Trustkey G シリーズ
Trustkey H シリーズ
Trustkey T シリーズ
eWBM’s Goldengate Fingerprint Reader is First to Get FIDO L2 Certification
“Based on eWBM’s MS500 cryptographic System-on-Chip engine, the Goldengate fingerprint reader is designed to be plugged into a computer in order for a user to provide biometric authentication on the device.”
eWBM's Goldengate Fingerprint Reader is First to Get FIDO L2 Certification
South Korea-based eWBM has become the first to attain FIDO2 Level 2 (L2) Authenticator Security Certification, thanks to its Goldengate USB fingerprint reader.
As with any FIDO2 certified solution, in attaining the certification eWBM needed to demonstrate its use of a Trusted Execution Environment or Secure Element for the protection of biometric data and authentication credentials. But it also had to pass a comprehensive third party design review to attain L2 certification, in addition to interoperability testing for L1 certification.
Based on eWBM’s MS500 cryptographic System-on-Chip engine, the Goldengate fingerprint reader is designed to be plugged into a computer in order for a user to provide biometric authentication on the device. It is compatible with both Mac OS and Windows.
The device’s FIDO2 L2 certification comes soon after eWBM joined the FIDO Alliance’s Board of Directors in February.
Commenting on the development in a statement, FIDO Alliance executive director Brett McDowell said “eWBM is showing leadership in providing its customers with a more transparent view of the security inside its authenticator,” adding, “We look forward to eWBM’s continued leadership and promotion of FIDO2 certified technology in Korea and the rest of the world.”
View Press Release
SC awards 2019 - Editor's choice award "The FIDO Alliance"
Editor’s Choice AWARD
The FIDO Alliance
Authenticating your identity should be as easy as 1-2-3. Unfortunately, some users take that philosophy a little too literally, using 1-2-3-4-5 or something equally insecure as their passwords when logging in to web-based services or applications.
The FIDO (“Fast IDentity Online”) Alliance has made it its mission to phase out the use of outdated password technology, and replace it with cryptographically secure, standards-backed authentication alternatives such as on-device biometrics and FIDO Security Keys. And 2018 was landmark year in the open industry association’s effort to accomplish that very goal.
In conjunction with the World Wide Web Consortium (W3C), FIDO last April officially launched the FIDO2 Project, a set of interlocking initiatives that together create a FIDO Authentication standard for the web. FIDO2 encompasses both the W3C’s Web Authentication specification (WebAuthn) and the FIDO Alliance’s Client-to-Authenticator Protocol (CTAP).
Combined, WebAuthn and CTAP help users leverage common devices to achieve hassle-free authentication in both mobile and desktop environments. According to the Alliance, FIDO2 supports passwordless, second-factor and multi-factor user log-in experiences that leverage embedded/bound authenticators such as biometrics or PINs, or external/roaming authenticators like FIDO security keys, mobile devices and wearables.
Many of the world’s most popular browsers and operating systems platforms have moved quickly to take advantage. Indeed, FIDO2 technologies are already built into the latest versions of Windows 10, Google Play Services on Android, and the Chrome, Firefox and Edge web browsers. WebKit, the technology behind Apple’s Safari web browser, is also previewing support for FIDO2, and just last month, Google announced that Android is now FIDO2-certified.
The FIDO Alliance helped pave the way for adoption of its specifications by providing various testing tools for platform developers, and also by launching a FIDO2 certification program. A certification means that a product not only complies with FIDO2 specifications, but also is interoperable with other FIDO2 products.
In September 2018, the first crop of FIDO2-certified authentication products were made available from such organizations as CROSSCERT: KECA (Korea Electronic Certification Authority); Dream Security Co., Ltd. Korea; ETRI; eWBM Co., Ltd.; IBM; Infineon Technologies; INITECH Co., Ltd.; Nok Nok Labs; OneSpan; Raonsecure; Samsung SDS; Singular Key; Whykeykey Inc.; Yahoo Japan Corporation; and Yubico. This included the first universal FIDO server, which supports not only all FIDO2 authentication devices but also those running on earlier open authentication standards UAF and U2F, enabling backward compatibility for any previously certified FIDO authenticators.
Companies pursuing biometrics-based authentication were further helped by FIDO’s September 2018 launch of its Biometric Component Certification Program, the first in the industry program designed to certify that biometric recognition systems successfully meet globally recognized performance standards and are viable for commercial use. The program delivers significant time and cost savings to biometrics vendors because it enables them to test and certify their technology only once in order to validate their system’s performance, and then repeatedly re-use that third-party validation across their potential and existing customer base.
