New smartMX card from MADA: LEGIC advant combined with FIDO2

The combination of physical and logical access control in one card

The company MADA Marx Datentechnik GmbH (www.mada.de), is a manufacturer and service provider in the field of RFID identification media. The company's smartMX card addresses the requirements of both physical and logical access. Physical access manages which persons are authorized to enter which physical room or building. LEGIC advant is used as the basis for physical access control and is supported entirely by the LEGIC advant AFS4096 applet in conjunction with LEGIC MTSC card management system.

For logical access, FIDO2 is implemented to provide strong multi-factor password-less authentication for access to web services and operating systems. During registration of a user for an online service, a key pair consisting of a private and a public FIDO2 key is created. The private key is stored locally on the user device while the public key is stored by the web application. With only the private key as evidence, subsequent registration to access web applications can proceed. The private key is unlocked by the user, e.g. via PIN entry. This PIN is saved locally on the device and is inseparable from it. Even if cybercriminals could attain the PIN, they would still need to steal the physical device for successful registration.

The well-known weaknesses of conventional user login with username and password is thus eliminated with this innovative solution; the FIDO2 process only allows verification for users having both the correct PIN and physical device in their possession. A password alone is insufficient.

Furthermore, the FIDO2 specification protects the privacy of the user because no personal information about the online user is stored.


ID Network News