Aegis Bio - USB 3.0 FAQ

How do I know which specific manual to use for my Apricorn encrypted drive?

For Apricorn encrypted drives with a DOM (Date of Manufacture, found on original packaging label under the UPC code) of September 2017 to the present date, refer to the manual with product’s name and the word “Configurable” in the title. If unsure of manufacture date, all Aegis Configurator compatible devices have the “Configurable ‘C’” logo on the back. For older non-configurator compatible secure drives, refer to the manual that doesn’t have “Configurable” in the title.

Why is my drive locking and entering standby mode while connected to my PC even after I have configured the power settings correctly?

If Windows ignores revised power settings, PowerShell is a more effective tool for managing the suspend commands. Microsoft provides a PowerShell script here

Download the Windows PowerShell script from Microsoft and save it to C:\Temp. Right click on the Windows 10 Start icon, and from the pop up menu select ‘Windows Powershell (Admin)’. Within PowerShell change directory to C:\Temp Type: cd c:\Temp Type: Powershell -ExecutionPolicy Bypass -NoProfile -File ToggleSuspend.ps1 This will list USB devices and their suspend policies. Take note of drives listed. If no USB drives are connected, nothing will be displayed. Press Enter to exit the script. Attach and unlock the Apricorn secure device to your computer. Type: Powershell -ExecutionPolicy Bypass -NoProfile -File ToggleSuspend.ps1 Enter the USB drive number for the Apricorn drive (it will be the new one on the list, and likely number 1) and press Enter. Type: Powershell -ExecutionPolicy Bypass -NoProfile -File ToggleSuspend.ps1 This will list USB devices and their suspend policies. Verify that the Apricorn drive has Disabled displayed under, ‘SuspendOnIdle’. Press enter to exit the script

Why is my drive locking and entering standby mode while it is still connected to my Mac?
There are Energy Saver system settings within the Mac OS that could be sending suspend commands to the Apricorn drive, forcing it to lock when not in use. To disable these settings, open the system preferences in the Mac OS and navigate to the Energy Saver settings. There is an option here to “put hard disks to sleep when idle.” Uncheck this option and the Aegis secure device should stay unlocked as long as the Mac is not put to sleep/shut down.
What encryption algorithm is used in this product?
The entire family of Aegis secure devices uses an AES-XTS 256-bit algorithm.
What is BadUSB and are Apricorn devices susceptible to this exploit?
BadUSB is a theoretical exploit that was presented by SR Labs at the Black Hat conference in August of 2014. SR Labs demonstrated a vulnerability in one USB device that allowed malicious code to be programmed into the USB controller through a firmware update process. The attack described is very sophisticated and in the case of Apricorn's products would require advanced knowledge of our USB controller, a leaked version of our firmware, the programming tool to update our controller, the password used for our programming tool, and an in depth understanding of the device's functionality, etc. According to SR Labs, the failsafe method to eliminate this threat is to simply disable the ability to update the controller's firmware. Apricorn's devices shipping today, including all of our USB 3.0 security products, Padlock and Padlock Pro families already have the firmware locked which prevents field updates to the USB controller. As a continuous improvement, Apricorn is locking down the firmware on all USB controllers used in Apricorn devices to safeguard against this vulnerability.
What are the ECCN and HST codes used for shipping this device outside the US?

ECCN: 5A992C

HTS code for HDD devices: 8471.70.2000

HTS code for SSD and Secure Key Devices: 8523.51.0000


Is there any other way to access the drive without using the fingerprint scanner?
No. Until the scanner authenticates the user's fingerprint, the drive will not even be visible to the operating system.
How many fingerprints should be enrolled?
The minimum recommendation would be to enroll 2 fingerprints and the maximum permitted is 5 fingerprints; however, you may want to reserve 1 or 2 fingerprints for future use. Once all 5 spots are taken, the only method of removing fingerprints is to re-set the drive, which will erase all stored fingerprints and data on the drive.
Will the Aegis Bio's fingerprint reader interfere with the fingerprint reader that is built into my laptop?
No. The circuitry for the Aegis Bio's fingerprint reader is securely isolated from any communications that might come from your computer or any other source.