Evikey NFC HSM Technology contactless unlock via NFC Android phone European 2014 Award Embedded System Bercy Paris from inventor Jacques Gascuel CEO Freemindtronic Andorra

EviKey NFC HSM: How to Safeguard Your Data with Your Smartphone

EviKey NFC HSM: Seeking a simple, secure, and hassle-free way to protect sensitive data without cumbersome passwords or complex encryption systems? Imagine a technology that locks and unlocks with a simple gesture. Introducing EviKey NFC HSM – control your storage device with your smartphone, ensuring exclusive access even if your device is lost or stolen. Explore how EviKey NFC HSM works, its advantages, features, use cases, and how to utilize it.

What is EviKey NFC HSM?

EviKey  integrates an embedded electronic system that renders the storage device invisible to any computer or device when locked; this feature is known as the “undetectable mode.” To unlock this mode, bring your smartphone close to the device and authenticate using the Fullkey or Fullkey Plus app for NFC-enabled phones. The app sends a signal via NFC, making the device visible again. This can be done either by directly connecting it or by plugging the device into any computer or device after unlocking.

EviKey offers physical data protection against unauthorized access, theft, loss, or hacking. This is a unique and innovative feature not found in other secure storage devices.

EviKey is based on a patented invention by Freemindtronic, an Andorran company specializing in cybersecurity and bespoke security solutions. The patent describes a contactless secure data storage device comprising a wireless communication module, an access control module, a data storage module, a power management module, and an attack detection module. Additionally, it explains the undetectable mode, which makes the device invisible to any computer or device when locked.


EviKey NFC HSM offers numerous advantages compared to traditional storage media or password-protected secure storage devices:

  • Ease of use: Unlock your device with your smartphone, eliminating the need for passwords or memorization.
    Compatibility: It works seamlessly with all operating systems and devices, allowing you to use it on any computer, tablet, smartphone, game console, smart TV, and more, without requiring software or drivers.
  • Two types of storage media: Available in two formats – 8GB to 128GB USB keys and 256GB to 2TB SATA III SSDs, which are offered as white-label products under Freemindtronic’s license.
  • Security features: Protected by a PIN and/or an administrator code, it’s resistant to physical attacks, electromagnetic interference, and extreme temperatures.
    Additional Benefits of EviKey NFC HSM:
  • Security: EviKey NFC HSM functions as a USB key, allowing you to encrypt your data using your preferred system and algorithm. It remains immune to component or algorithm obsolescence, ensuring the ongoing security of your data. Enhancing security further, EviKey NFC HSM utilizes NFC authentication and anti-break-in functions.
  • Autonomy: EviKey operates independently, eliminating the need for external services or providers. It delivers instant functionality without necessitating account creation or user identification. EviKey NFC HSM does not collect or transmit personal or sensitive information about users or their devices. It operates in real-time, free from reliance on servers or databases.
  • Compatibility: EviKey is compatible with any data encryption system, enabling users to select and utilize their preferred encryption system alongside EviKey. Additionally, the device can store various elements related to digital identity, including public and private keys, digital certificates, authentication tokens, or biometric data.
  • Durability: EviKey NFC HSM requires no software or hardware updates to maintain its security and performance. It remains impervious to the effects of technological or legislative changes that may render other solutions obsolete. EviKey NFC HSM offers a sustainable and enduring data protection solution.

Compliance with Standards and Regulations

EviKey NFC HSM is committed to upholding various international standards and regulations, including:

  • ISO/IEC 14443 and ISO/IEC 15693 Standards: These standards define technical specifications and communication protocols for contactless smart cards and RFID tags. EviKey NFC aligns with these protocols, ensuring seamless compatibility.
  • ISO/IEC 27001 and ISO/IEC 27002 Standards: These standards establish stringent requirements and best practices for implementing robust information security management systems (ISMS). EviKey NFC HSM adheres to these standards, guaranteeing the highest level of data security.
  • International and European Data Protection Laws: EviKey NFC complies with various international and European laws governing personal data protection and privacy, including the General Data Protection Regulation (GDPR) and the Council of Europe Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data (Convention 108). Your data remains in safe hands, meeting all legal requirements.
  • NIST Password Recommendations: Following the guidelines set forth by the National Institute of Standards and Technology (NIST), EviKey NFC HSM enhances the security of memorized secrets, including passwords, PINs, and passphrases. Your data is fortified against unauthorized access.
  • NIST Cybersecurity Recommendations: EviKey NFC HSM adheres to the cybersecurity recommendations provided by NIST, offering a comprehensive framework for organizations to effectively manage risks associated with the security of their information systems. Your data is shielded with a robust security framework.

