Category Archives: News

image_pdfimage_print

Freemindtronic’s NFC hardware wallets with credit card management are PCI DSS compliant

Why the NFC hardware wallet with credit card manager is PCI DSS compliant

Why Freemindtronic NFC hardware wallets with credit card management are PCI DSS compliant.

NFC hardware wallets with credit card management the patented nfc hardware wallet designed and developed by Freemindtronic SL Andorra has a secure manager function, with physical protection of the Bank Cards.

These are  highly  secure  NFC  devices  for storing encrypted data in AES  256. They have a multi-factor access control and authentication system. These factors  are set at the discretion of the user. They may be different  for each credit card stored in the device. It is even possible to limit a data’s access to a geographical area.

This is a physical safe Gre reen Tech. Indeed, theNFC device works without a battery, since it recoverstheenergy via the NFC signal of the phone that serves as its terminal.
This allows it to always keep available stored data, for 40 years, without maintenance, without the need to be connected to an energy source.

These Hardware wallets are trying to combat the risk of contamination linked to COVID; indeed, they are used without contact via an NFC phone

These Hardware wallets are Air Gap 1. That is, they are  physically isolated from any computer network. The data is stored encrypted only in the device’s non-volatile memory.  They are physically accessible only by theuserand/or their administrators.

This Cold Wallet does not collect any personal data. It doesn’t use a remote server, cloud, or remote backup unit. 

After authenticating the Cold Wallet user, he can automatically fill out the fields of a credit card to make hispayments online. This is  a similar gesture to contactless payment, but to  make  online purchases. Beyond the risk of COVID contamination,they fight cybersecurity attacks, since theuserdoes not touch the  computer keyboard.  The data  is  transmitted from the device  and  encrypted   to the computer system. The data displayed on the screen is offended, shielded froms ss s and prying systems indiscreet or malicious.

Thus, the user can make his purchases online on any computer system or phone without leaving any information of his bank cards. In fact, the user does not need to back up their bank card data in a computer system, in a phone, or in online shopping sites.

Who is affected by the PCI DSS standard?

The PCI standard is dedicated to the data security of the payment card industry (PCIDSS). It is a  set of security standards designed to ensure that all businesses that accept, process, store or transmit credit card information maintain a secure environment.2

The PCI DSS standard applies to any organization, regardless of the size or number of transactions, that accepts, transmits or stores cardholderdata.

It applies to all merchants who trade withbank cards. This also applies to merchants who do not store credit cards data but who have received credit or debit cards as a method of payment.

You can check out the PCI DSS standard on the www.pcisecuritystandards.org website(https://www.pcisecuritystandards.org/document_library). 

Freemindtronic’s Cold Wallet NFC are not bank cards

These NFC devices are not bank cards.  They are also not  payment instruments  frequently used for retail purchases. The definition of a bank card is defined in particular by the European Parliament and Council regulation of 29 April  2015 (EU) 2015/751. (https://eur-lex.europa.eu/legal-content/FR/TXT/HTML/?uri=CELEX:32015R0751&from=FR).

Similarly, these Cold Wallet NFC are  not  means of  payment. These are  NFC   devices that allow you to fill in information fields of bank cards,   in a secure way,  to  makepayments. This is made  fromcomputersystems   and connected phones  (e.g.  computer, smartphone, tablet), but whose transaction is necessarily carried out by existing means of payment, subject to the PCI DSS standard.

PCI DSS does not apply to Freemindtronic SL Cold Wallet NFC

For several reasons, Freemindtronic SL Cold Wallet NFC cannot be subject to all PCI DSS standards.

First, these Hardware wallets are not an organization, nor a trader.

Second, they donot have the functions of payment cards.

Third, they do not allow payment transactions to be carried out on a terminal. An electronic payment terminal is a device that allows a merchant to accept and process credit card payments. The device allows you to record the transaction, debiting the customer’s bank account and crediting the professional’s account with the amount of the sale.  Nordoes it allow you to make money ata bank counter.

Finally, they are also not an electronic payment method (E-payment). Because electronic payment is a means of conducting commercial transactions for the exchange of goods or services over the Internet.

More information

These Hardware wallets have a control system that prohibits token of invalid bank cards.

In addition, the storage of credit card information does not include the PIN. 

Physical protection of the bank card

These Hardware wallets effectively protect against the risk of fraudulent use of bank cards as a result of theft, loss or    malicious persons. Simply physically erase the CCV from the credit card after backing up the information in the Cold Wallet. 

Demo – tutorial:

Cybersécurité anti phishing

These Cold Wallet NFC also havecontrolsystems  including  intelligent self-connectionto an original website. The user always connects to the original sites where he automatically manages the favorites.

An associated plugin is compatible with many web browsers, Chromium, Chrome, Brave, Opera, Firefox, Edge. It has a HTTPS control system and exposure to phishing risks based on domainnames.

in short

Even if Freemindtronic’s Cold Wallet NFC is not affected by PCI DSS standards, these curity level, combined with that of bank cards and their uses, is greatly increased to limit the area of attack in the face of identity theft and fraudulent uses.

These Cold Wallet NFC are the most secure, highly secure, mobile storage units dedicatedto physical protection and security of the use of sensitive data such as the visible information of bank cards on connected media as well as their uses on the internet and intranet.

User Experience

These devices, available in credit card format, are usedas for contactless payment at merchants. Thanks to the simple and fast system of self-filling the  information fields of bank cards,we have the same known sensations as those of  contactless payment. It can therefore be said that  itisCold Wallet  NFC  allowsattempt to make online payments without contact.

1 Air Gap : https://www.techopedia.com/definition/17037/air-gap Yes https://www.automation.com/en-us/articles/2011-2/scada-securitys-air-gap-fairy-tale

2 https://www.pcicomplianceguide.org/faq/#1

EviPro NFC Expo Smartcity: Discover the contactless security technology by Freemindtronic

A colorful illustration of the EviPro NFC Expo Smartcity World Congress with logos of sponsors and a smart city emerging from a smartphone.

A presentation at the EviPro NFC Expo Smartcity showcasing cyber security innovations.



EviPro NFC is a white label product that allows to secure secrets via NFC HSM modules. Freemindtronic, an innovative and pioneering company in the field of contactless security, presented this technology at the Smartcity Expo World Congress 2018. If you are interested in this technology, we invite you to come to our stand Hall P2, level0 street D stand 425.


Demo Show Events


What is EviPro NFC presented at Expo Smartcity?


EviPro NFC is a white label product that allows to secure secrets (passwords, PIN codes, encryption keys, etc.) via NFC HSM (Hardware Security Module) modules. These modules are physical devices that store secrets in an encrypted way and protect them from any attempt of extraction or modification. They come in the form of keychains (NFC HSM Tag Keychain) or cards (NFC HSM Card) designed and manufactured by Freemindtronic.



Demo show in booth


How to use EviPro NFC presented at Expo Smartcity?


To use this technology, you just need to have an Android NFC phone and the Android NFC application developed by Freemindtronic. By passing the NFC HSM module under the phone, the user can display the secret, share it in RSA 40960 (a very robust asymmetric encryption algorithm) or use it directly on his phone or on a computer via a web extension paired with the phone serving as a terminal.




Cybersecurity conference by Jacques Gascuel


Benefits of EviPro NFC


EviPro NFC has several advantages over traditional solutions for storing secrets:

  • It works without server or database, which reduces costs and risks of hacking.
  • It works only without contact, which avoids compatibility or connectivity issues.
  • It is lifetime without battery, without maintenance and tamperproof and waterproof, which ensures its reliability and durability.
  • It uses an AES 256 encryption algorithm, recognized as one of the safest in the world, to encrypt the secrets stored in the EPROM memory of the NFC.


Use case


Why use EviPro NFC presented at Expo Smartcity?


This product is ideal for security agents who need to access sensitive buildings and premises. Indeed, with EviPro NFC Expo Smartcity, they can:

  • Manage and receive their secrets easily without having to memorize or write them down.
  • Access secure places using the NFC HSM to display the user in volatile memory to the security agent the secrets to access his surveillance place without leaving any trace of these secrets in the phone.
  • Share their secrets with their colleagues or superiors in a secure and controlled way.
  • No risk in case of loss, theft or attempted compromise of the NFC HSM module locked to access with more than 9 trust criteria serving as a multifactor authentication system. Knowing that the secrets contained in NFC HSM can be cloned, backed up in an encrypted way for later restoration in a new NFC HSM.
  • Benefit from a high level of security thanks to the physical and logical protection of the NFC HSM module encrypted in AES 256 with segmented key.


