Tag Archives: EviCore NFC HSM

image_pdfimage_print
2023, Articles, EviCore HSM OpenPGP Technology, EviCore NFC HSM Technology, NFC HSM technology, Technical News, Technologies

Quantum computing RSA encryption: a threat and a solution

Posted on by FMTAD
Quantum computing RSA encryption
12
Nov
Quantum computing RSA encryption by Jacques Gascuel: This article will be updated with any new information on the topic.

Quantum computers RSA cryptography: how to secure your data

Quantum computers can break RSA encryption, which secures our online data. But there are solutions that are resistant to quantum attacks. One of them is Freemindtronic, an Andorran company that notably uses NFC HSM technology to share AES-256 keys using RSA-4096 encryption, which quantum computers cannot decipher.

Cardokey NFC vCard Business: Edit, Read, and Import Contacts Seamlessly on iPhone.

2024 Articles Cardokey EviSwap NFC NDEF Technology GreenTech Technical News

NFC vCard Cardokey: Revolutionizing Digital Networking
March 25, 2024
Cardokey NFC vCard Business: Edit, Read, and Import Contacts Seamlessly on iPhone.

2023 Articles Cardokey Eco-friendly EviSwap NFC NDEF Technology GreenTech

NFC Business Cards with Cardokey free for life: How to Connect without Revealing
November 8, 2023

2023 Articles Cyberculture Eco-friendly Electronics GreenTech Technologies

The first wood transistor for green electronics
April 29, 2023
Hardware Secrets Manager, Eco-friendly, NFC devices, works contactless from Freemindtronic is sustainable technology respects the environment design & product made in Andorra

Eco-friendly GreenTech

Hardware secrets manager Eco-friendly
April 25, 2021

Quantum computing RSA encryption: a challenge and a solution

Quantum computing RSA encryption is a challenge for online security. Quantum computing is a new way of computing that uses quantum physics. It can do things that classical computers cannot or are too slow to do. One of these things is breaking RSA encryption, which secures data online. RSA encryption is based on the difficulty of factoring large numbers. Quantum computers can factor large numbers faster than classical computers. They use algorithms like Shor’s algorithm, which exploits quantum properties.

However, this threat is not imminent. Building and using quantum computers is still challenging and uncertain. Two recent announcements claimed to have cracked RSA encryption with quantum systems. But they have not been verified. The experts are skeptical and doubtful. They have not provided any evidence or details. They have made unrealistic or too good to be true claims. They have not been peer-reviewed or reproduced.

What is RSA encryption?

RSA encryption is a type of asymmetric encryption. It uses two keys: a public key and a private key. The public key can be shared with anyone, but the private key must be kept secret. They are mathematically related, but it is very hard to find the private key from the public key.

How does RSA encryption work?

RSA encryption uses large prime numbers to generate the keys. The public key and the private key are based on the product of two prime numbers. It is easy to multiply two prime numbers, but very hard to factor their product. For example, 17 x 23 = 391, but finding that 391 = 17 x 23 is much harder.

RSA encryption uses keys that are 2048 or 4096 bits long. These are numbers that have 2048 or 4096 binary digits (0 or 1). They are so large that it would take billions of years for a classical computer to factor them. Therefore, RSA encryption is very secure and widely used for online security.

What is quantum computing and how does it work?

Quantum computing is a new way of computing that uses quantum physics. It can do things that classical computers cannot or are too slow to do. Here is how it works:

  • Qubits: Quantum computers use quantum bits, or qubits. They can be 0 or 1, or both at the same time. This is called superposition. When we measure a qubit, it becomes either 0 or 1. This gives us more information than a classical bit, which is always 0 or 1.
  • Entanglement: Quantum computers can also use entanglement. This is when two qubits share a quantum state and affect each other, even if they are far apart. This allows us to manipulate multiple qubits at once and create complex quantum states.
  • Parallelism: Quantum computers can use these properties to perform parallel computations. This means they can do many calculations at the same time, using fewer qubits than classical bits. This can speed up some tasks that are hard for classical computers.

One of these tasks is breaking RSA encryption, which is based on factoring large numbers. Quantum computers can use a quantum algorithm, called Shor’s algorithm, to factor large numbers faster than classical computers. This can break RSA encryption by finding the private key from the public key. However, this requires a quantum computer with many qubits and low errors, which we do not have yet.

Quantum computing RSA encryption: a challenge and a solution

The ability to find an RSA private key from its public key by a quantum computer poses a serious threat to online security. However, this threat is not imminent, as there are still many challenges and uncertainties in building and using quantum computers. Two recent announcements have claimed to have cracked RSA encryption with quantum systems, but they have not been verified and have been met with skepticism and doubt from the experts. They have not provided any evidence or details of their work. They have made assumptions and claims that seem unrealistic or too good to be true. They have not been peer-reviewed or reproduced by other sources.

How quantum computers can break RSA encryption

RSA encryption is a type of asymmetric encryption. It uses two keys: a public key and a private key. The public key can be shared with anyone, but the private key must be kept secret. They are mathematically related, but it is very hard to find the private key from the public key.

RSA encryption uses large prime numbers to generate the keys. The public key and the private key are based on the product of two prime numbers. It is easy to multiply two prime numbers, but very hard to factor their product. For example, 17 x 23 = 391, but finding that 391 = 17 x 23 is much harder.

RSA encryption uses keys that are 2048 or 4096 bits long. These are numbers that have 2048 or 4096 binary digits (0 or 1). They are so large that it would take billions of years for a classical computer to factor them. Therefore, RSA encryption is very secure and widely used for online security.

Quantum computers can break RSA encryption by finding the prime factors of the composite number that is used to generate the public and private keys. Once the prime factors are known, the private key can be easily calculated from the public key, and the encrypted messages can be decrypted. Quantum computers can use a quantum algorithm, called Shor’s algorithm, to factor large numbers faster than classical computers. Shor’s algorithm can factor a large number in polynomial time, which means that the time it takes to factor a number grows relatively slowly as the number gets larger. In contrast, the best classical algorithms for factoring are exponential, which means that the time it takes to factor a number grows very fast as the number gets larger.

Two claims of breaking RSA encryption with quantum systems

Two recent announcements have raised concerns about quantum computing RSA encryption. One is from a team of Chinese researchers, who published a paper on arXiv in December 2022. They claim to have found a faster way to break RSA encryption with a quantum computer of 372 qubits. They combine a classical algorithm, called Schnorr’s algorithm, with a quantum algorithm, called QAOA (Quantum Approximate Optimization Algorithm). Schnorr’s algorithm is a method of factoring large numbers that uses a probabilistic approach and a lattice reduction technique. QAOA is a method of finding approximate solutions to optimization problems using a quantum computer.

The researchers say that by applying QAOA to the most computationally intensive step of Schnorr’s algorithm, they can reduce the number of qubits and the number of operations needed to factor a large number. They also say that they tested their method on a 10-qubit quantum computer and succeeded in factoring a 48-bit number. They extrapolate that their method can scale to factor a 2048-bit number, which is the standard for RSA encryption.

The other announcement is from a researcher named Ed Gerck, who posted on LinkedIn in November 2023. He claims to have decrypted RSA-2048 encryption, the most used public-key algorithm, with a quantum system implementable on a smartphone or a PC running Linux. He says that he developed a quantum algorithm that can calculate prime numbers faster than Shor’s algorithm and that he proved several mathematical conjectures, such as Goldbach’s conjecture. He published an excerpt of his work, but has not provided any proof or detail of his method.

Both announcements are not verified and have been met with skepticism and doubt from the experts. They have not provided any evidence or details of their work. They have made assumptions and claims that seem unrealistic or too good to be true. They have not been peer-reviewed or reproduced by other sources.

Quantum computing RSA encryption: possible solutions

How to protect RSA encryption from quantum attacks?

However, this announcement is not yet verified, and it raises many questions in the scientific community. It is therefore premature to draw hasty conclusions, and we must wait for the publication of the evidence of his work. It is also possible that RSA encryption can be adapted to resist quantum attacks, for example by increasing the length of the keys, or by using masking techniques. In addition, there are alternatives to RSA encryption, supposed to be more robust against quantum computing. These are post-quantum cryptography algorithms, based on other mathematical problems that are difficult to solve for quantum computers. Post-quantum cryptography is a very active field of research, which aims to anticipate the threats that quantum computers would pose to the security of communications. There are several potential candidates to replace RSA encryption, but they must be evaluated and compared in order to choose the most suitable ones for different needs and constraints. The NIST has launched an international competition to select and standardize the best post-quantum encryption algorithms, which should be ready by 2024.

What are the alternatives to RSA encryption?

Some of the alternatives to RSA encryption that are considered to be more resistant to quantum attacks are:

  • Lattice-based cryptography: This is based on the hardness of finding the shortest vector in a high-dimensional lattice, or the closest vector to a given point. Lattice-based cryptography has the advantage of being fast, versatile, and allowing for advanced features such as homomorphic encryption and digital signatures. Some examples of lattice-based algorithms are NTRU, BLISS, and NewHope.
  • Code-based cryptography: This is based on the hardness of decoding a general linear code, or finding the error vector in a noisy transmission. Code-based cryptography has the advantage of being simple, efficient, and having a long history of security analysis. Some examples of code-based algorithms are McEliece, Niederreiter, and BIKE.
  • Multivariate cryptography: This is based on the hardness of solving a system of multivariate polynomial equations over a finite field. Multivariate cryptography has the advantage of being compact, flexible, and allowing for various applications such as encryption, signatures, and identification. Some examples of multivariate algorithms are Rainbow, HFE, and GeMSS.
  • Hash-based cryptography: This is based on the hardness of finding collisions or preimages for a cryptographic hash function. Hash-based cryptography has the advantage of being simple, provably secure, and relying on minimal assumptions. Some examples of hash-based algorithms are XMSS, SPHINCS, and LMS.

