Category Archives: 2023

2023, Awards, Fortress Cyber Security Award

DataShielder HSM Fortress Award 2023: Andorran Data Encryption Solution

Posted on by FMTAD
DataShielder HSM, FullSecure's Andorran solution featuring Freemindtronic technologies, wins the 2023 Fortress Award
20
Sep

DataShielder HSM, Fullsecure’s Andorran data encryption solution featuring Freemindtronic technologies, wins the 2023 Fortress Award

We are proud to announce that our Andorran DataShielder HSM solution from Fullsecure, developed by Freemindtronic, has won the Fortress 2023 Cyber Security Award in encryption in the product and service category. This award, awarded by the Business Intelligence Group, recognizes the excellence and innovation of companies around the world, products and people in the field of cybersecurity. DataShielder HSM from Fullsecure is a serverless encryption solution that uses EviCore HSM OpenPGP technology from Freemindtronic. This technology creates Hybrid Hardware Security Modules (H-HSM) on any device, such as computers, phones, cloud storage, HDs, SSDs, SD cards, and USB media. By combining hardware and software, the hardware securely stores keys, ensuring high-level security, while the software handles encryption and signing. This hybrid approach leverages the strengths of both components, providing robust security and flexibility.

DataShielder HSM is an innovative solution that manages and generates various types of tokens (identifiers, passwords, certificates, encryption keys, etc.) on any medium, whether connected or not. It offers high security and performance by encrypting, signing, and authenticating data with keys stored in self-created secure hardware modules. DataShielder HSM transforms any device into a Hardware Security Module (HSM) without the need for servers or databases, ensuring total anonymity, untraceability, and undetectability. The DataShielder HSM range is a comprehensive ecosystem that addresses numerous safety and cybersecurity needs, particularly in mobility.

DataShielder HSM also incorporates the EviSign technology developed by Freemindtronic, which allows electronically signing documents with a legally recognized value. EviSign uses the OpenPGP protocol to ensure the integrity, authenticity and non-repudiation of signatures. EviSign is compatible with all document formats (PDF, Word, Excel, etc.) and can be used with any NFC reader or smartphone.

The Fortress 2023 Cyber Security Award acknowledges the work and expertise of Freemindtronic, who offers innovative and adapted solutions to the current and future challenges of cybersecurity. Freemindtronic is proud of this distinction and thank the jury of the contest as well as their customers and partners for their trust and support.

DataShielder HSM was presented in a Dual-Use version in June 2022 at Coges Eurosatory (https://www.eurosatory.com), the international defense and security exhibition. This version allows DataShielder HSM Hybrid Encryption Solutions to be used for both civil and military applications, offering a level of protection adapted to each context. The Dual-Use version of DataShielder HSM will soon be available in a civilian version by the end of October 2023, to meet the growing demand from individuals and professionals keen to protect their sensitive data.

We are very proud that DataShielder HSM from Fullsecure has been awarded the Fortress Cyber Security Award 2023”, said Christine Bernard, director of Fullsecure. “Our solution provides an innovative and adapted response to the current and future challenges of cybersecurity. We thank the Business Intelligence Group for this distinction, as well as our customers and partners for their trust and support.

“We are also very happy to be the first Andorran company to have applied for the Fortress Cyber ​​​​Security Award created in 2018 by the Business Intelligence Group. The Business Intelligence Group is an organization that recognizes true talent and superior performance in the business world. Its Fortress Cyber ​​Security Award aims to identify and recognize the world’s leading companies and products working to protect our data and electronic assets against a growing threat from hackers.”

Fortress Cyber security Award 2023 logo
Dylan DA COSTA FERNANDES gerent programador de DataShielder HSM a Freemindtronic premi Fortress Cybersecurity award 2023
Eric Casanova programador de DataShielder HSM a Freemindtronic premi Fortress Cybersecurity award 2023
Hugo Goncalves Oliveira co-gerent programador de DataShielder HSM a Freemindtronic premi Fortress Cybersecurity award 2023
Alex Garcia Sanchez programador de DataShielder HSM a Freemindtronic premi Fortress Cybersecurity award 2023
Adrian Serrano Gómez programador de DataShielder HSM a Freemindtronic premi Fortress Cybersecurity award 2023
Victor Gil Feliu programador de DataShielder HSM a Freemindtronic premi Fortress Cybersecurity award 2023
Jacques Gascuel Inventor de datashielder HSM CEO de Freemindtronic Andorra el Premi Fortress 2023 cat

DataShielder HSM OpenPGP: Una solució de xifratge 100% andorrana

En resum, DataShielder HSM OpenPGP és una solució innovadora que permet crear mòduls de seguretat hardware (HSM) en qualsevol tipus de suport (ordinador, telèfon, núvol, HD, SSD, SD, clau USB) per xifrar i signar qualsevol tipus de dada. Aquesta solució utilitza la tecnologia EviCore HSM OpenPGP desenvolupada per Freemindtronic, una empresa andorrana titular de patents internacionals i líder en les tecnologies NFC HSM. Aquesta tecnologia ofereix un alt nivell de seguretat i rendiment.

Es tracta del primer producte dedicat a la gestió de claus de xifratge i de xifratge per HSM 100% andorrà. En efecte, l’equip de desenvolupament de DataShielder HSM OpenPGP és 100% d’una formació de la Universitat d’Andorra, l’única universitat pública del país. La Universitat d’Andorra és reconeguda per la seva excel·lència acadèmica i la seva recerca innovadora en els àmbits de les ciències, l’enginyeria i les tecnologies de la informació. L’equip de desenvolupament de DataShielder HSM OpenPGP va ser coordinat per un enginyer de programari de la Universitat Politècnica de Catalunya (UPC) i professor de la Universitat d’Andorra. Això fa de DataShielder HSM OpenPGP el primer sistema de xifratge d’origen andorrà a haver rebut un premi internacional, el “Fortress Cybersecurity Award”.

Aquesta solució testimonia el saber fer i el potencial d’Andorra en el camp de la ciberseguretat i el xifratge de les dades. DataShielder HSM OpenPGP és una solució que respon a les necessitats actuals i futures de les empreses i els particulars que volen protegir les seves dades sensibles al núvol o als sistemes informàtics, oferint una nova solució en el camp de la sobirania de les dades.

You will soon be able to learn more about the DataShielder HSM product line at Fullsecure. Without waiting you can already learn more about the Freemindtronic technologies embedded in DataShielder HSM, by clicking on the following links:

To learn more about the Fortress 2023 Cyber Security Award and other winners, you can visit the following sites:

Premsa Nacional d’Andorra:

DataShielder HSM de la revista de tecnologia Freemindtronic Fullsecure i incrustada Bondia 29 de setembre de 2023
Diari Andorra dijous 5 octubre del 2023: Fullsecure Guanya el Premi Fortress Andorra national press

News provided by Fortress® Cybersecurity Award 2023 from Business Intelligence Group

The Business Intelligence Group was founded with the mission of recognizing true talent and superior performance in the business world. Unlike other industry award programs, these programs are judged by business executives having experience and knowledge. The organization’s proprietary and unique scoring system selectively measures performance across multiple business domains and rewards those companies whose achievements stand above those of their peers.

May 31, 2023 Related Link: https://www.bintelligence.com/posts/105-people-companies-and-products-named-in-2023-fortress-cyber-security-awards

Fullsecure DataShielder HSM Fortress Award Jacques Gascuel inventor CEO de Freemindtronic Andorra el premi fortress 2023 de Business Intelligence Group

Awards Fortress Cyber Security Award

DataShielder HSM, la solució Xifratge de dades andorrana de Fullsecure – Freemindtronic, guanya el Premi Fortress 2023
September 22, 2023
DataShielder HSM, FullSecure's Andorran solution featuring Freemindtronic technologies, wins the 2023 Fortress Award

2023 Awards Fortress Cyber Security Award

DataShielder HSM Fortress Award 2023: Andorran Data Encryption Solution
September 20, 2023
Gold Globee Winner 2022 at the Cyber Security Global Excellence Awards Cyber Computer NFC Freemindtronic Andorra

2022 Awards Cybersecurity EviCypher Technology

Gold Globee Winner 2022 Cyber Computer NFC
February 24, 2022
Keepser Group Award CES 2022 for Keepser product NFC Cold Wallet Cryptocurrency contactless

Awards CES Awards Keepser New

Keepser Group Award CES 2022
January 9, 2022
Secure Card de Bleujour CES 2022 by Freemindtronic Andorra contactless data encryption from an NFC HSM security hardware module

2022 Events EviCypher NFC HSM Exhibitions Licences Freemindtronic NFC Contactless

Secure Card CES 2022
January 5, 2022
E&T Innovation Awards Cybersecurity 2021

2021 Cybersecurity Distinction Excellence EviCypher Technology finalists

E&T Innovation Awards Cybersecurity
November 30, 2021
2021 E&T Innovation Awards Freemindtronic Andorra EviCypher Technology finalist Communications & IT

2021 Awards Communications Distinction Excellence EviCypher Technology finalists IT

E&T Innovation Awards Communications & IT
November 30, 2021
Highly Commended at National Cyber Awards certificate showing Freemindtronic's 2021 award for Innovation in Cybersecurity.

2021 Distinction Excellence The National Cyber Awards

Highly Commended at National Cyber Awards: Freemindtronic’s 2021 Success
September 27, 2021
Finalists The National Cyber Awards 2021 Freemindtronic Andorra with EviCypher Technology

2021 Awards Distinction Excellence finalists

Finalists The National Cyber Awards 2021
September 14, 2021
Geneva International Exhibition of Inventions 2021 EviCypher HSM Technology Golden Medal Award Andorra Jacques Gascuel

Awards Cyberculture EviCypher Technology International Inventions Geneva NFC HSM technology

Geneva International Exhibition of Inventions 2021
May 30, 2021
List of Winners Global Infosec Awards 2021

Awards Global Infosec Awards News Press

List of Winners Global Infosec Awards 2021
May 19, 2021
Freemindtronic named Winner of the coveted Global Infosec Awards during RSA Conference 2021 with EviCypher and EviToken technologies patented

2021 Awards Distinction Excellence

Freemindtronic Named Winner of the Coveted Global InfoSec Awards during RSA Conference 2021
May 18, 2021
EviCypher Gold Medal 2021 best invention worldwide gold medal Geneva International Inventions computer sciences software electronics electricity method communication Contactless Hardware Secrets Keeper

2021 Awards International Inventions Geneva

EviCypher Gold Medal 2021 of the Geneva International Inventions
March 16, 2021

2017 Awards Embedded System Awards IoT

Award 2017 MtoM & Embedded System & IoT
September 25, 2017
Award RCO 2017 Hardware Wallet password Manager secured contactless with NFC rugged EviTag by Freemindtronic Made in Andorra

2017 Awards

Award RCO 2017 hardware wallet password manager secured contactless
March 17, 2017
Award FIC 2017 10th Most innovative international startup Fullsecure from Freemindtronic Andorra with EviToken Technology

2017 Cybersecurity finalists

Award FIC 2017 10th Most innovative international startup
January 14, 2017
Finalist Contactless Services Challenge Award 2015 EviKey NFC rugged USB Stick unlock contactless and EviDisk SSD Sata 3 by Freemindtronic Andorra Made in France Syselec

2015 finalists NFC Contactless

Finalist Contactless Services Challenge
March 12, 2015
FIC 2015 Distinction Excellence 19th most innovative international cybersecurity startup with Freemindtronic EviKey USB stick unlock contactless by nfc phone invented by Jacques Gascuel

2015 Awards Distinction Excellence EviKey & EviDisk

FIC 2015 Distinction Excellence 19th Most innovative international startup
February 12, 2015
Award 2014 NFC EviKey® the story of the first hardened USB stick and NFC EviDisk® SSD Sata 3 unlockable contactless by Freemindtronic Andorra

2014 Awards Embedded System Awards EviKey & EviDisk News

The story of the first NFC hardened USB stick EviKey
December 13, 2014
Embedded Trophy 2014 Freemindtronic Award 2014 Bercy Paris France EviKey NFC rugged USB Stick contactless unlock & NFC SSD Sata 3 Technology patented Andorra Copyright

2014 Awards Electronics Embedded System Awards EviKey & EviDisk

Embedded Trophy 2014 Freemindtronic
December 13, 2014

To improve in English: If you want to download images, Freemindtronic logo, you can access the Freemindtronic media kit, which contains various files and information related to the company and its products or awards. You will find the link to the media kit at the end of this article. In addition, if you prefer to read this article in another language, or download the press release, you can choose from the following options:

  • Download the press release in English by clicking here
  • Llegeix aquest article en català clica aquí

We hope you enjoyed this article and that you learned something interesting about Freemindtronic and its innovative technology.

[Kit de mitjans de Freemindtronic]
2023, Articles, EviKey & EviDisk, EviKey NFC HSM, News, NFC HSM technology, Technical News

Secure SSH Key Storage with EviKey NFC HSM

Posted on by FMTAD
EviKey NFC USB drive for secure SSH key storage. SSH Contactless keys manager, EviKey NFC & EviCore NFC HSM Compatible Technologies patented from Freemindtronic Andorra Made in France - JPG
16
Sep

Secure SSH Key Storage with EviKey NFC USB Drive | Advanced Encryption

Experience unparalleled secure SSH key storage with EviKey NFC USB. With advanced encryption, contactless NFC authentication, and programmable auto-lock, EviKey ensures your credentials remain safe from cyber threats. Moreover, discove and how EviKey enhances usability while keeping your digital assets safe with state-of-the-art features. how EviKey enhances usability while keeping your digital assets safe with state-of-the-art features

EviKey NFC USB: A Breakthrough in Secure SSH Key Storage

In the rapidly evolving cybersecurity landscape, secure SSH key storage has become a critical priority for organizations and individuals alike. The EviKey NFC USB drive combines NFC hardware-based security with advanced encryption and centralized key management options, offering unparalleled protection for your credentials. Unlike traditional methods, EviKey ensures your SSH keys remain secure from threats like brute force attacks, mismanagement, or secret sprawl. This guide explores how EviKey bridges the gap between usability and state-of-the-art security, empowering you to safeguard your digital assets effortlessly.

The Importance of Secure SSH Key Storage in Cybersecurity

SSH keys are fundamental to secure remote server access, but improper storage practices expose them to theft, misuse, and brute force attacks. Securing these credentials is a critical step in safeguarding digital assets and maintaining operational security.

Public Key Authentication: A Superior Alternative

SSH supports two authentication methods: passwords and public keys. However, while passwords are straightforward, they are vulnerable to brute force attacks and interception. By contrast, public key authentication, which pairs a private key stored securely with a public key shared on the server, provides a more robust, secure alternative.

Challenges in Managing SSH Keys

Despite its advantages, managing SSH keys introduces challenges:

  • Key Management: Handling multiple keys for different systems, which can lead to secret sprawl if not addressed.
  • Key Security: Ensuring secure SSH key storage to prevent loss or compromise.
  • Recovery: Restoring keys if a device is lost or damaged. Effective secret sprawl management is crucial for organizations to minimize the risk of unauthorized access and streamline key usage.

EviKey NFC USB drive addresses these issues head-on.

EviKey – Hardware Security vs. Software Security

Managing SSH keys effectively requires solutions that balance usability and robust security. While software-based systems, such as centralized secrets management platforms, offer scalability, they frequently introduce vulnerabilities, including dependency on external servers and potential data breaches. In contrast, hardware-based security, such as EviKey NFC USB, ensures unmatched protection by operating entirely offline. This approach eliminates reliance on external infrastructure, making it ideal for safeguarding sensitive credentials. Watch the demo.

Advantages of Hardware-Based Security

EviKey NFC USB actively protects SSH keys by combining advanced hardware encryption and robust physical security measures:

  • Offline Encryption: EviKey entirely removes online risks by keeping SSH keys offline. This design ensures complete protection against network-based attacks and unauthorized access.
  • AES-256 CBC Encryption via PassCypher: Leveraging PassCypher, EviKey encrypts SSH keys using AES-256 CBC encryption, paired with a secure password. This ensures that even if the device is compromised, keys remain inaccessible without proper authentication.
  • Tamper-Proof Design: Encased in military-grade resin, EviKey resists tampering and functions reliably in extreme environments, securing sensitive credentials at all times.

Risks of Software-Based Solutions

Despite their convenience, software-based systems face several limitations:

  • Secret Sprawl Risks: Centralized secrets management systems often create duplicated credentials across multiple servers or systems. This redundancy increases the chances of exposure to malicious actors.
  • Online Dependency: These platforms depend on cloud or server availability, making them susceptible to outages, breaches, and other external vulnerabilities.
  • Shared Responsibility Challenges: In multi-user environments, enforcing strict security policies is often difficult, leaving gaps that malicious actors can exploit.
  • Limited Encryption Practices: Many software solutions lack robust encryption, leaving SSH keys vulnerable to brute force attacks or phishing schemes.

Hybrid Approach for Enhanced Security

While centralized solutions are valuable for managing large-scale operations, EviKey NFC USB excels at protecting critical assets like sensitive SSH keys. By adopting a hybrid approach, organizations can pair centralized systems for scalability with EviKey’s offline storage to isolate and secure high-value secrets.

How EviKey Solves Secret Sprawl Challenges

Secret sprawl, a pervasive issue in many organizations, occurs when credentials proliferate across systems without proper oversight, creating unnecessary risks. EviKey directly addresses these risks by combining secure offline storage, granular access control, and robust traceability mechanisms.

  • Encrypted SSH Keys with PassCypher: EviKey uses AES-256 CBC encryption to protect SSH keys, requiring users to enter a secure password before accessing them. This added encryption ensures even unlocked devices cannot expose sensitive keys without proper credentials.
  • Centralized Offline Storage: EviKey consolidates SSH keys onto a single, tamper-resistant device. This reduces unnecessary copies and mitigates the risks of secret duplication or unauthorized sharing.
  • Controlled Access: Only authorized users with NFC-enabled devices and their unique PINs can unlock EviKey. This ensures credentials remain secure even if the device is lost or stolen.
  • Event Traceability with the Black Box: EviKey’s black box feature monitors device usage and logs random security events such as failed authentication attempts. Notably, the black box tracks device interactions, not the data stored on the USB flash memory. Once unlocked, EviKey functions seamlessly as a standard USB drive for usability.

This holistic approach effectively mitigates secret sprawl risks by isolating critical SSH keys in a secure, standalone device. Furthermore, EviKey’s offline design ensures that even in the absence of internet connectivity, your credentials remain fully protected. Combined with centralized solutions, this strategy provides both scalability and unparalleled security for high-value secrets.

How EviKey NFC Revolutionizes Secure SSH Key Storage

The EviKey NFC USB drive offers a hardware-based solution that externalizes SSH key storage. It secures private keys in a tamper-resistant device that can only be unlocked using contactless NFC authentication.

Key Features of EviKey NFC

Although centralized secrets management systems help organizations eliminate secret sprawl and automate key rotation, they still depend on external infrastructure. EviKey NFC USB complements these systems by providing NFC hardware-based security for critical credentials. It ensures your SSH keys are physically secure and invulnerable to network-based threats.

  • Contactless Authentication: Securely unlock your SSH key using contactless NFC technology, ensuring safe and seamless SSH key storage.
  • Encrypted SSH Keys with PassCypher: SSH keys stored on EviKey are encrypted using AES-256 CBC, requiring a secure password for access. This provides an extra layer of protection, ensuring credentials remain inaccessible even if the device is unlocked.
  • Multi-Factor Authentication (MFA): Combines an admin or user PIN, NFC phone UID, and a unique pairing key.
  • Advanced Security: Includes brute force detection with exponential delays after failed attempts.
  • Physical Robustness: Military-grade resin ensures resistance to tampering and environmental damage.
  • Undetectability When Locked: Notably, EviKey becomes invisible to systems when secured, preventing unauthorized detection. Explore how EviKey ensures compliance with cybersecurity standards.

For organizations managing a mix of centralized and offline credentials, EviKey offers a hybrid approach that strengthens overall security while minimizing vulnerabilities.

Backup and Recovery: Safeguarding Access

EviKey simplifies the backup and restoration of SSH keys:

  • Backup Creation: Use the associated mobile app to export encrypted backups of your private key.
  • Secure Recovery: Restore keys to a new device using NFC authentication and your unique pairing key.

For a deeper understanding of how EviKey NFC HSM protects your data and credentials, explore the complete guide to securing your data with EviKey NFC HSM.

Moreover, this ensures business continuity even if the device is lost or damaged, without compromising security.

Real-World Use Cases for EviKey:
  • Critical Infrastructure: Protect SSH keys for industrial systems that require offline, tamper-proof security.
  • Financial Institutions: Safeguard sensitive credentials against insider threats and brute force attacks.
  • Remote Work Environments: Ensure SSH keys remain isolated and secure, even when used on untrusted devices.
Proven Benefits:
  • Mitigates risks associated with secret sprawl by offering standalone, secure storage.
  • Provides a robust alternative to traditional centralized secrets management systems.
  • Enhances compliance with regulations like ISO 27001 and GDPR by offering GDPR-compliant SSH storage, ensuring personal data is handled with the utmost security.

Black Box Monitoring: Unmatched Traceability

The integrated black box feature tracks critical events like failed authentication attempts, brute force detections, and system interactions. This data is invaluable for:

  • Audits: Ensuring compliance with regulatory standards.
  • Incident Response: Quickly identifying and mitigating threats.
  • Operational Insights: Monitoring device usage for security optimization.

Compliance with SL4 Industrial Standards

The EviKey NFC HSM ensures secure SSH key storage and complies with SL4 (Security Level 4) standards under IEC 62443-3-3. This ensures:

  • Advanced Threat Resistance: Protection against physical, invasive, and non-invasive attacks.
  • Operational Integrity: Guaranteed performance under industrial-grade requirements.