Buy


How to get EviPro NFC

EviPro NFC is a product marketed in white label by Fullsecure Andorra, a company specialized in the distribution of IT security solutions. To learn more about this technology or to place an order, you can contact Fullsecure Andorra at the following coordinates:


Send us a message


    Buy


    Meet us at the Smartcity Expo World Congress 2018

    If you are curious to discover EviPro NFC Expo Smartcity in action, we are waiting for you at our stand Hall P2, level0 street D stand 425. You will be able to test our technology, ask your questions and exchange with our team. We will be happy to welcome you and show you our contactless security solution.

    Why does the Freemindtronic hardware wallet comply with the law?

    Why the Freemindtronic Hardwares Wallet complies with directives, regulations and decrees

    Freemindtronic hardwares wallet is having regard to Decree No. 2018-418 of 30 May 2018  resulting from Law No. 2016-1321 of 7 October 2016  for a Digital French Republic, relating to the modalities of implementation of the digital safe service. Unless we are mistaken, it appears that the innovative patented solutions of 100% electronic safes for offline use have not yet been regulated.

    The electronic safe solutions that may be affected by the decree are non-exhaustively, EviCypher, EviTag, EviCard,  EviKey, EviDisk,  FullKey NFC,  EviKey & EviDisk

    art. R. 55-1The decree provides a framework for the operation of digital safes. Thus, the provider of digital safes is required to inform the user in a clear, fair and transparent way about its service, prior to the conclusion of a contract. In particular, he must communicate

    • The type of space made available to it and the associated conditions of use;
    • The technical mechanisms used;
    • The Privacy Policy;
    • The existence and implementation of the guarantees of proper functioning.

    Since Freemindtronic SL clearly tells users:

    • the pre-defined space available before the acquisition of the devices, as well as the possibility of checking for themselves the amount of memory used,
    • the terms of use are available invideos, at any time on the internet, via YouTube as well as through various publications written on the website,
    • that no material and/or digital information is collected in any way whatsoever, which consequently generates the total anonymity of the user,
    • the complete technical data sheets of the devices are available on the Freemindtronic SL website.
    • the implementation of the guarantee is published on the website. A large part of Freemindtronic SL solutions are guaranteed lifetime devices.

    art. R. 55-3 – The said decree specifies that the integrity, availability and accuracy of the origin of the data and documents stored in the digital safe are guaranteed by appropriate security measures and in accordance with the state of the art.

    Since Freemindtronic SL can guarantee users:

    Data integrity, which is guaranteed by the manufacturer of STMicroelectronics components for at least 1 million error-free write cycles, and 40 years of data retention in non-volatile memory.

    Their availability since Freemindtronic SL devices work without maintenance, without battery, by recovering electrical energy via the NFC signal of a smartphone. Thus, such a device allows users to access at any time, for at least 40 years, the data contained in the vault.

    The accuracy of the origin of the data: it is the user himself who stores the data in the electronic memory of The Vaults of Freemindtronic SL

    Memory access is physically locked by multiple hardware devices, such as a unique peering key with at least one user-defined administrator password. These security measures  implemented imply the material and/or digital impossibility of corrupting the backed up data. It will also be impossible for the manufacturer to be able to access the automatically encrypted contents of said memory of the device. It is specified that the user has additional functions that allow him to harden himself the level of security according to the use of Freemindtronic’s electronic safes.

    art. R. 55-4 The said decree specifies that the traceability of the operations carried out on the data and documents stored in the digital safe require at least the implementation of the following measures:

    • The recording and timestamp of accesses and access attempts;
    • Recording operations affecting the content or organization of the user’s data and documents;
    • Recording maintenance operations affecting data and documents stored in digital vaults.
    • The retention periods of this traceability data constitute a mandatory mention of the contract for the provision of electronic safe services.

    Since Freemindtronic’s electronic safes,

    • have a tamper-proof and non-modifiable black box. That this black box traces in particular the number of attempts to enter the administrator password and that this information is automatically saved in the black box.
    • manage the recording of data dynamically, machine to machine (M2M) between the NFC terminal and the NFC device. That the backup system is carried out in real time with the physical electronic memory of the device, on the volatile memory of the terminal, without preservation of this data.
    • have non-volatile memories, capable of retaining the data backed up by the user for at least 40 years, without the need for an electrical power source.
    • has certified documents from the manufacturer of the electronic components used by Freemindtronic SL in these devices which establish without a doubt that the average time between failures is estimated after a 1 million cycles of writes per memory block, no maintenance operation is necessary.

    art. R. 55-5.- The said decree indicates that the identification of the user when accessing the digital safe service must be ensured by an electronic means of identification adapted to the security issues of the service.

    Since Freemindtronic’s solutions have several identification parameters that can be predetermined by the user himself, namely: administrator password, user password, pairing of NFC terminals, enslavement to a geolocation point, encryption key, physical blockchain segments, password encryption keys, and a code for displaying and sharing data called jamming.

    art. R. 55-6. The said decree, according to the guarantee, as provided for in 4 ° of Article L. 103, of the exclusivity of access to the documents and data of the user or to the data associated with the operation of the service requires at least the implementation of the following measures:

    “1° An access control mechanism limiting the opening of the digital safe to only persons authorized by the user;

    “2° Security measures to guarantee the confidentiality of stored documents and data as well as the corresponding metadata;

    “(3) Encryption by the digital safe service of all documents and data stored by or transferred to or from the digital safe. This encryption must be carried out using cryptographic mechanisms in accordance with the state of the art and allow an evolution of the size of the keys and algorithms used.

    Since Freemindtronic SL,

    • has implemented several security systems to protect the opening of the electronic safe:  physical, digital and human identification. The first check requires to know the physical pairing key of the device to authorize the connection with a computer terminal with NFC technology. The second control requires the user to know the administrator code that he himself has previously saved in the device to access the services. Other security systems can be added, forming a symmetric and/or asymmetric encryption key that, segmented into a physical blockchain in physical memory, makes access to encrypted data saved in physical memory totally inaccessible.
    • has implemented a multi-factor authentication method to simultaneously identify the terminal authorized to use the device and the user. This makes it possible to guarantee exclusive access to the backed-up data to the user and/or his/her rights holders.
    • has implemented a backup process by which all attached data and metadata are encrypted in the unconnected device that guarantees the confidentiality of the data stored in the electronic safe.
    • uses dynamically scalable encryption key sizes and uses qualified standardized standards, such as AES256-bit and/or RSA4096-bit keys. Said keys can themselves be encrypted in AES256 bits and segmented in a physical blockchain, in one or more separate devices. Such an implementation makes it impossible, at the known state of the art, to access the said keys or the possibility of guessing them via a brute force attack.

    Decision of the Jaroch Technology Committee meeting on 12 June 2018,

    Having regard to Decree No. 2018-418 of 30 May 2018 which will enter into force on 1 January 2019;

    Where as Freemindtronic SL clearly indicates to users the conditions of use, the technical mechanisms used and the implementation of the guarantees associated with its electronic safe solutions;

    Whereas appropriate security measures are implemented to guarantee the integrity, availability and accuracy of the origin of the data stored in the electronic safe;

    Whereas the traceability of the operations carried out on the data stored in the electronic safe is effective;

    During the Occitanie CyberMatines on LMI TV @lemondeinformatique april 22, 2020, Fullsecure conducted offline protection and physical use demonstrations of sensitive data such as passwords and encryption keys. The backup media in credit card or Tag formats operate without contact with a phone serving as an NFC terminal.

    This demo shows an electronic self-connection system to a computer, a motherboard Bios, a Windows session and a VPN with the devices from Freemindtronic hardwares wallet & contactless virtual keyboard

    Retrocompatible solutions for offline encryption of any type of data on computer and phone

    Another demo shows how to encrypt any data on computer and smartphone, an operation compatible with all computer systems and messaging services, including SMS.

    We are talking about compatible retro solutions that offer the advantage of securing the use of any type of computer hardware, computer, smartphone, software, application while maintaining maximum security of the use of sensitive data, whether personal or professional.

    Finally, Fullsecure gives a tip to make a desktop “smart”: Secure the sensitive data of any computer discreetly, discreetly, thanks to its mini devices hardened in Pin’s format.

    In addition, data sharing is contactless, reducing the risk of contagion during this period of pandemic due to Covid19. Indeed, it is enough to approach your smartphone to the Fullsecure device to manage and use the data contained in pin’s.

    Fullsecure offers a wide range of products to meet data security needs in mobility and/or in the workplace.

    Advanced Credit Card Cybersecurity: A Service to End Bank Card Fraud Practices

    Advanced Credit Card Cybersecurity system setup with various credit card types and cybersecurity devices on a white background




    Unlocking the Future of Finance: Advanced Credit Card Cybersecurity

    Advanced Credit Card Cybersecurity: In an era where digital threats loom large, discover how FULLSECURE’s groundbreaking solutions are redefining credit card safety.