How Freemindtronic protects data with RSA-4096 and NFC technology

Freemindtronic is an Andorran company that specializes in security and cybersecurity of information and computer systems. It designs and develops products and services based on NFC (Near Field Communication) technology, which allows wireless communication at short distance.

The HSM of Freemindtronic: devices that store and protect cryptographic keys

One of the products of Freemindtronic is the HSM (Hardware Security Module), which is a device that stores and protects cryptographic keys. The HSM of Freemindtronic uses two technologies: EviCore HSM OpenPGP and EviCore NFC HSM.

  • EviCore HSM OpenPGP is an implementation of the OpenPGP standard, an open standard for encryption and signature of data. It can manage symmetric and asymmetric encryption keys, both standard and OpenPGP. It can also create HSM on any type of storage device, such as key store, key chain, SD card, SSD, USB drive, NAS, cloud, etc. It can work in fixed, offline, or online mode (LAN/WAN).
  • EviCore NFC HSM is a technology that allows to share AES-256 standard keys using RSA-4096 standard encryption. It works without contact with NFC HSM, which use a pair of RSA-4096 keys for secret sharing (AES-256 encryption keys).

The AES-256 standard: a type of symmetric encryption with high level of security

The AES-256 standard is a type of symmetric encryption, which means that it uses the same key to encrypt and decrypt messages. The AES-256 standard offers a high level of security, as it uses keys that are 256 bits long, which are very hard to crack by brute force. The AES-256 standard is widely used for encrypting data and communications, such as files, emails, or messages.

The RSA-4096 encryption: a type of asymmetric encryption that protects the AES-256 keys from quantum attacks

However, the AES-256 standard requires that the key be securely transmitted between the sender and the receiver, without being intercepted, modified, or forged by an attacker. This is where the RSA-4096 encryption comes in, as it provides a way to protect the AES-256 keys from quantum attacks.

The RSA-4096 encryption is a type of asymmetric encryption, which means that it uses two different keys to encrypt and decrypt messages: a public key and a private key. The public key can be shared with anyone, while the private key must be kept secret. The RSA-4096 encryption uses keys that are 4096 bits long, which are out of reach of the current or future quantum computers. The RSA-4096 encryption can encrypt the AES-256 keys with the public key of the receiver, and decrypt them with the private key of the receiver. Thus, only the receiver can access the AES-256 keys, and use them to encrypt or decrypt the messages. The RSA-4096 encryption can also sign the AES-256 keys with the private key of the sender, and verify them with the public key of the sender. Thus, the receiver can ensure the identity of the sender, and the integrity of the AES-256 keys.

The RSA-4096 encryption is therefore an effective way to protect the AES-256 keys from quantum attacks, as it uses keys that are 4096 bits long, which are out of reach of the current or future quantum computers.

The RSA-4096 encryption is also a practical way to share the AES-256 keys between the HSM, as it uses the NFC technology, which allows wireless communication at short distance. The RSA-4096 encryption is therefore a major asset for the technologies of Freemindtronic, which offer an optimal security for the encryption of data.

Conclusion

Quantum computing is a new paradigm of computing that could break RSA encryption, the most common encryption method on the internet. With only 372 qubits, a quantum computer could break RSA encryption, exposing our online data and communications. However, there are solutions and alternatives that can resist quantum attacks. One of them is Freemindtronic, an Andorran company that uses NFC technology to share AES-256 standard keys using RSA-4096 standard encryption, which is beyond the reach of quantum computers. Freemindtronic’s technologies are based on the EviCore HSM OpenPGP and the EviCore NFC HSM, which are hardware devices that store and protect cryptographic keys. EviCore HSM OpenPGP transforms your smartphone, tablet or computer into a hardware security module compatible with the OpenPGP standard. EviCore NFC HSM allows you to store and use your crypto keys and secrets in a contactless NFC device, such as a card, a sticker, or a keychain. Both technologies offer features such as offline isolation, seamless integration, enhanced user experience, and multi-factor authentication. Therefore, Freemindtronic’s technologies are innovative and secure solutions for data and communication encryption, which can withstand quantum attacks and ensure the privacy and integrity of online activities.

Articles, Cryptocurrency, Digital Security, Technical News

Securing IEO STO ICO IDO and INO: The Challenges and Solutions

Posted on by FMTAD
Securing IEO STO ICO IDO INO the challenges and solutions EviCore NFC HSM by Freemindtronic
14
Jun

  Securing IEO STO ICO IDO and INO by Jacques Gascuel This article will be updated with any new information on the topic, and readers are encouraged to leave comments or contact the author with any suggestions or additions.

Enhancing Security: Securing IEO STO ICO IDO and INO

Cryptocurrencies are digital assets that can be used to buy goods and services, invest in projects, or trade on online platforms. In this article, we will explore the importance of securing IEOs, STOs, ICOs, IDOs, and INOs and how you can protect your investments using EviCore NFC HSM technology.

Shadowy hacker with a laptop in front of a digital map of Russia highlighted in red, symbolizing the origin of Kapeka Malware.

2024 Digital Security

Kapeka Malware: Comprehensive Analysis of the Russian Cyber Espionage Tool
April 18, 2024
A modern cybersecurity control center with a diverse team monitoring national cyber threats during the Andorra National Cyberattack Simulation.

2024 Cyberculture Digital Security News Training

Andorra National Cyberattack Simulation: A Global First in Cyber Defense
April 15, 2024
Illustration of an Apple MacBook with a highlighted M-series chip vulnerability, surrounded by symbols of data security breach and a global impact background.

2024 Digital Security

Apple M chip vulnerability: A Breach in Data Security
March 25, 2024
Digital world map with cybersecurity icons representing the Cybersecurity Breach at IMF.

2024 Digital Security

Cybersecurity Breach at IMF: A Detailed Investigation
March 15, 2024
Digital world map showing cyberattack paths with Midnight Blizzard, Microsoft, HPE logos, email symbols, and password spray illustrations.

2024 DataShielder Digital Security PassCypher Phishing

Midnight Blizzard Cyberattack Against Microsoft and HPE: What are the consequences?
March 10, 2024
PrintListener technology concept with NFC security solutions.

2024 Digital Security

PrintListener: How to Betray Fingerprints
February 22, 2024
A visual representation of BitLocker Security featuring a central lock icon surrounded by elements representing Microsoft, TPM, and Windows security settings.

2024 Articles Digital Security News

BitLocker Security: Safeguarding Against Cyberattacks
February 10, 2024
Digital shield by Freemindtronic repelling cyberattack against Microsoft Exchange

2024 Articles Digital Security News

How the attack against Microsoft Exchange on December 13, 2023 exposed thousands of email accounts
February 8, 2024

Discover our other articles on digital security

Securing IEO STO ICO IDO and INO: How to Protect Your Crypto Investments

Cryptocurrencies are digital assets that can be used to purchase goods and services, invest in projects, or trade on online platforms. They are built on blockchain technology, which is a decentralized system that records and verifies transactions without intermediaries. However, to securely and conveniently store your private keys and seed phrases, thus ensuring the security of your funds in Securing IEO STO ICO IDO and INO, you need a wallet that stores your private keys and seed phrases. These pieces of data enable you to access and control your funds on the blockchain

But how can you securely and conveniently store your private keys and seed phrases in Securing IEO STO ICO IDO and INO? How can you prevent losing them or falling victim to hackers or scammers? And how can you participate in various forms of cryptocurrency crowdfunding, such as ICOs, IEOs, STOs, IDOs, and INOs, without risking your funds?

In this article, we will address these questions and explain how to protect your private keys and starter phrases using NFC (Near Field Communication) HSM. We will also compare different cryptocurrency crowdfunding models and show how to store your private keys and starter phrases with EviCore NFC HSM technology for each of these models.

By reading this article, you will learn:

  • What ICOs, IEOs, and STOs are and how to participate in Securing IEO STO ICO IDO and INO.
  • The significance of seed phrases and private keys in Securing IEO STO ICO IDO and INO.
  • The features and functionality of EviCore HSM technology in Securing IEO STO ICO IDO and INO.
  • How to securely store your seed phrases and private keys using EviCore NFC HSM technology across various use cases in Securing IEO STO ICO IDO and INO.

If you have an interest in cryptocurrencies and want to understand how to secure your funds with EviCore HSM technology in Securing IEO STO ICO IDO and INO, please continue reading!

What are ICOs, IEOs, STOs, IDOs and INOs?

Cryptocurrencies are virtual digital assets that rely on blockchain technology, a decentralized and encrypted ledger that records all transactions conducted on the network. Cryptocurrencies enable their user community to engage in transactions without the use of traditional currencies and also fund innovative projects through cryptocurrency fundraisers.