Furthermore, EviKey NFC HSM operates with an undetectable mode, rendering the device invisible when locked. This mode is effortlessly activated and deactivated via NFC using your smartphone, simplifying import and export operations without the need for additional encryption authorizations.

Moreover, EviKey NFC HSM incorporates a tamper-evident black box, meticulously recording all device-related events, including access attempts, code modifications, connections, errors, anomalies, and potential security breaches. This comprehensive log can serve as invaluable documentation in cases of disputes, audits, or as legal evidence.

It’s essential to note that the black box of EviKey NFC HSM can only be accessed by the user with access to the black box. It is not freely accessible. Thus, in case of disputes, it is the user who can provide the physical evidence. Remember, EviKey NFC HSM technology is not connected and operates in a completely anonymized manner. Freemindtronic not only prioritizes the security of your data but also diligently complies with international standards and regulations to provide you with a transparent and legally robust data protection solution.

Simplification of Import and Export Operations

EviKey NFC HSM improves data protection while enhancing convenience. This improvement stems from its ability to simplify import and export operations through its unique technology, which doesn’t rely on built-in encryption systems. Consequently, complex encryption authorizations and compliance with various international regulations become unnecessary.

Let’s explore specific scenarios where regulations differ based on the presence or absence of encryption systems in a product EviKey USB NFC HSM or EviKey SSD NFC HSM:

  • Europe: Export controls for dual-use goods, which include products with both civil and military applications or ties to weapons of mass destruction proliferation, are harmonized under community regulation. Encryption system-containing products fall into this category, specifically in category 5, part 2 of the regulation. Typically, exporters must secure prior authorization from their Member State authorities. Exceptions or general licenses may apply, but EviKey NFC technology, devoid of an embedded encryption system yet utilizing patented segmented key authentication for contactless memory access, circumvents this authorization requirement.
  • China: A dedicated regulation, the “Regulation on the Administration of Commercial Cryptography Technologies and Products,” governs products containing encryption systems. This mandates that manufacturers, distributors, and users meet specific requirements, including licensing or certification, adherence to national technical standards, submission to inspections or audits, and product-related information declaration. EviKey technology, without an embedded encryption system but featuring secure data storage, bypasses these stringent requirements.
  • Japan: The “Foreign Exchange and Foreign Trade Act” aims to prevent the illicit transfer of goods or technologies with potential use in nuclear weapons or other weapons of mass destruction. Controlled goods or technologies, including products with encryption systems, are categorized in list 1 or list 2 of the implementing regulation. Exporters usually need prior authorization from the Ministry of Economy, Trade and Industry (METI). Exceptions or general licenses may apply, but EviKey’s technology, lacking an embedded encryption system yet featuring an unfalsifiable black box, exempts users from this authorization.
  • South Korea: The “Strategic Trade Control Act” aims to prevent the illicit transfer of goods or technologies that can contribute to nuclear weapons or other weapons of mass destruction development. Controlled goods or technologies, including encryption system-equipped products, are classified in list 1 or list 2 of the implementing regulation. Exporters usually require prior authorization from the Ministry of Trade, Industry and Energy (MOCIE). Exceptions or general licenses may apply, but EviKey NFC technology, with no embedded encryption system yet offering compatibility with all encryption systems, negates the need for such authorization.

In conclusion, EviKey NFC HSM delivers secure and user-friendly data protection. Despite the absence of an embedded encryption system, it provides unmatched data security. Furthermore, it complies with diverse international standards and regulations, streamlining import and export processes without encryption system-related complications. Additionally, it integrates an unfalsifiable black box to meticulously record product-related events.

More information about EviKey USB NFC HSM

Advanced Self-Diagnostic and Protection System

EviKey NFC HSM incorporates an advanced self-diagnostic and protection system, which continuously monitors its operational status and takes appropriate actions in response to issues. This system consists of the following components:

  • Three thermal sensors: These sensors are strategically placed near the USB connector, the electrical protection and regulation system, and the primary active systems, including the PCB. They continuously measure the device’s temperature and, if overheating is detected, trigger an automatic thermal breaker. The breaker resets once the temperature returns to normal.
  • Asymmetrical electrical monitoring and protection system: This component is designed to detect voltage and current variations between power and the load. It acts as a safeguard against overvoltages, undervoltages, and overcurrents that could potentially harm the device or compromise data integrity.
  • Tamper-evident black box: EviKey NFC HSM’s black box diligently records all device-related events, including access attempts, code modifications, connections, errors, anomalies, and potential security breaches. This black box serves as a comprehensive and reliable history of device usage, which can prove invaluable in disputes, audits, or legal proceedings.
  • Two LEDs: These LEDs serve as indicators of the device’s status, recorded events, detected errors, and more. Detailed explanations of these LED codes can be found in the user manual.