    2024 Articles Cyberculture Legal information

    ANSSI Cryptography Authorization: Complete Declaration Guide

    2024 Articles Cyberculture

    EAN Code Andorra: Why It Shares Spain’s 84 Code

    2024 Cyberculture

    Cybercrime Treaty 2024: UN’s Historic Agreement

    2024 Cyberculture

    Encryption Dual-Use Regulation under EU Law

    2024 Cyberculture DataShielder

    Google Workspace Data Security: Legal Insights


    Stay informed with our posts dedicated to Cyberculture to track its evolution through our regularly updated topics.









    National Publication | Diari d’Andorra | Thursday, May 3, 2018 | AN ANDORRAN STARTUP’S INITIATIVE | By Joan López i Soler | Credit Card Security



    A Cybersecurity System to End Credit Card Fraud

    FULLSECURE, an Andorran startup, now offers a new security service for all credit card types. Consequently, it aims to prevent online sales database theft; moreover, it ends the fraudulent use of card security codes. Therefore, it significantly enhances security for online transactions made with credit cards. The company asserts, “This innovative service allows users to avoid storing credit card information in online sales databases; additionally, it enables the physical elimination of the credit card’s security cryptogram.” Utilizing a plugin powered by weak artificial intelligence, users can securely conduct Internet purchases. Furthermore, the startup highlights that this service “also eradicates the risk of illegal physical use after loss, theft, or duplication during international travel.”

    Since April 24, 2018, the system has been available to users who possess specific cybersecurity devices, such as Evicard NFC HSM, Evitag NFC HSM, and EviPass NFC HSM password managers, for online shopping. The system’s inventor, Jacques Gascuel, emphasized the goal “to revolutionize credit card security and their Internet usage, thus halting fraudulent use.” On May 29, they will unveil prototypes at a cybersecurity event in Toulouse.

    Fullsecure, specializing in electronic cybersecurity services, is a dynamic company founded in Ariège in 2010, now expanding its operations in the Principality.

    Update | May 30, 2024

    Advancements in Security Credit Card

    Since the initial launch of their credit card security service, Fullsecure has continued to innovate with EviPay NFC HSM technology to secure credit cards and cryptocurrencies. This cutting-edge technology provides robust protection against fraud, securing credit card information and mnemonic phrases along with their derived private cryptocurrency wallet keys without the need for sensitive data storage on online sales sites, including crypto assets.

    FULLSECURE remains at the forefront of combating credit card fraud, offering solutions that not only meet but exceed current security standards, showcasing their commitment to consumer protection and trust.

    As the digital landscape advances, FULLSECURE pledges to maintain its position as a leader in innovation, delivering the most secure and groundbreaking cybersecurity solutions to users.

    You can download the original article in Catalan by clicking HERE.
    Source press: click HERE

    EviTag NFC HSM at CONAND 2018: a Bug Bounty Express organized by Fullsecure

    Evitag NFC HSM at CONAND 2018, a contactless password manager service.

    Participants at a bug bounty event.




    Freemindtronic contactless technology NFC EviTag rugged ip6k9k Android NFC Phone hands Made in Andorra


    Evitag NFC HSM at CONAND 2018: Fullsecure, partner of the cybersecurity congress in Andorra, organizes a Bug Bounty Express on its product. It is a security challenge that consists of detecting vulnerabilities on this innovative product that allows to secure your secrets via an NFC electronic module. The Bug Bounty Express takes place on the Fullsecure booth during the second edition of CONAND 2018, on February 7 and 8.






    Bug Bounty Show Events


    What is CONAND 2018?





    CONAND 2018 is an event organized by Andorra Telecom, the telecommunications operator of the country, in collaboration with the government of Andorra, the Cybersecurity Research Center of the University of Andorra and the Chamber of Commerce, Industry and Services of Andorra. It aims to promote cybersecurity as a key element of digital transformation and to strengthen Andorra’s position as a technological and innovative hub. The second edition of this congress took place from February 7 to 8, 2018 at the Congress Center of Andorra la Vella and brought together national and international experts, companies, institutions and researchers around conferences, workshops,








    Demo show in booth


    How to use Evitag NFC HSM?



    To use Evitag NFC HSM, you just need to have an Android NFC smartphone and the Android application developed by Freemindtronic Andorra. By passing the NFC HSM module under the phone, you can display your secret, share it in RSA 4096 (a very robust asymmetric encryption algorithm) or use it directly on your phone or on a computer via a web extension coupled to the phone serving as a terminal.














    Cyber Safety & Security


    What are the advantages of Evitag NFC HSM?



    Evitag NFC HSM has several advantages over traditional solutions for storing your secrets:

    • It works without server or database, which reduces costs and risks of hacking.
    • It works only without contact, which avoids compatibility or connectivity issues.
    • It is lifetime without battery, without maintenance and tamperproof and waterproof, which ensures its reliability and durability.
    • It uses an AES 256 encryption algorithm, recognized as one of the safest in the world, to encrypt your secrets stored in the EPROM memory of the NFC.








    Use case


    Who is Evitag NFC HSM for?






    Evitag NFC HSM is for anyone who needs to secure their secrets in a convenient and reliable way. It is especially useful for private users who want to protect their online accounts, digital wallets, social media profiles and other sensitive information. Indeed, with Evitag NFC HSM, you can:

    • Manage and access your secrets easily without having to memorize or write them down.
    • Log in to your online accounts using the NFC HSM to display your password in volatile memory on your phone without leaving any trace of it.
    • Share your secrets with your friends or family in a secure and controlled way.
    • No risk in case of loss, theft or attempted compromise of the NFC HSM module locked to access with more than 9 trust criteria serving as a multifactor authentication system. Knowing that your secrets contained in the NFC HSM can be cloned, backed up in an encrypted way for later restoration in a new NFC HSM.
    • Benefit from a high level of security thanks to the physical and logical protection of the NFC HSM module encrypted in AES 256 with segmented key.








    Buy


    How to get Evitag NFC HSM?

    Evitag NFC HSM is a product marketed in white label by Fullsecure, a company specialized in the distribution of IT security solutions. To learn more about Evitag NFC HSM or to place an order, you can contact Fullsecure at the following coordinates:





    CONAND 2018 EviTag NFC HSM Box wuite label



    Send us a message









      Buy


      Visit our exhibition and demonstration space at CONAND 2018

      If you are curious to discover Evitag NFC HSM in action, we invite you to visit our exhibition and demonstration space at CONAND 2018. You will be able to test our product, ask your questions and exchange with our team. We will be happy to welcome you and show you our contactless security solution.

      Join the Bug Bounty Express on Evitag NFC HSM

      If you are interested in participating in the Bug Bounty Express on Evitag NFC HSM, you can find more information about the challenge, the rules, the rewards and the registration process on the following link: Bug Bounty Express on Evitag NFC HSM. This is a great opportunity to test your skills, learn new techniques and earn incentives for finding vulnerabilities on this innovative product. Don’t miss this chance to join the cybersecurity community and contribute to making the digital world safer.




      Bug Bounty Express on Evitag: Conand 2018, the cybersecurity congress in Andorra

      Bug Bounty Express on EviTag NFC event illustration

      Participants at a bug bounty event.






      Do you have what it takes to hack the contactless security solution by Fullsecure and Freemindtronic Andorra? If yes, then you should join the Bug Bounty Express on Evitag NFC HSM that took place at CONAND 2018, the cybersecurity congress in Andorra. It was a security challenge that consisted of detecting vulnerabilities on the innovative product Evitag NFC HSM, which allows to secure your secrets via an NFC electronic module. The Bug Bounty Express was organized by Fullsecure, partner of CONAND 2018, on its booth during the second edition of the event, on February 7 and 8, 2018.






      Conand Show Events


      What is CONAND 2018?





      CONAND 2018 is an event organized by Andorra Telecom, the telecommunications operator of the country, in collaboration with the government of Andorra, the Cybersecurity Research Center of the University of Andorra and the Chamber of Commerce, Industry and Services of Andorra. It aims to promote cybersecurity as a key element of digital transformation and to strengthen Andorra’s position as a technological and innovative hub. The second edition of this congress took place from February 7 to 8, 2018 at the Congress Center of Andorra la Vella and brought together national and international experts, companies, institutions and researchers around conferences, workshops, demonstrations and business meetings.


      Bug Bounty Show Events


      What is a Bug Bounty?

      A Bug Bounty is a reward offered to anyone who can find and report a security flaw in a software, a hardware, a website or an application. The reward can be monetary, in-kind or in recognition. The Bug Bounty aims to encourage ethical hackers to help improve the security of the products and services they use, and to prevent malicious hackers from exploiting the vulnerabilities they find.







