Certifications & Compliance
Token2 operates in compliance with the leading industry standards and certifications in quality, safety, and sustainability. We consider the data of our customers and business partners to be valuable property and protect it globally while considering all locally applicable laws and regulations. We consistently comply with all relevant data privacy regulations and commit ourselves to handle confidential information with care.
Product certifications and compliance
All Token2 FIDO2 security keys are certified by the FIDO® Alliance Certification program.
FIDO’s certification programs are a critical element in ensuring an interoperable ecosystem of products and services that organizations can leverage to deploy FIDO Authentication solutions worldwide.
We implement the FIDO protocols (UAF, U2F, WebAuthN and CTAP) on our hardware security keys as well as our TOTPRadius appliance
Microsoft Azure AD compliance
Microsoft has a separate procedure of confirming the compatibility of FIDO2 security keys with the Azure Passwordless concept. Token2 has successfully completed this process and is listed by Microsoft as one of the FIDO2 Security keys provider.
Token2 is also listed as one of the preferred manufacturers of TOTP tokens for the OATH hardware tokens functionality with Azure MFA.
Independent Compliance Check of our TOTP tokens against RFC6238 was done by CertX AG. CertX is the first swiss accredited certification body for product certification in the scope of industrial cybersecurity and functional safety. More information about CertX
The compliance check report from CertX can be downloaded below:
TOKEN2 TOTP hardware token - Independent Compliance Check report by CertX
TOTPRadius VPN Portal
VPN Portal is a subcomponent of TOTPRadius appliance and is required to implement several features, such as LDAP-based self-service enrollment, FIDO2/Passwordless or Azure AD Oauth2/SSO VPN access. To ensure the security of the VPN Portal is at the highest level, we have contracted an independent security company, SySS GmbH , which has conducted the penetration testing and produced a security certificate available below. The TOTPRadius VPN Portal component is currently labeled as "Certified Website - Approved Security" by SySS Gmbh.
TOTPRadius VPN Portal Certificate of Penetration Test
CE Declaration of conformity
TOKEN2 declares the conformity with the protection requirements of the EMC directive and with the principal elements of the safety objectives of the Low Voltage Equipment directive, and that the following standards have been applied: EN IEC 63000:2018, 73/23/EEC and 93/68/EEC. The declaration can be downloaded below:
TOKEN2 Hardware products - Declaration of Conformity
Swiss made software
TOKEN2 Multifactor Authentication is a member of Swiss made software label. Swiss made software is the nationally and internationally recognized symbol for Swiss quality in software development. Swiss made software member companies offer high-quality software development and are committed to Switzerland as a place to develop software, both as a company and as a concept.
Swiss Made Software - Membership page
Swiss trademarkTOKEN2 is a registered trademark of the TOKEN2 Multifactor authentication company (registered by Geneva Cantonal Trade Register as CHE-218.895.438 ) at the Swiss Federal Institute of Intellectual Property. Registration number № 743850, classification area №42 ("services de sécurité informatique...")
Subscribe to our mailing list
Want to keep up-to-date with the latest Token2 news, projects and events? Join our mailing list!