Security Features

Our Security Philosophy

At JITO, we approach security as a comprehensive system rather than isolated features. Our defense-in-depth strategy implements multiple layers of protection, ensuring that even if one security measure is compromised, your private keys remain secure.

Every JITO device incorporates four fundamental security principles:

Physical Isolation: Private keys are generated and stored in a secure element that physically separates them from internet-connected devices.
Cryptographic Verification: All firmware and operations undergo cryptographic verification to prevent tampering.
Multi-factor Authentication: Multiple verification methods ensure only authorized users can access the device.
Secure Recovery: Standardized backup systems enable safe recovery without compromising security.

Independent Security Audits

We believe in transparency and third-party verification of our security claims. That's why we regularly subject our devices and systems to rigorous independent security audits by leading cybersecurity firms.

These comprehensive audits include:

Penetration Testing: Simulated attacks to identify potential vulnerabilities
Code Reviews: Thorough examination of our firmware source code
Hardware Analysis: Physical security testing of device components
Side-Channel Attack Testing: Analysis of potential electromagnetic, power consumption, or timing vulnerabilities

Audit reports are published on our website, demonstrating our commitment to security transparency and continuous improvement.

Core Security Features

The technologies that make JITO devices impenetrable

Secure Element Chip

At the heart of every JITO device is a dedicated secure element chip - a tamper-resistant hardware component specially designed to protect cryptographic keys.

This specialized microcontroller features:

Physically isolated execution environment
Anti-tampering mechanisms that detect physical intrusion attempts
Secure boot process ensuring only verified firmware can run
Specialized cryptographic accelerators for encryption operations
Protection against side-channel attacks

Our secure element meets FIPS 140-2 Level 3 and Common Criteria EAL5+ certification standards, ensuring it meets the highest security requirements for protecting sensitive cryptographic material.

True Random Number Generation

Truly unpredictable random numbers are essential for creating secure cryptographic keys. JITO devices incorporate hardware-based True Random Number Generators (TRNG) that derive randomness from quantum physical processes rather than algorithmic methods.

Our TRNG implementation:

Harvests entropy from multiple independent noise sources
Undergoes continuous health testing to verify randomness quality
Exceeds the randomness requirements specified in NIST SP 800-90B
Provides cryptographically secure inputs for key generation

This approach ensures that private keys generated on JITO devices are truly random and mathematically impossible to predict or recreate.

Air-Gapped Operation

JITO devices are designed to operate in an air-gapped environment, completely isolated from internet connections. This physical separation from networked environments eliminates remote attack vectors.

Key aspects of our air-gapped security model:

No wireless connectivity components (Wi-Fi, Bluetooth, cellular, or NFC)
All critical operations performed entirely within the secure element
Transaction signing occurs offline with visual verification
USB connection limited to power and non-sensitive data transfer
Optional completely offline operations via QR codes

By maintaining this strict separation between internet-connected devices and private keys, JITO creates a physical security barrier that malicious actors cannot penetrate remotely.

Multi-Factor Authentication

JITO devices implement robust multi-factor authentication, requiring multiple independent verification methods to access your digital assets. This ensures that even if one authentication factor is compromised, your private keys remain protected.

Our authentication options include:

PIN Code: 8-digit PIN with progressive time delays and optional self-destruct feature after multiple failed attempts
Biometric Verification: Fingerprint recognition with liveness detection to prevent spoofing
Physical Button Confirmation: Requiring manual button presses for all critical operations
Visual Transaction Verification: All transaction details must be visually confirmed on the device screen

By combining "something you know" (PIN), "something you are" (biometrics), and "something you have" (physical device), JITO creates a comprehensive authentication system that aligns with the highest security standards.

Secure Recovery System

JITO implements the industry-standard BIP-39 mnemonic recovery system, allowing you to restore your private keys if your device is lost, damaged, or stolen. This standardized approach ensures compatibility while maintaining robust security.

Our recovery implementation includes:

24-word recovery phrase generated during device initialization
Optional passphrase for additional security (BIP-39 passphrase)
Deterministic wallet generation (BIP-32/44/49/84) for consistent recovery
Shamir's Secret Sharing option for distributing recovery data across multiple locations
Paper backup templates and optional steel storage solutions

The recovery system is designed to be secure, reliable, and user-friendly, ensuring you never lose access to your digital assets even if your hardware device becomes unavailable.

Secure Firmware Management

JITO devices maintain firmware integrity through a comprehensive security model that prevents unauthorized or malicious code execution. Our approach ensures that only authentic, verified firmware can run on your device.

Key aspects of our firmware security:

Secure Boot: Cryptographically verifies firmware integrity at every boot
Signed Updates: All firmware updates are signed with JITO's private keys
Version Verification: Prevents rollback to older versions with known vulnerabilities
Open Source: Firmware code is publicly available for security review
Update Verification: Users must physically confirm firmware updates

This comprehensive approach to firmware security protects against supply chain attacks, malicious updates, and other firmware-targeted threats.

Security Certifications & Compliance

Our commitment to meeting and exceeding industry standards

FIPS 140-2 Level 3

Our secure element is certified under the Federal Information Processing Standard for cryptographic modules, verifying its resistance to physical tampering and robust key protection.

Common Criteria EAL5+

This internationally recognized certification confirms our hardware meets rigorous security engineering requirements with semi-formal design and testing.

ISO/IEC 27001

Our information security management system is certified to this international standard, ensuring systematic protection of sensitive information.

CC EAL6+ Secure Element

The secure element chip in our devices has achieved Common Criteria EAL6+ certification, indicating formal verification methods and high attack resistance.

AIS-31 TRNG Validation

Our True Random Number Generator has been validated according to the German BSI AIS-31 methodology, confirming its entropy quality and reliability.

Cryptocurrency Security Standard

We adhere to the Cryptocurrency Security Standard (CCSS), an industry-specific framework for securing cryptocurrency systems.

Security Best Practices

Recommended guidelines for maximizing the security of your JITO device

Device Setup & Initialization

Always verify your device was shipped directly from JITO or an authorized reseller.
Check that the anti-tampering seals are intact upon receipt.
Initialize your device in a secure, private environment away from cameras or onlookers.
Create a strong PIN code that is not used for any other devices or accounts.
Generate a new wallet rather than importing an existing one when possible.
Enable all available security features during initial setup.

Recovery Phrase Management

Write down your recovery phrase on the provided recovery sheets using a pen (not pencil).
Never store your recovery phrase digitally (no photos, no digital documents, no cloud storage).
Consider using a metal backup solution for fire and water resistance.
Store your recovery phrase in a secure location such as a safe or safety deposit box.
For large holdings, consider using the Shamir backup feature to split your recovery phrase across multiple locations.
Add a BIP-39 passphrase for an additional layer of protection.

Everyday Usage

Always verify transaction details on the device screen before confirming.
Keep your device firmware updated to receive the latest security patches.
Only connect your device to trusted computers and use the JITO Bridge application.
Consider using the passphrase feature to create hidden wallets for high-value holdings.
Never enter your recovery phrase or PIN into any website or application.
Be cautious of phishing attempts—JITO will never ask for your recovery phrase.

Advanced Security Measures

For significant holdings, consider a multi-signature setup requiring multiple devices to authorize transactions.
Use the duress PIN feature that reveals a decoy wallet if you're forced to unlock your device under duress.
Periodically verify your recovery phrase by performing a dry-run recovery test.
Consider keeping your primary device in a secure location and using a secondary device for routine transactions.
For institutional users, implement our governance features with time-locked transactions and multi-user approval workflows.

Security Architecture