      Demo show in booth


      How to use Evitag NFC HSM?



      To use Evitag NFC HSM, you just need to have an Android NFC smartphone and the Android application developed by Freemindtronic Andorra. By passing the NFC HSM module under the phone, you can display your secret, share it in RSA 4096 (a very robust asymmetric encryption algorithm) or use it directly on your phone or on a computer via a web extension coupled to the phone serving as a terminal.














      Safety and Cybersecurity System presented at Conand 2018


      What are the advantages of Evitag NFC HSM?



      EviTag NFC HSM has several advantages over traditional solutions for storing your secrets:

      • It works without server or database, which reduces costs and risks of hacking.
      • It works only without contact, which avoids compatibility or connectivity issues.
      • It is lifetime without battery, without maintenance and tamperproof and waterproof, which ensures its reliability and durability.
      • It uses an AES 256 encryption algorithm, recognized as one of the safest in the world, to encrypt your secrets stored in the EPROM memory of the NFC.








      Use case


      Who is Evitag NFC HSM for?






      Evitag NFC HSM is for anyone who needs to secure their secrets in a convenient and reliable way. It is especially useful for private users who want to protect their online accounts, digital wallets, social media profiles and other sensitive information. Indeed, with Evitag NFC HSM, you can:

      • Manage and access your secrets easily without having to memorize or write them down.
      • Log in to your online accounts using the NFC HSM to display your password in volatile memory on your phone without leaving any trace of it.
      • Share your secrets with your friends or family in a secure and controlled way.
      • No risk in case of loss, theft or attempted compromise of the NFC HSM module locked to access with more than 9 trust criteria serving as a multifactor authentication system. Knowing that your secrets contained in the NFC HSM can be cloned, backed up in an encrypted way for later restoration in a new NFC HSM.
      • Benefit from a high level of security thanks to the physical and logical protection of the NFC HSM module encrypted in AES 256 with segmented key.








      Bug Bounty Information


      What was the Bug Bounty Express on Evitag NFC HSM at CONAND 2018?

      The Bug Bounty Express on Evitag NFC HSM was a security challenge that consisted of detecting vulnerabilities on the product Evitag NFC HSM. The product included an Android application and an NFC electronic module. The challenge was to recover the login and password hosted inside an Evitag NFC HSM safe.

      The Bug Bounty Express lasted for two days, from 10 am to 6:30 pm, on February 7 and 8, 2018. It was free and open to anyone who wanted to participate. It took place on the Fullsecure booth at the Congress Center of Andorra la Vella, where five Evitag NFC HSM devices were available for testing. Each device contained five labels, five login and five passwords, brute force enabled with administrator password and jamming enabled. One device was dedicated to physical brute force attacks (Tamper-proof).

      Each participant had to register online and submit their vulnerability reports online. The material provided for testing included an oscilloscope, a NFC reader card for PC, a professional thermal sensor with thermal image capture, a WIFI router for creating a local network for the EVILOCK NFC function, and the Android application and the web plugins for Evitag NFC HSM.

      The participant was free to use any type of material to carry out their attacks. The participant brought their material under their sole responsibility, such as computer, smartphone, measuring devices and/or radio frequency.

      For physical brute force attacks, the participant had to bring their tools and/or physical attack solutions. However, tools and/or solutions that could harm the physical integrity of people were prohibited within the framework of the CONAND event. In the event that the participant wanted to carry out this type of test, they had to make an explicit and motivated request. The request accepted by Fullsecure, had to be carried out outside the framework of the event in a secure environment by the participant. At least one witness was present during the physical attack and was filmed by a person from Fullsecure.

      In general, all brute force attacks were allowed, whether passive and/or intrusive.

      What were the rewards for the Bug Bounty Express on Evitag NFC HSM at CONAND 2018?

      The rewards for the Bug Bounty Express on Evitag NFC HSM were as follows:

      • For each vulnerability detected, the participant received a certificate of participation and a trophy with the name of the vulnerability and the name of the participant.
      • For the first vulnerability detected, the participant received a gift voucher of 100 euros.
      • For the second vulnerability detected, the participant received a gift voucher of 200 euros.
      • For the third vulnerability detected, the participant received a gift voucher of 300 euros.
      • For the fourth vulnerability detected, the participant received a gift voucher of 400 euros.
      • For the fifth vulnerability detected, the participant received a gift voucher of 500 euros.

      The maximum amount of rewards per participant was 1500 euros. The rewards were cumulative and could be combined with other rewards offered by other partners of the event.








      Buy


      How to get Evitag NFC HSM?

      Evitag NFC HSM is a product marketed in white label by Fullsecure, a company specialized in the distribution of IT security solutions. To learn more about Evitag NFC HSM or to place an order, you can contact Fullsecure at the following coordinates:








      Send us a message










        How to join the Bug Bounty Express on Evitag NFC HSM?

        If you are interested in joining the Bug Bounty Express on Evitag NFC HSM, you can find more information about the challenge, the rules, the rewards and the registration process on the following link: Bug Bounty Express on Evitag NFC HSM. This is a great opportunity to test your skills, learn new techniques and earn incentives for finding vulnerabilities on this innovative product. Don’t miss this chance to join the cybersecurity community and contribute to making the digital world safer.




        INNTEC 2017: Contactless security innovations by Freemindtronic

        A promotional image for INNTEC 2017 featuring cyber security products and partners.

        An exhibitor presents the innovations of INN TEC, including the wireless padlock and other technologies, at the INNTEC 2017 event.






        Freemindtronic, together with FULLSECURE®, presented their contactless security innovations at INNTEC 2017, the Innovation and New Technologies Summit in Andorra. They showcased their EviCard NFC HSM and EviTag NFC Keychain products, which allow to secure your personal data via NFC HSM modules. If you are interested in these innovations, you can visit their exhibition and demonstration space.






        Demo Show Events


        What is INNTEC 2017?





        INNTEC 2017 is an event organized by ACTINN Andorra, a partner of ACTUA Andorra. It aims to promote innovation and new technologies in Andorra and to foster the transformation of the economy. The second edition of this event took place from November 28 to 30, 2017, and focused on “The 4.0 Revolution in Andorra.

        What are EviCard NFC HSM and EviTag presented at INNTEC 2017?

        EviCard and EviTag are two contactless security white label products developed by Freemindtronic. They are based on the EviCore NFC HSM technology, which allows to secure your personal data (passwords, PIN codes, encryption keys, etc.) via NFC HSM (Hardware Security Module) modules. These modules are physical devices that store your personal data in an encrypted way and protect them from any attempt of extraction or modification. They come in the form of cards (EviCard NFC HSM) or keychains (EviTag NFC Keychain) designed and manufactured by Freemindtronic.








        Demo show in booth


        How to use EviCard NFC or EviTag presented at INNTEC 2017?



        To use EviCard NFC HSM and EviTag NFC Keychain, you just need to have an Android NFC phone and the Android NFC application developed by Freemindtronic. By passing the NFC HSM module under the phone, you can display your personal data, share it in RSA 40960 (a very robust asymmetric encryption algorithm) or use it directly on your phone or on a computer via a web extension paired with the phone serving as a terminal.














        Safety and Cybersecurity System presented at INNTEC 2017


        What are the benefits of EviCard or EviTag ?



        EviCard NFC HSM and EviTag NFC Keychain have several benefits over traditional solutions for storing your personal data they:

        • work without server or database, which reduces costs and risks of hacking.
        • work only without contact, which avoids compatibility or connectivity issues.
        • are lifetime without battery, without maintenance and tamperproof and waterproof, which ensures their reliability and durability.
        • use an AES 256 encryption algorithm, recognized as one of the safest in the world, to encrypt your personal data stored in the EPROM memory of the NFC.








        Use case


        Why use EviCard or EviTag?






        EviCard NFC HSM and EviTag NFC Keychain are suitable for anyone who needs to secure their personal data in a convenient and reliable way. They are especially useful for private users who want to protect their online accounts, digital wallets, social media profiles, and other sensitive information. Indeed, with EviCard NFC HSM and EviTag NFC Keychain, you can:

        • Manage and access your personal data easily without having to memorize or write them down.
        • Log in to your online accounts using the NFC HSM to display your password in volatile memory on your phone without leaving any trace of it.
        • Share your personal data with your friends or family in a secure and controlled way.
        • No risk in case of loss, theft or attempted compromise of the NFC HSM module locked to access with more than 9 trust criteria serving as a multifactor authentication system. Knowing that your personal data contained in NFC HSM can be cloned, backed up in an encrypted way for later restoration in a new NFC HSM.
        • Benefit from a high level of security thanks to the physical and logical protection of the NFC HSM module encrypted in AES 256 with segmented key.








