Company Ledger received a security Certificate of the first level (CPSN) for your product Ledger Nano’s from the National Agency cybersecurity France (ANSSI).
ANSSI reports to the General Secretariat for national defense and security (SGDSN) and provides assistance to the French Prime Minister in matters of defence and national security. According to the list of study ANSSI products from 1 June 2018, has been certified 122 of 261 eligible products.
All products applying for a certificate CPSN, pass a series of tests in the laboratory ANSSI testing of several scenarios of attacks that jeopardize security. The Agency estimates the «firewall protection, identification, authentication and access, security, communication and embedded software».
Ledger emphasizes the importance of obtaining a certificate from an independent third party to confirm the safety of your wallet, and notes that the CPSN to Ledger’s Nano is the beginning of the effort certification for all its products. The blog post also says that Ledger is conducting its own internal safety assessment called Ledger Donjon, which checks the stability of the products to various threat scenarios.
In addition, the company has developed a special operating system BOLOS (the Blockchain Open Ledger Operating System) to combine software and hardware strategies that improve safety.
According to the blog post, testing CPSN covers a number of basic built-in security features, including generator true random number, which is created by hardware and then processed using BOLOS, and validates the technology for compliance with the security guidelines established in the Common reference system for France’s security.
Other security features, CPSN certified, include a root of trust that ensures that Nano’s were released Ledger, as well as measures to verify the end-user, such as a mandatory PIN codes to access the services.
In January, the Ledger announced the launch of its mobile application, through which users will be able to use all the functions of a wallet without connecting to the computer. In addition, at the beginning of the year, the company introduced a new wallet Ledger Nano X Bluetooth. At the end of last year, the manufacturer of hardware wallets said that the vulnerability discovered in the devices are not critical and do not affect the user experience.