Even before the official launch of FIDO2, the Alliance expanded its previously established certification program to include multi-level security evaluations for authenticator technologies. In a press release at the time, FIDO Alliance Executive Director Brett McDowell said that the new and improved certification program “enables enterprises and online services to make better informed risk management decisions when registering credentials from FIDO-enabled devices, resulting in more accurate and reliable scores on the back-end while delivering better user experiences on the front end due to lower instances of intrusive ‘step up authentication’ challenges.”
Just last December, the FIDO Alliance reached what is arguably the highest bar set in information and communication technology (ICT) standardization when the International Telecommunication Union’s Telecommunication Standardization Sector (ITU-T) recognized UAF 1.1 and CTAP as international standards.
eWBM becomes the fourth FIDO Alliance board member in Korea
System on a chip solution company eWBM announced today the company was accepted to the FIDO Alliance Board of Directors at the FIDO member plenary held in Austin, Texas in January.
FIDO standards are set by the FIDO Alliance, a non-profit organization formed in 2012 to develop specifications that define an open, scalable, interoperable set of mechanisms to securely authenticate users of online services. As a FIDO Alliance board member eWBM will have right vote on various policies and solutions related to FIDO’s current and future activities. eWBM is also expected to make significant contributions to FIDO’s various technical and adoption working groups based on the company’s technical skills and expertise.
“As eWBM becomes the fourth FIDO Alliance board member in Korea, joining the ranks of Samsung, BC Card and Raonsecure, we expect to expand and accelerate industry adoption of FIDO authentication technology in Korea and the many global markets that Korea suppliers serve,” said Brett McDowell, executive director of the FIDO Alliance. “We also expect that Korean board member companies will continue to provide valuable leadership and guidance to the FIDO Alliance strategy, not only in this upcoming September’s FIDO Alliance plenary in Seoul, Korea but also in expanding passwordless authentication technology to emerging markets such as the Internet-of-Things sector where eWBM has important expertise to share.”
“As eWBM has been promoted to become a board member of FIDO Alliance, we now have the opportunity to show leadership in International standards related to online security and authentication,” added Stephen Oh, CEO of eWBM. “We will continue to work hard to deliver the best value to our customers by providing new global technologies such as secure and convenient biometric authentication and many others.”
Yesterday it was announced that the in-display fingerprint system in Samsung Galaxy S10 and S10+ smartphones is the first product to be certified by the FIDO Alliance’s new Biometric Component Certification Program.
View Press Release
eWBM to unveil FIDO Certified Fingerprint Authenticator at RSA 2018 in San Francisco
The Compact and portable security USB device comes with fingerprint authentication technology. The product provides superior experiences in the field of corporations, commercial banks, governments, or general consumer market that requires security controls.
SAN FRANCISCO, April 13, 2018 /PRNewswire/ -- The fabless SoC company is announcing a new product, eFA500, the eWBM FIDO Authenticator, which comes in the form of a traditional USB token. The device is also ready for the FIDO2 protocol, which was newly announced by the FIDO Alliance and the World Wide Web Consortium (W3C). The new product is powered by eWBM's security SoC MS500, which contains hardwired crypto engines, secure storage and secure boot structures. Its low power consumption design also provides developers with a perfect choice towards advanced fingerprint security devices.
"eWBM's FIDO authenticator is a compact and portable security device," said Dr. Stephen Oh, chief executive officer of eWBM. "It also facilitates strong authentication functions that enable convenient and effective establishment of FIDO authentication for secure access to remote resources, such as cloud servers and online services." Designed with Secure Hardware Root of Trust, TRNG, and hardwired crypto accelerator engines, the device supports secure booting, secure storage, and secure digital key management features. The dongle comes with an efficient and powerful fingerprint recognition algorithm for user accessibility. Combined with step-up capabilities, fingerprint technology and X.509 certificate solutions, the device provides the FIDO-certified authentication feature for customers from corporations, commercial banks, government institutes, or any other general consumer markets that requiresecurity controls. The company supplies the USB dongle products as well as all other FIDO device products in numerous form factors, including smart cards, mobile apps and hardware tokens.
View Press Release
New FIDO2-Compliant USB Key Features Fingerprint Sensor
“The new authentication standard’s WebAuthn component is designed to enable hardware key and biometric authentication within major web browsers […] and thus by incorporating a fingerprint sensor into a USB key, the eFA500 combines both authentication approaches allowing for extra-secure browser-based authentication.”
