appeals, complaints, lawsuits, or human rights mechanisms can challenge law enforcement agencies’ actions or decisions regarding remote activation of phones.

How does this technique compare with other countries?

Law enforcement agencies in other countries, such as the United States, Germany, Italy, Israel, Canada, China, France, and the United Kingdom, have used or considered remote activation of phones by the police. This technique is not new or unique. However, the legal framework, the technical methods, and the ethical and social implications of this technique vary from country to country..

How does remote activation of phones by the police work in different countries?

Remote activation of phones by the police is an intelligence technique that varies from country to country. It depends on the legal framework, the technical methods and the ethical issues of each country. Here are some examples of how it works in different countries.

In the United States, this technique is known as “roving bugs” or “mobile device tracking”. The Foreign Intelligence Surveillance Act (FISA) authorizes it for national security purposes and Title III of the Omnibus Crime Control and Safe Streets Act for criminal investigations. It requires a court order based on probable cause and limited in scope and duration. It can locate or record sounds and images from phones. It can be done by installing malware or exploiting vulnerabilities on phones.
In Germany, this technique is known as “Quellen-TKÜ” or “source telecommunications surveillance”. The Code of Criminal Procedure and the Telecommunications Act regulate it for criminal investigations and the Federal Intelligence Service Act for national security purposes. It requires a court order based on reasonable suspicion and proportionality. It can intercept communications from phones. To do so, it installs software or uses spyware on phones.
In Italy, this technique is known as “Trojan horse” or “spyware”. The Code of Criminal Procedure and the Data Protection Code regulate it for criminal investigations. It requires a court order based on serious indications of guilt and necessity. It can access data or record sounds and images from phones. To do so, it installs software or uses spyware on phones.
In Israel, this technique is known as “IMSI catchers” or “stingrays”. The Wiretapping Law and the Privacy Protection Law regulate it for criminal investigations and the Security Service Law for national security purposes. It requires a court order based on reasonable grounds and proportionality. It can locate or intercept communications from phones. To do so, it uses devices that mimic cell towers and trick phones into connecting to them.
In Canada, this technique is known as “cell site simulators” or “IMSI catchers”. The Criminal Code and the Charter of Rights and Freedoms regulate it for criminal investigations. It requires a court order based on reasonable grounds and proportionality. It can locate or intercept communications from phones. To do so, it uses devices that mimic cell towers and trick phones into connecting to them.
In China, this technique is known as “network interception” or “remote control”. The Criminal Procedure Law and the Cybersecurity Law regulate it for criminal investigations and national security purposes. It does not require a court order but only an approval from a higher authority. It can access data or record sounds and images from phones. To do so, it installs software or uses spyware on phones.
In France, real-time geolocation is regulated by the Criminal Procedure Code and the Intelligence Law for criminal and national security investigations. Article 706-102-1 of the Criminal Procedure Code allows police officers and agents to use a technical device to access, record, store and transmit computer data without the consent of the persons concerned. This requires a court order based on serious reasons and proportionality. Article 230-32 of the Criminal Procedure Code states that “Any technical means for real-time location, throughout the national territory, of a person, without his consent, a vehicle or any other object, without the consent of its owner or possessor, may be used if this operation is required by necessity: “. This also requires a court order based on serious reasons and proportionality.
In the United Kingdom, this technique is known as “equipment interference” or “hacking”. The Investigatory Powers Act regulates it for criminal investigations and national security purposes. It requires a warrant based on necessity and proportionality. It can access data or record sounds and images from phones. To do so, it installs software or uses spyware on phones.

How does remote activation of phones by the police raise ethical and social challenges?

Remote activation of phones by the police raises ethical and social challenges in different contexts and situations because it involves a trade-off between security and privacy, as well as between effectiveness and legitimacy.

Security versus privacy

On one hand, remote activation of phones by the police can enhance security by providing law enforcement agencies with more information and evidence to prevent, investigate, and prosecute crimes. It can also deter criminals from using phones to plan or commit crimes.

On the other hand, remote activation of phones by the police can undermine privacy by letting law enforcement agencies access personal or professional data without consent or knowledge. It can also violate human rights and civil liberties by letting law enforcement agencies monitor or record sounds and images without notification or justification.