A cryptocurrency fundraiser involves issuing tokens in exchange for cryptocurrencies. Tokens are digital units that represent a right or value associated with the funded project. There are various types of cryptocurrency fundraisers based on factors such as the nature of the tokens issued, the platform used for transactions, the involvement of trusted third parties, and the level of regulatory oversight. Let’s take a closer look at the main types of cryptocurrency fundraisers in Securing IEO STO ICO IDO and INO:

ICO (Initial Coin Offering)

An ICO is a fundraising operation in which a company issues tokens that investors subscribe to mainly with cryptocurrencies. These tokens can have different functions, depending on the project funded:

  • Utility tokens, which give access to a service or a platform developed by the company.
  • Governance tokens, which allow holders to participate in the strategic decisions of the project.
  • Security tokens, which represent a share of the capital or the revenues of the company.

An ICO usually takes place in several stages:

  • The presale, where investors can buy the tokens at a discounted price, often with a minimum amount required.
  • The public sale, where the tokens are made available to the general public, often with a maximum amount to be raised.
  • The distribution, where the tokens are sent to investors on their wallets..

The advantages of an ICO for investors are:

  • The possibility to support innovative and promising projects.
  • The possibility to benefit from a high capital gain if the project succeeds and the value of the tokens increases.
  • The possibility to diversify your portfolio with digital assets.

The disadvantages of an ICO for investors are:

  • The risk of losing all or part of your investment if the project fails or if the tokens lose their value.
  • The risk of falling for a scam or a fraud, as ICOs are poorly regulated and controlled. The risk of not being able to resell your tokens easily, as there is not always a liquid secondary market.Depending on the country where the ICO takes place, there may be rules to follow, especially in terms of investor protection, anti-money laundering or taxation. Therefore, it is advisable to check the legal status and the compliance of the ICO before investing. Some countries have banned or restricted ICOs, while others have issued guidelines or regulations to ensure their transparency and security.

IEO (Initial Exchange Offering)

An IEO is a fundraising operation in which a company issues tokens on a cryptocurrency exchange platform. The exchange acts as an intermediary between the company and investors, providing security, liquidity, and visibility for the token sale. Investors can purchase tokens using cryptocurrencies or fiat money, depending on the exchange.

An IEO typically involves a single stage:

  • Public sale: Tokens are sold on the exchange platform within a limited time frame and at a fixed price.

Advantages of IEOs for investors include:

  • Enhanced security, liquidity, and visibility compared to ICOs.
  • Access to vetted and quality projects that have been approved by the exchange.
  • Ability to trade tokens immediately after the sale on the same exchange.

Disadvantages of IEOs for investors include:

  • Dependence on a centralized intermediary that controls the token sale process and charges fees.
  • Need to comply with stricter rules and regulations imposed by the exchange and jurisdiction.
  • Risk of missing out on opportunities due to high demand and limited token supply.

STO (Security Token Offering)

An STO is a fundraising operation in which a company issues tokens that represent securities, such as shares or bonds. These tokens are backed by real assets, and investors can purchase them using cryptocurrencies or fiat money, depending on the platform.

STOs typically involve one or more stages:

  • Private sale: Accredited investors can buy tokens at a discounted price, often with a minimum investment requirement.
  • Public sale: Qualified investors can purchase tokens at a fixed price, often with a maximum fundraising amount.

Advantages of STOs for investors include:

  • Opportunity to invest in regulated and compliant projects that offer legal protection and transparency.
  • Potential for real value and returns from the underlying assets of the company.
  • Access to new markets and opportunities that were previously reserved for institutional investors.

Disadvantages of STOs for investors include:

  • Need for accreditation or qualification based on strict criteria set by regulators and platforms.
  • Lack of liquidity and availability compared to utility tokens or cryptocurrencies.
  • Complexity and cost associated with issuing and managing security tokens on blockchain platforms.

IDO (Initial Dex Offering)

An IDO is a fundraising operation in which a company issues tokens on a decentralized protocol for exchanging cryptocurrencies, known as a DEX (Decentralized Exchange). Investors can purchase tokens directly on the DEX without going through a centralized platform or intermediary.

Advantages of IDOs for investors include:

  • Speed and simplicity of the process, as it does not require identity verification or prior fund deposits.
  • Transparency and security of transactions, as they are conducted on the blockchain without reliance on a trusted third party.
  • Liquidity and accessibility of tokens, which are immediately available on the secondary market and can be exchanged for other cryptocurrencies.

Disadvantages of IDOs for investors include:

  • Technical and operational risks associated with decentralized protocols that may have vulnerabilities or bugs.
  • Regulatory and legal risks due to the lack of a clear and harmonized legal framework for cryptocurrency fundraisers.
  • Volatility and speculation risks arising from high demand and limited token supply.

INO (Initial NFT Offering)

An INO is a fundraising operation in which a company issues non-fungible tokens, called NFTs (Non-Fungible Tokens). NFTs are unique and indivisible digital assets that can represent works of art, collectibles, virtual or real goods. Investors can purchase NFTs using cryptocurrencies on specialized platforms.

Advantages of INOs for investors include:

  • Support for creative and original projects that leverage the blockchain’s potential to create value.
  • Possibility to benefit from exclusive and inalienable ownership rights over NFTs, certified by the blockchain and immune to duplication or falsification.
  • Opportunity to resell NFTs on a growing and demanding secondary market.

Disadvantages of INOs for investors include:

  • Risk of overvaluation and speculative bubbles due to the current frenzy around NFTs and their artificial scarcity.
  • Potential for counterfeiting and plagiarism, as effective legal protection for copyrights and trademarks is lacking.
  • Environmental and ethical concerns related to the high energy consumption and negative externalities generated by the blockchain.

Comparison Table of Different Cryptocurrency Crowdfunding Models

Below is a comprehensive table comparing different crowdfunding models in cryptocurrency:

Crowdfunding modelDefinitionAdvantagesDisadvantages
ICOFundraising in cryptocurrency by issuing tokens that can have various functionsSupport innovative projects, benefit from high potential gain, diversify portfolioRisk losing investment, fall for scam, not be able to resell tokens easily, face regulatory uncertainty
IEOFundraising in cryptocurrency by issuing tokens on an exchange platform that acts as a trusted intermediaryBenefit from better security, liquidity and visibility than ICOs, access a wider pool of investors and projectsDepend on a centralized intermediary, pay higher fees, comply with stricter rules, face platform risk
STOFundraising in cryptocurrency by issuing tokens that represent securities such as shares or bondsInvest in regulated and compliant projects, benefit from real value and returns, access new markets and opportunities, reduce intermediation costsBe accredited or qualified, face lack of liquidity and availability, deal with complexity and cost, follow different regulations depending on jurisdictions
IDOFundraising in cryptocurrency by issuing tokens on a decentralized exchange protocol that eliminates intermediariesEnjoy speed and simplicity of the process, ensure transparency and security of transactions, access liquidity and accessibility of tokensFace technical and operational risk, cope with regulatory and legal risk, deal with volatility and speculation
INOFundraising in cryptocurrency by issuing non-fungible tokens that represent unique and indivisible digital assetsSupport creative and original projects, benefit from exclusive and inalienable ownership of NFTs, resell NFTs on a growing and demanding marketDeal with overvaluation and speculative bubble, encounter counterfeiting and plagiarism issues, consider environmental and ethical impact

Comprehensive Table of Blockchains Supporting ICOs, IEOs, STOs, IDOs, and INOs

Here is a table showcasing the support for ICOs, IEOs, STOs, IDOs, and INOs across different blockchains, focusing on Securing IEO STO ICO IDO and INO:

BlockchainICO supportIEO supportSTO supportIDO supportINO supportBIP32 supportBIP39 supportBIP44 support
EthereumYesYesYesYesYesYesYesYes
Binance Smart Chain (BSC)YesYesYesYesYesYesYesYes
Cardano (ADA)NoNoNoYesNoYesYesYes
Solana (SOL)YesYesNoNoNoYesNoYes
Avalanche (AVAX)YesYesYesNoNoYesYesNo
Cosmos (ATOM)YesYesYesYesYesYesYesNo
Algorand (ALGO)YesYesYesYesYesYesYesNo
Stellar (XLM)YesNoYesNoNoYesYesYes

What are seed phrases and private keys?

Seed phrases and private keys are essential for accessing and controlling your funds in cryptocurrency. If they are lost or stolen, you may permanently lose access to your cryptocurrencies.

Seed phrase

A seed phrase, also known as a secret phrase, is a sequence of words, typically consisting of 12 or 24 words, that allows you to restore your crypto wallet in case of loss or theft. These words are selected in a specific order from a dictionary containing thousands of words. The seed phrase is essentially a more human-readable representation of a private key and can generate an unlimited number of public-private key pairs.

The public key is the address to which you can receive cryptocurrencies on the blockchain, similar to an IBAN for a bank account. The private key enables you to control the funds associated with a public key and initiate transactions from that address. Public and private keys are always generated as pairs.

The seed phrase is crucial for accessing your wallet and funds, and it must be kept secure and confidential. If lost or stolen, there is no way to recover it or block access to your funds.

Private key

A private key is a string of random letters and numbers generated by your wallet when it is created. It is used for encrypting and decrypting data using public-key cryptography. The private key grants access to your funds and enables you to initiate transactions on the blockchain.

A private key looks like this: 5Kb8kLf9zgWQnogidDA76MzPL6TsZZY36hWXMssSzNydYXYB9KF

You should never share your private key with anyone or store it digitally or online. If your private key is lost or stolen, you will lose access to your funds permanently.