Compliance reassures users of its reliability in high-stakes environments.

Energy Efficiency Through NFC Power Harvesting

A standout feature of EviKey is its NFC signal energy harvesting. This innovation:

  • Eliminates dependency on external power sources.
  • Enables lightweight and portable design.
  • Provides long-term durability, with data persistence for up to 40 years without external power.

This energy efficiency sets EviKey apart in the secure storage landscape.

When to use a hardware versus software solution?

Choosing between a hardware-based solution like EviKey and a software-based solution depends on your security needs:

  • Opt for a software-based solution if you need centralized secrets management for team collaboration or automation across distributed systems.
  • Choose EviKey for critical infrastructures, industries requiring compliance with strict regulations, or for protecting highly sensitive credentials in offline environments.

Combine both approaches for comprehensive protection, using EviKey for your most critical SSH keys and software solutions for broader operational management. Download the Fullkey app to manage your EviKey securely: Fullkey on Google Play.

How to Store and Use Your SSH Keys with EviKey NFC USB Drives for Secure SSH Key Storage

1. Generate Your SSH Key Pair

OpenSSH (Linux/macOS/Windows)
  • On Linux or macOS, use the OpenSSH client:
    ssh-keygen -t rsa -b 4096 -C "your_email@example.com"
  • For stronger security, consider generating ED25519 keys:
    ssh-keygen -t ed25519 -C "your_email@example.com"
  • On Windows, ensure OpenSSH is installed or use Windows Subsystem for Linux (WSL):
    ssh-keygen -t rsa -b 4096 -C "your_email@example.com"
PuTTYgen (Windows GUI)
  1. Download and launch PuTTYgen.
  2. Select RSA (4096-bit) or ED25519 for better security.
  3. Click Generate and follow the prompts.
  4. Save the private key () and convert it to OpenSSH format for compatibility:id_rsa
    • In PuTTYgen, go to Conversions > Export OpenSSH Key.
  5. Transfer the converted private key to EviKey:
    cp private-key-file /path-to-evikey
Git for Windows (With PassCypher HSM PGP)
  1. Install Git for Windows and open Git Bash.
  2. Generate the SSH key:
    ssh-keygen -t rsa -b 4096 -C "your_email@example.com"
  3. Transfer the private key to EviKey for secure storage:
    cp ~/.ssh/id_rsa /path-to-evikey
GitHub CLI
  1. Install the GitHub CLI.
  2. Generate a key and save it:
    ssh-keygen -t rsa -b 4096 -C "your_email@example.com"
    gh ssh-key add ~/.ssh/id_rsa.pub
  3. Transfer the private key to EviKey:
    cp ~/.ssh/id_rsa /path-to-evikey

2. Store Your Private Key on EviKey

After generating the SSH key, store it on your EviKey NFC USB drive to ensure secure storage:

  • On Linux/macOS:
    sudo mv id_rsa /media/evikey
  • On Windows, copy the key using File Explorer or the command prompt:
    cmd
    copy C:\Users\<username>\.ssh\id_rsa F:\<evikey-location>

3. Lock and Unlock with NFC

Use EviKey’s dedicated Android app for NFC-based secure operations:

  1. Lock: Approach your NFC-enabled phone to lock the device securely.
  2. Unlock: Unlock it only when needed for SSH authentication.
  3. The programmable auto-lock ensures the device secures itself after use.

Using EviKey for SSH Authentication

Local Authentication

Authenticate securely on your local machine:

ssh -p 22 root@127.0.0.1
Remote Server Authentication

Access remote servers seamlessly:

ssh -p 22 user@remote-server-ip

Each session ensures that your private key remains externalized, protected by EviKey’s advanced security mechanisms.

Expanded Use Cases for SSH Key Generation and Storage

For Developers Using WSL (Windows Subsystem for Linux)

  1. Open WSL and use OpenSSH to generate SSH keys:
    ssh-keygen -t rsa -b 4096 -C "your_email@example.com"
  2. Copy the private key to the EviKey USB device via WSL:
    cp ~/.ssh/id_rsa /mnt/c/path-to-evikey

For Teams with Centralized Systems

If you are integrating with centralized secrets management:

  • Use EviKey for your most sensitive keys while maintaining less critical keys in your centralized system.
  • Rotate and back up keys easily using EviKey’s NFC app.

Why Expand on Key Generation Methods?

Adding these methods makes your guide accessible to a wider audience, offering options for GUI-based and CLI-based workflows. Highlighting compatibility with tools like Git for Windows and PuTTYgen ensures users across various platforms can seamlessly integrate EviKey into their workflow.

Programmable Auto-Lock: Intelligent Physical Isolation

The EviKey NFC HSM USB drive stands out by offering a unique programmable auto-lock feature. This functionality ensures that the device automatically locks itself after being used for an SSH connection. Once the session ends, the key physically isolates itself from the host system, providing an additional security layer.

This automatic isolation prevents unauthorized access even if the device remains connected to the system. Combined with its contactless unlocking mechanism, the EviKey creates a virtually impenetrable barrier against cyber threats.

Key Benefits of Auto-Lock:

  • Immediate prevention of unauthorized access after usage.
  • Enhanced protection for prolonged or unattended sessions.
  • Tailored for high-security environments like critical infrastructures or financial systems.

Advanced Multi-Layer Security with PassCypher

EviKey pairs its auto-lock feature with PassCypher HSM PGP, an additional tool for securing SSH keys. With PassCypher, you can assign a password to your private SSH key, adding an extra protection layer. This means that even if someone gains physical access to the device, it remains useless without the correct password.

How PassCypher Strengthens Security:

  • Password Protection: Ensures the SSH key remains unusable without proper authentication.
  • Enhanced Encryption: Keeps private keys securely encrypted at all times.
  • User-Friendly Management: Provides an intuitive way to set up and manage passwords and private keys.
  • AES-256 CBC Encryption: Each SSH key stored on EviKey is encrypted using industry-standard AES-256 CBC encryption. Users must input the associated password to decrypt and utilize the keys, safeguarding against unauthorized access.
  • Enhanced Physical Security: Even with physical access, attackers cannot use the encrypted keys without the correct PIN and password, ensuring dual-layer security.

Comparison: EviKey vs Competitors

EviKey’s unique features surpass competitors like Nitrokey, YubiKey, and OnlyKey:

  • Contactless NFC Authentication: Exclusive to EviKey.
  • Physical Undetectability: Invisible when locked.
  • Black Box Monitoring: Comprehensive event tracking for unmatched traceability.
  • Military-Grade Protection: Superior robustness and durability.
  • AES-256 CBC with Password: Highlight EviKey’s ability to encrypt each SSH key individually using a user-defined password for unparalleled protection.

At a Glance: EviKey NFC HSM vs. the Competition

Criteria EviKey NFC with PassCypher HSM PGP Nitrokey HSM 2 YubiKey OnlyKey
Memory Not applicable (external storage: 8GB-128GB) 76 KB EEPROM 32 KB 32 KB
SSH Key Capacity Over 4 billion Up to 19 RSA-4096 keys Up to 25 resident keys Up to 24 unique offline accounts
Password Protection per Key Yes (each SSH key is secured by an additional password) No No No
Supported Algorithms RSA (2048, 3072, 4096), ECDSA (256, 384, 521), ED25519 RSA (1024, 2048, 3072, 4096), ECC (P-256, P-384, P-521), AES-256 RSA (2048, 3072, 4096), ECC (P-256, P-384) RSA (2048, 3072, 4096), ECC (P-256, P-384, P-521)
Contactless Authentication Yes, via NFC contactless authentication for secure SSH key storage No Yes, NFC or USB Yes, NFC or USB
Users for Contactless SSH & OpenSSH Unlocking Up to 6 users None 1 user 1 user
2FA / MFA Authentication Modes MFA: Android NFC-secured phone + Unique pairing key + Admin or User PIN (permanent or temporary) and/or NFC phone UID. Combined elements ensure multi-factor physical security. 2FA via PIN 2FA via PIN 2FA via PIN
Protection Against Brute Force Attacks Electronic brute force attack protection: Moreover, the auto-unpairing system includes a default limit of 3 attempts, programmable up to 13 attempts with exponential delays before permanent lock, ensuring unmatched secure SSH key storage. No No No
Detectability in Locked Mode Undetectable: EviKey is physically undetectable when locked. Nitrokey detectable YubiKey detectable. OnlyKey detectable.
Physical Security of the Device Advanced brute force protection: attack detection, exponential unpairing, physically undetectable when locked. Standard with PIN lock Standard with PIN lock Standard with PIN lock
Patents 3 international patents None None None
Electrical Protection Integrated with intelligent regulator No No No
Thermal Safeguards Functional & thermal sensors with breaker No No No
ESD Protection 27kV on data channel No No No
Physical Robustness Military-grade resin; Waterproof & Tamperproof No No No
Security from Attacks Inclusive of invasive & non-invasive threats No No No
Authentication Attempt Limit 13 (modifiable by admin) No No No
USB Port Protection Fully independent security system No No No
Contactless Security Energy Harvests energy from NFC signals No No No
Black Box Monitoring Comprehensive event tracking No No No
Fault Detection In-built self-diagnostics No No No
Memory Write Count Monitors flash memory health No No No
Data Persistence 40 years without external power No No No
Temperature Guard Ensures optimal performance No No No
Auto-lock Duration Admin-defined (seconds to minutes) No No No

Best Practices for SSH Key Management with Hardware Solutions and Comprehensive Security

The EviKey NFC HSM USB drive delivers state-of-the-art protection for SSH key storage, but ensuring complete system security requires a proactive approach. By implementing the following best practices, you can significantly reduce vulnerabilities and fortify your digital ecosystem:

  • Maintain Software and Firmware Updates

    Cybercriminals frequently exploit vulnerabilities in outdated software. Regularly update your operating systems, USB drivers, and firmware to close potential security gaps. Automate updates where possible to minimize human oversight and ensure timely patching.

  • Adopt Multi-Factor Authentication (MFA)

    For systems requiring USB-based access, enable MFA to add an additional layer of protection. Pair methods like NFC authentication with PINs, biometrics, or time-sensitive codes to enhance security and prevent unauthorized access.

  • Change Default Ports and Protocols

    Default configurations, such as using port 22 for SSH, are prime targets for attackers. Change these settings to non-standard ports and disable unused protocols. Consider adopting encrypted alternatives like SFTP over plain FTP to secure data transfers.

  • Implement Inactivity Timeouts

    Set timeouts for idle sessions involving USB devices to log out users automatically, taking advantage of programmable auto-lock for secure SSH key storage. This limits the exposure window in case the device is left unattended or forgotten. Customize session lengths based on the sensitivity of the tasks being performed.

  • Strengthen Authentication Practices

    Replace password-based systems with cryptographic methods, such as SSH keys secured by robust passphrases. Leverage EviKey’s NFC-enabled security to externalize sensitive keys and reduce exposure on local machines.

  • Restrict and Monitor Login Attempts
    Implement a strict limit on failed login attempts to mitigate brute force attacks. For added resilience, introduce exponential backoff delays between retries. Tools like Fail2Ban can automate blocking after repeated unauthorized access attempts.

  • Disable Root Login Over SSH

    Eliminate the use of root credentials for SSH access. Instead, enforce the principle of least privilege by creating restricted user accounts with limited access rights. Elevate privileges only when absolutely necessary using

  • Enable Comprehensive Logging and Alerts

    Configure detailed logging for all USB-related and system activities, including authentication attempts and configuration changes. Use Security Information and Event Management (SIEM) tools to analyze logs and set up alerts for suspicious behaviors, enabling swift responses to potential threats.

  • Minimize Attack Surface by Disabling Unused Features

    Deactivate services and features not actively in use, such as X11 Forwarding, USB debugging, or legacy protocols. Unused features often serve as entry points for attackers, so proactively removing them strengthens system security.

  • Conduct Regular Security Audits and Penetration Tests

    Schedule regular vulnerability assessments for your USB devices, operating systems, and connected systems. Employ penetration testing to simulate real-world attacks, uncover hidden weaknesses, and validate your defenses.

  • Secure Data in Transit and at Rest

    Encrypt all sensitive data using strong algorithms, whether it is being transmitted over networks or stored on NFC USB drives for secure SSH key storage. The EviKey NFC HSM USB drive already provides industrial-grade encryption, but ensure this principle extends to all aspects of your system.

  • Leverage Network Segmentation

    If USB devices access critical systems, isolate those systems on segmented networks. This limits lateral movement in the event of a breach and ensures that sensitive assets remain compartmentalized.

  • Establish Incident Response Protocols

    Develop and regularly update incident response plans to address potential breaches. This includes steps to secure USB devices, contain affected systems, and restore operations while preserving forensic evidence for investigations.

  • Use Tamper-Evident Measures

    Physically secure USB devices with tamper-evident seals or locks. Combine these measures with periodic visual inspections to detect unauthorized attempts to access or modify the device.

    By combining these best practices with the advanced security features of the EviKey NFC HSM USB drive, you demonstrate the value of hardware-based solutions for SSH key management. This approach not only protects your SSH keys but also fortifies your entire digital infrastructure against a broad range of cyber threats. Adopting such comprehensive measures is essential for staying ahead in the ever-evolving landscape of cybersecurity.

Automated Best Practices for Security

The combination of programmable auto-lock and PassCypher automates critical security best practices. This automation eliminates the risk of human error, ensuring that your SSH keys and sensitive data remain secure. By adopting EviKey’s technology, you integrate a seamless yet comprehensive approach to system protection.

Real-World Use Cases:

  • Server Administration: After completing an SSH session, the EviKey locks itself, preventing further access.
  • Remote Work Security: Professionals working from unfamiliar systems can trust that their private keys remain isolated.
  • Regulatory Compliance: EviKey’s built-in security measures help organizations meet compliance standards, such as ISO 27001 and GDPR.

Secure Your Digital World with EviKey

Protecting your SSH keys is more than just a technical task; in fact, it is a cornerstone of digital security. Moreover, the advanced features of the EviKey NFC USB drive not only empower you with robust protection but also provide unmatched flexibility and unparalleled ease of use. Whether you are managing sensitive data, securing remote access, or meeting compliance standards, EviKey consistently delivers the cutting-edge tools you need to stay ahead of evolving cyber threats.

Secure Your Digital Ecosystem

The EviKey NFC HSM USB drive is far more than a storage device; rather, it serves as a gateway to enhanced digital security. By combining offline security solutions with advanced encryption, it ensures robust protection against secret sprawl while offering GDPR-compliant SSH storage. Whether you are safeguarding SSH keys, managing sensitive credentials, or complying with strict regulations, EviKey consistently delivers unparalleled performance, ensuring your digital ecosystem remains secure and resilient.

Upgrade to EviKey NFC USB for unparalleled secure SSH key storage and advanced cybersecurity solutions. Explore our product range:

Take the next step in protecting your digital assets with EviKey.

2023, Articles, Cyberculture, EviCore HSM OpenPGP Technology, EviCore NFC HSM Browser Extension, EviCore NFC HSM Technology, Legal information, Licences Freemindtronic

Unitary patent system: why some EU countries are not on board

Posted on by FMTAD
Unitary Patent system European why some EU countries are not on board
01
Aug

Unitary patent system by Jacques Gascuel: This article will be updated with any new information on the topic.  

Why some EU countries don’t want the unitary patent

The unitary patent system promises to simplify and unify patent protection in Europe. But not all EU countries are on board. Discover why some countries like Spain have opted out and what it means for inventors.

Why some EU countries are not on board

What is the unitary patent?

The unitary patent is a new scheme that allows inventors and innovative companies to protect their inventions in 17 EU member states by filing a single request to the European Patent Office (EPO) 1. It is an alternative option to the classical European patent, which requires individual validation and maintenance in each country where the patent holder wants to benefit from protection 1. The unitary patent  entered into force on 1 June 2023, after the ratification of the Agreement on a Unified Patent Court (UPC Agreement) by 17 states participating in enhanced cooperation 2. It is expected that more EU states will join this scheme in the future 1.

The unitary patent is based on the European patent granted by the EPO under the rules of the European Patent Convention (EPC), so nothing changes in the pre-grant phase and the same high standards of quality search and examination apply. After a European patent is granted, the patent holder can request unitary effect, thereby obtaining a European patent with unitary effect (unitary patent) that provides uniform protection in initially 17 EU member states.

What is the current status of the unitary patent?

The unitary patent system is a new scheme that allows inventors and innovative companies to protect their inventions in 17 EU member states by filing a single request to the European Patent Office (EPO) . It is an alternative option to the classical European patent, which requires individual validation and maintenance in each country where the patent holder wants to benefit from protection . The unitary patent is expected to start in early 2023, after the ratification of the Agreement on a Unified Patent Court (UPC Agreement) by 17 states participating in enhanced cooperation . It is expected that more EU states will join this scheme in the future.

The UPC Agreement

The UPC Agreement is an international treaty that establishes the Unified Patent Court (UPC), a supranational specialised court that will have exclusive jurisdiction to settle disputes relating to unitary patents and European patents . The UPC Agreement was signed by 25 EU member states in 2013, but it requires the ratification by at least 13 states, including France, Germany and Italy, to enter into force.

As of June 2021, 16 states have ratified the UPC Agreement, including France and Italy . Germany has also ratified the UPC Agreement in December 2020, but its ratification is pending before the German Constitutional Court, which has received two constitutional complaints against it . The German government has expressed its intention to deposit its instrument of ratification as soon as possible after the resolution of these complaints . The UK, which was initially one of the mandatory ratifying states, has withdrawn from the unitary patent system after leaving the EU in 2020.

The main obstacle and challenges

The main remaining obstacle for the implementation of the unitary patent system is therefore the outcome of the German constitutional complaints. If they are dismissed or overcome, Germany could deposit its instrument of ratification and trigger the entry into force of the UPC Agreement within three months . However, if they are upheld or delayed, Germany could be prevented from joining the unitary patent or cause further uncertainties and complications for its launch.

Other challenges for the implementation of the unitary patentinclude the practical and logistical arrangements for the operation of the Unified Patent Court, such as the recruitment and training of judges, the establishment of IT systems and facilities, and the adoption of procedural rules and guidelines . Moreover, some legal and political issues may arise from the withdrawal of the UK from the unitary patent, such as the impact on the linguistic regime of the unitary patent, the distribution of the workload and the cases among the different divisions of the Unified Patent Court, and the compatibility of the UPC Agreement with EU law.

What are the advantages?

The unitary patent system offers several advantages for inventors and innovative companies who want to protect their innovations in the EU. Among these advantages, we can mention:

  • The simplification of the procedure: the patent holder no longer needs to carry out complex and costly procedures with national offices to validate their European patent in each country 1.
  • They only need to request unitary effect from the EPO, which is their single interlocutor 2.
  • The reduction of costs: the patent holder no longer has to pay validation fees, translation fees, representation fees or annual national fees to keep their patent in force in the countries covered by the unitary patent 1.
  • They only pay a single annual fee to the EPO, which is calculated according to a progressive scale 3.
  • The legal certainty: the patent holder benefits from a uniform protection in all countries where the unitary patent takes effect, without risk of fragmentation or divergence between national rights 1.
  • They can also enforce their rights before a supranational specialised court, the Unified Patent Court (UPC), which has exclusive jurisdiction to settle disputes relating to infringement and validity of unitary patents.

How does the unitary patent compare with other patent systems?

The unitary patent system is not the only option for obtaining patent protection in multiple countries. There are other regional or international patent systems that offer different advantages and disadvantages for inventors and innovative companies. Here are some examples:

The European Patent Convention (EPC)

The EPC is an international treaty that allows applicants to file a single application at the European Patent Office (EPO) and obtain a European patent that can be validated in up to 38 contracting states . The EPC is not affected by the unitary patent system and will continue to operate in parallel with it. The EPC offers more flexibility than the unitary patent, as applicants can choose which countries they want to validate their European patent in. However, it also involves more costs and formalities than the unitary patent, as applicants have to pay validation fees, translation fees and annual national fees in each country where they want to maintain their European patent.

The Patent Cooperation Treaty (PCT)

The PCT is an international treaty that allows applicants to file a single international application at a national or regional office and obtain an international search report and a preliminary examination report on their invention . The PCT does not grant patents directly, but facilitates the entry into national or regional phases in up to 153 contracting states . The PCT offers more time than the unitary patent system, as applicants can delay their decision on which countries they want to pursue their patent protection in for up to 30 or 31 months from the priority date . However, it also involves more complexity than the unitary patent, as applicants have to comply with different requirements and procedures in each country where they enter the national or regional phase.

The Eurasian Patent Convention (EAPC)

The EAPC is an international treaty that allows applicants to file a single application at the Eurasian Patent Office (EAPO) and obtain a Eurasian patent that can be validated in up to 8 contracting states . The EAPC is not related to the unitary patent system and operates independently from it. The EAPC offers more simplicity than the unitary patent, as applicants do not have to pay any validation fees or translation fees in the countries where they want to validate their Eurasian patent . However, it also involves more risk than the unitary paten system, as applicants cannot opt out of the jurisdiction of the Eurasian Court of Patent Disputes, which can invalidate their Eurasian patent in all contracting states.

How Freemindtronic’s international patents are related to the unitary patent

Freemindtronic is an Andorran company that creates innovative solutions for security, cyber-security and counter-espionage, using contactless technology (NFC). We have several inventions that are protected by international patents in the fields of embedded systems, access control and segmented key authentication. For example, our patented technologies EviCore NFC HSM, which manage encryption keys in an NFC HSM device, EviCore HSM OpenPGP, which manage encryption keys in a security element of phones, EviVault NFC HSM Cold Wallet operating without contact, EviKey NFC a contactless secured USB key and the technology EviCypher NFC HSM which encrypts all types of data. These technologies implement our patents and especially the one based on the segmented key authentication system. The latter received the gold medal of international inventions of Geneva 2021.