Fabless SoC maker eWBM has announced a new USB key designed to support the just-announced FIDO2 and WebAuthn standards. Called the eFA500, the USB key is based on eWBM’s MS500, a system-on-chip offering “hardwired crypto engines, secure storage and secure boot structures,” according to a statement from the company. It’s a small device, designed to plug into a computer or laptop’s USB port like any other regular USB key. But it features an embedded fingerprint sensor, allowing for biometric authentication – a step above the already strong second-factor authentication enabled by a hardware key. The device thus offers special functionality with respect to FIDO2. The new authentication standard’s WebAuthn component is designed to enable hardware key and biometric authentication within major web browsers – Google Chrome, Mozilla Firefox, and Microsoft Edge – and thus by incorporating a fingerprint sensor into a USB key, the eFA500 combines both authentication approaches allowing for extra-secure browser-based authentication. It’s the second major USB key supporting FIDO2 since the standard was announced earlier this week, after the launch of the $20 Security Key by Yubico. eWBM hasn’t yet revealed the price or availability of its solution, but the company will showcase its solution at next week’s RSA 2018 conference in San Francisco.
View Press Release
Precise Biometrics Tech Powers eWBM’s FIDO2-Certified USB Key
eWBM recently made headlines when the company’s Goldengate 500 Security Key became the first USB device to achieve FIDO2 Level 2 Authenticator Security Certification. Now Precise Biometrics has given us a look beneath the surface, announcing that eWBM licensed the Precise BioMatch Embedded fingerprint algorithm for the Goldengate 500.
According to Precise, the deal will not have a significant financial impact for the company, although it does mean that Precise tech is powering the FIDO Alliance’s first L2-certified device. That’s obviously a major milestone for Precise and eWBM, even if it doesn’t make much of an impact during Precise’s upcoming Annual General Meeting in May.
The Goldengate 500 offers password-free authentication, and is designed to guard against phishing, account takeovers, and other malware attacks. Precise’s fingerprint algorithm is an essential piece of the puzzle that powers the device’s biometric capabilities.
Much of Precise’s business is focused on the biometric cards market, but the company hopes to expand its multi-modal portfolio in the coming years, and has already provided a software solution for a new Hyundai car. For its part, eWBM has been a staunch supporter of FIDO2 as a post-password initiative, and recently joined the Board of Directors of the FIDO Alliance.
eWBM Joins Microsoft Intelligent Security Association and Introduces New Additions to FIDO2 L2 Goldengate Series Line
SEOUL, South Korea, Oct. 14, 2019 /PRNewswire/ -- eWBM Co., Ltd., a fabless System-on-Chip (SoC) company providing one of the world's first biometrics-based FIDO2 L2 hardware authenticators, announces membership into the Microsoft Intelligent Security Association to help defend organizations from sophisticated and complex security threats. eWBM also announces two new additions to eWBM Goldengate Series: G310 (USB-A type) and G320 (USB-C type).
Goldengate Series security keys are USB hardware tokens made for FIDO authentication using eWBM MS500, a powerful microprocessor with extensive security features, and a fingerprint sensor and a world-leading fingerprint recognition algorithm. Certified with the new FIDO2 standard, the G310 and G320 provide the benefit of fast login and strong protection against phishing, account takeover as well as many other online attacks. Simply plug G310 or G320 into a USB port according to the login procedure then touch the fingerprint sensor on the key to complete login and access the account. Moreover, G310 and G320 are compatible with all major web browsers with WebAuthn capability and works seamlessly with Microsoft Azure Active Directory. Azure Active Directory is part of the Microsoft cloud services, including Microsoft Office 365, Microsoft Azure, and Microsoft Dynamics 365.
Passwords are the root cause of over 80% of data breaches and an open door for hackers to harm user accounts, but with Azure AD services and Goldengate keys, users realize the benefit of secure, simple and seamless passwordless login with Single Sign-On (SSO) to Azure AD-connected apps and services. Stephen Oh, CEO of eWBM, said, "We are glad to become a part of the Microsoft Intelligent Security Association as we can provide our FIDO2 L2 security keys for passwordless environment. It is meaningful to us that we have developed the keys ground up using our own secure micro-controller."
Alex Simons, Corporate Vice President of Program Management, Microsoft Identity Division, Microsoft Corp. said, "Microsoft has been on a mission to eliminate passwords and help people protect their corporate identities. We welcome companies like eWBM that support a goal to increase online security and protect identity online through the Microsoft Intelligent Security Association."
About eWBM Co, Ltd.
eWBM is a fabless SoC company which provides security MCUs and modules for FIDO2 Goldengate Series and variety of IoT applications such as MS500, Secure LoRa Module, Secure Sensor to Ethernet module, Secure NB-IoT module, and Secure IP Cameras. The next generation security SoC chip, called MS1200, will be introduced in 2019. Designed with a complete root-of-trust HSM, the IoT security SoC chip will provide industry's highest security level for a variety of application including LoRa, NB-IoT, FIDO, secure IP camera, industrials, and smart home applications. The chip supports the ultra-low power deep sleep mode optimized for battery-powered IoT applications.
Copyright © TrustKey 2020. All rights reserved.