How to Secure Your Funds in Securing IEO STO ICO IDO and INO

To participate in an ICO, IEO, STO, IDO, or INO and ensure the security of your funds in Securing IEO STO ICO IDO and INO, you need a wallet that is compatible with the tokens being issued and the accepted cryptocurrency. There are different types of wallets available, each offering varying levels of security and convenience.

Online Wallets (Web Wallets): These wallets are accessible through a web browser. While they are easy to use, they are susceptible to hacking and theft. It is important to choose a reputable and secure online wallet.

Mobile Wallets: These wallets are installed on smartphones and provide convenience for daily transactions. However, they are vulnerable to malware and the risk of losing the phone. Ensure you have proper security measures in place for your mobile wallet, such as enabling device passcodes and biometric authentication.

Software Wallets: These wallets are downloaded and installed on a computer. They offer greater security compared to online or mobile wallets, but their reliability depends on the security of the hardware and software. Keep your computer updated with the latest security patches and use reputable wallet software.

Hardware Wallets: These physical devices are specifically designed for storing private keys. They provide the highest level of security by isolating private keys from the internet. Hardware wallets, such as Ledger or Trezor, are recommended for secure storage of your private keys in Securing IEO STO ICO IDO and INO.

Regardless of the type of wallet you choose, there are some basic rules to follow to secure your funds in Securing IEO STO ICO IDO and INO:

  1. Never share your seed phrase or private key with anyone, and avoid storing them digitally or online.
  2. Make a backup copy of your seed phrase or private key on a physical medium such as paper, metal, or plastic. Store them in secure locations.
  3. Use a strong password and PIN code to protect your wallet from unauthorized access.
  4. Regularly update your wallet software to fix any bugs or vulnerabilities.
  5. Utilize reputable antivirus and firewall software to protect your device from malware and hackers.

By following these security practices, you can significantly reduce the risk of losing your funds and ensure the safety of your investments in Securing IEO STO ICO IDO and INO.

Now, let’s explore how you can enhance the security and simplicity of your cryptocurrency transactions by using EviCore NFC HSM technology.

EviCore NFC HSM is a solution that safeguards your seed phrases and private keys in cryptocurrency using Near Field Communication (NFC) technology. With EviCore NFC HSM, you can store your seed phrases and private keys in an encrypted NFC tag or card, protected by a segmented key. This tag or card allows you to restore your wallet on any NFC-compatible device without exposing your sensitive data to the internet.

EviCore NFC HSM is compatible with major cryptocurrency wallets such as Ledger, Trezor, Metamask, Trust Wallet, and more. It also works seamlessly with popular cryptocurrency exchange platforms like Binance, Coinbase, and Kraken. This ensures optimal security and ease of managing your funds in cryptocurrency.

Here’s a step-by-step guide on how to use EviCore NFC HSM to secure your seed phrases and private keys in cryptocurrency:

  1. Download the application that incorporates the EviCore NFC HSM technology on your NFC-compatible Android smartphone.
  2. Pair the NFC HSM device with your smartphone using the unique pairing key.
  3. Translate to English: Add the seed phrase by simply clicking on the multi-language BIP39 words provided during the creation of your secure cryptocurrency wallet, without typing anything on the keyboard, as EviCore NFC HSM performs real-time checksum verification of the seed phrase before securely encrypting and storing it in the NFC device.
  4. You can also add the private key derived from the seed phrase without entering or scanning its QR code through the Android NFC application, which will automatically encrypt and store it in the NFC device in less than 5 seconds. You just need to indicate beforehand which blockchain your derived key belongs to before the registration pro

By utilizing EviCore NFC HSM, you can secure your seed phrases and private keys with maximum security and unparalleled ease of use. You no longer need to worry about losing or having your sensitive data stolen, as you can store them in a physical device that can be carried with you wherever you go. Additionally, you can securely share your seed phrases and private keys with others using encrypted RSA-4096 public keys or segmented key authentication, making it easier to transmit funds to your heirs.

EviCore NFC HSM technology is the ideal solution for securing your seed phrases and private keys in cryptocurrency, enabling you to fully embrace the opportunities offered by cryptocurrencies while minimizing unnecessary risks. If you’re interested in this innovative solution, visit Freemindtronic’s website or contact them for more information.

Additionally, if you’re seeking an alternative method to secure your crypto fundraising, you may consider EviCore HSM OpenPGP technology. This technology transforms your Android or iPhone into a hardware security module (HSM) for encrypting and storing your crypto keys. It leverages the highly secure OpenPGP standard, known for its reliability and security. To learn more about this technology and how it can help you safely fund your blockchain project, you can refer to this article link

Conclusion

In this article, we have provided insights into participating in various forms of cryptocurrency crowdfunding, including ICOs, IEOs, STOs, IDOs, and INOs. We have emphasized the importance of securing your seed phrases and private keys in Securing IEO STO ICO IDO and INO and introduced EviCore NFC HSM technology as a solution. By adopting EviCore NFC HSM, you can enhance the security and simplicity of your cryptocurrency transactions while mitigating risks. We hope this article has been informative and valuable to you. Should you have any questions or comments, feel free to leave them below.

Thank you for reading, and happy investing in Securing IEO STO ICO IDO and INO!

Digital Security, EviToken Technology, Technical News

EviCore NFC HSM Credit Cards Manager | Secure Your Standard and Contactless Credit Cards

Posted on by FMTAD
NFC Hardware Wallet Credit Card Manager PCI DSS Compliant EviToken Technology working contactless by nfc phone online autofill payment from Freemindtronic Andorra
14
Jun

EviCore NFC HSM Credit Cards Manager by Jacques Gascuel This article will be updated with any new information on the topic, and readers are encouraged to leave comments or contact the author with any suggestions or additions.

Discover EviCore NFC HSM: the revolutionary technology to secure your financial secrets

EviCore NFC HSM is a patented technology that allows you to store and manage your financial secrets in a secure electronic safe. With EviCore NFC HSM, you benefit from wireless access control, segmented key authentication and protection against cyberattacks. Find out how EviCore NFC HSM can enhance your financial security in this article.

Shadowy hacker with a laptop in front of a digital map of Russia highlighted in red, symbolizing the origin of Kapeka Malware.

2024 Digital Security

Kapeka Malware: Comprehensive Analysis of the Russian Cyber Espionage Tool
April 18, 2024
A modern cybersecurity control center with a diverse team monitoring national cyber threats during the Andorra National Cyberattack Simulation.

2024 Cyberculture Digital Security News Training

Andorra National Cyberattack Simulation: A Global First in Cyber Defense
April 15, 2024
Illustration of an Apple MacBook with a highlighted M-series chip vulnerability, surrounded by symbols of data security breach and a global impact background.

2024 Digital Security

Apple M chip vulnerability: A Breach in Data Security
March 25, 2024
Digital world map with cybersecurity icons representing the Cybersecurity Breach at IMF.

2024 Digital Security

Cybersecurity Breach at IMF: A Detailed Investigation
March 15, 2024
Digital world map showing cyberattack paths with Midnight Blizzard, Microsoft, HPE logos, email symbols, and password spray illustrations.

2024 DataShielder Digital Security PassCypher Phishing

Midnight Blizzard Cyberattack Against Microsoft and HPE: What are the consequences?
March 10, 2024
PrintListener technology concept with NFC security solutions.

2024 Digital Security

PrintListener: How to Betray Fingerprints
February 22, 2024
A visual representation of BitLocker Security featuring a central lock icon surrounded by elements representing Microsoft, TPM, and Windows security settings.

2024 Articles Digital Security News

BitLocker Security: Safeguarding Against Cyberattacks
February 10, 2024
Digital shield by Freemindtronic repelling cyberattack against Microsoft Exchange

2024 Articles Digital Security News

How the attack against Microsoft Exchange on December 13, 2023 exposed thousands of email accounts
February 8, 2024

Discover our other articles on digital security

EviCore NFC HSM Credit Cards Manager is a powerful solution designed to secure and manage both standard and contactless credit cards. In this article, we will explore the features, benefits, and compliance of EviCore NFC HSM Credit Cards Manager in protecting your valuable payment cards

Standard and contactless credit cards are convenient and fast ways to pay for goods and services. They use NFC (Near Field Communication) technology to communicate with a compatible contactless card reader. You just have to tap or bring your card close to the reader, and the transaction is done in seconds.

However, standard and contactless credit cards also pose security risks. For example, someone could use an NFC scanner to read your card information remotely or use a fake reader to capture your card data. Moreover, if you lose your card or if it is stolen, someone could use it to make unauthorized purchases without your PIN or signature.

Fortunately, there is a solution that can help you protect your standard and contactless credit cards from these threats. It is called Credit Cards Manager. It is a function of EviCore NFC HSM or EviCore HSM OpenPGP technology that allows you to manage your standard and contactless credit cards securely. It uses NFC technology to communicate with your computer or mobile device. You can store up to 200 credit cards in the memory of Freemindtronic’s NFC HSM device or in the secure keystore of phones encrypted via EviCore. The number of records depends on the types of products developed with these technologies and the amount of information to be stored encrypted. You can also select the card you want to use for each transaction. The Credit Cards Manager function relies on EviBank technology, dedicated to securing payment systems including bank cards.