Our patent options

Our patents are based on the European patent granted by the European Patent Office (EPO) under the rules of the European Patent Convention (EPC). Therefore, we could benefit from the unitary patent system, which is a new scheme that allows inventors and innovative companies to protect their inventions in 17 EU member states by filing a single request to the EPO. However, we would also have to consider the disadvantages and risks of the unitary patent, such as the risk of total invalidation, the lack of flexibility and the exclusion of some countries. Moreover, we would have to deal with the legal issues of the unitary patent for non-participating countries, such as cross-border infringement cases and jurisdictional conflicts.

Our patent strategy

We have opted for the unitary patent only for our segmented key authentication system, and we have added some non-participating countries to our other European patents. The reasons behind this choice are related to our market strategy, our innovation potential and our risk assessment. For instance, we have decided to use the unitary patent for our segmented key authentication system because we consider it as our core invention and we want to protect it in a uniform and effective way in most EU countries. On the other hand, we have decided to add some non-participating countries to our other European patents because we want to preserve our flexibility and avoid possible invalidation challenges in those countries.

Conclusion

Our international patents are relevant examples of how the unitary patent system can affect inventors and innovative companies in Europe, both positively and negatively. They illustrate the opportunities and challenges that the unitary patent poses for innovation and competitiveness in the EU.

How can legal issues of the unitary patent for non-participating countries be resolved?

The legal issues of the unitary patent system for non-participating countries are complex and not yet fully resolved. One of the main questions is how to deal with cross-border infringement cases involving unitary patents and national patents. For instance, if an inventor from a non-participating country, such as Spain, wants to enforce his rights on his classic European patent in a participating country, such as France, where a unitary patent holder claims to infringe his patent, which law should he consider? Well, the question is not easy to answer, because he will have to take into account many international standards. In the end, this very important aspect will be “subjected” to a very complex situation that will necessarily be defined with the successive application of the law.

Another question is how to ensure a fair balance between the rights and obligations of unitary patent holders and national patent holders in non-participating countries. For example, if a unitary patent holder wants to enforce their rights in a non-participating country, such as Poland, where a national patent holder is allegedly infringing their patent, which court should they go to? Well, the answer is not clear, as it will depend on the interpretation and application of various international agreements. In principle, the unitary patent holder should go to the national court of Poland, but they may face some difficulties or disadvantages in comparison with the national patent holder, such as higher costs, longer procedures or different standards of proof.

One possible way to resolve these legal issues is to harmonise the rules and practices of the unitary patent and the national patent systems in Europe. This could be achieved by adopting common standards and guidelines for patent examination, grant, validity and enforcement, as well as by establishing mechanisms for cooperation and coordination between the UPC and the national courts. Another possible way is to extend the scope and coverage of the unitary patent and the UPC to all EU member states and other EPC contracting states. This could be achieved by encouraging and facilitating their participation in the enhanced cooperation and ratification of the UPC Agreement.

However, these solutions may face some practical and political challenges, such as the lack of consensus or willingness among the different stakeholders, the respect for national sovereignty and diversity, or the compatibility with EU law and international obligations. Therefore, it is important that the unitary patent and its legal implications are carefully monitored and evaluated, and that its benefits and drawbacks are balanced and communicated to all parties involved.

What are the disadvantages?

The unitary patent system is not without disadvantages for some actors in the patent market. Among these disadvantages, we can mention:

  • The risk of total invalidation: the patent holder faces the possibility that their patent will be cancelled in all countries where it takes effect, if the UPC finds that it does not meet the requirements of patentability. They do not have the possibility to limit or amend their patent to avoid this fatal outcome.
  • The lack of flexibility: the patent holder cannot choose the countries where they want to protect their invention, nor renounce their patent in some countries to avoid paying fees or to circumvent legal obstacles. They must accept or refuse unitary effect as a whole.
  • The exclusion of some countries: the patent holder cannot benefit from protection in all EU member states, since some countries have decided not to participate in the unitary patent or have not yet ratified the UPC Agreement 1.
  • This is notably the case of Spain, which is one of the few EU countries that does not intend to be part of the unitary patent

What are the best practices or strategies for using or avoiding the unitary patent?

The unitary patent system offers a new opportunity for inventors and innovative companies who want to protect their inventions in Europe. However, it also poses some challenges and risks that need to be carefully considered. Depending on their needs and goals, they may decide to use or avoid the unitary patent, or to combine it with other patent systems. Here are some factors to consider when making this decision:

The scope of protection

The unitary patent system provides a uniform protection in 17 EU member states, which may cover a large part of the European market. However, it does not cover all EU member states, nor non-EU countries that are part of the EPC or the PCT. Therefore, inventors and innovative companies should assess whether the unitary patent covers their target markets, or whether they need to seek additional protection in other countries.

The cost of protection

The unitary patent reduces the cost of protection in Europe, as it eliminates the need to pay validation fees, translation fees and annual national fees in each country where the unitary patent takes effect. However, it also introduces a single annual fee for the unitary patent, which is calculated according to a progressive scale . Therefore, inventors and innovative companies should compare the cost of the unitary patent with the cost of other patent systems, and consider whether they need protection in all countries covered by the unitary patent, or whether they can save money by choosing a smaller number of countries.

The risk of invalidation

The unitary patent increases the risk of invalidation in Europe, as it exposes the unitary patent to a single challenge before the UPC, which can invalidate it in all countries where it takes effect. Moreover, the UPC is a new court that may have some uncertainties and inconsistencies in its interpretation and application of the law. Therefore, inventors and innovative companies should evaluate the strength and validity of their inventions, and consider whether they want to avoid this risk by opting out of the UPC for their European patents, or by using other patent systems that allow them to limit or amend their patents in case of invalidation challenges.

The enforcement of rights

The unitary patent facilitates the enforcement of rights in Europe, as it allows the holders of unitary patents to sue infringers before the UPC, which can grant pan-European injunctions and damages. However, it also exposes them to counterclaims for invalidity before the UPC, which can invalidate their unitary patents in all countries where they take effect. Therefore, inventors and innovative companies should assess the likelihood and impact of infringement and invalidity actions, and consider whether they want to benefit from this facilitation by opting in to the UPC for their European patents, or whether they want to retain more control over their litigation strategy by using national courts or other patent systems.

Why do some EU countries not want to join the unitary patent

The reasons for some EU countries’ exclusion from the unitary patent are diverse. Spain, for example, considers that the linguistic regime of the unitary patent, which relies on the three official languages of the EPO (English, French and German), is discriminatory and harms its economic and cultural interests. It believes that Spanish, which is the second most spoken native language in the world, should be recognised as an official language of the unitary patent, or at least, that the holders of unitary patents should be required to provide a full translation in Spanish of their patents. It also fears that the unitary patent will strengthen the dominant position of the English-speaking and German-speaking countries in the field of innovation and will reduce the development opportunities of Spanish companies.

Croatia, on the other hand, has not joined enhanced cooperation for setting up the unitary patent, because it joined the EU after the launch of this initiative. However, it has expressed its interest in joining the unitary patent in the future.

Poland and the Czech Republic have participated in enhanced cooperation, but have not signed or ratified the UPC Agreement, which is a prerequisite for being part of the unitary patent 2. These countries have invoked economic and legal reasons to justify their withdrawal. Poland has estimated that the unitary patent would have a negative impact on its national budget and on its competitiveness. The Czech Republic has expressed doubts about the compatibility of the unitary patent with EU law and about the quality of automatic translations .

Slovakia has also participated in enhanced cooperation, but has opposed the regulation on the unitary patent and has challenged it before the Court of Justice of the EU (CJEU). It has argued that the regulation was contrary to the principle of equal treatment between the member states and the official languages of the EU. It has also questioned the legal basis of the regulation and its respect for national competences in the field of industrial property. The CJEU rejected its request in 2015.

Hungary has ratified the UPC Agreement in 2018, but has denounced it in 2020, following a decision of its Constitutional Court that declared that the Agreement was incompatible with its Constitution. The Court considered that the Agreement infringed on Hungary’s sovereignty in the matter of intellectual property and that it violated the principle of separation of powers by entrusting the settlement of disputes relating to patents to a supranational court not integrated into the Hungarian judicial system.

Here is a table that summarizes that gives the list of European countries that accept the unitary patent and the European countries that have excluded themselves from the unitary patent:

Country Status Reason
Germany Accepts Participates in enhanced cooperation and has ratified the UPC Agreement
Austria Accepts Participates in enhanced cooperation and has ratified the UPC Agreement
Belgium Accepts Participates in enhanced cooperation and has ratified the UPC Agreement
Bulgaria Accepts Participates in enhanced cooperation and has ratified the UPC Agreement
Cyprus Accepts Participates in enhanced cooperation and has ratified the UPC Agreement
Croatia Excluded Has not joined enhanced cooperation
Denmark Accepts Participates in enhanced cooperation and has ratified the UPC Agreement
Spain Excluded Has opposed enhanced cooperation and has challenged the linguistic regime of the unitary patent
Estonia Accepts Participates in enhanced cooperation and has ratified the UPC Agreement
Finland Accepts Participates in enhanced cooperation and has ratified the UPC Agreement
France Accepts Participates in enhanced cooperation and has ratified the UPC Agreement
Greece Accepts Participates in enhanced cooperation and has ratified the UPC Agreement
Hungary Excluded Has ratified the UPC Agreement but has denounced it following a decision of its Constitutional Court
Ireland Accepts Participates in enhanced cooperation but has not yet ratified the UPC Agreement
Italy Accepts Participates in enhanced cooperation and has ratified the UPC Agreement
Latvia Accepts Participates in enhanced cooperation and has ratified the UPC Agreement
Lithuania Accepts Participates in enhanced cooperation and has ratified the UPC Agreement
Luxembourg Accepts Participates in enhanced cooperation and has ratified the UPC Agreement
Malta Accepts Participates in enhanced cooperation and has ratified the UPC Agreement
Netherlands Accepts Participates in enhanced cooperation and has ratified the UPC Agreement
Poland Excluded Participates in enhanced cooperation but has not signed or ratified the UPC Agreement
Portugal Accepts Participates in enhanced cooperation and has ratified the UPC Agreement
Czech Republic Excluded Participates in enhanced cooperation but has not signed or ratified the UPC Agreement
Romania Accepts Participates in enhanced cooperation but has not yet ratified the UPC Agreement
Slovakia Excluded Has opposed enhanced cooperation and has challenged the regulation on the unitary patent
Slovenia Accepts Participates in enhanced cooperation and has ratified the UPC Agreement
Sweden Accepts Participates in enhanced cooperation and has ratified the UPC Agreement

What are the consequences of these countries’ exclusion from the unitary patent?

The exclusion of these countries from the unitary patent has consequences for both the holders of unitary patents and the national patent holders in these countries. For the holders of unitary patents, this means that they cannot protect their inventions in these countries through the unitary patent, but they have to resort to the classical European patent or the national patent . They therefore have to bear the costs and formalities related to the validation and maintenance of their patent in these countries, as well as the risks of a fragmented protection and legal uncertainty . For the national patent holders in these countries, this means that they cannot benefit from the advantages of the unitary patent, but they have to face the increased competition of the holders of unitary patents in the other EU countries . They also have to adapt to the rules and procedures of the UPC, which can be seized by the holders of unitary patents to assert their rights against them or to challenge the validity of their classical European patents .

What are the legal issues of the unitary patent for non-participating countries?

The legal issues of the unitary patent system for non-participating countries are complex and not yet fully resolved. One of the main questions is how to deal with cross-border infringement cases involving unitary patents and national patents. For example, if an inventor from a non-participating country, such as Spain, wants to exercise their rights on their classical European patent in a participating country, such as France, where a unitary patent holder is allegedly infringing their patent, which law should they take into account? Well, the question is not easy to answer, as it will have to take into account many international norms. In the end, this very important aspect will be “subjected” to a very complex situation that will necessarily be defined with the successive application of the law.

Another question is how to ensure a fair balance between the interests of the holders of unitary patents and those of national patent holders in non-participating countries. For instance, if a national patent holder in Spain wants to challenge the validity of a unitary patent that covers an invention similar to theirs, how can they do so without having to go before the UPC, which may not be accessible or convenient for them? Conversely, if a unitary patent holder wants to enforce their rights against a national patent holder in Spain who is allegedly infringing their patent, how can they do so without having to go before a national court that may not be familiar or favourable with the unitary patent? These questions raise issues of jurisdiction, recognition and enforcement of judgments, as well as substantive law harmonisation.

These legal issues are likely to generate uncertainty and litigation for both unitary patent holders and national patent holders in non-participating countries. They may also create barriers and distortions in the internal market and affect innovation and competitiveness. Therefore, it is desirable that these issues are addressed and clarified as soon as possible, either by legislative or judicial means.

Conclusion

The unitary patent is a new scheme that offers a simplified, economical and uniform protection in 17 EU member states. It is accompanied by a Unified Patent Court, which has exclusive jurisdiction to settle disputes relating to unitary patents. The unitary patent has advantages and disadvantages for inventors and innovative companies, depending on their strategy and market. Spain is one of the few EU countries that does not intend to join the unitary patent, mainly for linguistic reasons. Its exclusion has consequences for both unitary patent holders and Spanish actors in the patent market. The unitary patent also raises legal issues for non-participating countries, which are not yet fully resolved.

In conclusion, the unitary patent system is a major innovation in the field of intellectual property in Europe, but it also poses significant challenges for its implementation and acceptance. It aims to foster innovation and competitiveness in the EU, but it also creates disparities and conflicts between participating and non-participating countries. It offers a simplified and uniform protection for inventors and innovative companies, but it also exposes them to risks and uncertainties in cross-border litigation. It is therefore important that the unitary patent is carefully monitored and evaluated, and that its benefits and drawbacks are balanced and communicated to all stakeholders.

(1) https://www.epo.org/applying/european/unitary/unitary-patent.html

(2) https://www.epo.org/applying/european/unitary.html

(3) https://www.gov.uk/guidance/the-unitary-patent-and-unified-patent-court

2023, EviOTP NFC HSM Technology, EviPass NFC HSM technology, EviPass Technology, NFC HSM technology, PassCypher

PassCypher NFC HSM: Secure and Convenient Password Management

Posted on by FMTAD
PassCypher NFC HSM contactless hardware password manager Freemindtronic Technology from Andorra
29
Jun

PassCypher NFC HSM by Jacques Gascuel This article will be updated with any new information on the topic, and readers are encouraged to leave comments or contact the author with any suggestions or additions.

Discover Secure Password Management with PassCypher NFC HSM and PassCypher Pro NFC HSM

Protect your passwords with innovative solutions from PassCypher. From contactless management to invention patents, enhanced security, and versatility, find out how PassCypher provides you with a convenient and secure solution for password management. Don’t let data vulnerability be a concern anymore. Dive into our dedicated article on PassCypher products and take control of your password security.

Certificat de finaliste du DataShielder Auth NFC HSM pour le Produit de Cyberdéfense de l'Année 2024 aux National Cyber Awards

2024 Distinction Excellence Press release

Produit de Cyberdéfense de l’Année : Freemindtronic Finaliste aux National Cyber Awards 2024
August 6, 2024
DataShielder Auth NFC HSM by Freemindtronic – Finalist for Cyber Defence Product of the Year 2024

2024 Distinction Excellence Press release

Cyber Defence Product of the Year: Freemindtronic Finalist at National Cyber Awards 2024
August 5, 2024
Eurosatory 2024 Technology Clusters promotional image showcasing Freemindtronic's Hall 5B - booth A-199 DataShielder NFC HSM PGP innovation with DNA-based encryption and authentication.

2024 Eurosatory Events Exhibitions Press release

Eurosatory 2024 Technology Clusters: Innovation 2024 DataShielder Defence
May 14, 2024
Freemindtronic's Legacy: Rediscovering Excellence

Articles Electronics News Press release Technologies

Freemindtronic’s Legacy: Rediscovering Excellence
September 21, 2023
evistealth FOMEC FFOMECBLOT Camouflage Furtif Anonymat

2022 CyberStealth Eurosatory Press release

EviStealth Technology at Eurosatory 2022
June 9, 2022
Cyber Computer Laptop EviCypher technology embedded contactless NFC hardware from Freemindtronic andorra Eurosatory 2022 exhibition picture web edition

2022 Cyber Computer Eurosatory Press release

Cyber Computer at Eurosatory 2022
June 9, 2022
Contactless double strongbox with enslaving access evicypher nfc rugged secure usb storage technology

2022 Contactless Dual Strongbox Eurosatory Press release

The Contactless Dual Strongbox for sensitive data at Eurosatory 2022
June 9, 2022
Europe1 EviCypher the French invention to fight against cyber attacks

Europe1 News Press

Europe1 EviCypher, the French invention to fight against cyber attacks
April 11, 2022

Discover our other articles on digital security

PassCypher NFC HSM and PassCypher Pro NFC HSM: Secure and Convenient Password Management

Introduction

PassCypher offers a range of contactless hardware password managers known as PassCypher NFC HSM and PassCypher Pro NFC HSM. These products are protected by three invention patents and incorporate EviPass, EviOTP, and EviCore NFC HSM technologies, along with Freemindtronic’s NFC HSM devices, EviTag, and Evicard. PassCypher allows you to securely and conveniently store and manage passwords, one-time passwords (OTP), and HMAC-based passwords. It eliminates the need for a power source or internet connection. Additionally, PassCypher features a built-in RSA 4096 key manager with a random generator capable of changing the key up to one million times without any risk of error. It seamlessly works on Android NFC-enabled phones with fingerprint access control and is compatible with computers supporting Chromium-based or Firefox-based web browsers with autofill and auto login functionalities. For computer use, users need to install the PassCypher NFC Web Browser Extension and EviDNS software, which acts as a hotspot for pairing the extension with the PassCypher NFC HSM application through the local network. PassCypher is not compatible with Safari.

 

Features and Benefits

PassCypher’s web browser extension offers several convenient features, including:

Management of Paired Phones

With PassCypher, you can easily manage the phones paired with the EviCore NFC HSM for Web Browser extension. You can add phones to the list of paired devices, manage favorites, make direct calls, and delete paired phones.

Create a New Label (Secret)

PassCypher enables you to create labels containing sensitive information such as login IDs, passwords, OTPs, or HOTPs. You can define the name of the label and use an intelligent random password generator for login IDs and segmented keys. Additionally, PassCypher allows you to create a compatible QR Code for each label.

Digital Post-it

Retrieve labels from the NFC HSM in clear text using the Digital Post-it feature. This enables you to manually use the information for copying and pasting, including login IDs.

Free Tools: Advanced Password Manager

PassCypher offers a real-time entropy state bar based on Shannon’s mathematical function and a passphrase generator. It also includes various features such as checking if your password has been compromised in a data breach, generating personalized password and segmented key labels, and fetching login credentials and cloud keys.

Authenticator Sandbox

The Authenticator Sandbox function provides automatic anti-phishing protection by verifying the URL before authorizing auto-filling login fields. It leverages EviCore NFC HSM technology to store the URL during the first automatic login to a favorite site. Upon subsequent logins, PassCypher checks if the URL matches the auto-login request, ensuring seamless and secure authentication.

Segmented Key Generator

PassCypher introduces an innovative segmented key generator that requires multiple parties to reconstruct the key. The extension automatically populates the appropriate fields for each key component, ensuring the key’s integrity and security.

Pwned Function (Enhanced Cybersecurity)

Pwned offers proactive monitoring for online credentials. By leveraging a database of compromised usernames and passwords, PassCypher securely checks if your login information has been compromised in past data breaches. This feature helps prevent identity theft by promptly alerting you to compromised credentials and enabling you to change your password immediately.

Secret Phrase Generator (Passphrase)

Generate mnemonic phrases with basic salting using PassCypher’s Secret Phrase Generator. You can customize the number of words in your passphrase and choose special characters for separation. The real-time entropy control based on Shannon’s mathematical function enhances the security of your passphrases.

 

Advantages of PassCypher

PassCypher offers numerous advantages to its users:

  1. High-level Security: High-level security: PassCypher provides optimal security with AES 256-bit segmented key post-quantum encryption in NFC HSM memories, zero-knowledge architecture, patented technology and an integrated RSA 4096 key that enhances share security and remote backup of OTP passwords, segmented keys and secret keys.
  2. User-Friendly: PassCypher is easy to use with its contactless NFC card or tag, which can be conveniently placed on smartphones, computers, or other compatible devices.
  3. Environmentally Friendly and Cost-effective: PassCypher eliminates the need for batteries, cables, or power sources, making it eco-friendly and cost-effective.
  4. Versatility: PassCypher can manage passwords, OTPs, and HOTPs, providing two-factor authentication capabilities.
  5. Compatibility: PassCypher is compatible with various operating systems (Windows, Linux, MacOS, Android, iOS) and web browsers based on Chromium or Firefox.
  6. One-time Purchase: There are no financial commitments or subscriptions required to purchase PassCypher products.
  7. Absolute Anonymity: PassCypher follows the principles of zero-trust and plug-and-play, requiring no account creation or collection of personal or hardware information. It ensures complete user anonymity.
  8. Built-in Black Box: The NFC HSM Tag and Card devices feature a black box that records certain events, such as the number of incorrect password attempts, providing traceability and security.
  9. Air Gap Functionality: PassCypher operates in an air gap mode, independent of servers or secret databases. It securely stores all data in real-time on the volatile memory of the phone or computer.
  10. Physically Decentralized Authenticator Sandbox: The Authenticator Sandbox autofill and auto login feature is securely stored within the Evicypher application on Android phones. This allows for extreme portability across multiple computers, utilizing the energy harvested from the phone’s NFC signal without contact.
Freemindtronic win awards 2021 Next-Gen in Secrets Management with EviCypher & EviToken Technologies
Freemindtronic win awards 2021 Most Innovative in Hardware Password Manager with EviCypher & EviToken Technologies

Freemindtronic Receives Global InfoSec Awards for Innovative PassCypher NFC HSM Technology

Freemindtronic, the proud developer of PassCypher NFC HSM, has been recognized as a winner of the prestigious Global InfoSec Awards during the RSA Conference 2021. The company was honored with three awards, including the titles of “Most Innovative Hardware Password Manager” and “Next-Gen in Secrets Management” by Cyber Defense Magazine. This achievement highlights Freemindtronic’s commitment to delivering cutting-edge cybersecurity solutions. With PassCypher NFC HSM’s advanced technology, users can enjoy secure and convenient password management. Join us as we celebrate this remarkable accomplishment and learn more about the exceptional features that make PassCypher a standout choice for safeguarding sensitive information.