Effectiveness versus legitimacy

On one hand, remote activation of phones by the police can be effective by increasing the chances of finding relevant information or evidence on phones that may be encrypted, hidden, or destroyed. It can also be efficient by reducing the costs and risks of physical surveillance or interception.

On the other hand, remote activation of phones by the police can be illegitimate by violating the legal framework, the technical methods, or the oversight and control mechanisms that regulate this technique in each country. It can also be counterproductive by creating distrust or resistance among phone users or providers, who may use encryption technologies or legal remedies to protect their data or communications.

The ethical and social challenges of remote activation of phones by the police depend on the legal framework, the technical methods, and the oversight and control mechanisms that regulate this technique in each country. They also depend on the cultural and political values, the public opinion, and the media coverage that shape the perception and acceptance of this technique in each country.

Some of the ethical and social challenges of remote activation of phones by the police are how to :

balance security and privacy in the use of this technique?
ensure compliance with fundamental rights and freedoms in the use of this technique?
prevent abuse, misuse, or error in the use of this technique?
provide legal protection and recourse for individuals or groups affected by this technique?
ensure accountability and transparency in the use of this technique?
evaluate the effectiveness and legitimacy of this technique?
foster trust and cooperation between law enforcement agencies and phone users in the use of this technique?

What is the impact of encryption technologies on this technique?

Encryption technologies are methods or systems that make data unreadable or inaccessible to unauthorized parties. Encryption technologies can have a significant impact on remote activation of phones by the police, as they can make this technique more difficult, risky, or controversial.

How can encryption technologies make remote activation of phones by the police more difficult or impossible?

Encryption technologies can make remote activation of phones by the police more difficult or impossible by preventing law enforcement agencies from accessing data or communications on phones, even if they remotely activate them. Encryption technologies can also protect phones from malware or spyware that enable remote activation.

For example, end-to-end encryption, which some apps such as Signal or WhatsApp use, can prevent law enforcement agencies from intercepting or reading messages or calls on phones, as only the sender and the receiver have the keys to decrypt them. Device encryption, which some operating systems such as iOS or Android use, can prevent law enforcement agencies from extracting or viewing data on phones, as they require a password or a biometric authentication to unlock them.

How can encryption technologies make remote activation of phones by the police more risky or harmful?

Encryption technologies can make remote activation of phones by the police more risky or harmful by exposing law enforcement agencies to legal or technical challenges or dangers. Encryption technologies can also harm phone users by compromising their security or privacy.

For example, breaking encryption, which law enforcement agencies sometimes do to access data or communications on phones, can expose them to legal challenges, as it may violate laws or regulations that protect encryption or privacy. It can also expose them to technical dangers, as it may weaken the security of phones or networks and create vulnerabilities for hackers or criminals. Hacking encryption, which law enforcement agencies sometimes do to install malware or spyware on phones, can harm phone users by compromising their security or privacy, as it may allow unauthorized access to their data or functions.

How can encryption technologies make remote activation of phones by the police more controversial or unacceptable?

Encryption technologies can make remote activation of phones by the police more controversial or unacceptable by raising ethical and social issues or debates. Encryption technologies can also create conflicts or tensions between law enforcement agencies and phone users or providers.

For example, undermining encryption, which law enforcement agencies sometimes request to facilitate remote activation of phones, can raise ethical and social issues or debates, as it may affect human rights and civil liberties, such as privacy, confidentiality, dignity, presumption of innocence, and right to a fair trial. It can also create conflicts or tensions between law enforcement agencies and phone users or providers. They may have different interests or values regarding encryption and security.

How does EviCore NFC HSM technology developed by Freemindtronic offer a high level of protection for phone users?

Remote activation of phones by the police can be facilitated by exploiting security flaws, installing malware, or requesting backdoors in encryption technologies. However, some encryption technologies may be resistant to these measures and offer a higher level of protection for phone users. One of them is the EviCore NFC HSM technology developed by Freemindtronic.