Exploring EviCore NFC HSM Credit Cards Manager

Credit Cards Manager is a function of EviCore NFC HSM or EviCore HSM OpenPGP technology that allows you to manage your standard and contactless credit cards securely. It uses NFC technology to communicate with your computer or mobile device.

You can store up to 200 credit cards in the memory of Freemindtronic’s NFC HSM device or in the secure keystore of phones encrypted via EviCore. The number of records depends on the types of products developed with these technologies and the amount of information to be stored encrypted.

You can also select the card you want to use for each transaction. The Credit Cards Manager function relies on EviBank technology, dedicated to securing payment systems including bank cards.

These technologies are available under patent license from Freemindtronic. They are compatible with various formats of Freemindtronic’s NFC HSM device (link). These technologies can be embedded in products designed and developed on demand in white label for Freemindtronic’s partners such as Fullsecure and Keepser.

In this article, we will focus on using Credit Cards Manager with an NFC HSM device in the form of a secure electronic card (NFC HSM Card). It is a hardware security module (HSM) that uses a highly secure and encrypted AES-256 post-quantum NFC eprom memory to protect and manage secrets (including digital keys such as an RSA-4096 key, AES-256 key, and ECC key), perform encryption and decryption functions, strong authentication, and other cryptographic functions.

What are the Benefits of using Credit Cards Manager?

Credit Cards Manager offers several benefits for managing standard and contactless credit cards, such as:

  1. Strongbox function for anti-phishing protection and smart login: The Strongbox function offers advanced protection against phishing attempts by securely filling in credit card information on websites. It verifies the authenticity of websites and ensures that sensitive data is only automatically filled in on reliable and verified platforms. It also intelligently automates the process of filling in credit card information and logging into original websites.
  2. Secure manager for credit cards: The Credit Cards Manager function uses the NFC HSM Card device to physically protect bank cards and verify their validity before authorizing their encrypted storage in the device’s memory. It also allows users to customize access levels for each stored card and define geographic access limitations.
  3. Battery-free operation and longevity: The NFC HSM Card device operates without a battery, using the NFC signal from smartphones for power. This energy-efficient design ensures that the device retains stored data for up to 40 years without maintenance or external power sources. The device also has an intelligent OCR scanner for credit cards that is compatible with all bank cards in the world. It helps the user fill in the information fields of the card to be stored encrypted in AES-256 post-quantum in the device. It also prevents keyloggers and spyware from accessing card information on the phone.
  4. COVID contactless security and compliance: Credit Cards Manager helps you avoid physical contact with your bank cards and payment terminals, reducing the risk of COVID-19 transmission. You can make secure contactless payments online, without needing your bank cards with or without NFC technology. You can also use auto-filling remotely via the local network or by sharing a connection via your phone. This feature improves convenience and protects your health.
  5. NFC contactless security and compliance: Credit Cards Manager protects your bank cards from being scanned or read by malicious NFC devices. The NFC HSM Card device shields other credit cards from being detected by an NFC scanner when they are juxtaposed to the device. The device uses an anti-collision system that prevents other cards from being read by the NFC reader of the bank card. It also has a copper ground plane that short-circuits the NFC signals of credit cards when they are juxtaposed on or under the NFC HSM CARD. This is an effective physical protection of cards against all risks of attempted remote non-invasive attack.
  6. Air gap security: Credit Cards Manager uses air gap security, physically isolating itself from computer networks. This ensures that the encrypted data of the NFC HSM Card device is stored exclusively in its non-volatile memory, preventing unauthorized access. By protecting itself from remote attacks, Credit Cards Manager strengthens protection against cyber threats. The use of information is encrypted end-to-end from the NFC HSM Card. All communication protocols are automatically encrypted from the NFC device. The sharing of bank card information contained encrypted in the device’s memory can be shared in air gap via a QR Code encrypted in RSA-4096 generated and managed from the NFC HSM CARD device. This sharing can also be shared encrypted in NFC Beam or in proximity between NFC Android phones.
  7. Protection against fraudulent use: Credit Cards Manager ensures that your bank card information is not stored on computer systems, phones, or online shopping sites. This protects your privacy and anonymity. The encrypted data is transmitted securely to the computer system, protecting it from potential threats and unauthorized access. You can also erase sensitive data such as the CCV of bank cards since saved in the NFC HSM Card devices. Advantageously, the CVV physically erased from the bank card secures it from the risk of illicit use, especially online.

The Benefits of Using Credit Cards Manager

BenefitsFeatures
Strongbox function for anti-phishing protection and smart login
  • Advanced protection against phishing attempts by securely filling in credit card information on websites.
  • Verification of website authenticity and automatic filling of sensitive data only on reliable and verified platforms.
  • Intelligent automation of credit card information filling and login process to original websites.
Secure manager for credit cards
  • Physical protection of bank cards and verification of their validity before authorizing their encrypted storage in the device’s memory.
  • Customization of access levels for each stored card and definition of geographic access limitations.
Battery-free operation and longevity
  • Use of smartphone NFC signal for power, without battery or external power sources.
  • Retention of stored data for up to 40 years without maintenance.
  • Intelligent OCR scanner for credit cards compatible with all bank cards in the world.
  • Protection against keyloggers and spyware on the phone.
COVID contactless security and compliance
  • Avoidance of physical contact with bank cards and payment terminals, reducing COVID-19 transmission risk.
  • Secure contactless payments online, without needing bank cards with or without NFC technology.
  • Auto-filling remotely via local network or phone connection.
  • Improved convenience and health protection.
NFC contactless security and compliance
  • Protection of bank cards from being scanned or read by malicious NFC devices.
  • Shielding of other credit cards from being detected by an NFC scanner when juxtaposed to the device.
  • Anti-collision system and copper ground plane to prevent other cards from being read by the NFC reader of the bank card.
  • Effective physical protection of cards against all risks of attempted remote non-invasive attack.
Air gap security
  • Physical isolation from computer networks, preventing unauthorized access to encrypted data of the device.
  • Protection against remote attacks, strengthening protection against cyber threats.
  • End-to-end encryption of information from the NFC HSM Card.
  • Sharing of encrypted bank card information in air gap via QR Code, NFC Beam or proximity between NFC Android phones.
Protection against fraudulent use
  • Guarantee that bank card information is not stored on computer systems, phones or online shopping sites.
  • Protection of privacy and anonymity.
  • Secure transmission of encrypted data to computer system, protecting it from potential threats and unauthorized access.
  • Possibility to erase sensitive data such as CCV from NFC HSM Card devices.

Managing Standard and Contactless Credit Cards with EviCore NFC HSM Credit Cards Manager

To use Credit Cards Manager, follow these steps:

  1. Download the Freemindtronic app compatible with EviCore NFC HSM technology on your NFC phone and the extension if you want to use it on your computer as well.
  2. Connect the NFC HSM Card device to your computer or mobile device via NFC technology.
  3. Register your credit cards in the application using the intelligent OCR scanner or by manually entering the card information.
  4. Select the credit card you want to use for each transaction and confirm the various trust criteria that you have added, such as a password, PIN code, geozone, or fingerprint.
  5. Enjoy secure contactless payments and online shopping with the NFC HSM Card device and the Strongbox function.

Section Break: Why is Credit Cards Manager Compliant with PCI DSS?

Credit Cards Manager is compliant with PCI DSS because it meets the requirements of the Payment Card Industry Data Security Standard (PCI DSS). This cybersecurity standard applies to any entity that stores, processes, or transmits cardholder data, such as credit card numbers. The PCI DSS aims to protect cardholder data from unauthorized access, fraud, and theft.

The PCI DSS includes 12 requirements for compliance, organized into six related groups called control objectives:

  1. Build and maintain a secure network and systems.
  2. Protect cardholder data.
  3. Maintain a vulnerability management program.
  4. Implement strong access control measures.
  5. Regularly monitor and test networks.
  6. Maintain an information security policy.

Credit Cards Manager complies with these requirements by implementing various features and security measures, such as the secure manager for credit cards, battery-free operation and longevity, COVID contactless security and compliance, air gap security, and protection against fraudulent use. By following PCI DSS, Credit Cards Manager demonstrates adherence to best practices for data security and the protection of cardholder data.

In conclusion, Credit Cards Manager is a secure and compliant solution for managing your standard and contactless credit cards. With its advanced features, robust security measures, and powerful Strongbox function, it offers enhanced data protection and convenience. Secure your credit cards with Credit Cards Manager today.

References

2023, Articles, Digital Security, Technical News

Remote activation of phones by the police: an analysis of its technical, legal and social aspects

Posted on by FMTAD
Remote activation of phones by the police
11
Jun

Remote activation of phones by the police by Jacques Gascuel This article will be updated with any new information on the topic, and readers are encouraged to leave comments or contact the author with any suggestions or additions.

How does remote activation of phones by the police work?

An article of the bill on justice 2023-2027 raises controversy. It allows remote activation of mobile phones and capture of images or sound without the owner’s consent, for cases of organized crime or terrorism. How does this intelligence technique work? What are the conditions to use it? What are its advantages and disadvantages? What is the situation in other countries? We explain everything in this article.

Shadowy hacker with a laptop in front of a digital map of Russia highlighted in red, symbolizing the origin of Kapeka Malware.

2024 Digital Security

Kapeka Malware: Comprehensive Analysis of the Russian Cyber Espionage Tool
April 18, 2024
A modern cybersecurity control center with a diverse team monitoring national cyber threats during the Andorra National Cyberattack Simulation.