Disadvantages of PassCypher

Despite its many advantages, PassCypher has a few limitations:

  1. NFC Device Requirement: PassCypher requires an NFC-compatible device to function, which may limit its use on certain devices or in specific situations.
  2. Risk of Loss or Theft: Like any portable device, PassCypher can be lost or stolen, necessitating backup and recovery measures.
  3. Incompatibility with Safari: PassCypher is not compatible with the Safari browser, which may be inconvenient for Mac or iPhone users.

Lifecycle

PassCypher has an exceptionally long lifecycle, estimated to be over 40 years without maintenance or a power source. It can handle up to 1,000,000 guaranteed error-free read/write cycles, equivalent to daily use for over a millennium. PassCypher is designed to withstand extreme temperatures ranging from -40°C to +85°C. It is also resistant to shocks, scratches, magnetic fields, X-rays, and its TAG version is enveloped in military-grade resin, surpassing IP89K standards for superior waterproofing. As a result, PassCypher offers exceptional durability and resilience against external factors.

Comparison with Competitors

PassCypher stands out from its competitors in several ways:

  1. Contactless Hardware Manager: PassCypher is the only password manager that operates without requiring physical contact, providing a more convenient and hygienic solution compared to USB keys or biometric readers.
  2. Patent Protection: PassCypher is protected by three international invention patents, ensuring exclusivity and reliability compared to other solutions in the market.
  3. Innovative Technology: PassCypher incorporates EviPass, EviOTP, and EviCore NFC HSM technologies, along with Freemindtronic’s NFC HSM devices, EviTag and Evicard, providing unparalleled performance and features.
  4. RSA 4096 Key Manager: PassCypher is the only password manager that offers an RSA 4096 key manager with a random generator, allowing for one million key changes without the risk of error. This provides an additional level of security and flexibility..
  5. Value Proposition for Customers: PassCypher brings significant value to its customers by enabling them to:
    • Protect their data: PassCypher ensures the security of personal and professional data, guarding against hacking, theft, or loss.
    • Simplify password management: PassCypher centralizes the management of passwords and access codes, offering a user-friendly solution for securely handling them.
    • Securely access online accounts: PassCypher enables secure access to online accounts, even without an internet connection or power source.
    • Benefit from innovative technology: By choosing PassCypher, customers gain access to innovative and patented technology developed by Freemindtronic, a leading company in the NFC HSM field.
    • Flexibly secure secrets: PassCypher offers various options for securely backing up secrets, including cloning between NFC HSM devices (EviCard or EviTag), partial or complete copying between nearby or remote devices using RSA 4096 public key encryption, or encrypted archiving on any encrypted storage media using the RSA 4096 public key of an NFC HSM EviCard or EviTag. This flexibility provides peace of mind and adaptability to customers.
    • Choose the appropriate storage format: PassCypher is available in three different formats with varying secret storage capacities, allowing customers to choose the one that best suits their needs and budget.
    • Multilingual Support: The PassCypher Android application and web browser extension are available in 14 different languages. Users can use PassCypher in their preferred language, including Arabic (AR), Catalan (CA), Chinese (CN), German (DE), English (EN), Spanish (ES), French (FR), Italian (IT), Japanese (JA), Portuguese (PT), Romanian (RO), Russian (RU), Ukrainian (UK), and Bengali (BIN). This feature provides a personalized experience and facilitates the use of PassCypher in various international contexts.

Comparison with Competitors

To better understand the advantages of PassCypher compared to other solutions in the market, here is a comparative table:

Features PassCypher NFC HSM Competitor A Competitor B
Contactless Management Yes Yes No
Invention Patents Yes (3 international patents) No Yes (1 national patent)
NFC HSM Technology Yes (EviPass, EviOTP, EviCore) No Yes (proprietary technology)
RSA 4096 Key Manager Yes No Yes (RSA 2048 key)
Versatility Passwords, TOTP, HOTP, Fingerprint Passwords Passwords, Fingerprint
OS Compatibility Windows, Linux, MacOS, Android, iOS Windows, MacOS Windows, Linux, MacOS, Android
Browser Compatibility Chromium- or Firefox-based browsers Chrome, Firefox, Safari Chrome, Firefox
One-Time Purchase Yes Subscription Yes
Data Protection AES 256-bit, Zero-knowledge architecture for NFC memory AES 128-bit AES 256-bit, ECC, RSA 4096
Virtual Keyboard Support USB Bluetooth Multilingual No No
Biometric Authentication Fingerprint (from NFC-enabled phone) No Fingerprint (selected devices)
RSA-4096 Key Regeneration Yes (up to 1 million times without errors) N/A N/A
PassCypher Pro Compatibility All OS, Computers, TVs, NFC-enabled phones Limited compatibility Limited compatibility

This table highlights the unique features of PassCypher, such as contactless management, invention patents, NFC HSM technology, RSA 4096 key manager, and extensive compatibility with operating systems and browsers. Compared to competitors, PassCypher offers superior versatility, enhanced security, and flexibility in purchasing options.

Comparison with Competitors

PassCypher stands out from its competitors in several key aspects. Let’s compare PassCypher NFC HSM and PassCypher Pro NFC HSM with two major competitors in the market, Competitor A and Competitor B.

PassCypher NFC HSM vs. Competitor A

PassCypher NFC HSM offers contactless management, protected by three international invention patents, and utilizes advanced NFC HSM technology (EviPass, EviOTP, EviCore). It includes an RSA 4096 key manager, enabling secure key changes and flexibility. PassCypher NFC HSM supports passwords, OTPs, and HOTPs for versatile authentication. It is compatible with various operating systems and browsers, including Windows, Linux, MacOS, Android, and iOS, as well as Chromium and Firefox. PassCypher NFC HSM is available for one-time purchase, providing long-term value and eliminating subscription fees. With AES 256-bit data protection and a zero-knowledge architecture, PassCypher ensures the highest level of security.

In comparison, Competitor A also offers contactless management and AES 128-bit data protection. However, it lacks the extensive patent protection, advanced NFC HSM technology, and RSA 4096 key manager provided by PassCypher. Additionally, Competitor A may have limited compatibility with operating systems and browsers, restricting its usability for some users.

PassCypher NFC HSM vs. Competitor B

PassCypher NFC HSM surpasses Competitor B with its contactless management, three international invention patents, and NFC HSM technology (EviPass, EviOTP, EviCore). It includes an RSA 4096 key manager for secure and flexible key changes. PassCypher NFC HSM supports passwords, OTPs, and HOTPs, providing versatile authentication options. It offers compatibility with a wide range of operating systems and browsers, including Windows, Linux, MacOS, Android, and iOS, as well as Chromium and Firefox. The one-time purchase model of PassCypher NFC HSM eliminates ongoing subscription fees. With AES 256-bit data protection and a zero-knowledge architecture, PassCypher ensures the utmost security for user data.

In comparison, Competitor B offers contactless management, AES 256-bit data protection, and compatibility with multiple operating systems. However, it lacks the advanced NFC HSM technology, invention patents, and RSA 4096 key manager offered by PassCypher, limiting its capabilities and security features.

Conclusion

PassCypher NFC HSM and PassCypher Pro NFC HSM are cutting-edge solutions for secure and convenient password management. With advanced NFC HSM technology, patent protection, and versatile features, PassCypher offers unparalleled security and flexibility. Whether it’s protecting personal or professional data, simplifying password management, or securely accessing online accounts, PassCypher provides a comprehensive solution.

By choosing PassCypher, users gain access to innovative technology, a one-time purchase model, and multilingual support. PassCypher’s ability to securely back up secrets and its compatibility with various operating systems and browsers further enhance its appeal. In comparison to its competitors, PassCypher demonstrates superior versatility, advanced security measures, and a user-friendly approach.

Discover the next level of password management with PassCypher NFC HSM and PassCypher Pro NFC HSM, and experience the peace of mind that comes with secure and convenient password management.

To contact us click here

2023, Articles, Cyberculture, Technologies

NRE Cost Optimization for Electronics: A Comprehensive Guide

Posted on by FMTAD
NRE cost optimization for electronics digital computer cyber security by Freemindtronic from Andorra
21
Jun

NRE Cost Optimization for Electronics by Jacques Gascuel This article will be updated with any new information on the topic, and readers are encouraged to leave comments or contact the author with any suggestions or additions.

Summary

NRE cost optimization for electronics is a key factor for ensuring the profitability of electronic product development. NRE cost can be reduced by using different levers and tools, such as optimizing the V-cycle, the WBS, and the schedule, and using the TRL scale to assess the maturity of technologies. Freemindtronic is an example of a company that uses these techniques to optimize NRE cost for its electronic products with PCB, which are based on its patented technologies and offered under license and white label services.

Cardokey NFC vCard Business: Edit, Read, and Import Contacts Seamlessly on iPhone.

2024 Articles Cardokey EviSwap NFC NDEF Technology GreenTech Technical News

NFC vCard Cardokey: Revolutionizing Digital Networking
March 25, 2024
Digital image showing a confused user at a computer surrounded by complex password symbols

2024 Articles Cyberculture EviPass Password

Human Limitations in Strong Passwords Creation
January 22, 2024
SSH handshake with Terrapin attack and EviKey NFC HSM

2024 Articles Digital Security EviKey NFC HSM EviPass News SSH

Terrapin attack: How to Protect Yourself from this New Threat to SSH Security
January 11, 2024
Telegram and the information war in Ukraine

2023 Articles Cyberculture EviCypher NFC HSM News Technologies

Telegram and the Information War in Ukraine
January 5, 2024
Ledger Security Breaches from 2017 to 2023: How to Protect Yourself from Hackers

Articles Crypto Currency Cryptocurrency Digital Security EviPass Technology NFC HSM technology Phishing

Ledger Security Breaches from 2017 to 2023: How to Protect Yourself from Hackers
December 16, 2023
TETRA Security Vulnerabilities secured by EviPass or EviCypher NFC HSM Technologies from Freemindtronic-Andorra

Articles Digital Security EviCore NFC HSM Technology EviPass NFC HSM technology NFC HSM technology

TETRA Security Vulnerabilities: How to Protect Critical Infrastructures
November 27, 2023
FormBook Malware: how to protect your gmail and other data

2023 Articles DataShielder Digital Security EviCore NFC HSM Technology EviCypher NFC HSM EviCypher Technology NFC HSM technology

FormBook Malware: How to Protect Your Gmail and Other Data
November 23, 2023
Dual-Use encryption products a regulated trade for security and human rights by Freemindtronic-from Andorra

Articles EviCore NFC HSM Technology legal News Training

Dual-Use Encryption Products: a regulated trade for security and human rights
November 17, 2023

Discover our other articles on digital security

Efficient NRE Cost Optimization for Electronics

NRE Cost Optimization, in the field of electronic product development, plays a central role. This one-time cost, associated with designing, testing, and developing a new product, has a direct impact on the product’s unit cost and the profit margin. Therefore, estimating and optimizing NRE cost are essential for ensuring the project’s viability and profitability.

NRE cost depends on several factors, such as:

  • The complexity and size of the product
  • The quantity and frequency of the orders
  • The technology, tools, and methods used for designing, manufacturing, and testing the product
  • The software associated with the product
  • The royalty fee paid to the technology provider

The complexity and size of the product can drive up the costs due to the increase in material and labor costs. On the other hand, larger and repeated orders can reduce the NRE cost per unit, as fixed costs are distributed over more units.

In this article, we will explain how to calculate NRE cost for electronic products with PCB (printed circuit boards), which are the core components of any electronic device. We will also present three main levers to reduce NRE cost for electronic products with PCB: optimizing the V-cycle, optimizing the WBS (work breakdown structure), and accelerating schedule. Finally, we will introduce the TRL scale (technology readiness level scale), a tool that can help you optimize NRE cost for electronic products with PCB by assessing and comparing the maturity of different technologies.

We will also show you how Freemindtronic, an Andorran company specialized in security and cybersecurity of computer systems and information systems, uses the TRL scale to optimize NRE cost for its electronic products with PCB. Freemindtronic also offers its technologies under license, including international patents, and provides white label product creation services.

NRE cost optimization for electronics digital cyber security by Freemindtronic from Andorra

How to Calculate NRE Cost for Electronic Products with PCB?

To optimize NRE cost for electronic products with PCB, you need to know how to calculate it. NRE cost can be divided into four main categories:

  • Design cost: this includes the software tools for CAD (computer-aided design), licenses, salaries of designers, etc.
  • Fabrication cost: this includes the materials, equipment, tools, personnel, etc. for manufacturing the electronic components and assembling them into a product.
  • Test cost: this includes the measurement devices, test software, salaries of testers, etc. for verifying the functionality and quality of the product.
  • Software cost: this includes the firmware, drivers, embedded systems, applications, extensions, etc. associated with the product.
  • Royalty cost: this includes the fee paid to the technology provider for using their technology in the product.

To calculate NRE cost for electronic products with PCB, you need to estimate the time and resources required for each category. You can use historical data from previous projects or industry benchmarks as references. You can also use online calculators or software tools to help you estimate NRE cost.

In addition to these categories, you also need to consider the software associated with the PCB,

which ensure its functionality and interaction with the user or other systems. The software associated with the PCB include:

  • Firmware: they are embedded in the PCB and control the behavior of the electronic components. They are usually written in low-level (assembler) or intermediate-level (C, C++, etc.) languages. They are specific to the product and must be adapted to the characteristics of the PCB and the electronic components.
  • Drivers: they are installed on the computer or system that communicates with the PCB. They allow the system to recognize the PCB and transmit data between the PCB and the system. They are usually written in high-level (C#, Java, Python, etc.) languages. They must be compatible with the operating system and communication protocol used.
  • Embedded systems: they are installed on the PCB or on another support (memory card, hard disk, etc.). They allow to manage the functions of the product and provide a user interface. They are usually written in high-level (C#, Java, Python, etc.) languages. They must be adapted to the capabilities of the PCB and the needs of the product.
  • Applications: they are installed on the computer or system that communicates with the PCB. They allow the user to access the functionalities of the product and customize its settings. They are usually written in high-level (C#, Java, Python, Go, Type script, elvet etc.) languages. They must be ergonomic and intuitive for the user.
  • Extensions: they are installed on the computer or system that communicates with the PCB. They allow to add functionalities to the product or connect it to other services or systems. They are usually written in high-level (html, type script, web RTC, Java, java script, etc.) languages. They must be secure and respect compatibility standards.

These software must be designed, developed and tested in parallel with the PCB, in order to guarantee their coherence and performance. They must also be updated regularly to correct any bugs or to bring improvements to the product.

Besides these categories, you also need to consider the tools required for manufacturing and testing the PCB, which depend on the characteristics of the PCB and the requirements of the product. The tools for manufacturing and testing the PCB include:

  • Soldering machines: they allow to assemble electronic components on the PCB by soldering. There are different types of soldering machines, depending on the process used (wave soldering, reflow soldering, selective soldering, etc.).
  • Insertion machines: they allow to insert electronic components through holes in the PCB. They are used for through-hole components, which are fixed by soldering on both sides of the PCB.
  • Placement machines: they allow to place electronic components on the surface of the PCB. They are used for SMD (surface mount device) components, which are fixed by soldering on one side of the PCB.
  • Cutting machines: they allow to cut the PCB according to the desired shape. They are used to separate the different parts of the PCB or to adjust the size of the PCB.
  • Drilling machines: they allow to drill holes in the PCB to insert components or connectors. They are used to make connections between the different layers of the PCB or between the PCB and other elements.
  • Engraving machines: they allow to engrave patterns or inscriptions on the PCB. They are used to identify the PCB or to add technical or aesthetic information to it. For example, you can engrave the serial number, the manufacturer name, or the logo of the product on the PCB.
  • Measurement devices: they allow to verify the electrical and physical characteristics of the PCB. They include various devices such as multimeters, oscilloscopes, logic analyzers, insulation testers, etc. These devices allow you to measure the electrical and physical characteristics of the PCB, such as voltage, current, resistance, capacitance, frequency, etc.
  • Test software: they allow to control the functionality of the PCB and electronic components. They include various software such as simulation software, fault injection software, functional analysis software, etc. These software allow you to test the behavior of the PCB and electronic components under different conditions and scenarios.

These tools must be chosen according to the type and complexity of the PCB, as well as the level of quality required for the product. They must also be calibrated and maintained regularly to ensure their reliability and accuracy.

To illustrate how to calculate NRE cost for electronic products with PCB, let’s take an example of a project that involves developing a new product based on a 4-layer PCB with 1000 components (800 SMD and 200 through-hole). The project duration is 12 months and requires two engineers (one for design and one for test) with a salary of $3000 per month each. The project also requires a CAD software license ($5000), a fabrication service ($5000), a test service ($5000), a software development service ($10 000), and a royalty fee (5% of sales).

The following table shows how to calculate NRE cost for this project:

Item Formula Cost
Human resources (3 000 + 2 000) x (1 + 0.5) x 2 x 12 $90 000
Software tools $10 000
Materials $5 000
Equipment $15 000
Software $10 000
Royalty fee 0.05 x 200 000 $10 000
Total NRE cost Sum of above items $140 000

As you can see, NRE cost can be quite high for electronic products with PCB, especially if the product is complex or requires specific technologies or tools. Therefore, it is important to optimize NRE cost by using different levers and tools that can improve the efficiency and quality of the product development process.

Three Main Levers to Reduce NRE Cost for Electronic Products with PCB

To optimize NRE cost for electronic products with PCB, you need to know how to reduce it. NRE cost can be reduced by using different levers and tools that can improve the efficiency and quality of the product development process. In this section, we will present three main levers to reduce NRE cost for electronic products with PCB:

  • Optimizing the V-cycle: this is to optimize the design process of the product, which follows a V-shaped model that consists of four main phases: definition, design, verification, and validation. Optimizing the V-cycle relies on the following sub-levers:

Defining clearly and precisely the customer needs and product specifications, which are translated into functional and technical requirements for the product. This helps to avoid ambiguity and misunderstanding, and to align the expectations of all stakeholders. Designing modular and scalable product, which allows reusing existing components or technologies and adapting easily to future changes or improvements. This helps to reduce the design cost and time, and to increase the flexibility and adaptability of the product. Making prototypes and mock-ups, which allow testing the product in real conditions and collecting customer feedback. This helps to validate the feasibility and functionality of the product, and to identify and correct any errors or defects before mass production. Planning rigorously and realistically the project, taking into account technical, financial, and temporal constraints, and anticipating possible contingencies. This helps to optimize the use of resources, to avoid delays and budget overruns, and to manage risks effectively. Monitoring and controlling regularly the project, using performance indicators and appropriate project management tools, which measure the progress of the project and identify deviations from the initial plan. This helps to ensure the quality and efficiency of the project execution, and to take corrective actions if needed. Validating systematically the product at each stage of the V-cycle, using appropriate methods and test criteria, which ensure compliance and quality of the product. This helps to verify that the product meets the customer needs and product specifications, and to obtain certification or approval from relevant authorities.

  • Optimizing the WBS (work breakdown structure): this is to structure the project into sub-projects, tasks, and activities, which are hierarchized and detailed according to their level of complexity and dependence. Optimizing the WBS relies on the following sub-levers:

Decomposing logically and coherently the project, respecting the principle of sum of parts equal to whole, that is, each element of WBS must contribute to achieving global project. This helps to clarify the scope and objectives of the project, and to avoid duplication or omission of work. Defining clearly and precisely deliverables associated with each element of WBS, specifying expected features, responsibilities, deadlines, and costs. This helps to define the expected outcomes of each element of WBS, and to assign roles and responsibilities to each actor of the project. Assigning resources needed for each element of WBS, taking into account skills, availability, and costs of human, material, and financial resources. This helps to allocate resources efficiently and effectively to each element of WBS, and to optimize the cost and quality of the project. Coordinating and communicating among different actors of project, using collaborative tools and agile methods, which promote information exchange and problem solving. This helps to ensure the coherence and consistency of the project, and to foster the collaboration and innovation among different actors.

