SDK Overview

With Cotech SDKs, your app can take advantage of the latest security solutions for authentication and end-to-end encryption. SDK updates are distributed via our Maven repository. This makes it easy for you to integrate the newest versions that we have to offer.

Add the SDK to Your Project

To get a username and password for our Maven repository, please contact us for a license.

Add this to your build.gradle:

repositories {
    maven {
        credentials {
            username "xxx"
            password "xxx"
        url ""

dependencies {
    // Base artifact
    implementation 'de.cotech:hwsecurity:2.2.1'

    // If included, the app will show up when a security key is connected via USB.
    implementation 'de.cotech:hwsecurity-intent-nfc:2.2.1'
    // If included, the app will show up when a security key is held against the NFC sweetspot.
    implementation 'de.cotech:hwsecurity-intent-usb:2.2.1'
    // FIDO implementation including UI
    implementation 'de.cotech:hwsecurity-fido:2.2.1'

    // Additional classes for local parsing and verification of FIDO messages
    // Usually not required for FIDO clients.
    implementation 'de.cotech:hwsecurity-fido-util:2.2.1'

    // OpenPGP Card implementation for SSH authentication and end-to-end encryption
    implementation 'de.cotech:hwsecurity-openpgp:2.2.1'

    // For using PIV cards for TLS client certificate authentication
    implementation 'de.cotech:hwsecurity-piv:2.2.1'
    implementation 'de.cotech:hwsecurity-provider:2.2.1'
    // Smartcard dialog with a keypad for PIN input
    implementation 'de.cotech:hwsecurity-smartcard-ui:2.2.1'

SDK Artifacts

  • All packages in our Hardware Security SDK live in a consistent namespace starting with the string de.cotech.hw.

  • The artifacts use strict Semantic Versioning.

  • All artifacts have a minimum SDK Version of 14 (Android >= 4.0). Though, we recommend a higher SDK (Rec. SDK) for some artifacts.

  • All SDK artifacts are kept as small as possible with a minimum set of dependencies.

  • hwsecurity-fido-util and hwsecurity-openpgp automatically provide a Proguard file via consumerProguardFiles. When you set minifyEnabled true for your app, our Proguard file will automatically be used to remove unnecessary Bouncy Castle classes.

Build Artifact Version Preview Min SDK Rec. SDK Size
de.cotech:hwsecurity 2.2.1 - 14 ~134 KiB
de.cotech:hwsecurity-intent-nfc 2.2.1 - 14 ~2 KiB
de.cotech:hwsecurity-intent-usb 2.2.1 - 14 ~2 KiB
de.cotech:hwsecurity-fido 2.2.1 - 14 19 ~144 KiB
de.cotech:hwsecurity-fido-util 2.2.1 - 14 19 ~36 KiB
de.cotech:hwsecurity-openpgp 2.2.1 - 14 ~114 KiB
de.cotech:hwsecurity-piv 2.2.1 - 14 ~16 KiB
de.cotech:hwsecurity-provider 2.2.1 - 14 ~10 KiB
de.cotech:hwsecurity-smartcard-ui 2.2.1 - 14 19 ~147 KiB


We strive to keep the number of external dependencies as small as possible. When possible we use Android’s API, e.g., for JSON parsing or JCA operations.

Build Artifact Dependencies
de.cotech:hwsecurity androidx.lifecycle:lifecycle-runtime:2.0.0
de.cotech:hwsecurity-fido androidx.appcompat:appcompat:1.0.2
de.cotech:hwsecurity-fido-util org.bouncycastle:bcprov-jdk15on:1.62
de.cotech:hwsecurity-openpgp org.bouncycastle:bcprov-jdk15on:1.62
de.cotech:hwsecurity-smartcard-ui androidx.appcompat:appcompat:1.0.2

Dependency Licenses

The Hardware Security SDK uses code from other projects. In order to comply with its license requirements we prepared a license text that can be included in your published app: License Text.