Back to articles
Back to Index

Posted on 14 October 2025 by in Certificate-based Tokens (eToken, iKey, SmartCards)

 

SafeNet eToken FIDO NFC – Release Update

We are excited to announce that the SafeNet eToken FIDO NFC are now Generally Available (GA) for ordering.

These FIDO security keys are well suited for medium to large-sized organizations who want to deploy passwordless phishing-resistant authentication to their employees working in various environments.

SafeNet eToken FIDO NFC enable organization to adopt FIDO authentication for secured access to modern web applications and desktop sessions.

The NFC contactless mode combined with USB-C or USB-A form factor ensures streamlined login and compatibility with a wide array of devices and operating systems, including Windows desktops, Mac, iOS, Android and Linux platforms.

These tokens are available in two editions:

SafeNet eToken FIDO NFC – Standard Edition

Fully certified by FIDO Alliance, it supports features defined by the  FIDO2.1/CTAP2.1 standard to deploy FIDO authentication more securely:

  • Discoverable credentials management
  • Enforce user verification (PIN) when accessing a service​
  • Force end user to change the PIN ​at first use
  • Define a minimum PIN length
  • Factory settings:
  • Up to 255 discoverable credentials
  • Enforce user verification set to False
  • Default min PIN length: 4

 

SafeNet eToken FIDO NFC – Enterprise Edition

Organizations looking to accelerate and secure their passwordless journey are now able to extend capabilities to benefit from Thales FIDO Enterprise Features, on top of FIDO2.1:

  • Managed mode: Only IT operators can manage security policies and sensitive operations on the FIDO keys
  • Services allow list: Permits IT operators to limit the usage of the FIDO keys to preferred company services (websites, applications) and by then ensure appropriate usage of the FIDO keys
  • Unblock FIDO keys: Allows end users to unblock their keys, under the control of the IT operator, without having to fully reset the key and re-register it to the enterprise web services
  • Ensure persistent PIN length: Prevents end users from changing the minimum PIN length
  • Manage reset: Prevents end users from unintentionally resetting their FIDO key

These new security keys are compatible with SafeNet Trusted Access, OneWelcome Identity Platform and IdCloud and third party IDP’s such as Microsoft Entra ID, and can be managed in SafeNet FIDO Key Manager and  vSEC:CMS

For more information please visit: Thales FIDO2 Devices & Security keys