  • Accelerating schedule: this is to reducethe total duration of project by optimizing use of available resources and minimizing idle times. Accelerating schedule relies on following sub-levers:Reducing duration of critical tasks that have direct impact on end date of project. For this, we can use techniques such as crashing (increasing resources assigned to a task) or fast-tracking (performing tasks in parallel instead of sequentially). This helps to shorten the critical path of the project, which determines the minimum time required for completing the project. Increasing parallelism of non-critical tasks that do not affect the end date of project, but can reduce the total duration of project. For this, we can use techniques such as overlapping (starting a task before the previous one is completed) or splitting (dividing a task into smaller subtasks that can be performed in parallel). This helps to increase the concurrency of tasks in the project, which reduces idle times and improves resource utilization. Eliminating or minimizing slack time of tasks that is the difference between the earliest and latest start or finish times of a task. For this, we can use techniques such as resource leveling (balancing the demand and supply of resources over the project duration) or resource smoothing (adjusting the resource allocation to reduce peaks and valleys in resource usage). This helps to optimize the slack time of tasks, which can be used to absorb uncertainties or delays, or to improve quality or performance.

These levers and tools can help you optimize NRE cost for electronic products with PCB by reducing errors, delays, and budget overruns by improving the quality and efficiency of the product development process. They can also increase customer satisfaction and confidence by demonstrating the compliance and quality of the product at each stage of development.

How to Use the TRL Scale to Optimize NRE Cost for Electronic Products with PCB?

Another tool that can help you optimize NRE cost for electronic products with PCB is the TRL scale, or technology readiness level scale. The TRL scale is a tool for measuring or indicating the maturity of a technology. It was originally developed by NASA in the 1990s as a means to manage the technological risk of its programs. The TRL scale can help you optimize NRE cost for electronic products with PCB by providing a common language and framework for assessing and comparing the maturity of different technologies in the context of a specific application, implementation, and operational environment. The TRL scale also helps you identify gaps and risks in your technology development process, and plan appropriate actions and resources to address them.

The TRL scale ranges from 1 to 9, with 9 being ready for commercialization. The TRL scale describes the performance history of a given system, subsystem, or component relative to a set of levels that correspond to different stages of development.

The following table summarizes the main characteristics and criteria of each TRL level:

The following table summarizes the main characteristics and criteria of each TRL level:

TRL Definition Description Criteria
1 Basic principles observed Scientific research begins and results are translated into future research and development Publication or report of basic principles
2 Technology concept formulated Basic principles are applied to practical applications and experimental proof of concept is obtained Publication or report of applied research
3 Analytical and experimental critical function and/or characteristic proof-of-concept Active research and design begin and proof-of-concept model is constructed Analytical studies and laboratory tests
4 Component/subsystem validation in laboratory environment Component pieces are tested with each other in a simulated environment Component integration and testing
5 Component/subsystem validation in relevant environment Breadboard technology is tested in a realistic environment with simulated interfaces System-level testing in relevant environment
6 System/subsystem model or prototype demonstration in a relevant environment Fully functional prototype or representational model is demonstrated in a realistic environment with actual interfaces System-level testing in relevant environment
7 System prototype demonstration in an operational environment Working model or prototype is demonstrated in an extreme environment with all interfaces System-level testing in operational environment
8 Actual system completed and qualified through test and demonstration Technology has been tested and “flight qualified” and is ready for implementation into an existing technology or technology system System-level testing in operational environment
9 Actual system proven through successful mission operations Technology has been “flight proven” during a successful mission and meets all performance requirements System-level testing in operational environment

What are the Benefits of Using the TRL Scale for Freemindtronic?

By using the TRL scale, Freemindtronic was able to achieve the following benefits:

  • Providing a common language and framework for assessing and comparing the maturity of its technology with other technologies on the market.
  • Identifying gaps and risks in its technology development process and planning appropriate actions and resources to address them.
  • Reducing errors, delays, and budget overruns by improving the quality and efficiency of its product development process.
  • Increasing customer satisfaction and confidence by demonstrating the compliance and quality of its product at each stage of development.

Freemindtronic also offers its technologies under license, including international patents, and provides white label product creation services. This allows its customers to protect their products and services created in their brand and embedding Freemindtronic’s technologies. In addition, they benefit from territorial protection in terms of international intellectual property. Freemindtronic also offers the possibility of negotiating an NRE royalty with its customers, depending on the added value of its technology and market conditions. Moreover, Freemindtronic has designed a mutualized offer of its NRE costs, distributed among all its customers under licenses. This has the effect of reducing the royalty cost attached to the NRE. This also has the effect of making affordable access to the different licenses, especially patented ones, which produce a low impact on the products marketed.

Freemindtronic guarantees an industrial quality of its products,

manufactured with industrial grade electronic components. It also ensures a complete traceability of the manufacture of its offline products and end-to-end cybersecurity from HSMs, from design to end user.

Conclusion and Contact Information

We hope that this article has given you some useful insights on how to optimize NRE cost for electronic products with PCB by using different levers and tools. We also hope that you have learned how to use the TRL scale to optimize NRE cost for electronic products with PCB by assessing and comparing the maturity of different technologies.

We also showed you how Freemindtronic, an Andorran company specialized in security and cybersecurity of computer systems and information systems, uses the TRL scale to optimize NRE cost for its electronic products with PCB. Freemindtronic also offers its technologies under license, including international patents, and provides white label product creation services.

If you have any questions or comments, please feel free to contact us. We will be happy to assist you with your project.

Thank you for your attention.

To contact us click here

2023, Articles, Digital Security, Technical News

Remote activation of phones by the police: an analysis of its technical, legal and social aspects

Posted on by FMTAD
Remote activation of phones by the police
11
Jun

Remote activation of phones by the police by Jacques Gascuel This article will be updated with any new information on the topic, and readers are encouraged to leave comments or contact the author with any suggestions or additions.

How does remote activation of phones by the police work?

An article of the bill on justice 2023-2027 raises controversy. It allows remote activation of mobile phones and capture of images or sound without the owner’s consent, for cases of organized crime or terrorism. How does this intelligence technique work? What are the conditions to use it? What are its advantages and disadvantages? What is the situation in other countries? We explain everything in this article.

Discover our other articles on digital security

What is the new bill on justice and why is it raising concerns about privacy?

The bill on justice is a legislative project. It aims to modernize and simplify justice in France. It covers civil, criminal, administrative and digital justice. It also strengthens the investigation and prosecution of serious offenses, such as terrorism and organized crime.

One measure authorizes remote activation of phones by the police for some investigations. Article 3 “An unfailing commitment to better prevent radicalization and fight against terrorism” of the bill includes this measure. It modifies article 706-102-1 of the code of criminal procedure. This article defines how to activate remotely any electronic device that can emit, transmit, receive or store data.

This measure raises privacy concerns because it lets the police access personal or professional data in phones without the owners’ or possessors’ consent or knowledge. It also lets the police locate, record or capture sounds and images from phones without notification or justification. This measure may violate fundamental rights and freedoms, such as privacy, confidentiality, dignity, presumption of innocence and right to a fair trial.

What is remote activation of phones and how does it work?

Remote activation of phones by the police is an intelligence technique that allows law enforcement agencies to access data or record sounds and images from phones without the consent or knowledge of the phone users. This technique can be used for criminal investigations or national security purposes.

To remotely activate phones, law enforcement agencies need three factors: compatibility, connectivity, and security of the phones. They need to be compatible with the software or hardware that enables remote activation. They need to be connected to a network or a device that allows remote access. They need to have security flaws or vulnerabilities that can be exploited or bypassed.

Law enforcement agencies can remotely activate phones by three methods: exploiting vulnerabilities, installing malware, or using spyware on phones. Exploiting vulnerabilities means taking advantage of security flaws or weaknesses in the phone’s operating system, applications, or protocols. Installing malware means putting malicious software on the phone that can perform unauthorized actions or functions. Using spyware means employing software or hardware that can monitor or control the phone’s activity or data.

By remotely activating phones, law enforcement agencies can access data such as contacts, messages, photos, videos, location, browsing history, or passwords. They can also record sounds and images such as conversations, ambient noises, or camera shots. They can do this in real time or later by retrieving the data from the phone’s memory or storage.

What is the French bill on remote activation of phones by the police and what are its implications?

The French bill on remote activation of phones by the police is a legislative text that was promulgated on 25 May 2021. It is part of the justice orientation and programming bill for 2023-2027, which aims to modernize the justice system and reinforce its efficiency and independence.

The bill introduces a new article in the code of criminal procedure, which allows the judge of liberties and detention (at the request of the prosecutor) or the examining magistrate to order the remote activation of an electronic device without the knowledge or consent of its owner or possessor for the sole purpose of locating it in real time. This measure can be applied for crimes or misdemeanors punishable by at least five years’ imprisonment, a fairly broad criterion.

The bill also allows the judge of liberties and detention (at the request of the prosecutor) or the examining magistrate to order the remote activation of an electronic device without the knowledge or consent of its owner or possessor for the purpose of recording sounds and images from it. This measure can be applied only for crimes relating to organized crime and terrorism.

These measures cannot concern parliamentarians, journalists, lawyers, magistrates and doctors, nor the defendants when they are in the judge’s office or with their lawyer.

The bill also specifies that the remote activation of an electronic device must be done in a way that does not alter its functioning or data, and that the data collected must be destroyed within six months after their use.

The bill aims to provide law enforcement agencies with more tools and information to prevent, investigate and prosecute crimes, especially in cases where phones are encrypted, hidden or destroyed. It also aims to harmonize the French legislation with other countries that have used or considered this technique, such as the United States, Germany, Italy, Israel, Canada, China, France, and the United Kingdom.

However, the bill also raises ethical and social challenges, as it involves a trade-off between security and privacy, as well as between effectiveness and legitimacy. It may undermine the right to respect for private life and the right to a fair trial, which are guaranteed by the European Convention on Human Rights and the French Constitution. It may also expose law enforcement agencies to legal or technical challenges or dangers, such as encryption technologies that can prevent or hinder remote activation. It may also create distrust or resistance among phone users or providers, who may use encryption technologies or legal remedies to protect their data or communications.

The bill has been criticized by several actors, such as lawyers, human rights defenders, digital rights activists, journalists and academics. They have denounced its lack of proportionality, necessity and oversight. They have also questioned its effectiveness and legitimacy. They have called for its withdrawal or amendment.

The bill is still subject to constitutional review by the Constitutional Council before its final promulgation.

How did the Senate vote on the bill and where to find the official sources?

The Senate adopted this measure on October 20, 2021, with some amendments. The Senate voted in favor of this measure by 214 votes against 121. The Senate also added some safeguards to this measure, such as limiting its duration to four months renewable once and requiring prior authorization from an independent judge.

The National Assembly still has to examine the bill before adopting it definitively. The National Assembly may approve, reject or modify this measure. The final text may differ from the one that the Senate voted.

The examination of the bill by the National Assembly will start on December 6, 2021. You can follow the progress of the bill on the website of the National Assembly. You can also find the official text of the bill and the report of the Senate on their respective websites. You can also consult the website of the Ministry of Justice for more information on the bill and its objectives.

What are the benefits and risks of remote activation of phones?

This technique can affect citizens’ and suspects’ behavior in different ways.

On one hand, it can deter people from serious offenses. It exposes them to a higher risk of detection and identification. It reduces their incentives for criminal activities.

On the other hand, it can also make people more cautious or paranoid. It increases their uncertainty and fear. It leads them to avoid electronic devices, encrypt their communications, or use countermeasures such as jamming devices.

This technique can also impact public safety and security positively and negatively.

On one hand, it can improve the efficiency and effectiveness of law enforcement agencies. It provides them with more information and evidence. It helps them prevent, investigate and prosecute crimes.

On the other hand, it can also pose risks for human rights and civil liberties. It allows intrusive and covert surveillance. It violates privacy, confidentiality and dignity. It can also be subject to abuse, misuse or error by law enforcement agents or hackers.

Finally, it can create a feeling of insecurity and mistrust towards institutions, which can access personal or professional data in phones. It can also harm respect for presumption of innocence by placing permanent suspicion on people targeted by this technique. It can also infringe on protection of journalistic sources or right to information by discouraging whistleblowers or witnesses from speaking freely. It can finally encourage people concerned to adopt avoidance or circumvention strategies, such as changing phones regularly, using encrypted applications or switching to airplane mode.

These strategies can reduce the actual effectiveness of this technique for preventing terrorism and organized crime.

What are the arguments in favor of remote activation of phones?

Some people support this technique because they think it has several advantages for law enforcement and public security.

How can remote activation of phones violate privacy and data protection?

One of the main arguments against this technique is that it can violate privacy and data protection for individuals and groups. Privacy and data protection are fundamental rights recognized by international standards and laws. They ensure human dignity and autonomy.

Remote activation of phones violates privacy and data protection by letting law enforcement agencies access personal or professional data without the owners’ or possessors’ consent or knowledge. It also lets law enforcement agencies access sensitive or confidential data without notification or justification. It also lets law enforcement agencies access excessive or irrelevant data without limitation or proportionality.

For example, remote activation of phones could let the police access medical records, financial transactions, political opinions, religious beliefs, sexual preferences, or other intimate information on a device or a communication. It could also let the police access information that is not related to the investigation or that is out of scope on a device or a communication. It could also let the police access information that is not necessary or appropriate for the investigation or that is disproportionate to the seriousness of the offense on a device or a communication.

How can remote activation of phones improve access to justice and evidence?

Another argument in favor of this technique is that it can improve access to justice and evidence for law enforcement agencies and victims of crimes. Justice and evidence ensure the rule of law and the protection of rights.

Remote activation of phones improves access to justice and evidence by letting law enforcement agencies obtain information that is otherwise inaccessible or difficult to obtain. It also lets law enforcement agencies obtain information that is more reliable and accurate than other sources. It also lets law enforcement agencies obtain information that is timelier and more relevant than other sources.

For example, remote activation of phones could help the police access data that is encrypted or password-protected on a device or a communication. It could also help the police access data that is authentic and verifiable on a device or a communication. It could also help the police access data that is up-to-date and pertinent on a device or a communication.

What are the arguments against remote activation of phones?

Some people oppose this technique because they think it has several disadvantages for human rights and civil liberties.

How can remote activation of phones violate privacy and data protection?

One of the main arguments against this technique is that it can violate privacy and data protection for individuals and groups. Privacy and data protection are fundamental rights recognized by international standards and laws. They ensure human dignity and autonomy.

Remote activation of phones violates privacy and data protection by letting law enforcement agencies access personal or professional data without the owners’ or possessors’ consent or knowledge. It also lets law enforcement agencies access sensitive or confidential data without notification or justification. It also lets law enforcement agencies access excessive or irrelevant data without limitation or proportionality.

For example, remote activation of phones could let the police access medical records, financial transactions, political opinions, religious beliefs, sexual preferences, or other intimate information on a device or a communication. It could also let the police access information that is not related to the investigation or that is out of scope on a device or a communication. It could also let the police access information that is not necessary or appropriate for the investigation or that is disproportionate to the seriousness of the offense on a device or a communication.

How can remote activation of phones undermine the presumption of innocence and the right to a fair trial?

Another argument against this technique is that it can undermine the presumption of innocence and the right to a fair trial for individuals and groups. The presumption of innocence and the right to a fair trial are fundamental rights recognized by international standards and laws. They ensure justice and accountability.

Remote activation of phones undermines the presumption of innocence and the right to a fair trial by letting law enforcement agencies access data that they can use against individuals or groups without any legal basis or due process. It also lets law enforcement agencies access data that they can manipulate or falsify by law enforcement agents or hackers. It also lets law enforcement agencies access data that individuals or groups can challenge or contest.

For example, remote activation of phones could let the police access data that they can incriminate individuals or groups without any warrant or authorization from a judge. It could also let the police access data that they can alter or corrupt by law enforcement agents or hackers. It could also let the police access data that individuals or groups can dispute or refute.

How can remote activation of phones create a risk of abuse and misuse by the authorities?

Another argument against this technique is that it can create a risk of abuse and misuse by the authorities for individuals and groups. Abuse and misuse are illegal or unethical actions that violate rights and obligations. They damage trust and legitimacy.

Remote activation of phones creates a risk of abuse and misuse by the authorities by letting law enforcement agencies access data that they can use for purposes other than those authorized or intended. It also lets law enforcement agencies access data that they can share or disclose to third parties without any oversight or control. It also lets law enforcement agencies access data that they can retain or store for longer than necessary or permitted.

For example, remote activation of phones could let the police access data that they can use for political, personal, commercial, or other interests on a device or a communication. It could also let the police access data that they can transfer or leak to other agencies, organizations, media, or individuals on a device or a communication. It could also let the police access data that they can keep or archive for indefinite periods on a device or a communication.

What are the alternatives and safeguards for remote activation of phones?

Some people suggest that there are alternatives and safeguards for remote activation of phones that can balance security and privacy.

What are the existing legal tools to access phone data with judicial authorization?

One of the alternatives for remote activation of phones is to use existing legal tools to access phone data with judicial authorization. Judicial authorization is a legal requirement that ensures respect for rights and obligations. An independent and impartial judge grants it after evaluating the necessity and proportionality of the request.

Existing legal tools to access phone data with judicial authorization include search warrants, wiretaps, geolocation orders, data requisitions, and international cooperation agreements. These tools let law enforcement agencies obtain information from phones in a lawful and transparent manner. They also provide legal protection and recourse for individuals and groups.

For example, search warrants let law enforcement agencies physically seize phones and extract data from them with judicial authorization. Wiretaps let law enforcement agencies intercept calls and messages from phones with judicial authorization. Geolocation orders let law enforcement agencies track the location of phones with judicial authorization. Data requisitions let law enforcement agencies request data from phone operators or service providers with judicial authorization. International cooperation agreements let law enforcement agencies exchange data with foreign authorities with judicial authorization.

What are the principles and conditions for remote activation of phones according to the bill?

One of the safeguards for remote activation of phones is to follow the principles and conditions for remote activation of phones according to the bill. The bill on justice sets some rules and limits for this technique to prevent abuse and misuse.

The principles and conditions for remote activation of phones according to the bill include:

  • The technique can only be used for terrorism and organized crime investigations.
  • An independent judge who authorizes it must supervise the technique. The technique can only last for four months renewable once.
  • The technique must respect necessity, proportionality, subsidiarity, and legality.
  • Parliament and independent authorities must oversee and control the technique.
  • Experts and stakeholders must evaluate and review the technique.

These principles and conditions aim to ensure a reasonable and accountable use of this technique. They also aim to protect the rights and interests of individuals and groups.

What are the possible ways to limit or challenge remote activation of phones?

Another safeguard for remote activation of phones is to use possible ways to limit or challenge remote activation of phones by individuals or groups. These ways can help protect rights and interests, as well as ensure accountability and transparency.

Some of the possible ways to limit or challenge remote activation of phones are:

  • Using encryption technologies:

    Encryption technologies can make data on phones unreadable or inaccessible to law enforcement agencies, even if they remotely activate them. Encryption technologies can also protect communications from law enforcement agencies’ interception or recording. For example, using end-to-end encryption apps, such as Signal or WhatsApp, can prevent law enforcement agencies from accessing messages or calls on phones.

  • Using security features:

    Security features can prevent law enforcement agencies from installing or activating software or applications on phones that enable remote activation. Security features can also detect or remove software or applications that enable remote activation. For example, using antivirus software, firewalls, passwords, biometrics, or VPNs can prevent law enforcement agencies from accessing phones.

  • Using legal remedies:

    Legal remedies can let individuals or groups contest or oppose remote activation of phones by law enforcement agencies. Legal remedies can also let individuals or groups seek compensation or redress for damages caused by remote activation of phones. For example, using judicial review, administrative appeals, complaints, lawsuits, or human rights mechanisms can challenge law enforcement agencies’ actions or decisions regarding remote activation of phones.

How does this technique compare with other countries?

Law enforcement agencies in other countries, such as the United States, Germany, Italy, Israel, Canada, China, France, and the United Kingdom, have used or considered remote activation of phones by the police. This technique is not new or unique. However, the legal framework, the technical methods, and the ethical and social implications of this technique vary from country to country..

How does remote activation of phones by the police work in different countries?

Remote activation of phones by the police is an intelligence technique that varies from country to country. It depends on the legal framework, the technical methods and the ethical issues of each country. Here are some examples of how it works in different countries.

  • In the United States, this technique is known as “roving bugs” or “mobile device tracking”. The Foreign Intelligence Surveillance Act (FISA) authorizes it for national security purposes and Title III of the Omnibus Crime Control and Safe Streets Act for criminal investigations. It requires a court order based on probable cause and limited in scope and duration. It can locate or record sounds and images from phones. It can be done by installing malware or exploiting vulnerabilities on phones.
  • In Germany, this technique is known as “Quellen-TKÜ” or “source telecommunications surveillance”. The Code of Criminal Procedure and the Telecommunications Act regulate it for criminal investigations and the Federal Intelligence Service Act for national security purposes. It requires a court order based on reasonable suspicion and proportionality. It can intercept communications from phones. To do so, it installs software or uses spyware on phones.
  • In Italy, this technique is known as “Trojan horse” or “spyware”. The Code of Criminal Procedure and the Data Protection Code regulate it for criminal investigations. It requires a court order based on serious indications of guilt and necessity. It can access data or record sounds and images from phones. To do so, it installs software or uses spyware on phones.
  • In Israel, this technique is known as “IMSI catchers” or “stingrays”. The Wiretapping Law and the Privacy Protection Law regulate it for criminal investigations and the Security Service Law for national security purposes. It requires a court order based on reasonable grounds and proportionality. It can locate or intercept communications from phones. To do so, it uses devices that mimic cell towers and trick phones into connecting to them.
  • In Canada, this technique is known as “cell site simulators” or “IMSI catchers”. The Criminal Code and the Charter of Rights and Freedoms regulate it for criminal investigations. It requires a court order based on reasonable grounds and proportionality. It can locate or intercept communications from phones. To do so, it uses devices that mimic cell towers and trick phones into connecting to them.
  • In China, this technique is known as “network interception” or “remote control”. The Criminal Procedure Law and the Cybersecurity Law regulate it for criminal investigations and national security purposes. It does not require a court order but only an approval from a higher authority. It can access data or record sounds and images from phones. To do so, it installs software or uses spyware on phones.
  • In France, real-time geolocation is regulated by the Criminal Procedure Code and the Intelligence Law for criminal and national security investigations. Article 706-102-1 of the Criminal Procedure Code allows police officers and agents to use a technical device to access, record, store and transmit computer data without the consent of the persons concerned. This requires a court order based on serious reasons and proportionality. Article 230-32 of the Criminal Procedure Code states that “Any technical means for real-time location, throughout the national territory, of a person, without his consent, a vehicle or any other object, without the consent of its owner or possessor, may be used if this operation is required by necessity: “. This also requires a court order based on serious reasons and proportionality.
  • In the United Kingdom, this technique is known as “equipment interference” or “hacking”. The Investigatory Powers Act regulates it for criminal investigations and national security purposes. It requires a warrant based on necessity and proportionality. It can access data or record sounds and images from phones. To do so, it installs software or uses spyware on phones.