        Buy


        How to get EviCard NFC HSM and EviTag NFC Keychain

        EviCard NFC HSM and EviTag NFC Keychain are products marketed in white label by FULLSECURE®, a company specialized in the distribution of IT security solutions. To learn more about EviCard NFC HSM and EviTag NFC Keychain or to place an order, you can contact FULLSECURE® at the following coordinates:








        Send us a message










          Visit our exhibition and demonstration space at INNTEC 2017

          If you are curious to discover EviCard NFC HSM and EviTag NFC Keychain in action, we invite you to visit our exhibition and demonstration space at INNTEC 2017. You will be able to test our products, ask your questions and exchange with our team. We will be happy to welcome you and show you our contactless security solutions.




          Anti Mouse Jacking by Freemindtronic

          anti mouse jacking sans contact system contacless access controle secured by freemindtronic_andorra

          Contactless Anti Mouse Jacking System by Freemindtronic Andorra

          Lock Unlock Vehicle via NFC phone

          Anti Mouse Jacking system in video demonstration on a “TROTEE.NET” project. 

          BEWARE ! The contactless mouse jacking system is a cyber safety and security solution by NFC that allows you to lock and unlock a vehicle without contact.

          This video is presented a demonstration developed to measure by Freemindtronic SL. The electric scooters shown in this video are not manufactured or marketed. These are multi-trust contactless access control demonstrators that work via an NFC phone.

          This technology is available under patent license.

          It offers a quickly and easily adaptable solution for various wireless access controls, particularly in the automotive sector.

          Finally, these contactless access control systems are compatible with the other technologies of Freemindtronic EviToken and EviCypher. In fact, this greatly extends the possible added values in many areas such as IT Security, Home Automation Security. 

          Functional 2016 prototypes Anti Mouse Jacking were presented to the public for the first time at the FIC in Lille in January 2016.

           

          contactless Anti-Mouse Jacking trotee.net salon FIC 2016 by Freemindtronic Andorra

          These scooters carry implementations of three patents granted.

          These are demonstrators with integration of an NFC device with multi-criteria authentication system of trust. Lock or unlock a vehicle without contact. This action can be subservient to several criteria of trust such as geo location, facial recognition, digital borrowing, a password.

          The contactless access control system is energy-independent to operate. It uses energy recovery to power the safety and cybersecurity system.

          Similarly, you independently administer and manage user profiles. The tamper-proof black box offers many ideal services for the follow-up of vehicle maintenance.

          These technologies are adaptable  by Freemindtronic SL Andorra  tailor-made on specifications for all types of mobility projects.

          There are many use cases when it comes to mobility such as, renting, carpooling, user control and protection against vehicle theft. 

          It is also a wave jammer resistant technology used for “Mouse Jacking” vehicle theft.

           

          Android NFC application

          An application under Android has been developed to carry out demonstrations, such as the anti-mouse Jacking, sharing it, fleet management, but not only.

          FULLTRACK NFC
          FULLTRACK NFC : BETA
          GUIDE D’UTILISATION : ND
          Update: ND
          Black Box version:  ND
          Free Download:  ND cause application being updated
          Works only with the TROTEE.NET® demonstrator.

          The story of the first NFC hardened USB stick EviKey

          Award 2014 NFC EviKey® the story of the first hardened USB stick and NFC EviDisk® SSD Sata 3 unlockable contactless by Freemindtronic Andorra


          The story of the first NFC hardened USB stick EviKey & EviDisk unlockable contactless

          The story of the first NFC hardened USB stick EviKey that can be unlocked without contact and invisible computer systems begins with inventor Jacques Gascuel.

          EviKey is a contactless USB stick which works via an NFC phone. It already has the principle of EviCypher technology. Indeed, it already carries a multi-criterion automated authentication system. It is the first physical multi-factor authentication (MFA) system that can be administered by an unfalsifiable black box.

          Let’s start the story of the first contactless unlockable hardened USB stick created by the inventor, Jacques Gascuel  [1]. He  has implemented technology from his patented inventions internationally. For almost 10 years, he has been deeply convinced that the greatest risk will come from the hyperconnection of access controls and their centralization, under the guise of the public interest. That this risk will be all the greater when the burden of proof is reversed, so that user will be technically and financially unable to absolve himself of this legal responsibility.

          The inventor includes in his reasoning for the design of electronic safes that there is a significant risk if the access control system is visible,such as a lockand/or keyboard and/or a screen and/or via software. That the best security in the world is human thinking, in contrast to other digitized biometric systems that can be corrupted. The password derived from human thought is becoming more and more complex to implement, due to the exponential increase in connected calculators. According to the inventor, it is necessary to design an augmented thought of man to oppose his own supercomputers.

          A real challenge that the inventor will take up for several years to design electronic safes nomadic inviolable.

          In the first phase of his research, he had to answer a first question. Is it possible to create real electronic safes for universal portable use without the use of data encryption? Can we create a universal, hyper-mobile security system that does not use an encryption system but only physical security in the sense of Cybersafety? A system, in fact, that can be used all over the world by people with no particular skill. A solution that is non-intrusive, for everyday use, always secure by default, that does not violate any of the rules of international law, and above all that allows to no longer expose man to the attainment of his physical and/or psychological integrity?

          The inventor has entered into a disruptive reasoning of Cybersafety, as opposed to Cybersecurity solutions that refer to digital safes. The inventor believes that Cybersecurity is the physical security of Cybersecurity, which is digital. The inventor, a graduate in industrial electrical engineering, will base his research on the implementation of Cybernetic solutions. How can this physical security approach based on industrial normative elements such as ISA/IEC 62443  mitigate or even prevent an intrusive or non-intrusive cyberattack? The first lead was the implementation of its international patent FullProtect  WO/2010/086552,  a device to monitor and protect the power and/or environment of an electrical device, equipped with a black box. An invention that allows, in particular, to establish, by physical evidence, the implementation of the criteria  MTTF,  MTBF,  MTTR and establish the TDM index . To learn more about the features and added values of an electronic safe click HERE.

          The inventor’s idea is to find a way to prevent, or greatly limit, the possibility of calculating machines. The inventor imagines an autonomous, unconnected electronic safe that uses various physical, analog, logical, digital, use and legal factors that combined make it extremely complicated, computing by the machine. This will require a physical brute force attack on this electronic safe.

          The inventor then designed the first MFA Offline Cyber-sterity system to assist man and allow him to defend himself against his own quantum calculators.

          We will tell you the story of the birth of the electronic safe of inventor Jacques Gascuel.

          The inventor assumes that the only indisputable, and undisputed, way to secure access controls is that they are never connected and totally autonomous, under the control of the man and/or the legal person.

          Such an implementation would make a physically remote attack physically impossible. It talks about the principle of the physical electronic safe unconnected MFA, which implies a proximity to open the door of the electronic safe. According to the very principle of an electronic safe, this system must form a block, without any door other than that locked by an access control, via a code defined by the user. The problem of user authentication remained, and thus the use of the code illegally.

          This involved designing an unconnected system, capable of providing a set of factors that would establish the near certainty that it is indeed the user and/or a rightful person.

          This risk is increased if this access control is connected to a computer system and/or connected to a local server and/or remote with databases. This is a major breach to carry out attacks via the computer systems where it is connected. This risk increases significantly when access control codes are contained in computer systems and/or remote databases. We all know that they are regularly attacked because they are always accessible from a distance.

          The birth of the principle of material invisibility as a physical security component of Cybersecurity

          The inventor is aware that the impossibility criterion is a bold claim to be implemented in Cybersecurity. However, if it adds physical security, the foundation of Cybersafety, it makes the solution physically invisible, undetectable and untraceable. Making a physically invisible electronic safe of computer systems has become the preferred focus of the inventor’s research and development.

          The term impossibility can legitimately be used, within the limits of the state of the art. Similarly, the inventor considers cyber deterrence to be part of the impossibility factor, especially when the brute force attack means implemented are disproportionate to the interest of the attack. The inventor includes the psychological aspect, …. Doubt! Indeed, consider an attacker who has no certainty of finding the coveted data because it is not directly visible, this will generate a doubt strong enough to be a deterrent. According to this approach, the attacker is also not certain whether the time it will take will not exceed the time it would take the owner of this data to make it obsolete, and therefore worthless for the attacker. The inventor therefore includes doubt as a factor of Cyber Dissuasion in the implementation of the Cybersafety of his electronic safe.

          The inventor believes that the absolute security of information systems must be two-headed in the sense that Cybersecurity is the digital component of physical security.

          Cybersûreté VS Cybersécurité

          Cybersecurity is the physical security in contrast to Cybersecurity which is digital security. This is an approach rarely taken into account in information systems engineering that considers it legitimate that Cybersecurity is outside the realm of Cybersecurity. However, experts in these two spheres of safety agree that the complementarity between safety and security is unquestionably complementary in order to prevent the risk of accidents and/or malicious acts.

