Feitian's post-quantum upgrade: what Nordic CISOs need to know before their next hardware key procurement

2026-07-14
Feitian Technologies has completed a major chip-level post-quantum cryptography (PQC) upgrade across its Smart Cards, PKI Tokens, and FIDO Security Keys. Featuring CC EAL6+ certification and native support for NIST standards (ML-KEM and ML-DSA).

Feitian's post-quantum upgrade: what Nordic CISOs need to know before their next hardware key procurement

On 22 June 2026, Feitian Technologies announced the completion of a major post-quantum cryptography upgrade across its core authentication product portfolio. The announcement covered Smart Cards, PKI Tokens, and FIDO Security Keys — and it deserves more attention than a press release typically receives. This is not a marketing milestone. It is a hardware architecture change with direct implications for how organisations in financial services, government, healthcare, and critical infrastructure should be thinking about their authentication hardware procurement right now.

This article translates the announcement into operational terms for security leaders in the Nordics and Baltics who are evaluating hardware authentication or reviewing their identity security roadmap for the next three to five years.

What Feitian actually did

The headline is that Feitian has integrated a dedicated post-quantum cryptography co-processor at the chip level across its product lines. That distinction — chip level, not firmware or software — matters significantly, and we will return to it.

The upgrade adds native support for two algorithms that NIST finalised as international standards in August 2024:

  • ML-KEM (FIPS 203, formerly CRYSTALS-Kyber) — a key encapsulation mechanism for securing the exchange of cryptographic keys. Used for secure email, encrypted file exchange, enterprise messaging, and data synchronisation.
  • ML-DSA (FIPS 204, formerly CRYSTALS-Dilithium) — a digital signature algorithm for authentication. Used for high-value transaction approvals, VPN access, government system authentication, and identity verification workflows.

These algorithms are specifically designed to remain secure against cryptanalytic attacks performed by quantum computers — the class of threats that renders current RSA and ECC-based systems vulnerable.

The Feitian FT-JCOS Smart Card Operating System, which underpins the upgraded product lines, now holds CC EAL6+ and EMVCo certifications at the chip level. EAL6+ is the highest Common Criteria Evaluation Assurance Level available for smart card hardware — a significant step up from the EAL5+ certification that characterised the previous generation.

The threat this addresses — and why it matters today, not in ten years

The "Harvest Now, Decrypt Later" threat
Nation-state adversaries — and increasingly well-resourced criminal organisations — are collecting encrypted data today with the explicit intent to decrypt it once quantum computing reaches sufficient capability. This is known as "Harvest Now, Decrypt Later" (HNDL). The decryption happens in the future; the data collection is happening right now. For any data with a security horizon longer than five to ten years — financial records, patient data, legal contracts, government communications, intellectual property — the quantum threat is not a hypothetical future problem. It is an active data collection campaign against your current encryption.

 

The implication is uncomfortable but important: the RSA or ECC-protected authentication events and data transmissions your organisation is generating today may be vulnerable to decryption within a decade. This is why NIST finalised the ML-KEM and ML-DSA standards in 2024 rather than waiting for quantum computers to materialise — the window for proactive migration is now, not later.

For Nordic organisations specifically, ENISA (the European Union Agency for Cybersecurity) published its post-quantum cryptography guidelines in 2022 and has since updated its recommendations to encourage early adoption planning. The Swedish NCSC and the Norwegian NSM have issued parallel guidance. The regulatory direction is unambiguous: begin PQC migration planning now, at the hardware layer first.

Why chip-level implementation is the only approach that matters

The Feitian announcement specifies that PQC algorithms are executed within an isolated hardware co-processor. This architectural choice is not a technical footnote — it is the core security property that differentiates meaningful PQC protection from marketing-grade PQC claims.

Software and firmware-based PQC implementations run on the main processor. That means key material is handled in a compute environment that can be compromised by side-channel attacks, by operating system vulnerabilities, or by an attacker who has already achieved code execution on the device. The PQC algorithm may be mathematically sound; the implementation environment may not be.

A hardware co-processor executing PQC algorithms in isolation provides full key isolation. The private key never leaves the dedicated hardware context. Side-channel attack surface is dramatically reduced. The security property is structural rather than dependent on the integrity of the surrounding software environment.

"By executing post-quantum algorithms within an isolated hardware co-processor, FEITIAN ensures full key isolation and significantly reduces exposure to side-channel attacks, offering stronger protection than software- and firmware-based PQC approaches." Feitian Technologies press release, 22 June 2026

This matters for procurement because it means you are evaluating not just whether a device claims PQC support, but where the PQC computation occurs and how the key material is protected during that computation.

The certification landscape — updated

Vol. 4 of our Zero Assumptions series covers the full hardware certification hierarchy in detail. The Feitian PQC upgrade changes the comparison meaningfully. Here is the updated picture:

Certification

What it validates

PQC coverage

FIDO2 / FIDO Alliance Protocol correctness only — the device implements FIDO2 as specified None — protocol test only
CC EAL4+ Systematic security function testing against a defined threat model None unless explicitly scoped
CC EAL5+ Semi-formal verification; side-channel and physical attack resistance None unless explicitly scoped
CC EAL6+ Updated Formal verification; highest assurance level for smart card hardware — now achieved by Feitian FT-JCOS Covers hardware co-processor isolation used for PQC execution
ANSSI Security Visa French national authority evaluation covering design, implementation, and supply chain Case-by-case — ANSSI is actively evaluating PQC standards for future visa requirements
FIPS 140-3 Level 3 Physical security and tamper evidence; required for US federal procurement NIST has announced FIPS 140-3 will be updated to cover PQC modules — timeline TBC

What the upgrade delivers operationally — by use case

FIDO Security Keys

For organisations deploying FIDO2 hardware keys for passwordless authentication — workstation login, VPN access, cloud SSO — the PQC upgrade adds a quantum-resistant layer to the existing origin-binding architecture that already defeats adversary-in-the-middle phishing attacks. The FIDO2 phishing resistance is unchanged; the upgrade adds protection against a future adversary using quantum capabilities to attack the underlying cryptographic primitives of the authentication exchange itself.

