About Us

FIPS 140-2 Compliant

VFYCRED 2FA:


The VfyCred 2FA app aligns with FIPS 140-2's stringent security standards across all four levels. At Level 1, it implements basic security requirements, protecting against accidental data exposure. Moving to Level 2, the app enforces role-based access controls and robust encryption, safeguarding sensitive data from unauthorized access. At Level 3, it employs strong physical security mechanisms to protect against tampering and unauthorized access, further enhancing data protection. Finally, at Level 4, VfyCred incorporates the highest levels of physical security and cryptographic measures, offering the most stringent protection against sophisticated attacks, making it an exceptionally secure choice for 2FA.


Certainly, here's how VfyCred 2FA meets FIPS 140-2 standards at each level with a focus on cryptographic techniques:

  • Level 1: VfyCred employs AES-256 encryption to ensure user data confidentiality and basic data protection.

  • Level 2: Our app enforces AES-256 encryption and implements access controls to protect against unauthorized access and data breaches.

  • Level 3: VfyCred enhances security further by adding physical security measures to the AES-256 encryption, guarding against tampering and unauthorized access.

  • Level 4: At the highest level, VfyCred's use of AES-256 encryption, coupled with rigorous physical security and other advanced measures, provides the utmost protection against even the most sophisticated attacks, guaranteeing top-tier data security.

VFYCRED SMART CARD 2FA:


  • Level 1: At Level 1, VfyCred employs a hard token in the form of a smart card with a QR code to generate 6-digit tokens. The physical possession of the smart card is necessary for generating tokens, ensuring basic security requirements. Without it, unauthorized users can't access the 6-digit tokens.

  • Level 2: Level 2 adds role-based access controls. VfyCred's smart card can be configured to work only for authorized users, which is a form of access control. For example, the smart card may require a user's biometric verification in addition to the card itself to generate a token.

  • Level 3: Level 3 introduces strong physical security mechanisms. VfyCred's smart card may have tamper-evident features. If someone tries to tamper with the card, it will become unusable, ensuring that the generation process remains secure.

  • Level 4: At the highest level, VfyCred's smart card combines the use of a unique, digitally signed QR code with AES-256 encryption. This provides the utmost protection against advanced attacks. The smart card's private key, which generates the QR code, is securely stored, and any attempt to extract it triggers self-destruct mechanisms, making it highly resilient against even the most sophisticated attacks.