How does remote activation of phones by the police raise ethical and social challenges?

Remote activation of phones by the police raises ethical and social challenges in different contexts and situations because it involves a trade-off between security and privacy, as well as between effectiveness and legitimacy.

Security versus privacy

On one hand, remote activation of phones by the police can enhance security by providing law enforcement agencies with more information and evidence to prevent, investigate, and prosecute crimes. It can also deter criminals from using phones to plan or commit crimes.

On the other hand, remote activation of phones by the police can undermine privacy by letting law enforcement agencies access personal or professional data without consent or knowledge. It can also violate human rights and civil liberties by letting law enforcement agencies monitor or record sounds and images without notification or justification.

Effectiveness versus legitimacy

On one hand, remote activation of phones by the police can be effective by increasing the chances of finding relevant information or evidence on phones that may be encrypted, hidden, or destroyed. It can also be efficient by reducing the costs and risks of physical surveillance or interception.

On the other hand, remote activation of phones by the police can be illegitimate by violating the legal framework, the technical methods, or the oversight and control mechanisms that regulate this technique in each country. It can also be counterproductive by creating distrust or resistance among phone users or providers, who may use encryption technologies or legal remedies to protect their data or communications.

The ethical and social challenges of remote activation of phones by the police depend on the legal framework, the technical methods, and the oversight and control mechanisms that regulate this technique in each country. They also depend on the cultural and political values, the public opinion, and the media coverage that shape the perception and acceptance of this technique in each country.

Some of the ethical and social challenges of remote activation of phones by the police are how to :

  • balance security and privacy in the use of this technique?
  • ensure compliance with fundamental rights and freedoms in the use of this technique?
  • prevent abuse, misuse, or error in the use of this technique?
  • provide legal protection and recourse for individuals or groups affected by this technique?
  • ensure accountability and transparency in the use of this technique?
  • evaluate the effectiveness and legitimacy of this technique?
  • foster trust and cooperation between law enforcement agencies and phone users in the use of this technique?

What is the impact of encryption technologies on this technique?

Encryption technologies are methods or systems that make data unreadable or inaccessible to unauthorized parties. Encryption technologies can have a significant impact on remote activation of phones by the police, as they can make this technique more difficult, risky, or controversial.

How can encryption technologies make remote activation of phones by the police more difficult or impossible?

Encryption technologies can make remote activation of phones by the police more difficult or impossible by preventing law enforcement agencies from accessing data or communications on phones, even if they remotely activate them. Encryption technologies can also protect phones from malware or spyware that enable remote activation.

For example, end-to-end encryption, which some apps such as Signal or WhatsApp use, can prevent law enforcement agencies from intercepting or reading messages or calls on phones, as only the sender and the receiver have the keys to decrypt them. Device encryption, which some operating systems such as iOS or Android use, can prevent law enforcement agencies from extracting or viewing data on phones, as they require a password or a biometric authentication to unlock them.

How can encryption technologies make remote activation of phones by the police more risky or harmful?

Encryption technologies can make remote activation of phones by the police more risky or harmful by exposing law enforcement agencies to legal or technical challenges or dangers. Encryption technologies can also harm phone users by compromising their security or privacy.

For example, breaking encryption, which law enforcement agencies sometimes do to access data or communications on phones, can expose them to legal challenges, as it may violate laws or regulations that protect encryption or privacy. It can also expose them to technical dangers, as it may weaken the security of phones or networks and create vulnerabilities for hackers or criminals. Hacking encryption, which law enforcement agencies sometimes do to install malware or spyware on phones, can harm phone users by compromising their security or privacy, as it may allow unauthorized access to their data or functions.

How can encryption technologies make remote activation of phones by the police more controversial or unacceptable?

Encryption technologies can make remote activation of phones by the police more controversial or unacceptable by raising ethical and social issues or debates. Encryption technologies can also create conflicts or tensions between law enforcement agencies and phone users or providers.

For example, undermining encryption, which law enforcement agencies sometimes request to facilitate remote activation of phones, can raise ethical and social issues or debates, as it may affect human rights and civil liberties, such as privacy, confidentiality, dignity, presumption of innocence, and right to a fair trial. It can also create conflicts or tensions between law enforcement agencies and phone users or providers. They may have different interests or values regarding encryption and security.

How does EviCore NFC HSM technology developed by Freemindtronic offer a high level of protection for phone users?

Remote activation of phones by the police can be facilitated by exploiting security flaws, installing malware, or requesting backdoors in encryption technologies. However, some encryption technologies may be resistant to these measures and offer a higher level of protection for phone users. One of them is the EviCore NFC HSM technology developed by Freemindtronic.

This technology lets users create their own encryption keys in a random way and store them in a physical device that communicates with the phone via NFC (Near Field Communication). The device also lets users define their own trust criteria that must be met to use the keys or their segments. The encryption is done in post-quantum AES-256 mode from either a device compatible with the EviCore NFC HSM technology or from an encrypted enclave in the phone created in the Key chain (Apple) or the Key store (Android) via the EviCore HSM OpenPGP technology. The encryption keys are segmented and superior to 256 bits. Moreover, they are physically externalized from computer systems. Everything is designed by Freemindtronic to effectively fight against espionage and corruption of telephone, computer, communication and information systems. Finally, without a server, without a database, even in air gap and airplane mode works EviCore NFC HSM or EviCore HSM OpenPGP technology. Everything is designed to work in volatile memory to leave no trace in telephone and computer systems.

This technology offers a high level of security and privacy for phone users who want to protect their data from unauthorized access, including by the police. It also offers a high level of performance and usability for phone users who want to encrypt or over-encrypt all types of messaging in the world, including SMS and MMS. It also works with other applications that use encryption, such as email, cloud storage or blockchain.

Furthermore, this technology is designed to be totally anonymous, autonomous, unconnected, without a database, without collecting any information of any kind on the identity of the user, nor on the hardware, nor on the terminals used. The technology is designed to be totally isolated and totally independent of the security of the terminal used whether it is connected or not. Freemindtronic does not keep the unique pairing keys for each NFC HSM device. And even if it did, the user at installation will automatically generate segmented complementary keys for encryption with administrator and user passwords. Each NFC device has a unique 128-bit signature dedicated to fighting against counterfeiting of NFC devices. It is also used as a key segment. The secret stored in eprom memories or in enclaves of the phone and/or computer can be individually secured by other segmented keys characterized by additional trust criteria such as a geozone, a random hexadecimal code via an existing or generated QR code or Bar Code via EviCore HSM. It is therefore physically impossible for Freemindtronic but under judicial assignment to decrypt data encrypted via EviCore HSM technologies even with a quantum computer.

Conclusion

Remote activation of phones by the police is an intelligence technique. It aims to fight terrorism and crime by accessing data or sounds and images from phones without consent or knowledge. Law enforcement agencies in various countries have used or considered this technique. For example, France, the United States, Germany, Italy, Israel, Canada, China, and the United Kingdom. However, this technique raises technical, legal, ethical, and social challenges. They need to be addressed.

On the technical side, remote activation of phones by the police depends on three factors: compatibility, connectivity, and security of the phones. It can be done by three methods: exploiting vulnerabilities, installing malware, or using spyware on phones.For example, EviCore NFC HSM technology developed by Freemindtronic protects data and communications on phones from remote activation by the police. Encryption technologies can make this technique more difficult or impossible by preventing law enforcement agencies from accessing data or communications on phones, even if they remotely activate them.

On the legal side, remote activation of phones by the police requires a legal framework that regulates its use and scope. Laws or regulations can authorize it and specify the conditions and criteria for its application. Legal remedies can also challenge it and contest or oppose its validity or legality.

On the ethical side, remote activation of phones by the police involves a trade-off between security and privacy, as well as between effectiveness and legitimacy. It can enhance security by providing more information and evidence to law enforcement agencies to prevent, investigate, and prosecute crimes. It can also undermine privacy by letting law enforcement agencies access personal or professional data without notification or justification.

On the social side, remote activation of phones by the police raises issues or debates that affect human rights and civil liberties. For example, privacy, confidentiality, dignity, presumption of innocence, and right to a fair trial. It can also create conflicts or tensions between law enforcement agencies and phone users or providers, as they may have different interests or values regarding encryption and security.

Therefore, remote activation of phones by the police is a complex and controversial technique that requires a careful and balanced approach that respects the rights and interests of all parties involved. The French bill on remote activation of phones by the police and the EviCore NFC HSM Open PGP technology developed by Freemindtronic illustrate the complex and evolving relationship between intelligence and encryption in the digital age. They raise questions about finding a balance. It is between security and privacy, between public interest and individual rights, between innovation and regulation.

: According to Okta, privacy is the right to control how your information is viewed and used, while security is protection from threats or dangers (https://www.okta.com/identity-101/privacy-vs-security/).

: According to Carnegie Endowment for International Peace, finding a balance between security and privacy requires addressing technical, legal, and social questions (https://carnegieendowment.org/2019/09/10/moving-encryption-policy-conversation-forward-pub-79573).

: According to Springboard, finding a balance between innovation and regulation requires cooperation among stakeholders and respect for human rights (https://www.springboard.com/blog/cybersecurity/privacy-vs-security-how-to-balance-both/).

2023, Articles, Cryptocurrency, Digital Security, NFC HSM technology, Technologies

How BIP39 helps you create and restore your Bitcoin wallets

Posted on by FMTAD
BIP39 EviSeed post Freemindtronic from Andorra web site
28
May

BIP39 by Jacques gascuel This article will be updated with any new information on the topic, and readers are encouraged to leave comments or contact the author with any suggestions or additions.  

BIP39: how to create and restore your Bitcoin wallets securely

Do you want to know how BIP39 helps you manage your cryptographic keys with a simple mnemonic phrase? Find out in this article how this standard works and how to use it to protect your bitcoins.

How BIP39 helps you create and restore your Bitcoin wallets

Do you struggle to manage your cryptocurrency wallets? Are you looking for a simple and secure solution to create and restore your wallets? You are not alone. According to a study, more than 20% of cryptocurrency users have lost access to their funds because of a forgotten or stolen private key. Fortunately, there is an innovative solution to avoid this problem: BIP39 and mnemonic phrases. In this article, we will explain what BIP39 is, how it works, what are its advantages and disadvantages, and which wallets support it.

What is BIP39 and how does it work?

BIP39, also known as Bitcoin Improvement Proposal 39, proposes a novel method to simplify the creation and recovery of cryptocurrency wallets. It relies on the use of mnemonic phrases, which are sequences of words easy to remember generated from a predefined list of words. These mnemonic phrases serve to derive the private keys that allow you to access your funds. The use of this method greatly simplifies the management and backup of wallets, avoiding the need to memorize complex private keys.

BIP39 is part of the many BIPs (Bitcoin Improvement Proposals) that aim to improve the Bitcoin protocol. It was proposed in 2013 by Marek Palatinus, Pavol Rusnak, Aaron Voisine and Sean Bowe. It was implemented on Bitcoin in 2014 and has been adopted by many other cryptocurrency projects since then. You can consult the official document of BIP39 here (link to https://github.com/bitcoin/bips/blob/master/bip-0039.mediawiki).

The benefits of BIP39

BIP39 has many benefits for cryptocurrency users. First of all, it simplifies considerably the process of creating and recovering wallets. Thanks to mnemonic phrases, it becomes easier to backup and restore your wallets in case of need. Moreover, these mnemonic phrases are generally more user-friendly, as they are composed of words in natural language, which makes them easier to remember.

Another important benefit is compatibility. Many hardware and software wallets support BIP39, which offers great flexibility in choosing the wallet suitable for your needs. Whether you prefer a physical wallet or a software solution, there is a high chance that you can find a wallet compatible with BIP39.

The drawbacks of BIP39

Despite its many benefits, BIP39 also has some drawbacks. The main drawback lies in the security of the mnemonic phrase. Given that the mnemonic phrase is the key to access your funds, its loss or theft can result in the total loss of your cryptocurrencies. It is therefore crucial to take appropriate security measures to protect your mnemonic phrase, such as secure backup in an offline location.

Another drawback is the dependence on wallet software compatible with BIP39. It is important to verify that the wallet you use supports BIP39 before generating your mnemonic phrase. Otherwise, you may not be able to access your funds with another wallet that uses the same protocol.

Cold wallet vs hardware wallet: what’s the difference?

If you own cryptocurrencies, you need a wallet to store and manage them. But not all wallets are the same. In this article, we will explain the difference between a cold wallet and a hardware wallet, and how to choose the best one for your needs.

What is a cold wallet?

A cold wallet is a type of hardware wallet that is very secure: it never interacts with any smart contract or external source; it only stores assets and executes transfers between your other wallets. For example, a hardware wallet that is not used to explore Web3 can be considered a cold wallet.

What is a hardware wallet?

A hardware wallet is a physical device that stores your private keys in an isolated environment from an internet connection. This is important, because anyone who has access to your private keys has access to your crypto. A hardware wallet also allows you to sign transactions; enabling you to interact with different blockchain networks.

What is the difference between a cold wallet and a hardware wallet?

The main difference between a cold wallet and a hardware wallet is the level of interaction with smart contracts and external sources. A cold wallet is safer than a hardware wallet active online, because it does not face any threat from interactions with smart contracts.

Here is a summary table of the advantages and disadvantages of each type of wallet:

Cold Wallet Hardware Wallet
+ Very secure + Secure
+ Ideal for long-term storage + Ideal for Web3 exploration
– Not convenient for frequent transactions – Less secure than a cold wallet
– Can be lost or damaged – Can be hacked by malicious smart contracts

What standard is used to generate the mnemonic phrase or mnemonic code?

Another important aspect to consider when choosing a wallet is the standard used to generate the mnemonic phrase or mnemonic code. This is a group of easy-to-remember words that serves as a backup for your wallet in case of loss or destruction. The most common standard is BIP39, which is used by many deterministic (HD) wallets and not only by Bitcoin wallets. It has also been adopted for use in many other cryptocurrency projects.

Cold wallets and hardware wallets generally use BIP39 for master key generation. Some hardware wallets also use other BIPs to improve the security and functionality of their wallets. For example:

  • The Trezor Model T uses BIP32, BIP39, BIP44 and SLIP39. SLIP39 is an improvement of BIP39 that allows creating split backups (Shamir Backup) for increased security.
  • The Coldcard uses BIP32, BIP39 and BIP174. BIP174 is a standardized format for partially signed transactions (PSBT) that allows signing transactions offline.

What are the different types of cold wallets and hardware wallets?

There are different types of cold wallets and hardware wallets, and some can belong to both categories. For example, the Keepser is an NFC cold wallet that uses BIP39 to save seed phrases generated by other wallets or blockchains. It is therefore a type of hardware wallet that comes in the form of a contactless card that communicates with an application on your smartphone. The Keepser only protects cryptocurrency private keys, and not other types of private keys. It also allows printing private keys and seed phrases in the form of encrypted QR codes, which can be scanned by the Keepser application to restore wallets. The Keepser uses EviVault and EviSeed technology developed by Freemindtronic, a company specialized in cybersecurity and custom product design.

It is therefore important to check what standards are supported by the wallet you choose and how they affect the security and compatibility of your wallet.

BIP39 EviSeed post Freemindtronic from Andorra web site

How to choose a BIP39-compatible wallet

Update 29/05/2023

To fully enjoy the benefits of BIP39, it is essential to choose a wallet compatible with this feature. Many hardware and software wallets support BIP39, offering a simplified and secure experience. To help you in your choice, we have created a comprehensive table that compares the best wallets compatible with BIP39:

Cryptocurrency_Logo

Cold Wallets

No Type of product Product Name Compatible blockchains BIP39 supported Country of origin
1 Cold Wallet & Hardware Wallet EviSeed Seed Phrase Yes Andorra
2 Cold Wallet BCVault Bitcoin, Ethereum, etc. Yes Unknown
3 Cold Wallet Coldcard Bitcoin Yes Unknown
4 Cold Wallet Ngrave Zero Bitcoin, Ethereum, etc. Yes Belgium
5 Cold Wallet Opendime Bitcoin Not supported Unknown
6 Cold Wallet & Hardware Wallet SeedNFC Bitcoin, Ethereum, Seed Phrase, etc. Yes Andorra
7 Cold Wallet NFC Vault Bitcoin, Ethereum Yes Portuguese

Hardware Wallet

No Type of product Product Name Compatible blockchains BIP39 supported Country of origin
1 Cold Wallet & Hardware Wallet EviSeed Seed Phrase Yes Andorra
2 Cold Wallet BCVault Bitcoin, Ethereum, etc. Yes Unknown
3 Cold Wallet Coldcard Bitcoin Yes Unknown
4 Cold Wallet Ngrave Zero Bitcoin, Ethereum, etc. Yes Belgium
5 Cold Wallet Opendime Bitcoin Not Unknown
6 Cold Wallet Keeypser Bitcoin, Ethereum, IOTA, etc. Yes Andorra
7 Cold Wallet & Hardware Wallet SeedNFC Bitcoin, Ethereum, Seed Phrase, etc. Yes Andorra
8 Hardware Wallet BitBox02 Bitcoin, Ethereum, etc. Yes Switzerland
9 Hardware Wallet CoolWallet S Bitcoin, Ethereum, etc. Yes Unknown
10 Hardware Wallet D’Cent Wallet Bitcoin, Ethereum, etc. Yes Unknown
11 Hardware Wallet ELLIPAL Titan Bitcoin, Ethereum, etc. Yes Unknown
12 Hardware Wallet KeepKey Bitcoin, Ethereum, etc. Yes Unknown
13 Hardware Wallet Cobo Vault Bitcoin, Ethereum, etc. Yes Unknown
14 Hardware Wallet SecuX V20 Bitcoin, Ethereum, etc. Yes Taiwan
15 Hardware Wallet Safepal S1 Bitcoin, Ethereum, etc. Yes Unknown
16 Hardware Wallet Bitfi Wallet 2.0 Bitcoin, Ethereum, etc. Yes Unknown
17 Hardware Wallet Trezor Model T Bitcoin, Ethereum, etc. Yes Czech Republic
18 Hardware Wallet Ledger Nano X Bitcoin, Ethereum, etc. Yes France
19 Hardware Wallet KeepKey Bitcoin, Ethereum, etc. Yes United States
20 Hardware Wallet Ellipal Titan Bitcoin, Ethereum, etc. Yes Unknown
21 Hardware Wallet SecuX W20 Bitcoin, Ethereum, etc. Yes Taiwan
22 Hardware Wallet BitLox Ultimate Bitcoin, Ethereum, etc. Yes Unknown
23 Hardware Wallet Ledger Nano S Bitcoin, Ethereum, etc. Yes France
24 Hardware Wallet Safe-T mini Bitcoin, Ethereum, etc. Yes Israel
25 Hardware Wallet CoolWallet Pro Bitcoin, Ethereum, etc. Yes Unknown
26 Hardware Wallet Shift Cryptosecurity BitBox02 Bitcoin-only Edition Bitcoin Yes Switzerland
27 Hardware Wallet Ngrave Zero Bitcoin, Ethereum, etc. Yes Belgium
28 Hardware Wallet Cobo Vault Bitcoin, Ethereum, etc. Yes Unknown
29 Hardware Wallet Safepal S1 Bitcoin, Ethereum, etc. Yes Unknown
30 Hardware Wallet Bitfi Wallet 2.0 Bitcoin, Ethereum, etc. Yes Unknown
31 Hardware Wallet Archos Safe-T mini Bitcoin, Ethereum, Litecoin etc. more Yes France
32 Hardware Wallet Ellipal EC-01 Bitcoin, Ethereum and more Yes hong Kong
33 Hardware Wallet Blockstream Jade Bitcoin, Ethereum and more Yes Canada
34 Hardware Wallet SecuX W10 Bitcoin, Ethereum and more Yes Taiwan

Hot Wallets

No Type of product Product Name Compatible blockchains BIP39 supported Country of origin
1 Hot Wallet Exodus Bitcoin, Ethereum, etc. Yes Unknown
2 Hot Wallet MetaMask Ethereum Yes Unknown
3 Hot Wallet Trust Wallet Bitcoin, Ethereum, etc. Yes Unknown
4 Hot Wallet Coin.Space Wallet Bitcoin, Ethereum, etc. Yes Unknown
5 Hot Wallet BRD Wallet Bitcoin, Ethereum, etc. Yes Unknown
6 Hot Wallet ZenGo Wallet Bitcoin, Ethereum, etc. Yes Unknown
7 Hot Wallet Coinomi Wallet Multiple Yes Unknown
8 Hot Wallet Atomic Wallet Multiple Yes Unknown
9 Hot Wallet MyCrypto Wallet Ethereum, Bitcoin, etc. Yes United States
10 Hot Wallet Edge Wallet Bitcoin, Ethereum, etc. Yes United States
11 Hot Wallet Infinite Wallet Multiple Yes Vietnam
12 Hot Wallet Trustee Wallet Bitcoin, Ethereum, etc. Yes Unknown
13 Hot Wallet Trust Wallet Ethereum, Binance Smart Chain, etc. Yes Unknown
14 Hot Wallet Coin98 Wallet Ethereum, Binance Smart Chain, etc. Yes Unknown
15 Hot Wallet CaféSwap Binance Smart Chain Yes Unknown

