Developers
Hardware Specification
17 Jul 2026

Complete hardware characteristics of both devices. Keycard and Keycard Shell are open hardware: schematics, bill of materials and 3D files are published in the keycard-shell repository, and the official certification documents are available on GitHub.

CharacteristicSpecification
Secure elementNXP JCOP4 P71 JavaCard
Security certificationCommon Criteria EAL6+ (certificate, TÜV certification report)
Random number generationHardware TRNG, AIS-31 PTG.2 compliant (Security Target Lite)
Form factorStandard ISO 7816 smartcard (credit-card size)
InterfacesISO 7816 contact + ISO 14443 NFC
AppletsKeycard (HD wallet), NDEF (NFC tag), Ident (authenticity)
PowerNone required — powered by the reader or NFC field; no battery, no moving parts
DurabilityWater-resistant, dust-resistant, X-ray resistant; 20+ year lifespan

The applet itself is not tied to our card: it runs on any JavaCard supporting the required algorithms — see the card requirements and Build Your Own Keycard.

CharacteristicSpecification
MicrocontrollerSTM32H573, PSA Level 3 and SESIP3 certified (PSA certificate)
Display2.0" TFT IPS colour screen, 240 × 320 pixels, adjustable brightness
Input12-key keypad ('0'–'9', Cancel, OK — hard rubber with durable coating) + on/off button
CameraCMOS with global shutter — captures the full frame at once, required for reliable animated QR scanning
Card readerISO 7816 smartcard reader (contact only, no NFC)
USBUSB-C; works with any charger (PD or non-PD); data lines can be disabled in software
RadioNone — no WiFi, Bluetooth or cellular. Air-gapped operation: no RF hardware + USB data off switch
BatteryNokia BL-4C 800 mAh Li-Po — user-replaceable without tools, ~$3 worldwide, form factor available for 25+ years
Flash memory2 MB dual-bank: 32 KB bootloader + 608 KB firmware + 384 KB data per bank
Boot20 ms boot time; auto on/off at card insertion
EnclosureABS plastic, dust resistant, pocket-sized, no branding or crypto identifiers

For the USB protocol, QR payload formats and flash layout details, see the Shell API reference.

StandardScope
Common Criteria EAL6+NXP JCOP4 P71 secure element (Keycard)
PSA Level 3 / SESIP3STM32H573 microcontroller (Shell)
note
PSA Level 3 imposes 35 days of white-box testing, vulnerability analysis and penetration testing to verify that a chip's PSA Root of Trust can withstand substantial hardware and software attacks, including physical tampering and side-channel attacks.

StandardScope
CE / FCC / ICESFull compliance — EU / US / Canada
CB report (IEC 62368-1)Safety (international)
EMC Directive 2014/30/EUEMC — Europe
FCC Part 15 B / ICES-003 BEMC — US, Canada
RoHS / REACHHazardous substances — Europe

StandardScope
IEC 62133 / UL 2054 / EU Directive 2023/1542Safety
UN 38.3 / MSDSTransport
Last edited
17 Jul 2026