Thanks to this sophisticated system, EviKey NFC HSM ensures the quality, reliability, and security of your storage devices. It not only alerts you to potential issues but also provides appropriate solutions. Furthermore, it offers real-time monitoring of flash memory usage, with all activities logged in the black box from the first device use.

Segmented Key Technology for Enhanced Access Control

EviKey NFC HSM employs a segmented secret key system based on distinct user profiles. These profiles include administrators, regular users, temporary users, and smartphones. The secret keys are distributed across both the smartphone and the device, residing in separate memory sections secured by the embedded system.

Each segment of the secret key possesses its own unique and random characteristics. Some segments are determined by the user’s PIN code. To reconstruct the complete secret key, one must effectively combine all individual segments. This process is facilitated by the NFC HSM technology’s embedded system, which meticulously validates each segment to grant access to the device’s physical memory.

This comprehensive process serves to make the secret key exceedingly challenging, if not practically impossible, to steal, intercept, or guess.

Resisting Replay Attacks

Replay attacks involve recording and reusing NFC signals exchanged between the smartphone and the device to unlock it without the code. EviKey NFC HSM resists such attacks through several features:

  • Usage of the industrial NFC 15693 standard, more robust and secure than the consumer-grade NFC 14443 standard, enabling reliable and fast contactless communication between the smartphone and the device.
  • Utilization of segmented secret keys, distributed between the smartphone and the device, with each segment being unique and random. Reconstructing the secret key requires gathering all segments using NFC HSM technology, which validates them to unlock physical memory access. This process makes stealing, intercepting, or guessing the secret key extremely challenging.
  • Employing a unique pairing key created during the initial use of the device, identifying the paired smartphone and rejecting any other. This key also prevents cloning the device or smartphone.
  • Usage of an independent and autonomous embedded system that validates all key segments, operating independently of the application. This system is physically disconnected from the USB port, preventing USB port attacks. Access control is only possible through contactless means, using the smartphone’s NFC signal, which also powers the security system independently.

Thanks to these features, EviKey NFC HSM makes replay attacks virtually impossible. Accessing the device requires the paired smartphone, paired device, password, and the secret key. If any of these elements are missing, the device remains locked and invisible, safeguarding data from unauthorized access, theft, loss, or hacking.

EviKey NFC HSM: Independent and Autonomous Embedded System

EviKey NFC HSM utilizes an embedded system that validates all key segments independently of the application. This system is physically disconnected from the USB port, preventing USB port attacks. Access control is only possible through contactless means, using the smartphone’s NFC signal, which also powers the security system independently.

The security system incorporates multiple protection mechanisms:

  • Memory access self-blocking by partitioning, preventing unauthorized reading or writing on the device.
  • Automatic erasure of temporary memory areas, removing all traces of key segments or codes after each device use.
  • Detection of replay attacks – recording and reusing NFC signals. The system verifies the authenticity and uniqueness of signals, rejecting duplicated or falsified ones.

Thanks to these mechanisms, EviKey NFC HSM makes replay attacks highly complex, if not impossible. It ensures data security and confidentiality.

How to Use EviKey NFC HSM

To utilize EviKey, follow these steps:

  1. Download and install the Fullkey NFC Android app or Fullkey Plus NFC Android app or Freemindtronic (FMT) NFC Android app on your NFC-enabled smartphone from the Google Play Store or Freemindtronic’s website.
  2. Launch the app and follow the instructions to pair your smartphone with the device. Enter the unique pairing code found on your device’s label and set a PIN and/or administrator code.
  3. Plug the device into a USB port on your computer or device. The device will be locked and invisible by default.
  4. Bring your smartphone close to the device and authenticate using the app. The device will unlock and become visible, granting normal data access.
  5. Once finished, unplug the device from the computer or device. It will automatically lock and become invisible.

