Introducing eWBM's Goldengate Security Keys
The eWBM Goldengate series keys are the world's first and currently only FIDO2 Level 2 certified security keys. They are designed with eWBM's MS500, a powerful microprocessor with a fingerprint sensor that uses the fastest in class fingerprint recognition algorithm. Goldengate keys support true passwordless login via the FIDO2 standard. Goldengate keys are compatible with all the major web browsers where WebAuthn is implemented, and works seamlessly on online services like Azure AD, Google, Dropbox, Facebook, Twitter, GitHub and more.
Why should you use FIDO2 Security Keys?
What is FIDO2?
FIDO2 is an open authentication standard that consists of W3C (World Wide Web Consortium) WebAuthn API (Web Authentication specification) and the CTAP (Client To Authenticator Protocol). WebAuthn has been implemented by the major browsers, and CTAP2 is supported by hardware and platform companies. FIDO2 cryptographic login credentials are unique across every website, biometrics or other secrets like passwords never leave the user's device and are never stored on a server.
Goldengate Series Keys: World's First and Only FIDO2 Level2 Certified Keys
Goldengate keys have gone through stringent requirements and security measures of FIDO2 Level2 certification and became the world's first and only FIDO2 Level2 certified security keys in the market today. Goldengate keys are trusted and safe from potential attacks. Here are some of the highlighted security features.
Strong key management
- Goldengate keys do not allow self-attestation keys and attestation keys must come from a known and certified vendor. This proves the authenticity of the device, and proves that the key is made by the key's vendor and not an imposter when communicating with the login server.
Provide physical security
- Goldengate keys provide firmware integrity and do not allow debug-mode during in-field use. This is because the key's firmware gets encrypted and stored inside the key's microcontroller, MS500, protecting the key's firmware from being modified.
- MS500 disables a debug path after manufacturing unlke other MCU where it disables debug path using a software flag.
Restricted operation environment to resist cybersecurity attacks
- MCU (MS500) inside Goldengate keys provid protection against attacks, such as, scalable attacks and side-channel attacks
Secure manufacturing environment
- No unauthorized human intervention during manufacturing
- Manufacturing site is in control of eWBM. No offshoring for manufacturing.
World Class Biometric Algorithm
One of the most precise and accurate fingerprint recognition algorithms implemented
Goldengate Security Key Features
- Easy and flexible fingerprint enrollment using the Goldengate BioManager™️ or Windows Hello built-in Security Key configuration process under Windows Sign-in options
- Stores the scanned fingerprint data encrypted in the secure storage area. Fingerprint data, private keys, secrets never leave the keys.
- Strong hardware-based authentication.
(eWBM's own secure MCU) - No client software or driver required.
- Human factors considered ergonomic design.
- Always on and accessible, and no battery required.
- Supports more than 100 resident keys for better passwordless experience login
- Supported OS: Windows, macOS and Linux
- Fully supports Microsoft Azure AD. The Goldengate security key can be used experience passwordless login to Azure joined Windows PC whether you are online or offline/airplane mode
Advantage of FIDO2 Hardware Based Authenticator With Biometric Sensor
-
Strong Security
Hardware-based authentication using Private and Public Key cryptography.
Strong single factor authentication (passwordless) or twofactor authentication is supported. -
Additional Protection
With the adoption of biometric technology extra layer of protection is implemented.
The security key cannot be used by unauthorized person whose fingerprint is not enrolled.
No security risk even if the key is lost. -
Single key to all accounts
A single security key works across thousands of accounts without sharing secrets
Into the World of Passwordless Authentication
- Stronger and simpler authentication for fast and secure passwordless login
- Protection against phishing, account takeover, session hijacking, man-in-the-middle, malware and other online attacks
Security Key As Standard Login
- FIDO2 security key is now an option for Windows Hello standard login in Windows 10.
- You can register a security key and login to Microsoft accounts without passwords.
- Seamlessly support Windows Hello (Within an Azure AD)
On Azure AD
- Supports Azure AD Joined Windows 10 login
- Supports Hybrid Azure AD Joined Windows 10 login
- Offline and airplane login is supported.