This technology lets users create their own encryption keys in a random way and store them in a physical device that communicates with the phone via NFC (Near Field Communication). The device also lets users define their own trust criteria that must be met to use the keys or their segments. The encryption is done in post-quantum AES-256 mode from either a device compatible with the EviCore NFC HSM technology or from an encrypted enclave in the phone created in the Key chain (Apple) or the Key store (Android) via the EviCore HSM OpenPGP technology. The encryption keys are segmented and superior to 256 bits. Moreover, they are physically externalized from computer systems. Everything is designed by Freemindtronic to effectively fight against espionage and corruption of telephone, computer, communication and information systems. Finally, without a server, without a database, even in air gap and airplane mode works EviCore NFC HSM or EviCore HSM OpenPGP technology. Everything is designed to work in volatile memory to leave no trace in telephone and computer systems.

This technology offers a high level of security and privacy for phone users who want to protect their data from unauthorized access, including by the police. It also offers a high level of performance and usability for phone users who want to encrypt or over-encrypt all types of messaging in the world, including SMS and MMS. It also works with other applications that use encryption, such as email, cloud storage or blockchain.

Furthermore, this technology is designed to be totally anonymous, autonomous, unconnected, without a database, without collecting any information of any kind on the identity of the user, nor on the hardware, nor on the terminals used. The technology is designed to be totally isolated and totally independent of the security of the terminal used whether it is connected or not. Freemindtronic does not keep the unique pairing keys for each NFC HSM device. And even if it did, the user at installation will automatically generate segmented complementary keys for encryption with administrator and user passwords. Each NFC device has a unique 128-bit signature dedicated to fighting against counterfeiting of NFC devices. It is also used as a key segment. The secret stored in eprom memories or in enclaves of the phone and/or computer can be individually secured by other segmented keys characterized by additional trust criteria such as a geozone, a random hexadecimal code via an existing or generated QR code or Bar Code via EviCore HSM. It is therefore physically impossible for Freemindtronic but under judicial assignment to decrypt data encrypted via EviCore HSM technologies even with a quantum computer.

Conclusion

Remote activation of phones by the police is an intelligence technique. It aims to fight terrorism and crime by accessing data or sounds and images from phones without consent or knowledge. Law enforcement agencies in various countries have used or considered this technique. For example, France, the United States, Germany, Italy, Israel, Canada, China, and the United Kingdom. However, this technique raises technical, legal, ethical, and social challenges. They need to be addressed.

On the technical side, remote activation of phones by the police depends on three factors: compatibility, connectivity, and security of the phones. It can be done by three methods: exploiting vulnerabilities, installing malware, or using spyware on phones.For example, EviCore NFC HSM technology developed by Freemindtronic protects data and communications on phones from remote activation by the police. Encryption technologies can make this technique more difficult or impossible by preventing law enforcement agencies from accessing data or communications on phones, even if they remotely activate them.

On the legal side, remote activation of phones by the police requires a legal framework that regulates its use and scope. Laws or regulations can authorize it and specify the conditions and criteria for its application. Legal remedies can also challenge it and contest or oppose its validity or legality.

On the ethical side, remote activation of phones by the police involves a trade-off between security and privacy, as well as between effectiveness and legitimacy. It can enhance security by providing more information and evidence to law enforcement agencies to prevent, investigate, and prosecute crimes. It can also undermine privacy by letting law enforcement agencies access personal or professional data without notification or justification.

On the social side, remote activation of phones by the police raises issues or debates that affect human rights and civil liberties. For example, privacy, confidentiality, dignity, presumption of innocence, and right to a fair trial. It can also create conflicts or tensions between law enforcement agencies and phone users or providers, as they may have different interests or values regarding encryption and security.

Therefore, remote activation of phones by the police is a complex and controversial technique that requires a careful and balanced approach that respects the rights and interests of all parties involved. The French bill on remote activation of phones by the police and the EviCore NFC HSM Open PGP technology developed by Freemindtronic illustrate the complex and evolving relationship between intelligence and encryption in the digital age. They raise questions about finding a balance. It is between security and privacy, between public interest and individual rights, between innovation and regulation.

: According to Okta, privacy is the right to control how your information is viewed and used, while security is protection from threats or dangers (https://www.okta.com/identity-101/privacy-vs-security/).

: According to Carnegie Endowment for International Peace, finding a balance between security and privacy requires addressing technical, legal, and social questions (https://carnegieendowment.org/2019/09/10/moving-encryption-policy-conversation-forward-pub-79573).

: According to Springboard, finding a balance between innovation and regulation requires cooperation among stakeholders and respect for human rights (https://www.springboard.com/blog/cybersecurity/privacy-vs-security-how-to-balance-both/).