Use Cases of EviKey NFC HSM: Versatility and Innovation

Enhanced Data Security with Versatile NFC Data Security Solutions

Discover the wide range of applications for boosting data security with NFC data security solutions like EviKey:

  1. Enhanced Data Storage Security:
    • Utilize NFC data security technology as a dongle to secure various storage devices.
    • Protect fixed SSDs, hard drives, or removable media, including USB keys and external SSDs, using NFC data security.
    • Enable TMP2.0 unlocking and encryption keys (e.g., BitLocker) for enhanced security.
    • Require contactless authentication through your smartphone and the NFC data security device for unmatched data protection.
  2. Streamlined SSH Key Authentication:
    • Ensure secure SSH key-based sessions with NFC data security.
    • Facilitate convenient access to remote servers and devices.
    • Your smartphone, paired with NFC data security, acts as an SSH key, enhancing security.
    • Encrypt, backup, restore, share, or send SSH keys using segmented key authentication.
  3. Robust Sensitive Information Management:
    • NFC data security serves as a secure vault for encrypted secrets.
    • Ideal for token management, identifier and password management, encryption key management, and segmented key management.
    • Ensure the highest levels of security when handling sensitive data.
    • Easily generate, input, scan, and transfer secrets with the FullKey+ app or Freemindtronic (FMT) app.
  4. Passwordless Contactless Authentication:
    • Manage a robust strongbox system for passwordless contactless authentication with NFC data security.
    • Utilize your smartphone and NFC data security for secure authentication across applications and services.
    • Simplify the management, backup, restoration, sharing, sending, and storage of passwordless contactless credentials with the FullKey+ app or Freemindtronic (FMT) app.
  5. Efficient Web Authentication:
    • Store and manage web authentication keys securely with NFC data security.
    • Seamlessly integrate with standards like WebAuthn and Web3.0 for reliable web authentication.
    • Simplify web authentication key management with the FullKey+ app or Freemindtronic (FMT) app.

One standout example of NFC data security’s application is its role in PassCypher HSM—a real-time token authentication manager. This innovation revolutionizes password and identifier management, eliminating the need for servers or databases. It seamlessly integrates with other Freemindtronic technologies, including EviCore HSM OpenPGP, EviPass NFC HSM, and EviCore NFC HSM Browser Extension.

These dynamic use cases highlight the adaptability and ingenuity of NFC data security technology, underscoring its relevance across diverse scenarios while ensuring robust data security.

Where to Find and Purchase EviKey NFC HSM-Enabled Storage Devices

You can find and purchase EviKey NFC HSM-enabled storage devices on Freemindtronic’s website or through its partners like Syselec Group, RS Pro, PassCypher HSM. You can also contact Freemindtronic for a customized quote or to become an authorized distributor.

Innovative NFC Data Security Solutions for Enhanced Data Protection

In summary, NFC data security solutions like EviKey offer a range of benefits that empower users to safeguard their data conveniently and effectively. Here’s a concise recap of the key advantages:

  • Streamlined Data Security: EviKey simplifies data security by enabling smartphone-based protection, eliminating the need for passwords, complex software, or encryption systems.
  • Physical Data Protection: NFC data security ensures robust physical data protection. It guards against unauthorized access, theft, or data breaches, providing an additional layer of security.
  • Universal Compatibility: Enjoy seamless compatibility with all major operating systems and devices. This universality makes EviKey a versatile solution suitable for diverse environments and devices.
  • Customizable Storage Options: Choose from a range of customizable storage media. Options include NFC HSM USB keys and NFC HSM SATA SSDs, allowing you to tailor your data protection to your specific needs.
  • Stringent Compliance: EviKey complies with international standards and regulations. This commitment ensures that your data remains protected and that you operate within the bounds of the law, adding a legal dimension to your data security.
  • Resilience Against Attacks: EviKey offers resistance to brute-force and replay attacks. These security measures further strengthen your data protection strategy, making it more resilient to potential threats.
  • Quality Assurance: EviKey safeguards the quality and authenticity of your storage devices. This assurance means that you can trust the integrity of your data and storage solutions.
  • User-Friendly Management: Easily manage EviKey with the user-friendly Fullkey or Fullkey Plus app, designed specifically for NFC-enabled smartphones. This convenience simplifies the process of securing and accessing your data.
  • White-Label Products: Explore white-label product options under Freemindtronic’s license. Freemindtronic is a renowned Andorran cybersecurity company specializing in tailored security solutions. This association ensures that you have access to high-quality, trusted products.

In essence, NFC data security solutions redefine data protection paradigms by combining convenience, versatility, and robust security. Elevate your data security strategy with EviKey and experience the future of secure data management.

Comments are closed.