          Even on the margins in the development of specifications or in the offer of Cybersecurity solutions products and services, Cybersecurity is now essential as digital systems are networked. We are in the era of “hyper-connected.” Cybersafety according to the inventor must also be taken into account from the outset in terms of risk management as defined by various ISO/DIS 34001 (SMS), CNPP 1302 [FR], ISO/IEC 27032 (digital security), ISO/IEC 27001 (SMSI), ISO/IEC 29100, CENELEC 50131-1, 50133-1, 50134-1, 50136-1, 50518-1, IEC 60839-11 [series]. A recurring divide on the interpretation of standards, specifically in their translations of English into French; the word “Security” has been translated as “security” instead of “security” in the sense of physical security. This contributes to the marginalization of the consideration of Cybersafety, and consequently, the distinction between digital safe and electronic safe.

          The implementation of the electronic safe has created technological locks to be lifted

          How to design a physically invisible access control, totally autonomous in electrical energy, disconnected from computer systems, disconnected from any type of network? The inventor’s idea is to design a system that is physically isolated from computer systems. It seems impossible to attack what doesn’t physically exist, either remotely or nearby.

          How can this approach be implemented?

          To implement the theory of invisibility, it was necessary to be able to oppose an intrusive and/or non-intrusive brute force attack. The inventor had to find a way to resist physical attacks, especially on the electronics of access control, without reducing the speed of data transfer on the USB port and SATA. The inventor then devised an electronic system with many countermeasures against physical attacks. It is a system that locks access to the contents of the memories, permanently depending on the level of attack detected. The inventor finds a patented, military-grade resin to coat all the electronics, leaving only the USB or SATA connectors. Hardened to the extreme, close to steel, the electronic safe is now equipped with a shell capable of withstanding various mechanical stresses of several tons, thermal or acidic. Attempting to remove the shell is taking the risk of triggering the countermeasures, but also of irreversibly destroying the memories.

          Hardening the electronic safe has spawned other technological locks

          The complete coating of the electronic card makes it impossible to repair in case of electrical, thermal, component or assembly defects. This makes it very complex to diagnose the origin of the defect automatically, and be able to access from the outside, without going through the USB and SATA connectors. This is where the Fullprotect invention comes into play, an intelligent asymmetrical circuit breaker with a black box that traces any type of electrical, environmental and/or use event. This electronic safe is then equipped with a system of electric multi-protections by automatic galvanic insulation on the power supply, with electrostatic protection on the exchange of data via the USB port or SATA, making the whole resistant to surges. Another three-point thermal environment self-protection device is capable of self-locking the electronic safe, when the temperature is above 70 degrees.

          These electronic devices are coupled with the Cybersafety system, which has several advantages. The controlled galvanic insulation protects electrical hazards and insulates it from computer systems, making the electronic safe undetectable. An intelligent maintenance system is then embedded in the system. Its mission is to prevent the electronic safe from being used in temperatures that could damage the electronics. The same device is also used to detect a thermal brute force attack on three points. This type of physical intrusive brute force attack involves exceeding the thermal resistance by more than 220oC.  Such an attack will in fact result in the destruction of electronic components, especially memory, irreversibly. Thanks to the implementation of the Fullprotect invention in these electronic chests, an unfalsifiable black box is present to preserve the various traces of these events and constitute an opposable physical proof.

          How do I lift the MFA’s energy autonomy locks?

          For the inventor, one last important problem remained to be solved: how, without a source of electrical energy, without using the electrical energy provided by the USB or SATA port, physically administer the access control through the coating and the case?

          The solution found by the inventor is THAT of STMicroelectronics’ NFC technology in industrial version, NFC ISO/IEC 15693, which runs without battery, powered via a NFC-enabled Android-enabled computer (Smartphone). In addition, this component incorporates the recovery of energy capable of powering on-board subsystems, including the access control system. These industrial components have many other advantages. They have electronically secure non-volatile memory that can hold stored data for at least 40 years without an electrical source. They also allow 1 million cycles of writing per memory block, without error.

          The mobile contactless electronic safes with black box were created under the technological name EviKey One NFC and EviDisk One NFC, under the trademarks of the inventor,  EviKey® for the USB stick and  EviDisk® for the 2.5-inch 7mm Sata III SSD.

          But, beyond being able to dynamically carry out all types of actions via contactless technology, a new problem has beenborn, the Cybersecurity of the use of electronic safes. Indeed, it is necessary to have an Android/NFC smartphone to use the electronic safe. However, the smartphone is connected to it, thus exposed to the risk of remote attacks and/or proximity on the exchange of data via the NFC signal.

          The Evikey NFC solution receives the 2014-2015 “Connected Object” Package with its Physical Cybersafety technology in a USB stick on November 24, 2014 in Paris Bercy. This innovation is twice nominated for the Boarding Assises: “critical on-board system” and “connected object.” This National Trophy recognizes the connected object project that has provided the most innovative service to the general public or professionals.

          Paris Bercy 2014 : https://www.entreprises.gouv.fr/numerique/trophees-embarque-2014 (this page has been removed https://www.entreprises.gouv.fr)

          The “Assises de l’Embarqué.fr: http://www.assisesdelembarque.fr/trophees-de-lembarque/trophees-de-lembarque-2014

          Captronic : https://www.captronic.fr/Les-laureats-des-Trophees-de-l-embarque-2014.html

          Electronic Press (http://www.electroniques.biz):

          Embedded Trophies 2014: six companies rewarded for their innovations

          lembarque.com : Freemindtronic EviKey Evidisk won the 2014 Embedded Technology Awards 

          The inventor had to find other systems to increase the Cybersecurity and “Cybersecurity” of MFA access control for its mobile electronic safes

          The various problems to be solved are known and bring up technological locks. How do I protect the access control of an attack from the smartphone? How to identify the hardware used and authenticate the right or user to unlock the electronic safe, knowing that the smartphone is connected and can be very easily corrupted? How do I detect a brute force attack on the NFC? How can I prevent listening to the NFC signal to pick up the information? How can you physically prevent a malicious person or robot from accessing the electronic safe? How do I prevent a keylogger-type attack? How can I prevent the code from being entered on the smartphone screen? How do I limit the number of code tests, even in unlocked mode? How do I identify the electronic safe in a no-use area? How to give the illusion that the electronic safe is broken? How can the electronic safe be used on a daily basis without the burden of security or even the cause of a loss of productivity? How do you detect the end of the use of the electronic safe without having access to the data flow? How do you systematically lock the electronic safe without taking the risk of damaging the data? How do you give up a passcode that you think is corrupt? How do I create a temporary passcode? How do you put all the information back from the black box to serve as physical evidence? How do you simply plot the geolocation of the use of the passcode and the type of code used? How do I notify the user, even if the electronic system fails, the origin of the malfunction? How do I tell the user how long it will take to use memory without error? How can we ensure that the electronic safe is never obsolescent in time? Finally, could this solution save a life?

          The inventor has found an answer to all these and many other questions, thanks to another of his patents, Fullsecure[2]  , a stand-alone wireless access control system.

          One of the most important challenges remained, the simplicity of use

          The inventor’s goal is to offer individual, self-secure, unconnected, obsolescence-free, always accessible, extremely accessible, mobile, very simple to use on a daily basis, for personal and/or professional use, without financial commitment, without a license, multi-station, untraceable and undetectable.

          He wanted to offer his owner the least intrusive electronic safe in the world, without drivers and software to install in his computer. An electronic safe compatible with all Windows, Linux, iOS, Raspbian, OS2, Android (OTG) operating systems that use a USB port.

          A hardened electronic safe designed to last until the natural end of the components’ life. Multi-protection systems against electrical, electrostatic, thermal, mechanical, immersion in liquid, dust, ultraviolet light, heat source, magnetic field, X-rays.

          An electronic safe with a black box that tells the user, in real time, the state of its physical functioning, capable of self-diagnosis and informing the user of the origin of the defect.

          The freedom to adapt the level of security of these electronic safes to suit exposure to risk

          A system freely set up by the user, via an administrator password, allows you to choose how to unlock the electronic safe. It can also be used in unlocked mode. In the latter case, the user uses his electronic safe in an environment where he feels there is no risk. It uses its EviKey®  or EviDisk® as a standard USB stick or SSD.

          How do you make Cybersafety non-binding for the user to avoid being tempted or forced to use another unsecured system?

          The inventor believes that the use of safety, when it is binding, generates counter-productivity and is naturally circumvented by man. In fact, the inventor has planned different scenarios that allow the man to change the unlock mode very easily. Man is therefore empowered to adapt the level of security of his electronic safe according to his exposure to risks. When the risk is zero, the man must be able to leave the electronic safe always unlocked. This point eliminates the risk of counter-productivity. This mode allows the man to have the comfort of using a standard USB stick or external disk.

