RE: ICE9 & Fuze Card

Fuze and FuzeX are different projects run by different teams. But we do share hardware development and some areas of software development, too. The Fuze Card is a fiat only e-card made and sold by our sister team; Fuze.

As some of you may have heard, our sister product/project, Fuze Card (M Type), has had a vulnerability in their security spotted by the security consultancy firm ICE9.

After double checking with the Fuze team, we can confirm that this is a previously known issue that was raised by another security consultancy firm (Elttam), that contacted and collaborated with the Fuze team to develop a fix in late January 2018.

Since the issue was raised, the Fuze team have been working on a fix, which has included updates on 28th March 2018 for their users. The fix will be completed with a further app and OTA firmware update scheduled for their users on 19th April 2018.

What about the FuzeX Card?

This is not an issue that affects the FuzeX Card. We, the FuzeX team, would like to reassure our community that this has absolutely no bearing on the security and/or development of the FuzeX Card.

But to remain proactive with our approach to security, we will be contacting and working with both security consultancy firms to double check the security of the FuzeX Card before our commercial release in Q3.

Fuze Team Official Update

The Fuze Team have released an official update regarding this matter, which can be found on the notice section of their website or by clicking here.