2024 Cyberculture Digital Security News Training

Andorra National Cyberattack Simulation: A Global First in Cyber Defense
April 15, 2024
Illustration of an Apple MacBook with a highlighted M-series chip vulnerability, surrounded by symbols of data security breach and a global impact background.

2024 Digital Security

Apple M chip vulnerability: A Breach in Data Security
March 25, 2024
Digital world map with cybersecurity icons representing the Cybersecurity Breach at IMF.

2024 Digital Security

Cybersecurity Breach at IMF: A Detailed Investigation
March 15, 2024
Digital world map showing cyberattack paths with Midnight Blizzard, Microsoft, HPE logos, email symbols, and password spray illustrations.

2024 DataShielder Digital Security PassCypher Phishing

Midnight Blizzard Cyberattack Against Microsoft and HPE: What are the consequences?
March 10, 2024
PrintListener technology concept with NFC security solutions.

2024 Digital Security

PrintListener: How to Betray Fingerprints
February 22, 2024
A visual representation of BitLocker Security featuring a central lock icon surrounded by elements representing Microsoft, TPM, and Windows security settings.

2024 Articles Digital Security News

BitLocker Security: Safeguarding Against Cyberattacks
February 10, 2024
Digital shield by Freemindtronic repelling cyberattack against Microsoft Exchange

2024 Articles Digital Security News

How the attack against Microsoft Exchange on December 13, 2023 exposed thousands of email accounts
February 8, 2024

Discover our other articles on digital security

What is the new bill on justice and why is it raising concerns about privacy?

The bill on justice is a legislative project. It aims to modernize and simplify justice in France. It covers civil, criminal, administrative and digital justice. It also strengthens the investigation and prosecution of serious offenses, such as terrorism and organized crime.

One measure authorizes remote activation of phones by the police for some investigations. Article 3 “An unfailing commitment to better prevent radicalization and fight against terrorism” of the bill includes this measure. It modifies article 706-102-1 of the code of criminal procedure. This article defines how to activate remotely any electronic device that can emit, transmit, receive or store data.

This measure raises privacy concerns because it lets the police access personal or professional data in phones without the owners’ or possessors’ consent or knowledge. It also lets the police locate, record or capture sounds and images from phones without notification or justification. This measure may violate fundamental rights and freedoms, such as privacy, confidentiality, dignity, presumption of innocence and right to a fair trial.

What is remote activation of phones and how does it work?

Remote activation of phones by the police is an intelligence technique that allows law enforcement agencies to access data or record sounds and images from phones without the consent or knowledge of the phone users. This technique can be used for criminal investigations or national security purposes.

To remotely activate phones, law enforcement agencies need three factors: compatibility, connectivity, and security of the phones. They need to be compatible with the software or hardware that enables remote activation. They need to be connected to a network or a device that allows remote access. They need to have security flaws or vulnerabilities that can be exploited or bypassed.

Law enforcement agencies can remotely activate phones by three methods: exploiting vulnerabilities, installing malware, or using spyware on phones. Exploiting vulnerabilities means taking advantage of security flaws or weaknesses in the phone’s operating system, applications, or protocols. Installing malware means putting malicious software on the phone that can perform unauthorized actions or functions. Using spyware means employing software or hardware that can monitor or control the phone’s activity or data.

By remotely activating phones, law enforcement agencies can access data such as contacts, messages, photos, videos, location, browsing history, or passwords. They can also record sounds and images such as conversations, ambient noises, or camera shots. They can do this in real time or later by retrieving the data from the phone’s memory or storage.

What is the French bill on remote activation of phones by the police and what are its implications?

The French bill on remote activation of phones by the police is a legislative text that was promulgated on 25 May 2021. It is part of the justice orientation and programming bill for 2023-2027, which aims to modernize the justice system and reinforce its efficiency and independence.

The bill introduces a new article in the code of criminal procedure, which allows the judge of liberties and detention (at the request of the prosecutor) or the examining magistrate to order the remote activation of an electronic device without the knowledge or consent of its owner or possessor for the sole purpose of locating it in real time. This measure can be applied for crimes or misdemeanors punishable by at least five years’ imprisonment, a fairly broad criterion.

The bill also allows the judge of liberties and detention (at the request of the prosecutor) or the examining magistrate to order the remote activation of an electronic device without the knowledge or consent of its owner or possessor for the purpose of recording sounds and images from it. This measure can be applied only for crimes relating to organized crime and terrorism.

These measures cannot concern parliamentarians, journalists, lawyers, magistrates and doctors, nor the defendants when they are in the judge’s office or with their lawyer.

The bill also specifies that the remote activation of an electronic device must be done in a way that does not alter its functioning or data, and that the data collected must be destroyed within six months after their use.

The bill aims to provide law enforcement agencies with more tools and information to prevent, investigate and prosecute crimes, especially in cases where phones are encrypted, hidden or destroyed. It also aims to harmonize the French legislation with other countries that have used or considered this technique, such as the United States, Germany, Italy, Israel, Canada, China, France, and the United Kingdom.

However, the bill also raises ethical and social challenges, as it involves a trade-off between security and privacy, as well as between effectiveness and legitimacy. It may undermine the right to respect for private life and the right to a fair trial, which are guaranteed by the European Convention on Human Rights and the French Constitution. It may also expose law enforcement agencies to legal or technical challenges or dangers, such as encryption technologies that can prevent or hinder remote activation. It may also create distrust or resistance among phone users or providers, who may use encryption technologies or legal remedies to protect their data or communications.

The bill has been criticized by several actors, such as lawyers, human rights defenders, digital rights activists, journalists and academics. They have denounced its lack of proportionality, necessity and oversight. They have also questioned its effectiveness and legitimacy. They have called for its withdrawal or amendment.

The bill is still subject to constitutional review by the Constitutional Council before its final promulgation.

How did the Senate vote on the bill and where to find the official sources?

The Senate adopted this measure on October 20, 2021, with some amendments. The Senate voted in favor of this measure by 214 votes against 121. The Senate also added some safeguards to this measure, such as limiting its duration to four months renewable once and requiring prior authorization from an independent judge.

The National Assembly still has to examine the bill before adopting it definitively. The National Assembly may approve, reject or modify this measure. The final text may differ from the one that the Senate voted.

The examination of the bill by the National Assembly will start on December 6, 2021. You can follow the progress of the bill on the website of the National Assembly. You can also find the official text of the bill and the report of the Senate on their respective websites. You can also consult the website of the Ministry of Justice for more information on the bill and its objectives.

What are the benefits and risks of remote activation of phones?

This technique can affect citizens’ and suspects’ behavior in different ways.

On one hand, it can deter people from serious offenses. It exposes them to a higher risk of detection and identification. It reduces their incentives for criminal activities.

On the other hand, it can also make people more cautious or paranoid. It increases their uncertainty and fear. It leads them to avoid electronic devices, encrypt their communications, or use countermeasures such as jamming devices.

This technique can also impact public safety and security positively and negatively.

On one hand, it can improve the efficiency and effectiveness of law enforcement agencies. It provides them with more information and evidence. It helps them prevent, investigate and prosecute crimes.

On the other hand, it can also pose risks for human rights and civil liberties. It allows intrusive and covert surveillance. It violates privacy, confidentiality and dignity. It can also be subject to abuse, misuse or error by law enforcement agents or hackers.

Finally, it can create a feeling of insecurity and mistrust towards institutions, which can access personal or professional data in phones. It can also harm respect for presumption of innocence by placing permanent suspicion on people targeted by this technique. It can also infringe on protection of journalistic sources or right to information by discouraging whistleblowers or witnesses from speaking freely. It can finally encourage people concerned to adopt avoidance or circumvention strategies, such as changing phones regularly, using encrypted applications or switching to airplane mode.

These strategies can reduce the actual effectiveness of this technique for preventing terrorism and organized crime.

What are the arguments in favor of remote activation of phones?

Some people support this technique because they think it has several advantages for law enforcement and public security.

How can remote activation of phones violate privacy and data protection?

One of the main arguments against this technique is that it can violate privacy and data protection for individuals and groups. Privacy and data protection are fundamental rights recognized by international standards and laws. They ensure human dignity and autonomy.

Remote activation of phones violates privacy and data protection by letting law enforcement agencies access personal or professional data without the owners’ or possessors’ consent or knowledge. It also lets law enforcement agencies access sensitive or confidential data without notification or justification. It also lets law enforcement agencies access excessive or irrelevant data without limitation or proportionality.

For example, remote activation of phones could let the police access medical records, financial transactions, political opinions, religious beliefs, sexual preferences, or other intimate information on a device or a communication. It could also let the police access information that is not related to the investigation or that is out of scope on a device or a communication. It could also let the police access information that is not necessary or appropriate for the investigation or that is disproportionate to the seriousness of the offense on a device or a communication.

How can remote activation of phones improve access to justice and evidence?

Another argument in favor of this technique is that it can improve access to justice and evidence for law enforcement agencies and victims of crimes. Justice and evidence ensure the rule of law and the protection of rights.

Remote activation of phones improves access to justice and evidence by letting law enforcement agencies obtain information that is otherwise inaccessible or difficult to obtain. It also lets law enforcement agencies obtain information that is more reliable and accurate than other sources. It also lets law enforcement agencies obtain information that is timelier and more relevant than other sources.

