Nitrokey 3A Mini Receives Official FIDO2 Certification

We are pleased to announce that our Nitrokey 3A Mini has received official FIDO certification. This certification from the Fast Identity Online (FIDO) Alliance confirms that our authentication technology meets the expected security standards and compatibility, providing a robust solution against phishing attacks and other cyber threats. This underlines our commitment to providing secure and trustworthy products that meet the needs of both individuals and businesses.

"The FIDO certification is a significant achievement for us and our customers. It confirms that our solutions are not only secure but also standard-compliant and compatible," said Jan Suhr, CEO and founder of Nitrokey. "At a time when supply chain attacks are becoming increasingly sophisticated, it is critical that businesses and individuals have access to quality open source IT security products."

The FIDO Alliance is a global initiative dedicated to the development of open, license-free standards for secure authentication (also known as "passkeys"). The certification guarantees that our products are interoperable and compatible with a wide range of platforms, including Windows, macOS, Linux, Android and iOS.

With this certification, we are consolidating our position as the leading provider of open source security solutions from Germany. Customers and partners can rely on Nitrokey products to provide them with first-class, tested and certified technology that meets the increasing security requirements of the digital age.

The Level 1 certification received includes FIDO U2F and the modern FIDO2. We are aiming to certify more of our Nitrokey models from next year onwards.

Buy Nitrokey 3A Mini now!

12.8.2024

Comments

Great first step! So this certification does not apply to the regular nitrokey 3? And what about Level 2 certification that is required in a number of cases (see support pages)?
Other Nitrokeys will follow in the next months and years. We are also looking at Level 2 but don't have a specific plan yet.
Great! Hopefully the regular nitrokey 3 can follow shortly.
Great! Can't wait for the Nitrokey 3 NFC to be certified soon hopefully. I managed to get the mini to work with coinbase thanks to the FIDO 2 certification.
Great news! Seeing that the mini is now certified and other nitrokeys will soon follow, would you be able to apply/add them to the Microsoft database as well? https://(learn.microsoft.com)/en-us/entra/identity/authentication/concept-fido2-hardware-vendor I think it is needed for the keys to be allowed by default rather than asking the entra/azure admin to enable 3rd-party keys.
Thanks! Yes, we are on it - the device should soon appear inside https://mds3.fidoalliance.org/ - once this happened Microsoft needs to update their database based on this mds database - which will then enable using NK3 minis w/o explicitly allowing them.
Just a question, what is the life expectancy of Nitrokey 3A Mini vs Nitrokey 3A NFC? Which one is more durable? Thanks
This is not too easy to answer, let me try to give you an idea. Basically the internal flash of both is the critical component, which is expected to wear-out at some point. Both have a minimum write-cycle count of 10000. If we assume 2 write operations per operation on the device, you'd have like 5000 operations, means 7 operations every single day for 2 years - or 5 operations for nearly 3 years. This doesn't sound too much, but in reality 5 ops a day on average is quite a lot. On top of that, there are 2 things to consider: a) there are measures in place to reduce the wear-pressure on the flash b) we have a hardware-in-the-loop setup for our firmware builds the devices connected to this system have seen 20k firmware flash operations (where you cannot do anything against flash wear) and these don't show any signs of degradation. So to summarize: both should be equally durable from our current experience and in realistic usage scenarios they should reach 5 years, most of the time more.
Sounds great, many thanks for all the details!

Add new comment

Fill in the blank.