Certifications & Compliance

Token2 operates in compliance with the leading industry standards and certifications in quality, safety, and sustainability. We consider the data of our customers and business partners to be valuable property and protect it globally while considering all locally applicable laws and regulations. We consistently comply with all relevant data privacy regulations and commit ourselves to handle confidential information with care.

Product certifications and compliance

FIDO2 Keys

Certifications & Compliance

All Token2 FIDO2 security keys are certified by the FIDO® Alliance Certification program

FIDO’s certification programs are a critical element in ensuring an interoperable ecosystem of products and services that organizations can leverage to deploy FIDO Authentication solutions worldwide. 

Certifications & Compliance

Token2 is a member of FIDO Alliance 

We implement the FIDO protocols (UAF, U2F, WebAuthN and CTAP) on our hardware security keys as well as our TOTPRadius appliance

Microsoft Azure AD (Microsoft Entra ID) compliance

Certifications & ComplianceMicrosoft has a separate procedure of confirming the compatibility of FIDO2 security keys with the Azure Passwordless concept. Token2 has successfully completed this process and is listed by Microsoft as one of the FIDO2 Security keys provider.

Token2 is also listed as one of the preferred manufacturers of TOTP tokens for the OATH hardware tokens functionality with Azure MFA.

TOTP Tokens

Certifications & ComplianceSingle profile tokens
Independent Compliance Check of our single profile TOTP tokens against RFC6238 was done by CertX AG. CertX is the first swiss accredited certification body for product certification in the scope of industrial cybersecurity and functional safety. The compliance check report from CertX can be downloaded here.

Molto2 Certification
Our multiprofile TOTP token, Molto2, has received a 'Certified Product' badge from an independent third-party security assessment conducted by SySS GmbH.

TOTPRadius VPN Portal

TOTPRadius VPN Portal - Overview
VPN Portal is a subcomponent of TOTPRadius appliance and is required  to implement several features, such as LDAP-based self-service enrollment, FIDO2/Passwordless or Azure AD (Microsoft Entra ID) Oauth2/SSO VPN access. To ensure the security of the VPN Portal is at the highest level, we have contracted an independent security company, SySS GmbH , which has conducted the penetration testing and produced a security certificate available below. The TOTPRadius VPN Portal component is currently labeled as "Certified Website - Approved Security" by SySS Gmbh.

TOTPRadius VPN Portal Certificate of Penetration Test

CE Declaration of conformity

TOKEN2 declares the conformity with the protection requirements of the EMC directive and with the principal elements of the safety objectives of the Low Voltage Equipment directive, and that the following standards have been applied: EN IEC 63000:2018, 73/23/EEC and 93/68/EEC. The declaration can be downloaded below:

TOKEN2 Hardware products - Declaration of Conformity

Swiss made software

Certifications & ComplianceTOKEN2 Multifactor Authentication is a member of Swiss made software label. Swiss made software is the nationally and internationally recognized symbol for Swiss quality in software development. Swiss made software member companies offer high-quality software development and are committed to Switzerland as a place to develop software, both as a company and as a concept.

Swiss Made Software - Membership page

Swiss trademark

TOKEN2 is a registered trademark of the TOKEN2 Multifactor authentication company (registered by Geneva Cantonal Trade Register as CHE-218.895.438 ) at the Swiss Federal Institute of Intellectual Property. Registration number № 743850, classification area №42 ("services de sécurité informatique...")