For example, remote activation of phones could help the police access data that is encrypted or password-protected on a device or a communication. It could also help the police access data that is authentic and verifiable on a device or a communication. It could also help the police access data that is up-to-date and pertinent on a device or a communication.

What are the arguments against remote activation of phones?

Some people oppose this technique because they think it has several disadvantages for human rights and civil liberties.

How can remote activation of phones violate privacy and data protection?

One of the main arguments against this technique is that it can violate privacy and data protection for individuals and groups. Privacy and data protection are fundamental rights recognized by international standards and laws. They ensure human dignity and autonomy.

Remote activation of phones violates privacy and data protection by letting law enforcement agencies access personal or professional data without the owners’ or possessors’ consent or knowledge. It also lets law enforcement agencies access sensitive or confidential data without notification or justification. It also lets law enforcement agencies access excessive or irrelevant data without limitation or proportionality.

For example, remote activation of phones could let the police access medical records, financial transactions, political opinions, religious beliefs, sexual preferences, or other intimate information on a device or a communication. It could also let the police access information that is not related to the investigation or that is out of scope on a device or a communication. It could also let the police access information that is not necessary or appropriate for the investigation or that is disproportionate to the seriousness of the offense on a device or a communication.

How can remote activation of phones undermine the presumption of innocence and the right to a fair trial?

Another argument against this technique is that it can undermine the presumption of innocence and the right to a fair trial for individuals and groups. The presumption of innocence and the right to a fair trial are fundamental rights recognized by international standards and laws. They ensure justice and accountability.

Remote activation of phones undermines the presumption of innocence and the right to a fair trial by letting law enforcement agencies access data that they can use against individuals or groups without any legal basis or due process. It also lets law enforcement agencies access data that they can manipulate or falsify by law enforcement agents or hackers. It also lets law enforcement agencies access data that individuals or groups can challenge or contest.

For example, remote activation of phones could let the police access data that they can incriminate individuals or groups without any warrant or authorization from a judge. It could also let the police access data that they can alter or corrupt by law enforcement agents or hackers. It could also let the police access data that individuals or groups can dispute or refute.

How can remote activation of phones create a risk of abuse and misuse by the authorities?

Another argument against this technique is that it can create a risk of abuse and misuse by the authorities for individuals and groups. Abuse and misuse are illegal or unethical actions that violate rights and obligations. They damage trust and legitimacy.

Remote activation of phones creates a risk of abuse and misuse by the authorities by letting law enforcement agencies access data that they can use for purposes other than those authorized or intended. It also lets law enforcement agencies access data that they can share or disclose to third parties without any oversight or control. It also lets law enforcement agencies access data that they can retain or store for longer than necessary or permitted.

For example, remote activation of phones could let the police access data that they can use for political, personal, commercial, or other interests on a device or a communication. It could also let the police access data that they can transfer or leak to other agencies, organizations, media, or individuals on a device or a communication. It could also let the police access data that they can keep or archive for indefinite periods on a device or a communication.

What are the alternatives and safeguards for remote activation of phones?

Some people suggest that there are alternatives and safeguards for remote activation of phones that can balance security and privacy.

What are the existing legal tools to access phone data with judicial authorization?

One of the alternatives for remote activation of phones is to use existing legal tools to access phone data with judicial authorization. Judicial authorization is a legal requirement that ensures respect for rights and obligations. An independent and impartial judge grants it after evaluating the necessity and proportionality of the request.

Existing legal tools to access phone data with judicial authorization include search warrants, wiretaps, geolocation orders, data requisitions, and international cooperation agreements. These tools let law enforcement agencies obtain information from phones in a lawful and transparent manner. They also provide legal protection and recourse for individuals and groups.

For example, search warrants let law enforcement agencies physically seize phones and extract data from them with judicial authorization. Wiretaps let law enforcement agencies intercept calls and messages from phones with judicial authorization. Geolocation orders let law enforcement agencies track the location of phones with judicial authorization. Data requisitions let law enforcement agencies request data from phone operators or service providers with judicial authorization. International cooperation agreements let law enforcement agencies exchange data with foreign authorities with judicial authorization.

What are the principles and conditions for remote activation of phones according to the bill?

One of the safeguards for remote activation of phones is to follow the principles and conditions for remote activation of phones according to the bill. The bill on justice sets some rules and limits for this technique to prevent abuse and misuse.

The principles and conditions for remote activation of phones according to the bill include:

  • The technique can only be used for terrorism and organized crime investigations.
  • An independent judge who authorizes it must supervise the technique. The technique can only last for four months renewable once.
  • The technique must respect necessity, proportionality, subsidiarity, and legality.
  • Parliament and independent authorities must oversee and control the technique.
  • Experts and stakeholders must evaluate and review the technique.

These principles and conditions aim to ensure a reasonable and accountable use of this technique. They also aim to protect the rights and interests of individuals and groups.

What are the possible ways to limit or challenge remote activation of phones?

Another safeguard for remote activation of phones is to use possible ways to limit or challenge remote activation of phones by individuals or groups. These ways can help protect rights and interests, as well as ensure accountability and transparency.

Some of the possible ways to limit or challenge remote activation of phones are:

  • Using encryption technologies:

    Encryption technologies can make data on phones unreadable or inaccessible to law enforcement agencies, even if they remotely activate them. Encryption technologies can also protect communications from law enforcement agencies’ interception or recording. For example, using end-to-end encryption apps, such as Signal or WhatsApp, can prevent law enforcement agencies from accessing messages or calls on phones.

  • Using security features:

    Security features can prevent law enforcement agencies from installing or activating software or applications on phones that enable remote activation. Security features can also detect or remove software or applications that enable remote activation. For example, using antivirus software, firewalls, passwords, biometrics, or VPNs can prevent law enforcement agencies from accessing phones.

  • Using legal remedies:

    Legal remedies can let individuals or groups contest or oppose remote activation of phones by law enforcement agencies. Legal remedies can also let individuals or groups seek compensation or redress for damages caused by remote activation of phones. For example, using judicial review, administrative appeals, complaints, lawsuits, or human rights mechanisms can challenge law enforcement agencies’ actions or decisions regarding remote activation of phones.

How does this technique compare with other countries?

Law enforcement agencies in other countries, such as the United States, Germany, Italy, Israel, Canada, China, France, and the United Kingdom, have used or considered remote activation of phones by the police. This technique is not new or unique. However, the legal framework, the technical methods, and the ethical and social implications of this technique vary from country to country..

How does remote activation of phones by the police work in different countries?

Remote activation of phones by the police is an intelligence technique that varies from country to country. It depends on the legal framework, the technical methods and the ethical issues of each country. Here are some examples of how it works in different countries.

  • In the United States, this technique is known as “roving bugs” or “mobile device tracking”. The Foreign Intelligence Surveillance Act (FISA) authorizes it for national security purposes and Title III of the Omnibus Crime Control and Safe Streets Act for criminal investigations. It requires a court order based on probable cause and limited in scope and duration. It can locate or record sounds and images from phones. It can be done by installing malware or exploiting vulnerabilities on phones.
  • In Germany, this technique is known as “Quellen-TKÜ” or “source telecommunications surveillance”. The Code of Criminal Procedure and the Telecommunications Act regulate it for criminal investigations and the Federal Intelligence Service Act for national security purposes. It requires a court order based on reasonable suspicion and proportionality. It can intercept communications from phones. To do so, it installs software or uses spyware on phones.
  • In Italy, this technique is known as “Trojan horse” or “spyware”. The Code of Criminal Procedure and the Data Protection Code regulate it for criminal investigations. It requires a court order based on serious indications of guilt and necessity. It can access data or record sounds and images from phones. To do so, it installs software or uses spyware on phones.
  • In Israel, this technique is known as “IMSI catchers” or “stingrays”. The Wiretapping Law and the Privacy Protection Law regulate it for criminal investigations and the Security Service Law for national security purposes. It requires a court order based on reasonable grounds and proportionality. It can locate or intercept communications from phones. To do so, it uses devices that mimic cell towers and trick phones into connecting to them.
  • In Canada, this technique is known as “cell site simulators” or “IMSI catchers”. The Criminal Code and the Charter of Rights and Freedoms regulate it for criminal investigations. It requires a court order based on reasonable grounds and proportionality. It can locate or intercept communications from phones. To do so, it uses devices that mimic cell towers and trick phones into connecting to them.
  • In China, this technique is known as “network interception” or “remote control”. The Criminal Procedure Law and the Cybersecurity Law regulate it for criminal investigations and national security purposes. It does not require a court order but only an approval from a higher authority. It can access data or record sounds and images from phones. To do so, it installs software or uses spyware on phones.
  • In France, real-time geolocation is regulated by the Criminal Procedure Code and the Intelligence Law for criminal and national security investigations. Article 706-102-1 of the Criminal Procedure Code allows police officers and agents to use a technical device to access, record, store and transmit computer data without the consent of the persons concerned. This requires a court order based on serious reasons and proportionality. Article 230-32 of the Criminal Procedure Code states that “Any technical means for real-time location, throughout the national territory, of a person, without his consent, a vehicle or any other object, without the consent of its owner or possessor, may be used if this operation is required by necessity: “. This also requires a court order based on serious reasons and proportionality.
  • In the United Kingdom, this technique is known as “equipment interference” or “hacking”. The Investigatory Powers Act regulates it for criminal investigations and national security purposes. It requires a warrant based on necessity and proportionality. It can access data or record sounds and images from phones. To do so, it installs software or uses spyware on phones.

