Introducing TrustKey's G-Series and T-Series Security Keys

The TrustKey G-Series keys are the world's first FIDO2 Level 2 certified security keys. They are designed with eWBM's MS500, a powerful microprocessor with a fingerprint sensor that uses the fastest in class fingerprint recognition algorithm. G-Series keys support true passwordless login via the FIDO2 standard. G-Series keys are compatible with all the major web browsers where WebAuthn is implemented, and works seamlessly on online services like Azure AD, Google, Dropbox, Facebook, Twitter, GitHub and more. Fingerprint match is required to authenticate as FIDO2 key as well as U2F key - only the key user can use to login to the websites.

TrustKey G-Series includes Windows Hello, TOTP and HOTP features. Now you can login to your PC and login to websites all using the same key. Very secure, simple and convenient.

T-Series security keys, T110 and T120 (Coming Soon!), are implemented on the same platform as FIDO Alliance L2 certified G-series Series keys, G310H and G320H. T110 provides high security performance with affordability. They are hardware security keys for both the general public and enterprise deployment – it is fast, easy to use and affordable.

Both G-series and T-series keys can work for 2FA (U2F), and the usage of the keys can prevent the websites from sending the user a text message or email to confirm user's identity.

Why should you use FIDO2 Security Keys?

Credentials stolen in 2017 alone
Rise in phishing attacks in 2018
Of passwords are reused across services
Of people have felt stressed or annoyed as a result of forgetting their password
Collectively spent by humans each day entering passwords

Source : FIDO Alliance

What is FIDO2?

FIDO2 is an open authentication standard that consists of W3C (World Wide Web Consortium) WebAuthn API (Web Authentication specification) and CTAP (Client To Authenticator Protocol). WebAuthn has been implemented by the major browsers, and CTAP2 is supported by hardware and platform companies. FIDO2 cryptographic login credentials are unique across every website, biometrics or other secrets like passwords never leave the user's device and are never stored on a server.

G-Series Keys: World's First FIDO2 Level2 Certified Keys

G-Series keys have gone through stringent requirements and security measures of FIDO2 Level2 certification and became the world's first FIDO2 Level2 certified security keys in the market today. G-Series keys are trusted and safe from potential attacks. Here are some of the highlighted security features.

Strong key management

Our keys do not allow self-attestation keys and attestation keys must come from a known and certified vendor. This proves the authenticity of the device, and proves that the key is made by the key's vendor and not an imposter when communicating with the login server.

Provide physical security

Our keys provide firmware integrity and do not allow debug-mode during in-field use. This is because the key's firmware gets encrypted and stored inside the key's microcontroller, MS500, protecting the key's firmware from being modified.
MS500 disables a debug path after manufacturing unlke other MCU where it disables debug path using a software flag.

Restricted operation environment to resist cybersecurity attacks

MCU (MS500) inside our keys provid protection against attacks, such as, scalable attacks and side-channel attacks

Secure manufacturing environment

No unauthorized human intervention during manufacturing
Manufacturing site is in control of TrustKey. No offshoring for manufacturing.

World Class Biometric Algorithm

One of the most precise and accurate fingerprint recognition algorithms implemented

Security Key Features

Easy and flexible fingerprint enrollment using the our Key Manager, Windows Hello built-in Security Key configuration process under Windows Sign-in options, or Google Chrome
G-series keys stores the scanned fingerprint data encrypted in the secure storage area. Fingerprint data, private keys, secrets never leave the keys.
Strong hardware-based authentication.
(TrustKey's own secure MCU)
No client software or driver required.
Human factors considered ergonomic design.
Always on and accessible, and no battery required.
Supports up to 150 resident keys for G-series and up to 200 resident keys for T-series for better passwordless experience login
Supported OS: Windows, macOS and Linux
Fully supports Microsoft Azure AD. Our security keys can be used to experience passwordless login to Azure joined Windows PC whether you are online or offline/airplane mode

Advantage of FIDO2 Hardware Based Authenticator With Biometric Sensor

Strong Security

Hardware-based authentication using Private and Public Key cryptography.
Strong single factor authentication (passwordless) or twofactor authentication is supported.
Additional Protection

With the adoption of biometric technology extra layer of protection is implemented.
The security key cannot be used by unauthorized person whose fingerprint is not enrolled.
No security risk even if the key is lost.
Single key to all accounts

A single security key works across thousands of accounts without sharing secrets

Into the World of Passwordless Authentication

Stronger and simpler authentication for fast and secure passwordless login
Protection against phishing, account takeover, session hijacking, man-in-the-middle, malware and other online attacks

Security Key As Standard Login

FIDO2 security key is now an option for Windows Hello standard login in Windows 10.
You can register a security key and login to Microsoft accounts without passwords.
Seamlessly support Windows Hello (Within an Azure AD)

On Azure AD

Supports Azure AD Joined Windows 10 login
Supports Hybrid Azure AD Joined Windows 10 login
Offline and airplane login is supported.