EAL6+

  • Common Criteria certification now achieved by Feitian FT-JCOS — the highest level available for smart card hardware.
  • Common Criteria Recognition Arrangement

2024

  • Year NIST finalised ML-KEM (FIPS 203) and ML-DSA (FIPS 204) as international PQC standards NIST, August 2024

5–10 yrs

  • Estimated window before quantum computers become capable of breaking current RSA / ECC encryption at scale
ENISA PQC guidelines, 2024

PKI Tokens and Smart Cards

For organisations using PKI-based authentication — digital signatures on contracts, e-government workflows, secure VPN authentication, certificate-based access to classified systems — ML-DSA-based signatures provide a drop-in replacement pathway for RSA/ECC certificate systems. Existing infrastructure is not replaced; the Crypto-Agile architecture allows legacy and PQC-enabled systems to run in parallel, with new authentication events gaining quantum-resistant protection while existing PKI infrastructure continues operating.

Secure email and classified data exchange

ML-KEM-based key encapsulation addresses the HNDL threat directly for data in transit. Organisations handling sensitive correspondence — legal, financial, medical, governmental — can begin protecting new transmissions against future quantum decryption immediately, without waiting for a full infrastructure migration.

What this means for the NeoWave vs Feitian hardware decision

Ciptor distributes both NeoWave and Feitian hardware, and we recommend them for different deployment contexts. That recommendation needs updating in light of this announcement.

NeoWave remains the recommendation for organisations where supply chain sovereignty is the primary requirement — specifically those in defence supply chains, handling classified EU data, or subject to regulatory requirements that mandate French or EU-origin hardware. NeoWave's ANSSI Security Visa provides the strongest available sovereign certification and full French-jurisdiction supply chain transparency. The PQC question for NeoWave is still being evaluated by ANSSI; no PQC co-processor announcement has been made at the time of writing.

Feitian has moved meaningfully in the certification landscape with this upgrade. The CC EAL6+ chip certification and hardware-native PQC co-processor make Feitian the most forward-compatible enterprise authentication hardware available at scale today, for organisations whose primary requirements are cryptographic assurance depth and long-term quantum readiness rather than EU-origin supply chain.

For most large-enterprise deployments, the practical approach remains a tiered model: NeoWave for privileged users and classified data environments, Feitian for the broader workforce — now with the added assurance that the Feitian fleet is quantum-ready at the hardware layer.

✓ Available through Ciptor

Feitian's post-quantum upgraded FIDO Security Keys, PKI Tokens, and Smart Cards are available through Ciptor for enterprise deployments across Sweden, Norway, Denmark, Finland, Estonia, Latvia, and Lithuania. Volume pricing applies from 50 units. For deployments requiring a mix of NeoWave sovereign hardware and Feitian PQC-ready keys, contact us for a combined procurement briefing.

What to do now

1

Assess your data security horizon
Identify which data categories your organisation generates that carry a security requirement longer than five years. Financial records, patient data, long-term contracts, IP, and government communications are the primary candidates. These are the data sets at active HNDL risk today.

2

Review your hardware authentication roadmap
If you are planning a hardware security key deployment or refresh in the next 12 months, include PQC co-processor support as an explicit evaluation criterion. The cost premium for PQC-capable hardware is negligible at volume; the migration cost later is not.

3

Map your current PKI and certificate infrastructure
Identify which systems use RSA or ECC-based certificates for authentication, signing, or key exchange. These are the highest-priority migration targets for PQC-enabled replacements. The Crypto-Agile architecture of the Feitian upgrade means parallel operation is possible during transition.

4

Check your NIS2 and DORA obligations
Neither NIS2 nor DORA currently mandates PQC migration explicitly — but both require that essential and important entities implement state-of-the-art security measures and plan for emerging threats. ENISA's updated guidance makes PQC planning a reasonable component of demonstrating compliance with both directives.

5

Don't wait for a regulatory mandate
The HNDL threat is active today regardless of regulatory timelines. Organisations that begin hardware-layer PQC migration now will be in a significantly stronger position when mandates arrive — and will have avoided having their current authentication data collected and held for future decryption in the interim.
 

Further reading — Zero Assumptions series:

Vol. 4 — Sovereign hardware risk: The full certification comparison table — FIDO2 vs CC EAL5+ vs ANSSI Security Visa vs FIPS 140-3 — updated to reflect the Feitian EAL6+ upgrade.

Vol. 2 — The fallacy of network-delivered codes: Why hardware-bound FIDO2 origin binding defeats AiTM phishing at the structural level — the current-threat context that the PQC upgrade builds on.

Evaluating hardware key procurement for 2026?

Book a 30-minute briefing. We'll map your specific deployment context — including which users need sovereign NeoWave hardware and which benefit most from Feitian's PQC-capable fleet — and build the procurement case.

Book a briefing →