Swissbit iShield Key 2 Pro FIPS

CTAP 2.1

Supports CTAP 2.1, including features like enforced PIN complexity, credBlob, largeBlob, and alwaysUv

More Info

FIDO2 Certification

Certified by the FIDO Alliance as conforming to FIDO2 standards

More Info

FIPS 140-3 Validated

Validated against FIPS 140-3 by NIST. Higher tier validation required by current federal procurement

More Info

HOTP passwords

Supports Hashed One-Time-Password generation

More Info

Management Application

Vendor provides applications that extend or configure the device

Windows management application

Management application runs on Windows

Resident Cryptographic Keys

Supports WebAuthn discoverable resident credentials, the building block of passkeys

More Info

Resident ECDSA keys

Supports ECDSA discoverable keys

PKCS#11 SmartCard

Conforms to PKCS11 SmartCard interface standards

More Info

Timed OTP passwords

Supports Time-based One-Time-Password generation

More Info

U2F Authentication

Conforms to the U2F Authenticator and WebAuthn standard

More Info

The iShield Key 2 Pro FIPS is, per Swissbit, the first FIDO security key validated to FIPS 140-3 Level 3. The protocol stack matches the regular iShield Key 2 Pro, but the validation makes this variant relevant to United States federal agencies, contractors, and other organisations under FIPS mandates.

The validation level is meaningful: 140-3 Level 3 requires identity based authentication and physical tamper response, which are stronger than the 140-2 Level 2 most FIPS validated FIDO keys have historically held.