How does remote activation of phones by the police raise ethical and social challenges?

Remote activation of phones by the police raises ethical and social challenges in different contexts and situations because it involves a trade-off between security and privacy, as well as between effectiveness and legitimacy.

Security versus privacy

On one hand, remote activation of phones by the police can enhance security by providing law enforcement agencies with more information and evidence to prevent, investigate, and prosecute crimes. It can also deter criminals from using phones to plan or commit crimes.

On the other hand, remote activation of phones by the police can undermine privacy by letting law enforcement agencies access personal or professional data without consent or knowledge. It can also violate human rights and civil liberties by letting law enforcement agencies monitor or record sounds and images without notification or justification.

Effectiveness versus legitimacy

On one hand, remote activation of phones by the police can be effective by increasing the chances of finding relevant information or evidence on phones that may be encrypted, hidden, or destroyed. It can also be efficient by reducing the costs and risks of physical surveillance or interception.

On the other hand, remote activation of phones by the police can be illegitimate by violating the legal framework, the technical methods, or the oversight and control mechanisms that regulate this technique in each country. It can also be counterproductive by creating distrust or resistance among phone users or providers, who may use encryption technologies or legal remedies to protect their data or communications.

The ethical and social challenges of remote activation of phones by the police depend on the legal framework, the technical methods, and the oversight and control mechanisms that regulate this technique in each country. They also depend on the cultural and political values, the public opinion, and the media coverage that shape the perception and acceptance of this technique in each country.

Some of the ethical and social challenges of remote activation of phones by the police are how to :

  • balance security and privacy in the use of this technique?
  • ensure compliance with fundamental rights and freedoms in the use of this technique?
  • prevent abuse, misuse, or error in the use of this technique?
  • provide legal protection and recourse for individuals or groups affected by this technique?
  • ensure accountability and transparency in the use of this technique?
  • evaluate the effectiveness and legitimacy of this technique?
  • foster trust and cooperation between law enforcement agencies and phone users in the use of this technique?

What is the impact of encryption technologies on this technique?

Encryption technologies are methods or systems that make data unreadable or inaccessible to unauthorized parties. Encryption technologies can have a significant impact on remote activation of phones by the police, as they can make this technique more difficult, risky, or controversial.

How can encryption technologies make remote activation of phones by the police more difficult or impossible?

Encryption technologies can make remote activation of phones by the police more difficult or impossible by preventing law enforcement agencies from accessing data or communications on phones, even if they remotely activate them. Encryption technologies can also protect phones from malware or spyware that enable remote activation.

For example, end-to-end encryption, which some apps such as Signal or WhatsApp use, can prevent law enforcement agencies from intercepting or reading messages or calls on phones, as only the sender and the receiver have the keys to decrypt them. Device encryption, which some operating systems such as iOS or Android use, can prevent law enforcement agencies from extracting or viewing data on phones, as they require a password or a biometric authentication to unlock them.

How can encryption technologies make remote activation of phones by the police more risky or harmful?

Encryption technologies can make remote activation of phones by the police more risky or harmful by exposing law enforcement agencies to legal or technical challenges or dangers. Encryption technologies can also harm phone users by compromising their security or privacy.

For example, breaking encryption, which law enforcement agencies sometimes do to access data or communications on phones, can expose them to legal challenges, as it may violate laws or regulations that protect encryption or privacy. It can also expose them to technical dangers, as it may weaken the security of phones or networks and create vulnerabilities for hackers or criminals. Hacking encryption, which law enforcement agencies sometimes do to install malware or spyware on phones, can harm phone users by compromising their security or privacy, as it may allow unauthorized access to their data or functions.

How can encryption technologies make remote activation of phones by the police more controversial or unacceptable?

Encryption technologies can make remote activation of phones by the police more controversial or unacceptable by raising ethical and social issues or debates. Encryption technologies can also create conflicts or tensions between law enforcement agencies and phone users or providers.

For example, undermining encryption, which law enforcement agencies sometimes request to facilitate remote activation of phones, can raise ethical and social issues or debates, as it may affect human rights and civil liberties, such as privacy, confidentiality, dignity, presumption of innocence, and right to a fair trial. It can also create conflicts or tensions between law enforcement agencies and phone users or providers. They may have different interests or values regarding encryption and security.

How does EviCore NFC HSM technology developed by Freemindtronic offer a high level of protection for phone users?

Remote activation of phones by the police can be facilitated by exploiting security flaws, installing malware, or requesting backdoors in encryption technologies. However, some encryption technologies may be resistant to these measures and offer a higher level of protection for phone users. One of them is the EviCore NFC HSM technology developed by Freemindtronic.

This technology lets users create their own encryption keys in a random way and store them in a physical device that communicates with the phone via NFC (Near Field Communication). The device also lets users define their own trust criteria that must be met to use the keys or their segments. The encryption is done in post-quantum AES-256 mode from either a device compatible with the EviCore NFC HSM technology or from an encrypted enclave in the phone created in the Key chain (Apple) or the Key store (Android) via the EviCore HSM OpenPGP technology. The encryption keys are segmented and superior to 256 bits. Moreover, they are physically externalized from computer systems. Everything is designed by Freemindtronic to effectively fight against espionage and corruption of telephone, computer, communication and information systems. Finally, without a server, without a database, even in air gap and airplane mode works EviCore NFC HSM or EviCore HSM OpenPGP technology. Everything is designed to work in volatile memory to leave no trace in telephone and computer systems.

This technology offers a high level of security and privacy for phone users who want to protect their data from unauthorized access, including by the police. It also offers a high level of performance and usability for phone users who want to encrypt or over-encrypt all types of messaging in the world, including SMS and MMS. It also works with other applications that use encryption, such as email, cloud storage or blockchain.

Furthermore, this technology is designed to be totally anonymous, autonomous, unconnected, without a database, without collecting any information of any kind on the identity of the user, nor on the hardware, nor on the terminals used. The technology is designed to be totally isolated and totally independent of the security of the terminal used whether it is connected or not. Freemindtronic does not keep the unique pairing keys for each NFC HSM device. And even if it did, the user at installation will automatically generate segmented complementary keys for encryption with administrator and user passwords. Each NFC device has a unique 128-bit signature dedicated to fighting against counterfeiting of NFC devices. It is also used as a key segment. The secret stored in eprom memories or in enclaves of the phone and/or computer can be individually secured by other segmented keys characterized by additional trust criteria such as a geozone, a random hexadecimal code via an existing or generated QR code or Bar Code via EviCore HSM. It is therefore physically impossible for Freemindtronic but under judicial assignment to decrypt data encrypted via EviCore HSM technologies even with a quantum computer.

Conclusion

Remote activation of phones by the police is an intelligence technique. It aims to fight terrorism and crime by accessing data or sounds and images from phones without consent or knowledge. Law enforcement agencies in various countries have used or considered this technique. For example, France, the United States, Germany, Italy, Israel, Canada, China, and the United Kingdom. However, this technique raises technical, legal, ethical, and social challenges. They need to be addressed.

On the technical side, remote activation of phones by the police depends on three factors: compatibility, connectivity, and security of the phones. It can be done by three methods: exploiting vulnerabilities, installing malware, or using spyware on phones.For example, EviCore NFC HSM technology developed by Freemindtronic protects data and communications on phones from remote activation by the police. Encryption technologies can make this technique more difficult or impossible by preventing law enforcement agencies from accessing data or communications on phones, even if they remotely activate them.

On the legal side, remote activation of phones by the police requires a legal framework that regulates its use and scope. Laws or regulations can authorize it and specify the conditions and criteria for its application. Legal remedies can also challenge it and contest or oppose its validity or legality.

On the ethical side, remote activation of phones by the police involves a trade-off between security and privacy, as well as between effectiveness and legitimacy. It can enhance security by providing more information and evidence to law enforcement agencies to prevent, investigate, and prosecute crimes. It can also undermine privacy by letting law enforcement agencies access personal or professional data without notification or justification.

On the social side, remote activation of phones by the police raises issues or debates that affect human rights and civil liberties. For example, privacy, confidentiality, dignity, presumption of innocence, and right to a fair trial. It can also create conflicts or tensions between law enforcement agencies and phone users or providers, as they may have different interests or values regarding encryption and security.

Therefore, remote activation of phones by the police is a complex and controversial technique that requires a careful and balanced approach that respects the rights and interests of all parties involved. The French bill on remote activation of phones by the police and the EviCore NFC HSM Open PGP technology developed by Freemindtronic illustrate the complex and evolving relationship between intelligence and encryption in the digital age. They raise questions about finding a balance. It is between security and privacy, between public interest and individual rights, between innovation and regulation.

: According to Okta, privacy is the right to control how your information is viewed and used, while security is protection from threats or dangers (https://www.okta.com/identity-101/privacy-vs-security/).

: According to Carnegie Endowment for International Peace, finding a balance between security and privacy requires addressing technical, legal, and social questions (https://carnegieendowment.org/2019/09/10/moving-encryption-policy-conversation-forward-pub-79573).

: According to Springboard, finding a balance between innovation and regulation requires cooperation among stakeholders and respect for human rights (https://www.springboard.com/blog/cybersecurity/privacy-vs-security-how-to-balance-both/).