Sign up for Newsletter

Why some EU countries don’t want the unitary patent

Why some EU countries are not on board

What is the unitary patent?

What is the current status of the unitary patent?

The UPC Agreement

The main obstacle and challenges

What are the advantages?

How does the unitary patent compare with other patent systems?

The European Patent Convention (EPC)

The Patent Cooperation Treaty (PCT)

The Eurasian Patent Convention (EAPC)

How Freemindtronic’s international patents are related to the unitary patent

Our patent options

Our patent strategy

Conclusion

How can legal issues of the unitary patent for non-participating countries be resolved?

What are the disadvantages?

What are the best practices or strategies for using or avoiding the unitary patent?

The scope of protection

The cost of protection

The risk of invalidation

The enforcement of rights

Why do some EU countries not want to join the unitary patent

What are the consequences of these countries’ exclusion from the unitary patent?

What are the legal issues of the unitary patent for non-participating countries?

Conclusion

Protéger les e-mails américains contre les pirates chinois avec la technologie HSM NFC EviCypher

How EviCypher NFC HSM technology can protect emails from Chinese hackers

The Chinese hack on US emails: what happened and why it matters

How EviCypher NFC HSM technology could have prevented the Chinese hack on US emails

What is EviCypher NFC HSM and how does it work?

How EviCypher NFC HSM could have prevented the Chinese hack on US emails?

How to protect your emails and messages with EviCypher NFC HSM?

Webmail services: how to protect your emails and attachments with EviCypher NFC HSM?

Instant messaging services: how to protect your messages with EviCypher NFC HSM?

SMS: how to protect your SMS messages with EviCypher NFC HSM?

Statistics on email attacks against the US

What is EviCore HSM OpenPGP and how does it protect your emails from Chinese hackers?

What are the advantages of EviCore HSM OpenPGP?

How EviCypher HSM Technology is protected by patents

Conclusion

Ommic case: A scandal of military industrial espionage

Ommic case: The story of a French semiconductor company accused of spying for China and Russia

What is Ommic?

Why did Macom buy Ommic?

What are the technological secrets delivered by Ommic?

What are the consequences of the Ommic case?

How did Macom react to the Ommic case?

Are these measures enough to ensure the security and competitiveness of France in the field of semiconductors?

What are the challenges and opportunities that arise for the future?

What are some other examples of military industrial espionage cases in the world?

How to prevent and combat military industrial espionage?

The complexity and dynamics of industrial espionage with a military character

Conclusion: The Ommic case and the challenges of industrial espionage with a military character

Unveiling the Encounter: EviVault NFC HSM vs Flipper Zero

EviVault NFC HSM vs Flipper Zero: The duel of an NFC HSM and a Pentester

How EviCore NFC HSM protects and encrypts your secrets with a secure element

EviCore NFC HSM: a fortress for your secrets EviVault NFC HSM vs Pentester

The Interaction between EVI and the NFC HSM: Securing Secrets in the EviVault NFC HSM vs Flipper Zero Duel

The Importance of External Elements in the EviVault NFC HSM vs Flipper Zero Duel

Superior Encryption and Deterrence against Unauthorized Access in the EviVault NFC HSM vs Flipper Zero Duel

Comprehensive Defense against Cyber Threats in the EviVault NFC HSM vs Flipper Zero Duel

How Flipper Zero reads and emulates NFC cards

Flipper Zero’s Capabilities and Limitations in Attacking EviVault NFC HSM

Flipper Zero’s Support of NFC-V Protocol and Emulation

A New Feature in Firmware 0.85.2

A Potential Threat for EviVault NFC HSM

Documentation

Flipper Zero’s Lack of Support for Energy Harvesting and Password Protection

Two Features of M24LR64E-R and ST25DV64KC Chips

Two Limitations for Flipper Zero in Attacking EviVault NFC HSM

Documentation

Conclusion

Comparison table of EviVault NFC HSM and Flipper Zero features

How Freemindtronic uses digital signature to secure its software

What is digital signature?

Why choose EV Code Signing Certificate Highest level of Security?

How does digital signature benefit users?

Discover Secure Password Management with PassCypher NFC HSM and PassCypher Pro NFC HSM