Blockchain

No Type of product Product Name Compatible blockchains BIP39 supported Country of origin
1 Blockchain Bitcoin Bitcoin Yes Unknown
2 Blockchain Ethereum Ethereum Yes Unknown
3 Blockchain Cardan Cardan Yes United Kingdom and Switzerland
4 Blockchain Ground Ground Yes Unknown
5 Blockchain Solana Solana Yes United States
6 Blockchain Polka dots Polka dots Yes Unknown
7 Blockchain Binance Smart Chain Binance Smart Chain Yes Unknown
8 Blockchain Ripple Ripple Yes Unknown
9 Blockchain Dogecoin Dogecoin Yes Unknown
10 Blockchain Bitcoin Cash Bitcoin Cash Yes Unknown
11 Blockchain Litecoin Litecoin Yes Unknown
12 Blockchain Tezos Tezos Yes Unknown
13 Blockchain Stellar Stellar Yes Unknown
14 Blockchain EOS EOS Yes Unknown
15 Blockchain Tron Tron Yes Unknown
16 Blockchain Neo Neo Yes Unknown
17 Blockchain Monero Monero Yes Unknown

Wallets Multi-blockchain

No Type of product Product Name Compatible blockchains BIP39 supported Country of origin
1 Wallet Multi-Blockchain Exodus Bitcoin, Ethereum, etc. Yes Unknown
2 Wallet Multi-Blockchain Coinomi Bitcoin, Ethereum, etc. Yes Unknown
3 Wallet Multi-Blockchain Atomic Wallet Multiple Yes Unknown
4 Wallet Multi-Blockchain MyEtherWallet Ethereum Yes Unknown
5 Wallet Multi-Blockchain Jaxx Liberty Bitcoin, Ethereum, etc. Yes Unknown
6 Wallet Multi-Blockchain Guarda Wallet Multiple Yes Unknown
7 Wallet Multi-Blockchain Infinito Wallet Multiple Yes Unknown
8 Wallet Multi-Blockchain Trust Wallet Bitcoin, Ethereum, etc. Yes Unknown
9 Wallet Multi-Blockchain Edge Wallet Bitcoin, Ethereum, etc. Yes Unknown
10 Wallet Multi-Blockchain Trustee Wallet Bitcoin, Ethereum, etc. Yes Unknown
11 Wallet Multi-Blockchain Coin98 Wallet Ethereum, Binance Smart Chain, etc. Yes Unknown

Crypto Seed Phrase Storage (Metal Wallets)

No Type of product Product Name Compatible blockchains BIP39 supported Country of origin
1 Crypto Seed Phrase Storage Cryptotag Zeus N/A N/A N/A
2 Crypto Seed Phrase Storage Cryptosteel Capsule N/A N/A N/A
3 Crypto Seed Phrase Storage Keystone Tablet Plus N/A N/A N/A
4 Crypto Seed Phrase Storage SafePal Cypher Seed Board N/A N/A N/A
5 Crypto Seed Phrase Storage Privacy Pros Billfodl N/A N/A N/A
6 Crypto Seed Phrase Storage Ellipal Mnemonic Metal Any blockchain that supports BIP39 mnemonic phrases Yes Hong Kong
7 Crypto Seed Phrase Storage Shieldfolio Stonebook N/A N/A N/A
8 Crypto Seed Phrase Storage Blockplate N/A N/A N/A
9 Crypto Seed Phrase Storage Cryptosteel Cassette N/A N/A N/A
10 Crypto Seed Phrase Storage Billfodl N/A N/A N/A
11 Crypto Seed Phrase Storage Crypto Key Stack N/A N/A N/A
12 Crypto Seed Phrase Storage CryptoSteel HEX Backup N/A N/A N/A
13 Crypto Seed Phrase Storage Cobo Tablet N/A N/A China
14 Crypto Seed Phrase Storage NGRAVE Graphene N/A N/A Belgium
15 Crypto Seed Phrase Storage Osmosis Trezor Wallet N/A N/A N/A
16 Crypto Seed Phrase Storage Safepal S1 Pro N/A N/A N/A

Mobile Wallets

No Type of product Product Name Compatible blockchains BIP39 supported Country of origin
1 Mobile Wallet Trust Wallet Bitcoin, Ethereum, etc. Yes Unknown
2 Mobile Wallet Coinomi Wallet Bitcoin, Ethereum, etc. Yes Unknown
3 Mobile Wallet Edge Wallet Bitcoin, Ethereum, etc. Yes United States
4 Mobile Wallet BRD Wallet Bitcoin, Ethereum, etc. Yes Unknown
5 Mobile Wallet Mycelium Wallet Bitcoin Yes Austria
6 Mobile Wallet Infinito Wallet Multiple Yes Unknown
7 Mobile Wallet Jaxx Liberty Bitcoin, Ethereum, etc. Yes Unknown
8 Mobile Wallet Coin98 Wallet Ethereum, Binance Smart Chain, etc. Yes Unknown
9 Mobile Wallet Trustee Wallet Bitcoin, Ethereum, etc. Yes Unknown
10 Mobile Wallet Enjin Wallet Ethereum, ERC-20 tokens Yes Unknown
11 Mobile Wallet Abra Wallet Bitcoin, Ethereum, etc. Yes United States
12 Mobile Wallet Lumi Wallet Bitcoin, Ethereum, etc. Yes Unknown
13 Mobile Wallet Samourai Wallet Bitcoin Yes Unknown
14 Mobile Wallet Wasabi Wallet Bitcoin Yes Unknown
15 Mobile Wallet GreenAddress Wallet Bitcoin Yes Unknown
16 Mobile Wallet Coin.Space Wallet Bitcoin, Ethereum, etc. Yes Unknown
17 Mobile Wallet Electrum Wallet Bitcoin Yes Unknown

Paper Wallets

No Type of product Product Name Compatible blockchains BIP39 supported Country of origin
1 Paper Wallet Bitaddress.org Bitcoin Yes Unknown
2 Paper Wallet WalletGenerator.net Bitcoin, Ethereum, etc. Yes Unknown
3 Paper Wallet MyEtherWallet Ethereum Yes Unknown
4 Paper Wallet MoneroAddress.org Monero Yes Unknown
5 Paper Wallet Liteaddress.org Litecoin Yes Unknown
6 Paper Wallet WalletGenerator.net Multiple Yes Unknown
7 Paper Wallet Bitcoin Paper Wallet Bitcoin No Unknown
8 Paper Wallet Liteaddress.org Litecoin Yes Unknown
9 Paper Wallet MoneroAddress.org Monero Yes Unknown
10 Paper Wallet Card Wallet Multiple No Unknown
11 Paper Wallet Ethaddress.org Ethereum Yes Unknown
12 Paper Wallet Stellar Paper Wallet Stellar No Unknown

Other Wallets

No Type of product Product Name Compatible blockchains BIP39 supported Country of origin
1 Other Wallet Web Wallets Bitcoin, Ethereum, etc. Yes Unknown
2 Other Wallet Exchange Wallets Bitcoin, Ethereum, etc. Yes Unknown
3 Other Wallet Custodial Wallets Bitcoin, Ethereum, etc. Yes Unknown
4 Other Wallet Vault Wallets Bitcoin, Ethereum, etc. Yes Unknown
5 Other Wallet Multisig Wallets Bitcoin, Ethereum, etc. Yes Unknown
6 Other Wallet Software Wallets Bitcoin, Ethereum, etc. Yes Unknown
7 Other Wallet Multicurrency Wallet Multiple Yes Unknown
8 Other Wallet Multi-Asset Wallet Multiple Yes Unknown
9 Other Wallett Mobile Wallets Multiple Yes Unknown
10 Other Wallet Desktop Wallets Multiple Yes Unknown
11 Other Wallet Web3 Wallets Ethereum Yes Unknown
12 Other Wallet DApp Wallets Ethereum Yes Unknown

How to secure your mnemonic phrase with EviSeed?

If you use a BIP39-compatible wallet, you must imperatively protect your mnemonic phrase against any loss or theft. An innovative solution for this is EviSeed, developed by Freemindtronic. EviSeed is an electronic device that allows you to store your mnemonic phrase in a secure and resistant NFC card against physical or logical attacks.

EviSeed offers several advantages over traditional backup methods on paper or metal:

  • It is easy to use: just approach your NFC card from a compatible smartphone to display your mnemonic phrase.
  • It is secure: it uses a patented algorithm that encrypts your mnemonic phrase with a personal PIN code.
  • It is durable: it resists shocks, water, fire and magnetic fields.

EviSeed is compatible with all wallets that support BIP39, such as Ledger, Trezor or Metamask. You can order your EviSeed on Freemindtronic’s official website (link to https://freemindtronic.com/eviseed/en/).

Some real-life examples of people who lost their keys

You may think that losing your mnemonic phrase is a rare or unlikely case. Think again! Many people have already experienced this misadventure, sometimes with dramatic consequences. Here are some real-life examples taken from the media:

  • Stefan Thomas, a programmer living in San Francisco, owns 7 002 Bitcoin that he cannot recover because he lost the password of his IronKey hard drive, which contains the private keys of his wallet1. He only has two attempts left before his hard drive locks permanently.
  • James Howells, a British computer scientist, accidentally threw away his hard drive containing 7 500 Bitcoin in 20132. He tried unsuccessfully to find his hard drive in a municipal landfill.
  • Brad Yasar, an entrepreneur living in Los Angeles, mined thousands of Bitcoin at the beginning of the project3. But he forgot his passwords and failed to access his wallets despite hundreds of hours spent trying.
  • Luke Dashjr, one of the original developers of Bitcoin Core, said he lost more than 200 Bitcoin after his PGP key was compromised on December 31, 20224. He claimed he did not know how hackers were able to access his key.

These examples show well the importance of using a reliable and secure method to backup your mnemonic phrase. With EviSeed, you can avoid this kind of situation and enjoy your cryptocurrencies peacefully.

Other standards related to BIP39

BIP39 is not the only standard that concerns the generation and management of cryptocurrency wallets. There are other standards that are related to BIP39 or that propose alternatives to it. Here are some examples:

  • The BIP32 is another standard that describes how to generate deterministic wallets from a master key. The BIP32 allows creating a hierarchy of derived keys from a single master key, which facilitates the organization and backup of wallets. The BIP32 uses a hash function to derive keys, which ensures that keys are unpredictable and independent from each other. The BIP39 is a method to create a master key from a mnemonic phrase. The two standards are often used together to create deterministic wallets from mnemonic phrases.
  • The BIP44 is an extension of the BIP32 that defines a hierarchical structure for deterministic wallets. It allows managing multiple accounts and multiple currencies with a single mnemonic phrase. The BIP44 defines five levels of derivation: purpose, currency, account, address type, and address index. The purpose is fixed at 44’ to indicate that the wallet follows the BIP44. The currency is a numerical code that identifies the currency used (for example, 0’ for Bitcoin, 60’ for Ethereum). The account is a number that allows separating funds according to personal criteria (for example, 0’ for the main account, 1’ for the secondary account). The address type is a bit that indicates if the wallet uses external addresses (0) or internal addresses (1). External addresses are those that are used to receive payments, while internal addresses are those that are used to send changes. The address index is a number that identifies each address within the address type. For example, the address m/44’/0’/0’/0/0 corresponds to the first external address of the first Bitcoin account of the wallet.
  • The SLIP39 (Shamir’s Secret-Sharing for Mnemonic Codes) is an alternative to BIP39 that allows splitting a mnemonic phrase into several parts that must be combined to restore the master key. The SLIP39 uses Shamir’s secret-sharing scheme, a cryptographic algorithm that allows distributing a secret into several pieces, called shares, such that a minimum number of shares is required to reconstruct the secret. For example, one can split a mnemonic phrase into five shares, of which three are required to restore it. This allows increasing security and redundancy of the wallet, by avoiding that one single share is enough to access funds or that one single share lost makes the wallet irrecoverable.
  • The Electrum Seed Version System is a system used by Electrum wallet to generate and verify mnemonic phrases. It differs from BIP39by several aspects: it uses a different word list, it does not use a checksum but a version code, it allows generating mnemonic phrases of variable lengths (12, 18 or 24 words), it allows deriving keys and addresses from a hash of the mnemonic phrase without depending on a fixed word list, it supports different types of mnemonic phrases according to the type of wallet (standard, multisig or segwit).
  • The Monero Seed Format is a format used by Monero wallet to generate and verify mnemonic phrases. It differs from BIP39 by several aspects: it uses a different word list, it uses a different checksum based on CRC32, it allows generating mnemonic phrases of 13 or 25 words depending on the seed length (128 or 256 bits), it allows deriving keys and addresses from the seed without depending on a fixed word list.

The segmented key authentication technology

Another innovative technology that allows to protect sensitive data such as mnemonic phrases by using encryption keys that are stored on different supports is the segmented key authentication technology. This technology was invented by Jacques Gascuel, a Frenchman living in Andorra, founder of the Andorran company Freemindtronic, is also patented in the USA under number US11281759B2 in 2020.

According to the invention, the encryption keys of the mnemonic phrases are segmented into several parts, which allows to store them on different supports such as contactless devices, phones, computers or a paper print with a QR code. Each mnemonic phrase is associated with an NFC HSM device and/or an EviCore OpenPGP HSM from Freemindtronic, which contains a part of the encryption key, which can be a pairing key. This part allows to decrypt the mnemonic phrase when the other parts are gathered. The other parts can be validated in different ways, such as a password, a fingerprint, a geofence or an identifier of the phone or network, etc. The technology allows to create different segmentation combinations for each mnemonic phrase. To reconstruct the encryption key and access the mnemonic phrase, one must approach the NFC HSM device from the phone and validate the other parts according to the order chosen by the user or automatically if all conditions are met.

According to one of the implementations of the invention, the key segments chosen by the user to constitute the decryption key can be of physical or digital origin. For example, the user can choose a key segment that corresponds to a geofence, thus allowing to decrypt the mnemonic phrase without requiring any other action, apart from being physically in the right geographical area. Of course, this key segment is associated with at least another key segment, such as the identifier of the user’s phone. This greatly improves user experience without compromising security level, as there are other default authentication factors integrated into NFC devices, such as also segmented pairing key, NFC identifier, unique 128-bit key, administrator and/or user password, as well as phone fingerprint.

Finally, an advantage of this technology is that key segments can be entrusted to various third parties without any risk. For example, a third party can hold a key segment without knowing what type of segment he owns, whether it is a BSSID, a geofence or a phone identifier that will receive a donation. There is virtually no limit to this. It is an effective solution for donations and inheritances, where the notary or lawyer can have a geofence key segment that he can only use in a specific place defined in a will or under the supervision of a bailiff.

Conclusion

In summary, BIP39 is a major improvement proposal to simplify the management of cryptocurrency wallets. Thanks to the use of mnemonic phrases, it offers a user-friendly and secure solution to create and recover your wallets. However, it is crucial to protect your mnemonic phrase against any loss or theft, and to choose a reliable and compatible wallet with BIP39.

We hope that this article has helped you understand better the functioning and benefits of BIP39. If you have any questions or comments, we would love to help you in the section below. Simplify your cryptocurrency management experience with BIP39!

2023, Digital Security, Phishing

BITB Attacks: How to Avoid Phishing by iFrame

Posted on by FMTAD
BITB attacks Browser-In-The-Browser remove delete destroy by IRDR Ifram Redirect Detection Removal since EviCypher freeware web extension open-source from Freemindtronic in Andorra
10
May
BITB attacks by Jacques Gascuel This article will be updated with any new information on the topic, and readers are encouraged to leave comments or contact the author with any suggestions or additions.

Beware of BitB phishing attacks by iframe!

Phishing by iframe is a malicious technique that inserts a fake web page into a legitimate one, to trick users and steal their personal or financial information. This method often targets cryptocurrency holders, especially BitB users. Learn how to spot and avoid BitB phishing attacks by iframe with Freemindtronic.

BITB Attacks: How to Avoid Phishing by iFrame

We have all seen phishing attacks aren’t uncommon, and they demand urgent attention with fake emails and messages at least once.. However, there’s much more in the cybersecurity landscape than just conventional email practices when it comes to phishing. Enterprises that don’t take the necessary precautions can suffer a death blow from a phishing attack. The top line is affected, but the brand’s image and trust can be obliterated if news of a data breach reaches the public.

The latest form of phishing scam is the browser in the browser attack (BITB) that simulates a browser window within a web browser and steals sensitive user information. A fraudulent pop-up window caters to the user and asks for their credentials to sign into the website in the previous web browser window, leading to identity theft.

This article explains what BITB attacks are and how they work, what the risks and consequences of BITB attacks are, how to prevent and protect yourself from BITB attacks using EviBITB technology, and how to install EviBITB on your web browser.

What are BITB attacks and how do they work?

BITB stands for Browser-In-The-Browser. This phishing technique creates a fake browser window within your web browser using HTML and CSS code. An iFrame of redirection, which is an invisible element that loads content from another URL, is displayed by this fake window. The iFrame of redirection mimics the appearance and functionality of a legitimate site, such as Google, Facebook, or Outlook, and asks you to enter your authentication information.

This fake window shows a legitimate URL in the address bar, as well as the icon and the title of the original site. That is the problem. Most users rely on checking the URL to verify the authenticity of a site. This makes it very difficult to detect the phishing attempt. This attack can affect you even if you use a secure connection (https).

BITB attacks can bypass many security measures that are designed to prevent phishing. That is why they are very dangerous. For example:

  • BITB attacks do not involve malicious links or domains. Anti-phishing software may fail to detect them because of that.
  • BITB attacks do not intercept your verification codes or tokens. Two-factor authentication may not protect you from them because of that.
  • Password managers may autofill your credentials on the fake window. They may not protect you from BITB attacks because of that.

Therefore, BITB attacks can allow hackers to access your accounts, steal your data, or even take over your identity. They pose a serious threat to your online security and privacy because of that.

How do BITB attacks work?

Two features of modern web development enable BITB attacks: single sign-on (SSO) options and iFrames.

Many websites embed SSO options that allow you to sign in using an existing account from another service, such as Google, Facebook, Apple, or Microsoft. This option is convenient because you do not need to create a new account or remember a new password for each website you visit.

iFrames are elements that can load content from another URL within a web page. They are often used for embedding videos, maps, ads, or widgets on websites.

The attackers do the following steps:

  • They make a phishing website with SSO options.
  • On their phishing website, they embed an iFrame of redirection that leads to their own server with a fake SSO window.
  • Using HTML and CSS code, they design their fake SSO window to imitate a browser window inside the browser.
  • They make their fake SSO window appear when you click on an SSO option on their phishing website.
  • With JavaScript code, they show a legitimate URL in the address bar of their fake SSO window.
  • Using OAuth methods, they request you to enter your credentials on their fake SSO window.
  • To their server, they send your credentials and then redirect you to the real website.

As you can see, BITB attacks are very deceptive and convincing. They can fool even savvy users who check the URL before entering their credentials.

What are the risks and consequences of BITB attacks?

BITB attacks are a serious threat. They can compromise data and identity for users and businesses. Users who fall victim to BITB attacks face these risks and consequences:

  • Their SSO account can be hijacked and all linked services accessed by the attacker.
  • Their personal and financial information can be stolen and used for identity theft, fraud or blackmail.
  • Their devices can be infected by malware or ransomware and their files damaged or encrypted.
  • Their online reputation can be tarnished by spamming or posting malicious content.

Businesses that offer SSO options are also vulnerable to BITB attacks. They can lose trust and loyalty from their customers or employees. Businesses that suffer a data breach due to BITB attacks face these risks and consequences:

  • Their customer or employee data can be exposed, exploited or sold by the attacker or the dark web.
  • Their brand image and reputation can be damaged by negative publicity and customer complaints.
  • Their legal and regulatory compliance can be violated by data protection laws and regulations.
  • Their revenue and profitability can be reduced by customer churn, lawsuits and fines.

Recent Examples of BITB Attacks

BITB attacks are not new, but they have become more sophisticated and widespread in recent years. Here are some examples of BITB attacks that targeted governmental entities:

  • In February 2020, Zscaler revealed a campaign of phishing BitB targeting users of Steam, a video game digital distribution service. The hackers created fake Counter-Strike: Global Offensive (CS: GO) websites that offered free skins or weapons for the game. These websites displayed a fake pop-up window that asked users to sign in with Steam. If users entered their credentials, they were sent to the hackers who could then access their Steam accounts and steal their items.
  • In March 2020, Bitdefender reported a campaign of phishing BitB targeting users of Office 365, a cloud-based suite of productivity applications. The hackers sent emails that pretended to be from Microsoft and asked users to update their Office 365 settings. These emails contained a link that led users to a fake Office 365 website that displayed a fake pop-up window that asked users to sign in with Office 365. If users entered their credentials, they were sent to the hackers who could then access their Office 365 accounts and steal their data.
  • In September 2020, Proofpoint uncovered a campaign of phishing BitB targeting users of Okta, a cloud-based identity and access management service. The hackers sent emails that pretended to be from various organizations and asked users to verify their Okta account. These emails contained a link that led users to a fake Okta website that displayed a fake pop-up window that asked users to sign in with Okta. If users entered their credentials, they were sent to the hackers who could then access their Okta account and compromise their other connected applications.

