Thales FIDO Devices

Organizations expanding their digital transformation are moving applications and data to the cloud to enable accessibility from anywhere and decrease operating costs. As users log in to an increasing number of cloud-based applications, weak passwords are emerging as the primary cause of identity theft and security breaches.

Addressing this risk, Thales FIDO2 (the umbrella term for FIDO Alliance’s newest set of specifications) security keys are offering organizations passwordless, phishing-resistant authentication, allowing them to stop account takeover and remove risk of unauthorized access to sensitive resources like SaaS applications and Windows endpoints.

Thales FIDO2 security keys support multiple applications at the same time. Use one that combines FIDO2, U2F, PKI and RFID to access both physical spaces and logical resources.

Passwordless Phishing-Resistant MFA

FIDO2 authentication removes the risk of account take-over by replacing vulnerable passwords with a phishing-resistant WebAuthn credential.
FIDO2 authentication has gained traction as a modern form of MFA because of its considerable benefits in easing the login experience for users and overcoming the inherent vulnerabilities of passwords. Advantages include less friction for users and a high level of protection against phishing attacks.

Meet stringent compliance mandates

Thales FIDO2 security keys, USB Tokens and smart cards let you meet all your regulatory needs. They are FIDO2 and U2F certified. The combined PKI-FIDO keys are compliant with the US Executive Order mandate for phishing-resistant MFA and NIST regulations. They are FIPS 140-2 or Common Criteria (CC) certified.

Thales FIDO Authentication Solutions

Smart Card Form Factor

SafeNet IDPrime 3930 FIDO is FIPS 140-2 Level 2 certified for the combined Java platform and PKI applet.

SafeNet IDPrime 3940 FIDO is CC EAL5+ / PP Java Card certified for the Java platform and CC EAL5+ / PP QSCD certified for the combination of Java platform and PKI applet. 

SafeNet IDPrime 931 FIDO is qualified for both eSignature and eSeal applications and is FIPS 140-2 Level 2 for the combined Java platform and PKI applet.

SafeNet IDPrime 941 FIDO is qualified for both eSignature and eSeal applications and is Common Criteria certified.

SafeNet IDCore 3121 FIDO is a physical access smart card with FIDO. This contactless smart card allows communication via a contactless ISO14443 interface and is also compatible with NFC readers.

SafeNet IDPrime FIDO Bio Smart Card combines biometrics and NFC to allow end users to authenticate from multiple types of devices securely and easily, with just a fingerprint instead of a password.

USB Token Form Factor

SafeNet eToken Fusion Series
The SafeNet eToken Fusion Series enables organizations to utilize passwordless phishing-resistant authentication methods improving security for enterprise resources accessed from any device. This series allows presence detection and supports all PKI and FIDO use cases. The SafeNet eToken Fusion Series includes an option with CC certification.

SafeNet eToken Fusion is available in two form factors: USB-A and USB-C. The USB-C form factor enables users to authenticate to any cloud resources by plugging this token to their mobile devices (phone/tablets).

SafeNet eToken FIDO
The TAA-compliant SafeNet eToken FIDO is a USB token, an ideal solution for enterprises looking to deploy passwordless authentication for employees. This FIDO authenticator is a compact, tamper-evident USB with presence detection, which creates a third factor of authentication: Something you have (physical token), something you know (PIN), something you do (touching the token).

Resources

ImageTitleLink
eBook: The Comprehensive Guide on Phishing-Resistant MFA, Passkeys and FIDO security keys.
Product Brief: Thales FIDO2 Devices
White Paper: Meeting U.S. Government requirements for phishing-resistant MFA