          A free mode of Cybersafety by use control

          The mere fact that the electronic safe is permanently unlocked creates a risk to the use, because the contents of the electronic safe are always exposed, especially when the sensitive data is not encrypted. The inventor therefore took into account this problem of exposure to the risk of connected data via a removable medium. The right balance had to be struck between safety and comfort of use.

          A major constraint for the inventor: the inability to access the fully deconstructive data flow of the MFA access control system and the absence of a battery excluding the use of a clock.

          The inventor’s idea was the implementation of a timer in correlation with the Cybersafety system and the black box. The user defines a time, in seconds, during which the Cybersafety system counts, via Fullprotect’s electrical analysis device, the data flow. Thus, when the countdown is reached, the electronic vault is auto-locked and the data stream is inactive.

          Thanks to this method, the inventor found the right balance in usage. A system that detects when the electronic safe is not used to self-lock. It is the user who defines how long the electronic safe remains unlocked. The user will need to identify himself to unlock the electronic safe.

          With this feature, the user can adjust the use of the electronic safe to his environment, while maintaining a level of self-safety over time. A time that is automatically interrupted when the electronic safe is disconnected from the USB or SATA port. In the same way if the power of the USB or SATA port is disabled by the computer system.

          Let’s discover the different ways of unlocking these electronic safes designed by the inventor

          A mode that requires the entry of a password to unlock the electronicsafe. A proprietary secure keyboard is used with randomly changing keys, which has the effect of combating malware that records key inputs to the Keylogger type keyboard. This system also helps to limit the risk of visual corruption when entering the password (a person looking over your shoulder for example). Indeed, it is very complex to remember the order of keys that change randomly. In addition, this system allows you to participate in the authentication of a person.

          Another mode allows you to unlock the electronic safe without the need to enter the password. After recording the identity of their smartphone in the electronic safe (pairing procedure), the user can unlock it by simply presenting his smartphone to the electronic safe, without contact. The user has the ability to register up to three smartphones.

          These two modes can be used interchangeably, this has some advantages. Consider two users, one has knowledge of the password and the other does not. But the latter can unlock the electronic safe with his NFC smartphone, without entering the password.

          This is a convenience to avoid having to enter a password or to manage two user profiles, one of which uses only the password. However, this comfort does not cover the risk when the smartphone and electronic safe are stolen or lost together. The electronic safe can then be unlocked without the need to enter the password. To cover this risk, the inventor has planned a multi-factor mode that includes three elements: the pairing key, the smartphone’s identity and the password; the concept of a simplified physical blockchain was born.

          The safety of using the electronic safe

          Let’s imagine a user on the move, which implies that the level of risk is very high. It must be able to choose the highest and, indeed, most restrictive mode of security. The user leaves the comfort of unlocking with his smartphone without a password, to include a multi-factor control chain in case of theft and/or loss of the electronic safe and/or his smartphone. In case of theft or loss of the electronic safe, the malicious person will have to guess the pairing key, the identity of the paired smartphone and the password. Knowing that after 3 unsuccessful tests, the electronic safe is temporarily blocked and that the maximum allowed test is 13 before a permanent blockage.

          Cybersafety against the violation of human physical and/or psychological integrity

          The inventor asked himself about the risk of an attack on the physical and/or psychological integrity of an electronic safe user in order to obtain the password?

          The inventor’s idea was that the electronic safe must have an advanced system of administration and user management, permanent or temporary. The administrator of the electronic safe has the option to assign a specific passcode to the user of the electronic safe, without him being able to know the administrator password.

          The emergency feature called “user password forgetlessness” is born, which allows a user to delete their password. This emergency system can be activated at any time, very quickly, if it feels that its password is corrupt or that it can be corrupted. In fact, only the administrator will be able to recreate a new user password. This is the birth of the physical blockchain simplified by use. A disruptive approach to the use of oblivion in the value chain of Cybersafety as a physical barrier. This protects the physical and/or psychological integrity of the man vis-à-vis an attacker who wishes to obtain the user’s password against his consent.

          Imagine an investigative journalist who goes on a mission abroad to interrogate opponents of a dictatorial regime. The information collected by the journalist is digitally housed in the electronic vault. Such information may impair the physical integrity of the interviewees or the journalist. How can the journalist resist a physical and psychological constraint not to give the password to access the electronic safe? The inventor has found a solution! If the user no longer has access to the password because he has voluntarily abandoned it, and this fact is known to the attacker, it will be useless to try to obtain from the user the administrator password that he never knew about. Only the editor (administrator) has the power to unlock the electronic safe. This does not remove the risk that the attacker will remotely pressure the editor to obtain the admin password. However, the objective is achieved, the one where the attacker has no interest in attacking the journalist. And at the same time, the digital data in the electronic safe remains locked in access. The attacker will have to be able to force the electronic safe to access the data it contains.

          This case demonstrates the clear role of the importance of cybersecurity vis-à-vis Cybersecurity, the first flaw of which would be humans. On closer inspection, the inventor’s innovations put man at the center of his own enhanced security in the face of malicious attacks by man or his machines.

          Cybersafety by physical silos

          The inventor performed a physical silo of the rights holders, i.e., an administrator profile and user profiles, indeterminate or limited-time. There is talk of an additional factor to unlock the electronic safe, so as to block any attempt to pair the electronic safe with another smartphone. The power of Cybersafety makes it physically impossible to simply connect with the electronic safe without the pairing key. Even if the pairing key is corrupted, you also need to know the administrator and/or user password to unlock the electronic safe.

          The traceability of events by unfalsifiable embedded black box, accessible without contact via the smartphone

          The inventor took into account the burden of physical proof in the legal sense of the term, capable of opposing other forms of evidence constituted in a numerical way; which can be manipulated. This is one of the aspects claimed in the internationally extended Fullprotect patent.

          Thus, the inventor has integrated in his electronic safe a black box that traces all types of events, which depending on their importance are recorded, such as an attempt to attack physical or digital brute force.

          Such a recording in the black box of the electronic safe is not without consequences in the implementation of countermeasures imagined by the inventor whose secrets he does not reveal.

          The most extreme consequence is to render the electronic safe irreversibly unusable.

          Intrusive and non-intrusive brute force countermeasures

          The inventor considered several aspects of brute force attack targeting cyber safety.

          Dismissing non-intrusive brute force attacks was quick. It was more complex for the physical attacks of the man of the trade, the electronics engineer.

          With regard to non-intrusive attack, the inventor excluded the use of encryption systems in the implementation of Cybersafety, rendering it unnecessary to use thermal, magnetic, electrical, electromagnetic or radio frequency analysis to try to guess the encryption system used. Indeed, the security system is completely independent of the digital support of the electronic vault where digital data is stored. This system is completely autonomous in electrical energy, without battery, and has only one input and exit, the industrial NFC system. This excludes all these forms of brute force attacks.

          Remains the physical brute force attack that involves being in contact with the electronics of the electronic safe. An extremely strong resin and very sticky to the components makes it very dangerous to remove the resin without irreversibly damaging the electronic system, especially the memory. Traps have been built to detect intrusions and cause the electronic safe to be permanently locked through the black box.

          The digital brute force attack remained to unlock or activate denial of services. The inventor also predicted these cases of species.

          All these attempts are managed and activate countermeasures that block this type of attempt.

          In the case of a robotic attack the attacker must create algorithms that take into account random physical variables related to physical elements specific to the electronic components used. This makes it almost impossible to create an algorithm capable of guessing these time factors, some of which are variables derived from random physical elements that depend on various thermal, electrical and usage factors.

          To maintain a known use of the public, the inventor uses a system used for bank cards or SIM cards of phones.

          In this case, three tests (PIN and/or mobile) are authorized to unlock the electronic safe.

          After 3 unsuccessful attempts, access is blocked for 15 minutes. The event is recorded in the black box that activates the light signaling of the electronic safe (two green and blue LEDs flash alternately).

          The inventor added the requirement to leave the electronic safe connected to the USB or SATA port during the locking period. Any disconnection involves reseating the countdown. This forces the attacker to leave the robot connected to the key. The Cybersafety system has a very precise electrical analysis system; any positive or negative change results in the meter being reset.

          After these first 15 minutes it is possible to try again. If the entered password is correct, the electronic safe unlocks and the test counter is reset. The event is kept in the black box. If the PIN or mobile is not correct, the electronic safe is blocked again for 30 minutes this time. With each new error, the delay is multiplied by 2.

          This implementation, conceived by the inventor, was intended to deter an attacker from generating a denial of services, i.e., to prevent the user of the electronic safe from using it permanently.

