1. What You Are Buying
A HushKey card is a pre-flashed NFC JavaCard smartcard running the open-source FIDO2 applet on an EAL6+ certified secure element. It functions as a hardware security key for FIDO2/WebAuthn passwordless authentication and two-factor authentication (2FA).
HushKey is a security key, not a wallet. It does not store cryptocurrency, seed phrases, or passwords. It authenticates your identity to websites and services using the FIDO2 protocol.
2. PIN and Security
When you set up your card, you choose a PIN (4–16 characters). This PIN is required to authorise authentication operations on the card.
There is no PIN recovery. If you forget your PIN and exhaust all entry attempts, the card locks permanently. The credentials on it cannot be retrieved — by you, by us, or by anyone.
It is your responsibility to remember your PIN. HushKey cannot help you recover a locked card.
3. Your Responsibility
You are solely responsible for:
- Choosing and remembering a secure PIN
- Registering backup authentication methods with each service (backup codes, second key, or authenticator app)
- Understanding that losing access to your security key without a backup method may lock you out of your accounts
HushKey is not responsible for loss of access to third-party accounts if you lose your card or forget your PIN without having registered backup authentication methods.
4. Compatibility
HushKey cards are compatible with the FIDO2/WebAuthn standard. They work with any service that supports FIDO2 security keys, including Google, GitHub, Microsoft, Facebook, Coinbase, and many others.
HushKey requires NFC to communicate. On mobile, your device must support NFC (iPhone with iOS 13.3+ or Android 7.0+). On desktop, a USB NFC reader is required.
5. Open Source Software
The FIDO2 applet running on your HushKey card is licensed under the MIT License.
The full source code is available at: github.com/hushchip
By purchasing a HushKey card, you receive a copy of MIT-licensed software. You are entitled to access the source code, modify it, and redistribute it under the same licence.
6. Pricing and Payment
All prices on hushkey.co.uk are in GBP (British Pounds Sterling) and include UK shipping unless stated otherwise.
We accept payment via:
- Card (Visa, Mastercard, etc.) — processed by Stripe
- Bitcoin (Lightning Network and on-chain) — processed via BTCPay Server
Payment is taken at the time of order. Orders are processed and shipped within [X] working days.
7. Shipping
Orders are shipped via Royal Mail as standard letters from the United Kingdom. Packaging is plain with no external branding or references to the product contents.
Estimated delivery times:
- UK: 1–3 working days (Royal Mail)
- International: 5–14 working days (varies by destination)
Standard shipping is untracked. We are not responsible for items lost in transit by Royal Mail. If your order does not arrive within a reasonable timeframe, contact us and we will investigate.
8. Consumer Rights
If you are a consumer in the United Kingdom, your statutory rights under the Consumer Rights Act 2015 and the Consumer Contracts (Information, Cancellation and Additional Charges) Regulations 2013 are not affected by these terms.
See our Returns and Refund Policy for details on cancellations, returns, and refunds.
9. Limitation of Liability
To the fullest extent permitted by law:
- HushKey's total liability to you for any claim arising from your purchase or use of a HushKey card is limited to the price you paid for the product.
- HushKey is not liable for any loss of access to third-party accounts or services resulting from loss, damage, or failure of the card, howsoever caused.
- HushKey is not liable for any indirect, consequential, or incidental losses.
Nothing in these terms excludes or limits liability for death or personal injury caused by negligence, fraud, or any other liability that cannot be excluded by law.
10. Product Description Accuracy
We describe our products as accurately as possible. The chip model, certification level, and applet version are stated on the product page. If you believe a product does not match its description, contact us and we will resolve it in accordance with the Consumer Rights Act 2015.
11. Governing Law
These terms are governed by the laws of England and Wales. Any disputes will be subject to the exclusive jurisdiction of the courts of England and Wales.
12. Company Details
HushKey is a trading name of:
Gridmark Technologies Ltd
[REGISTERED ADDRESS]
Company registration number: [NUMBER]
Email: hello@hushkey.co.uk
13. Changes to These Terms
We may update these terms from time to time. The updated version will be posted on this page with a revised date. Continued use of our products or website after changes constitutes acceptance of the updated terms.