Built on Trust. Verified by Standards.
VerifiedKnock is engineered to meet the strictest government and industry security standards. We don't just claim security; we prove it through rigorous certification.
Our hardware security modules (HSM) and smart cards are certified to FIPS 140-2 Level 3. This is the same standard required for:
- US Federal Government Agencies
- Military & Defense Contractors
- Financial Institutions
What this means: The private keys used to verify an officer's identity are generated inside a tamper-resistant chip and can never be extracted or cloned.
VerifiedKnock utilizes the FIDO2 / WebAuthn standard for passwordless, phishing-resistant authentication.
- Biometric Match-on-Card
- Anti-Phishing Protection
- Cross-Platform Compatibility
What this means: Even if a hacker steals an officer's card, they cannot use it without the officer's live fingerprint. The biometric data stays on the card and is never sent to a server.
Technical Security Specifications
Cryptography
- • Algorithm: ECC P-256 (Elliptic Curve Cryptography)
- • Signing: ECDSA (Elliptic Curve Digital Signature Algorithm)
- • Hashing: SHA-256
- • Key Storage: Secure Element (SE) Hardware
Data Privacy
- • Biometrics: Stored locally on card (Match-on-Card)
- • Location: Ephemeral processing (No history tracking)
- • PII: Encrypted at rest (AES-256)
- • Transmission: TLS 1.3 (Transport Layer Security)
Anti-Tamper
- • Physical: Active mesh shielding
- • Logical: Secure boot & signed firmware
- • Self-Destruct: Keys erased upon forced entry attempt
Compliance
- • GDPR: Fully Compliant (Privacy by Design)
- • CCPA: Fully Compliant
- • CJIS: Ready for CJIS Security Policy integration
Need a full security whitepaper?
Our engineering team can provide detailed documentation for your CISO or IT Security Review Board.
Request Security Whitepaper