          Thus, the attacker will have to wait a few months to be able to seize the 13th unsuccessful test, and thus make the electronic safe permanently locked.

          Visionary the cyber-safety of these electronic safes in the service of BYOD, CYOD, COPE already compatible before the birth of the RGPD

          Meaning BYOD acronyms “Bring Your Personal Device,”  CYOD  “Choose Your Company-Approved Personal Device,”  COPE  “your personal device purchased by the company.”

          10 years earlier, the visionary inventor took into account the problem of the use of private equipment for professional use, which posed a problem related to the privacy of mobile data of various origins, both private and professional or computer systems.

          BYOD, CYOD and COP are not framed in the same way at the legal level, which complicates the implementation of the security charter in a company, especially on mobile data such as USB sticks and external discs connected via a USB port. The latter poses a greater risk due to the memory capacity of several terra Bytes.

          The use of data encryption is recognized as the only way to secure the data. But the reality is different in the use and security of passwords, encryption keys and/or decryption.

          The inventor knows that in everyday use, the complexity of implementing a trusted encryption system is time-consuming, which reduces productivity. In fact, humans bypass the problem by using the unsecured BYOD to transport sensitive data. Similarly, the password entered to decrypt may be corrupted by various brute force attack and/or espionage.

          The inventor wonders how to ensure that the Cybersafety system is able to independently cover all these risks? To solve this problem, first, he splits the types of uses into two: an individual use that he identifies as “Premium” and a collective use that he identifies as “Pro”.

          Then he comes to the conclusion that the electronic safe is upstream of the backup of the mobile or fixed data, making it a common core. Thus, the mere fact that the principle of the operation of the electronic safe is closed by default and that a password is required to access the data, whether encrypted or not, constitutes a common physical barrier to all these uses. In fact, it is enough to manage the type of use and their use rights.

          The professional version was born, which has a separate administration system for users of the electronic safe and an individual version whose administrator is also the sole user.

          In case of loss or theft, the electronic safe is always locked which prevents access to the data it contains whether it is private or professional.

          Thus, regardless of the choice of the company, CYOD, BYOD or COPE, the inventor’s electronic safes are legitimately compatible with the rules of law in force, notably with the RGPD and the decree 2018-418 of May 19, 2018 coming into force on January 1, 2019. (See on LinkedIn the article of June 13, 2018 https://www.linkedin.com/pulse/pourquoi-les-coffres-forts-%C3%A9lecttronics-nfc-offline-de-gascuel)

          As part of a COPE use, the company has a function that allows it to administer a profile of the use of the electronic safe that is required of the permanent and/or temporary user. The black box traceability, allows the administrator to have a history of use, some of which are geo-located.

          A 100% stealth mode can be activated by disabling LEDs. In fact, the locked electronic safe, undetectable computer systems, simulates the symptoms of a USB stick that doesn’t work. Similarly, the extinction of LEDs makes it possible not to visually indicate that readings or writings are carried out with the electronic safe. Conversely, the choice of colors, and/or the extinction of one of the LEDs, makes it possible to identify the electronic safe among others. This mode is also convenient for viewing the use of an electronic safe in a prohibited or authorized area. Let’s take the example of an entire service that uses keys whose LED flashes pink when writing or reading data, if the manager sees a key flashing yellow, he will know that this key is an intruder.

          The inventor aware of the problems related to the use of USB sticks and external discs in the company has provided a concrete response with the use of his electronic safes.

          It was up to the inventor to lift the last locks! How can we make the connection to electronic safes universal to any type of computer system?

          Finally, the inventor had to find a way to be as intrusive as possible, when the electronic vault is connected to a particularly professional computer system that prevents the installation of unauthorized software by the information systems manager.

          This problem was naturally solved when the separation of the security system and the non-volatile physical memory where the data is housed was implemented.

          Indeed, since the security of the electronic safe is separated from the support, there is no need to secure the USB port or the SATA of the SSD disk, so there is no need to install security software on a computer system. In fact, all computer systems that use a USB or SATA port are immediately compatible with safes. No need for drivers or software to install for these electronic safes. This allows to respect the security constraints imposed by the company, while remaining under the control of the user.

          The inventor, perfectionist, uses the speed of analog electronics systems to secure the operation of Android applications

          The inventor designed two separate applications that work in the volatile memory of the NFC smartphone. FullKey NFC for EviKey NFC Pro and EviDisk NFC Pro and FullKey NFC Premium for EviKey NFC Premium and EviDisk NFC Premium. The inventor used the extreme speed of analog systems and radio frequency to exchange passwords to unlock these safes. This is a machine-to-machine (M2M) transfer between the smartphone’s NFC and the electronic safe NFC.

          An intelligent physical cyber safety system is implemented at various points in electronic design to combat brute force attacks that seek to copy the weft of a radio wave produced by the NFC signal:

          • a steering branch,
          • an energy recovery management system,
          • A single peer-to-peer NFC hooking system by pairing key,
          • self-locking electronic vault memories on data exchange,
          • analysis of the electrical energy recovered by the smartphone’s NFC signal,
          • management of the speed of data transfer on NFC signal,

          This listening is extremely complex to achieve because of the proximity that must exist between the smartphone and the electronic safe and the fact that the exchange of data is impulse and totally random.

          Offline e-mail safes

          The inventor had an unstoppable idea to fight against listening to the NFC signal! Desynchronization when unlocking the electronic safe. It adds a new variable: the unpredictable! In fact, the user can unlock his electronic safe without needing to be connected to a USB or SATA port. In fact, an attacker cannot use a computer system and/or power source as a cue to perform his listening. This effectively excludes the use of espionage. Indeed, the unlocking can be carried out anywhere, anytime, in any situation (even underwater), it physically stops any attempt to listen to the NFC signal from the inventor’s electronic safe.

          Cybersecurity of Fullkey NFC Pro and Premium applications

          The inventor has no confidence in the resilience of a brute force attack on applications developed on Android. In fact, it has taken into consideration immediately in its innovations that its applications can be corrupted in seconds by experts. In fact, he designs applications with a relisence criterion equal to ZERO. Thus, if the application is corrupted, no sensitive information can be used to successfully unlock the electronic safe.

          The finding of the implementation of Cybersecurity for the benefit of cybersecurity of electronic safes

          The mere fact of not being able to connect to the electronic safe without a pairing key is enough to establish that the inventor’s electronic safe meets all the criteria of Cyber safety.

          The simple fact of not being able to unlock the electronic safe without a password, and the fact that the passwords are physically in electronics, it is also not possible to establish a connection with the electronic safe.

          The inventor goes all the way to the end of the reasoning of cybersafety by black box: an on-board after-sales service and the management of obsolescence

          Obviously, no doubt, never has a USB stick or an SSD been able to inform their user in real time of any type of events, including brute force attacks and to self-diagnose the state of operation of the electronic safe as well as the origin of an electronic, environmental, embedded system, use and attack intrusive or non-intrusive brute force.

          Of course, all this will be true, until Jacques Gascuel’s patents fall into the public domain.

          Finally, the black box allows the manufacturer, as well as the user, to know the origin of the anomalies, but not only. A flash memory usage counter is built in to estimate the risk of writing or reading errors. The aim is for the inventor to give the user the opportunity to have a trusted benchmark on his ability to retain information without error in the electronic safe. Indeed, flash memories have all the natural wear and tear due to writing that includes data erasure. This is an approximation that varies according to the memories used in the manufacture of electronic safes.

          About the company

          Jacques Gascuel’s patents are managed by Freemindtronic SL in Andorra.

          Electronic safes are currently manufactured in France under an exclusive manufacturing and distribution license for France awarded to the SYSELEC Group in Occitanie (France).

          These NFC hardened USB stick EviKey ® and NFC hardened SSD EviDisk® electronic safes are available from Freemindtronic partner’s.

          You want to know more about how it works, you can view the usage guides

          Fullkey Plus Android app from Freemindtronic Andorra:  https://youtu.be/ckIc7PwedaE

          You can also use secret keepers with  EviCypher technology to manage and unlock EviKey  USB sticks and EviDisk SSDs.  Automatically administer and manage  your pairing keys, administrator, user and guest passwords.

          [1]  Jacques Gascuel owns various patents. The PATENT WO/2010/086552 published internationally since 2010 for the technology called Fullprotect, a monitoring and protection device for power and/or environmental of an electrical device equipped with an unfalsifiable black box device. And the 2017/129887 WO/2017 patent for the technology called Fullsecure, a wireless electronic access control device with multi-factors of authentication.

          [2] Patent called Fullsecure NO.  WO/2017/129887  published in 2017 for the technology called Fullsecure, a wireless electronic access control device with multi-factors of administrative authentication.