These examples show that BITB attacks can target any SSO provider and any website or web application that uses SSO. They also show that hackers can use various methods to lure users into clicking on malicious links or entering their credentials on fake windows.

What are some statistics on BITB attacks?

BITB attacks use iFrames to deceive users with fake SSO windows. Here are some statistics on BITB attacks:

  • According to Statista, the number of unique phishing sites detected worldwide reached 2.11 million in the third quarter of 2020, an increase of 10% from the previous quarter.
  • According to The Hacker News, BITB attacks can exploit third-party SSO options embedded on websites such as “Sign in with Google” (or Facebook, Apple, or Microsoft) to create fake browser windows within the browser and spoof legitimate domains.
  • According to Zscaler, BITB attacks have been used in the wild at least once before, in February 2020, to target Steam users by means of fake Counter-Strike: Global Offensive (CS: GO) websites.
  • According to NetSPI, the volume of successful phishing attacks on organizations worldwide in 2021 was highest in Brazil (25%), followed by India (17%), and Mexico (14%).
  • According to DZone, the most targeted industry sectors by phishing attacks as of the third quarter of 2020 were SaaS/Webmail (33%), Financial Institutions (22%), and Payment Services (14%).

How to effectively fight against BITB attacks?

BITB attacks are very hard to detect, but not impossible. There are some signs that can help you spot them and some measures that can help you prevent them. Here are some tips:

  • Always check the URL of the site before entering your credentials. Make sure it matches the domain of the site or the SSO provider that you want to use. Do not rely on the URL displayed on the pop-up window, as it can be fake.
  • Always check the SSL certificate of the site before entering your credentials. Make sure it is valid and issued by a trusted authority. Do not rely on the padlock icon displayed on the pop-up window, as it can be fake.
  • Always use an updated antivirus software and browser extension that can detect and block malicious sites and scripts. They can help you avoid landing on phishing pages or loading fake windows.
  • Always use strong and unique passwords for each site or application that you use. Do not reuse the same password for different accounts, as it can increase the risk of compromise if one of them is breached.
  • Always use two-factor authentication (2FA) for your accounts, especially those that you use for SSO. 2FA adds an extra layer of security by requiring a second factor (such as a code sent to your phone or email) to verify your identity. Having your username and password is less useful for hackers if they need your device or access to your email account too.

How to prevent and protect yourself from BITB attacks using EviBITB technology?

The best way to prevent and protect yourself from BITB attacks is to use EviBITB technology, a technology that allows you to detect and remove redirection iframes from web pages. EviBITB is integrated for free in the free and paid extensions of Freemindtronic that are compatible with NFC HSM devices that use a smartphone or an NFC HSM device. The latter stores encrypted multiple authentication information (username, password, otp) for secure authentication for any website on the internet or intranet.

EviBITB technology also has a system of automatic backup of the URL of connection to the account using a web browser to connect to an online account on the internet or intranet. This extension is paired with the NFC android phone which is itself paired with an NFC HSM where encrypted detailed authentication information such as username, password, and secret keys OTP (TOP or HOTP) are stored. Thus, before authorizing auto-filling of connection fields or auto-connection to an online account, the phone will check beforehand if the connection URL is compliant (sandbox technique). This system adds to EviBITB protection.(click here to learn more about EviBITB)

By using EviBITB technology, you can enjoy many benefits:

  • You can avoid falling victim to BITB attacks that can steal your data or compromise your identity.
  • You can reduce the risk of keylogging or malware infections that can capture your keystrokes or spy on your online activity.
  • You can save time and hassle by using your smartphone or NFC HSM card as an authentication key instead of creating or remembering passwords for each website you visit.
  • You can enjoy a seamless and user-friendly experience by accessing websites with just a tap of your smartphone or NFC HSM card on your computer screen.
  • You can protect your privacy by controlling what data you share with each website you visit, such as your name, email, or profile picture.

By using EviBITB technology, you can be sure that the web page you see is the one you want to see, and that you do not give away your data to hackers.

How can EviBITB protect you from BITB attacks?

EviBITB is a technology that enhances your online security. It is implemented in the freemindtronic extensions that allow secure end-to-end autofill and auto-login from an NFC HSM. It also detects and removes phishing iFrames from your web browser.

EviBITB works with an application installed on an NFC Android phone that is paired with an NFC HSM. The application has a sandbox that checks if the origin URLs saved automatically during the first login are compliant. If they are, it transfers encrypted authentication information to the extension.

EviBITB also analyzes the web page source code and detects any possible BITB iFrames. It looks for hidden elements, suspicious URLs, or mismatched styles that indicate a fake browser window.

When EviBITB detects a BITB iFrame, it alerts you by showing a warning window on your computer screen. This window shows you the redirection iFrame URL and asks you to check if you trust this URL before entering any sensitive information.

How EviBITB technology can improve your browsing experience?

EviBITB technology is a security, performance and privacy enhancer. It removes redirection iframes and improves your browsing experience in several ways:

  • It speeds up web page loading, by avoiding requests to third-party sites.
  • It reduces bandwidth consumption, by saving data transferred to or from iframes.
  • It limits exposure to ads and pop-ups, by blocking their sources in iframes.
  • It prevents online activity tracking, by deleting cookies and data stored by iframes.
  • It enhances readability and usability of web pages, by removing distracting elements from iframes.
  • It increases compatibility and accessibility of web pages, by avoiding conflicts or errors caused by iframes.

With EviBITB technology, you can enjoy a faster, smoother and more private browsing experience, without compromising security or convenience.

How to use EviBITB to protect yourself from BITB attacks?

EviBITB is a technology that detects and removes malicious iFrames that expose you to BITB attacks. These attacks simulate a browser window in a web page to prompt you to enter credentials on a fraudulent site.

When EviBITB detects a suspicious iFrame, it shows a warning window that informs you of the risk. This window also gives you five buttons to act on the BITB iFrame:

  • Close Warning: this button closes the warning window without acting on the BITB iFrame. You can use it if you trust the iFrame URL or want to ignore it.
  • Never Show Warnings On This Site: this button adds the website URL to a list of trusted sites. EviBITB will not alert you of BITB iFrames on these sites. You can use it if you are sure the website is safe and has no malicious iFrames.
  • Destroy: this button deletes the BITB iFrame from the web page source code. You can use it if you do not trust the iFrame URL or want to remove it.
  • Clean Storage: this button clears the data stored by the BITB iFrame in the browser. You can use it if you have been exposed to phishing by iFrame and want to erase any traces.
  • Read More: this button redirects you to a page with more information about EviBITB and its benefits. You can use it if you want to learn more about how EviBITB works and protects you from hackers.

Why you should use EviBITB to secure your online access?

EviBITB is a technology that allows you to use your smartphone or your NFC HSM card as a secure authentication key for any website. With EviBITB, you enjoy many benefits:

  • You avoid BITB attacks that can steal your data or impersonate your identity.
  • These attacks simulate a browser window in a web page to prompt you to enter your credentials on a fraudulent site.
  • You reduce the risk of keylogging or malware infections that can capture your keystrokes or spy on your online activity.
  • You save time and hassle by using your smartphone or NFC HSM card as an authentication key instead of creating or remembering passwords for each website you visit.
  • You enjoy a seamless and user-friendly experience by accessing websites with just a tap of your smartphone or NFC HSM card on your computer screen.
  • You protect your privacy by controlling what data you share with each website you visit, such as your name, email, or profile picture.

By using EviBITB, you can be sure that the web page you see is the one you want to see, and that you do not give away your data to hackers.

How EviBITB can improve your browsing experience?

EviBITB is not only a security tool, but also a performance and privacy enhancer. By removing redirection iframes, EviBITB can improve your browsing experience in several ways:

  • It can speed up the loading of web pages, by avoiding unnecessary or malicious requests to third-party sites.
  • It can reduce the bandwidth consumption, by saving the data that would otherwise be transferred to or from the iframes.
  • It can limit the exposure to ads and pop-ups, by blocking the sources that display them in the iframes.
  • It can prevent the tracking of your online activity, by deleting the cookies and other data that the iframes may store in your browser.
  • It can enhance the readability and usability of web pages, by removing distracting or irrelevant elements from the iframes.
  • It can increase the compatibility and accessibility of web pages, by avoiding potential conflicts or errors caused by the iframes.

By using EviBITB, you can enjoy a faster, smoother and more private browsing experience, without compromising your security or convenience.

How to get started with EviBITB?

Getting started with EviBITB is easy and fast. You just need to follow these steps:

  • Download the EviBITB extension for your web browser based on Chromium or Firefox from Freemindtronic’s official website: https://freemindtronic.com/evibitb-stop-bitb-phishing-attacks/
  • Install the extension on your web browser and follow the instructions to set it up.
  • Get a smartphone or an NFC HSM card compatible with the extension. You can find more information about these devices on Freemindtronic’s website: https://freemindtronic.com/how-does-evibitb-work-detailed-guide/
  • Pair your smartphone or NFC HSM card with your computer using Bluetooth or NFC technology.
  • Start browsing the web securely with EviBITB. Whenever you visit a website that offers SSO options, you will see a green icon on the address bar indicating that EviBITB is active. You can then tap your smartphone or NFC HSM card on your computer screen to authenticate yourself and access the website.

What are some videos on BITB attacks and EviBITB?

If you want to learn more about BITB attacks and EviBITB technology, you can watch some videos on these topics:

  • A video demonstration of a BITB attack by mrd0x:

In conclusion

BITB attacks are a new and sophisticated form of phishing that can steal your credentials by simulating a browser window within your browser. They can bypass many security measures that are designed to prevent phishing and compromise your online security and privacy.

EviBITB is a free technology that detects and removes phishing iFrames from your web browser. It also offers other features to enhance your online security, such as authentication via NFC HSM devices that secure your credentials without typing them on your keyboard.

If you want to benefit from EviBITB technology, you just need to download the extension corresponding to your web browser on Freemindtronic’s official website:

You will also need a smartphone or an NFC HSM card compatible with the extension. You can find more information about these devices on Freemindtronic’s website.

https://freemindtronic.com/evibitb-stop-bitb-phishing-attacks/ :

Don’t wait any longer and try EviBITB now!

Hashtags: #EviBITB #Phishing #Cybersecurity #NFC #HSM

2023, Articles, Cyberculture, Digital Security, Technical News

Strong Passwords in the Quantum Computing Era

Posted on by FMTAD
Strong Passwords in the Quantum Computing
05
May

Strong Passwords by Jacques gascuel This article will be updated with any new information on the topic, and readers are encouraged to leave comments or contact the author with any suggestions or additions.  

How to Protect Your Passwords from Quantum Computers Introduction

Do you know that quantum computers could break your passwords in seconds? This could expose your personal and financial data to hackers. To prevent this, you need to create strong passwords that can resist quantum attacks. In this article, you will learn how to do it easily and effectively.

Illustration of APT29 spear-phishing Europe with Russian flag

2025 Digital Security

APT29 Spear-Phishing Europe: Stealthy Russian Espionage
April 30, 2025
APT28 spear-phishing France: cyberattack warning on Russian APT threats targeting European and French institutions, shown on a laptop and smartphone.

2025 Digital Security

APT28 spear-phishing France: targeted attacks across Europe
April 30, 2025
Visual representation of BadPilot Cyber Attacks by APT44, showcasing global cyber-espionage targeting critical infrastructures with PassCypher and DataShielder defenses.

2025 Digital Security

BadPilot Cyber Attacks: Russia’s Threat to Critical Infrastructures
February 25, 2025
Illustration of a Russian APT44 (Sandworm) cyber spy exploiting QR codes to infiltrate Signal, highlighting advanced phishing techniques and vulnerabilities in secure messaging platforms.

2025 Digital Security

APT44 QR Code Phishing: New Cyber Espionage Tactics
February 24, 2025
A hyper-realistic digital illustration showing the severity of Microsoft vulnerabilities in 2025, with interconnected red warning signals, fragmented systems, and ominous shadows representing critical zero-day exploits and cybersecurity risks.

2025 Digital Security

Microsoft Vulnerabilities 2025: 159 Flaws Fixed in Record Update
January 21, 2025
Microsoft Outlook Zero-Click vulnerability warning with encryption symbols and a secure lock icon in a professional workspace.

2025 Digital Security

Microsoft Outlook Zero-Click Vulnerability: Secure Your Data Now
January 18, 2025
whatsapp-hacking-prevention-and-solutions-by-evicrypt-end-or-evifile-hasm-and-nfc-hsm-from-freemindtronic-andorra-technology

2023 Digital Security

WhatsApp Hacking: Prevention and Solutions
January 18, 2025
PassCypher HSM PGP password manager software box and laptop displaying web browser interface

2025 PassCypher Password Products Technical News

Passwordless Password Manager: Secure, One-Click Simplicity to Redefine Access
January 8, 2025

How to create strong passwords in the era of quantum computing?

Quantum computing is a technology that promises to revolutionize the field of computation by exploiting the properties of subatomic particles. It offers unprecedented possibilities for scientific research, artificial intelligence or cryptography. But it also represents a risk for the security of data and online communications. Indeed, quantum computers could be able to crack the secret codes that protect our passwords, our bank accounts or our private messages.

What is quantum computing? What is encryption? What is a brute force attack?How to protect ourselves from this threat? The answer is simple: create strong passwords and resist quantum attacks. But what is a strong password? And how to choose it? Here are some tips to help you strengthen your digital security in the era of quantum computing.

What is quantum computing and how does it work in video?

What is a strong password?

A strong password is a password that is hard to guess or crack by a hacker. It must be composed of at least 12 characters, mix uppercase and lowercase letters, numbers and symbols, and not contain dictionary words, proper names or personal data. For example, “P@ssw0rd123” is not a strong password, because it is too short, too simple and too common. On the other hand, “Qx7!tZ9#rGm4” is a strong password, because it is long, complex and random.

Why is a strong password important?

A strong password is important because it reduces the risk that your account will be hacked by a brute force attack. A brute force attack consists of testing all possible combinations of characters until finding the right password. The longer and more complex the password, the more possible combinations there are, and the more time and resources it takes to crack it.

For example, a password of 8 characters composed only of lowercase letters has about 200 billion (26^8) possible combinations. A classical computer can crack it in a few minutes. But a password of 20 characters composed of letters, numbers and symbols has about 10^39 (95^20) possible combinations. A classical computer would need 766 trillion years to crack it.

But what about quantum computers?

Quantum computers are able to perform calculations much faster and more powerful than classical computers thanks to their ability to manipulate qubits instead of bits. A qubit can take two states simultaneously (0 and 1), which allows it to explore multiple solutions at the same time. Thus, a quantum computer could theoretically crack a password by testing all possible combinations in parallel.

However, there are technical and practical limits to this ability. First, you need to have a quantum computer powerful and stable enough to perform this type of operation. However, current quantum computers are still very rudimentary and only have a limited number of qubits. Second, you need to know the type of encryption used to protect the password. However, there are encryption algorithms that are resistant to quantum attacks, such as symmetric encryption or elliptic curve encryption. Third, you need to have access to the system that stores the password. However, there are security measures that prevent unauthorized access, such as two-factor authentication or account locking after several unsuccessful attempts.

Thus, even if quantum computers represent a potential threat for the security of passwords, they are not yet able to crack them easily. Nevertheless, it is prudent to prepare for the advent of this technology by creating strong passwords and changing them regularly.

How to choose a strong password?

To choose a strong password, there are several methods. Here are some examples:

  • The Diceware method: it consists of randomly choosing several words from a predefined list and separating them by spaces or symbols. For example, “piano cat star 7 &”. This method allows you to create passwords that are easy to remember and hard to crack.
  • The XKCD method: it consists of choosing four random words and assembling them without space. For example, “correcthorsebatterystaple”. This method is inspired by a comic from the XKCD site that shows that this type of password is safer than a complex but short password.

The random generator method: it consists of using an online tool that creates a random password composed of letters, numbers and symbols. For example, “Qx7!tZ9#rGm4”. This is the method implemented in the evicore nfc and evicore hsm technology from Freemindtronic, which features a random password generator with Shannon entropy control. This technology also automatically calculates the number of bits of the generated password based on the type of printable ASCII 95 characters used. This method allows you to create very secure passwords but difficult or impossible to remember, which requires the use of a hardware or virtual password manager. Whatever the method chosen, it is important to follow some rules:

  • Do not use the same password for multiple accounts or services.
  • Do not write the password on a paper or store it on an insecure device.
  • Do not share the password with other people or communicate it by email or phone.
  • Do not use obvious clues or security questions to recover the password in case of forgetfulness.
  • Use a password manager to store and manage your passwords securely.

Tools for creating and protecting strong passwords

If you want to create and protect strong passwords in the age of quantum computing, you can use some of these online tools to help you:

  • Online password generator: A tool that creates a random and strong password composed of letters, numbers and symbols. For example, Mot de passe.xyz is a free and secure online password generator that lets you choose the length and types of characters for your password.
  • Password strength calculator: A tool that calculates the entropy (the number of bits) of a password based on its length and the number of possible characters. For example, Password Entropy Calculator is a free online tool that shows you how strong your password is and how long it would take to crack it.
  • Data breach checker: A tool that checks if your email or phone number has been exposed in a data breach. For example, Have I Been Pwned? is a free online service that lets you check if your personal information has been compromised by hackers.

Using these tools can help you create and protect strong passwords that are resistant to quantum attacks. However, you should also remember to use different passwords for different accounts, change them regularly, and use a password manager to store them safely.

In conclusion

Passwords are essential to protect our privacy and our data online. Faced with the potential threat of quantum computers, it is important to create strong passwords and resist quantum attacks. To do this, we need to choose passwords that are long and complex, change them regularly and manage them with caution. Thus, we will be able to enjoy the benefits of quantum computing without fearing for our digital security.

2023, Articles, Cyberculture, Eco-friendly, Electronics, GreenTech, Technologies

The first wood transistor for green electronics

Posted on by FMTAD
29
Apr


Wood transistor by Jacques gascuel This article will be updated with any new information on the topic, and readers are encouraged to leave comments or contact the author with any suggestions or additions.  

The first wood transistor for green electronics

Wood is a natural and renewable material that can be used for many purposes, from construction to furniture. But did you know that wood can also be used to make electronic devices? In this article, we will introduce you to the first wood transistor ever created, and explain how it works and why it is a promising innovation for green electronics.

What is a wood transistor?

A transistor is a device that can amplify or switch electrical signals. Transistors are the building blocks of modern electronics, such as computers, smartphones, and sensors. They are usually made of silicon, a semiconductor material that can conduct electricity under certain conditions.

However, a wood transistor is a type of transistor that uses wood as the base material instead of silicon. Wood is also a semiconductor, but with different properties than silicon. To make wood transistors, researchers coat thin slices of wood with carbon nanotubes. These are tiny tubes of carbon atoms that have excellent electrical and mechanical properties.

The carbon nanotubes act as electrodes, which are the parts of the transistor that connect to the external circuit. The wood acts as the channel, which is the part of the transistor that controls the flow of current between the electrodes.

How does a wood transistor work?

A wood transistor works by applying a voltage to one of the electrodes, called the gate. This voltage creates an electric field that affects the conductivity of the wood channel. By changing the gate voltage, the current flowing between the other two electrodes, called the source and the drain, can be modulated.

The wood transistor can operate in two modes: depletion mode and enhancement mode. In depletion mode, the wood channel is normally conductive, and the gate voltage can reduce or stop the current flow. In enhancement mode, the wood channel is normally non-conductive, and the gate voltage can increase or start the current flow.

The researchers who developed the wood transistor made an interesting discovery. They found that it can switch between depletion mode and enhancement mode by changing the polarity of the gate voltage. This means that the wood transistor can perform both n-type and p-type functions, which are essential for creating complex electronic circuits.

Why is a wood transistor important?

A wood transistor is important because it offers several advantages over conventional silicon transistors. Some of these advantages are:

  • Wood is abundant, cheap, biodegradable, and renewable, which makes it an environmentally friendly alternative to silicon. Silicon is scarce, expensive, non-biodegradable, and requires high-energy processing.
  • Wood transistors have a low operating voltage, which means they consume less power and generate less heat than silicon transistors. This can improve the energy efficiency and performance of electronic devices.
  • Wood transistors have a high sensitivity to humidity and temperature changes, which makes them suitable for applications such as environmental sensors and smart textiles.
  • Moreover, wood transistors have a flexible and transparent structure, which makes them compatible with flexible and wearable electronics.

What are the challenges and opportunities for wood transistors?

Researchers are still developing wood transistors, and they face some challenges and opportunities for further improvement. Some of these are:

  • The stability and reliability of wood transistors need to be enhanced by optimizing the fabrication process and protecting them from moisture and oxidation.
  • The scalability and integration of wood transistors need to be improved by developing methods to produce large-area and high-density arrays of wood transistors on various substrates.
  • The functionality and diversity of wood transistors need to be expanded by exploring different types of wood materials and carbon nanotube coatings with different properties.
  • The applications and markets for wood transistors need to be explored by collaborating with industry partners and end-users who can benefit from this novel technology.

Conclusion

Wood transistors are a breakthrough innovation that can revolutionize green electronics. They combine the natural advantages of wood with the exceptional properties of carbon nanotubes to create low-power, high-performance, flexible, transparent, and biodegradable electronic devices.

Source

Li, T., Zhu, H., Wang, X. et al. Wood-based fully biodegradable and flexible electronic devices. Nat Electron 4, 33–40 (2021). https://doi.org/10.1038/s41928-020-00518-9

[1] A transistor made of wood: Electrical current modulation in wood electrochemical transistor – https://www.pnas.org/content/118/17/e2026873118