Skip to main content

Product Fact Sheets & Getting Started Guides

This guide outlines all HSMs and FIDO devices used in Virifi’s Solution Proposal.

Updated over 10 months ago

Introduction

This guide outlines all hardware security modules (HSMs) and FIDO devices supported in Virifi’s Solution Proposal. It includes quick-start instructions, technical specifications, and security certifications to assist developers and integrators in secure deployments.

iShield HSM (PU-50n) – USB Hardware Security Module

Summary:

  • Compact USB 3.1 device

  • Supports PKCS#11 / PKCS#15

  • ISOApplet preloaded, compatible with OpenSC

  • Used for demonstration in On-Prem HSM environments

Setup Guide Includes:

  • Driver installation (PC/SC daemon)

  • Key generation with XCA or pkcs11-tool

  • Certificate CSR workflow

YubiKey 5 FIPS Series – Multi-Protocol FIDO Device

Summary:

  • FIPS 140-2 certified hardware token

  • Supports PIV, FIDO2/WebAuthn, OTP, OpenPGP

  • Works with Windows, macOS, Linux, Android, and browsers

Setup Guide Includes:

  • YubiKey Manager usage (GUI/CLI)

  • PIV applet configuration

  • Touch policy setup for PIN entry

  • Certificate upload (signing/authentication)

Securosys Cloud HSM – Post-Quantum HSM Integration

Summary:

  • Used in Virifi’s Cloud HSM stack for demo and test environments

  • Supports FIPS 204 (ML-DSA) for post-quantum digital signatures

  • High-throughput, low-latency signing operations

  • ISO 27001/ISO 14001-certified Swiss data centers

Features:

  • Remote key generation and lifecycle management

  • REST & PKCS#11 interfaces

  • Integration-ready with Virifi SDK and Signing Services

Use Cases:

  • Future-proof signing (LTA signatures)

  • Centralized signing operations for financial institutions

  • Secure and compliant cloud deployment

Reference: Securosys CloudHSM

Developer Tools & Requirements

Tools you’ll need:

  • XCA – key/cert management GUI

  • OpenSC – smart card middleware

  • pkcs11-tool / p11tool – CLI for HSMs

  • YubiKey Manager (ykman) – token management

  • AWS CLI / REST clients – for cloud HSM access

  • OS Compatibility: Windows, Linux, macOS

Compliance & Security Certifications

Device

Certification

Interface

Notes

YubiKey 5 FIPS

FIPS 140-2

PIV, FIDO2, OTP

Cross-platform

iShield HSM

FIPS 140-2

PKCS#11

On-prem USB

Securosys CloudHSM

ISO 27001, FIPS 204 Capable

REST, PKCS#11

Cloud-native

Documentation Links

Attachment icon
PU-50n_iShield-HSM_fact_sheet.pdf
Attachment icon
PU-50n_iShield-HSM_getting_started.pdf
Attachment icon
YubiKey_5_FIPS_Series_Product_Brief.pdf
Related Articles
Compliance Standards Overview
Recommended Hardware & OS Specs
Software Dependencies (e.g., .NET, Java, Docker, etc.)
HSM Integration Overview
POC Hardware, Infrastructure, and Design Considerations
Did this answer your question?