In today's world, people expect to access their online accounts anywhere at any time, using applications or browsers form any device, a shared or personal PC, a Tablet or Smartphone. In Hio, we let users store their passwords and credit card data in a security key, called HioKey, to be protected from any unauthorized access. All user sensitive data are stored inside the physical device and never leave the device unless user consent/completing pin verification, so you can feel safe on using HioKey everywhere on all browsers and environments.
Last updated: [04/07/2019]
As used in this Policy, “Personal Data” has the meaning provided in the EU General Data Protection Regulation of 2018 (the “GDPR”), and includes any information which, either alone or combined with other information we hold, identifies an individual, such as credit card information, name, password, mailing address, email address, IP address, and telephone number.
In order to provide certain services we need certain Personal Data. You will be asked to provide this information — and must agree to this Policy and the Terms — in order to download and use the HioKey Apps. This consent, which you may withdraw at any time, provides us with the legal basis we need to process your Personal Data. If you do not agree to this Policy, you may not use our Services.
HioKey collects Personal Data that you voluntarily provide to be stored on the HioKey device. This includes information you use to complete a login process on websites or complete a shopping process.
Like the other security keys, HioKey has a specific secure chip by which it performs cryptographic functions triggered by a push button. Obviously, you never see the details, but behind the scenes, it provides a robust secure infrastructure as a way to protect your passwords, credit cards and the login credentials.
The secure chip that is used in HioKey is an ARM® TrustZone® Cryptocell chip which ensures your credentials of any type are real, untampered, and confidential. It features hardware acceleration for the NIST standard prime curve and supports the complete key life cycle from high quality private key generation to ECDSA signature generation, ECDH key agreement, and ECDSA public key signature verification.
As the result, we keep the user’s secrets securely protected inside the chip with the hardware protection. This includes protection for passwords to all websites and applications, credit card and other sensitive data. Hio, a PIN capable device, provides industry leading security so you can be confident that no one can read your data even if your HioKey is lost or stolen.
The Personal Data contained in the HioKey belong to the end-user exclusively and are never transferred, copied or stored by a service provider or any other application provider.
All the Personal Data that you allow HioKey companion apps to store for you will just be available locally by your own, not anyone else. The HioKey companion applications may use the stored Personal Data with your consent to complete the aforementioned services on facilitating the login process or shopping.
All the data including passwords, credit cards are stored on the HioKey inside the chip, and never will be transferred. Using Hio application you can communicate with your HioKey in order to reach your Personal Data including password and credit card information. Getting access to this data may need a PIN verification.
Again, no data will be stored, exchanged or even computed on the Internet keeping users protected against hacking and data breaches.
Hio companion apps will communicate with your HioKey device through Bluetooth Low Energy interface in order to exchange user data. To make sure the communication over Bluetooth with its low energy feature (Smart, BLE, and LE) is always secure and protected, we are using the pass-key for pairing to cover and provide high reliability in the wireless communication. During the pairing process, both parties that are involved in the communication exchange their identity information to set up trust and get the encryption keys ready for the future data exchange. By this way, the connection is completely encrypted using AES128 cryptography.