Major 2 Key Attack Vectors and Mitigations

  • Compromising email + cloud key

    • Attempt to enforce different email addresses for Email Key and Cloud Key.

  • Researching user security answer + map points

    • Security Notifications, as both require calls to serverless functions

  • Theft of NFC device + another single attack

    • Security Notifications, combined with a modification of NFC to require some service calls when brute-forcing the missing entropy

Last updated