Yubico has launched its 5 Series security keys, which provides organisations with hardware to improve their authentication security.
YubiKey 5 Series claims to be the industry’s first multi-protocol security keys supporting FIDO2, an open authentication standard, hosted by the FIDO Alliance.
FIDO2 is comprised of the W3C’s Web Authentication specification (WebAuthn) and FIDO’s corresponding Client-to-Authenticator Protocol (CTAP), which collectively will enable users to leverage common devices to easily authenticate to online services — in both mobile and desktop environments. IT offers expanded authentication options including strong single factor (passwordless), strong two factor, and multi-factor authentication.
The company develops a hardware-based authentication device known as the YubiKey, which provides support for different authentication protocols. Organizations can use YubiKeys to enable different types of multifactor authentication and password-less authentication approaches.
The YubiKey Series 5 includes the YubiKey 5 NFC, YubiKey 5C, YubiKey 5 Nano and YubiKey 5C Nano. Each device includes the protocols included in the YubiKey 4 series: FIDO U2F, PIV (smart card), OpenPGP, Yubico OTP, OATH-TOTP, OATH-HOTP and challenge-response. iOS devices that cannot support FIDO U2F or FIDO2 over NFC at this time can still use YubiKey 5 NFC in OTP (One Time Password) mode over NFC for authentication, such as Lastpass for iOS.
Yubico claims YubiKey 5 Series provides ‘superior defense’ against phishing and account takeovers, enables compliance for strong authentication, and significantly reduces IT costs.
“Innovation is core to all we do, from the launch of the original YubiKey ten years ago, to the concept of one authentication device across multiple services, and today as we are accelerating into the passwordless era,” said Stina Ehrensvard, CEO and Founder, Yubico. “The YubiKey 5 Series can deliver single-factor, two-factor, or multi-factor secure login, supporting many different uses cases on different platforms for different verticals with a variety of authentication scenarios.”
Yubico claims to meets FIPS 140-2 certification requirements and the highest level of assurance (AAL3) of new NIST SP800-63B guidance. It also meets DFARS requirements for strong authentication, and claims to be the only hardware authenticator to meet DoD contractor security requirements. In addition, it secures access to PII in compliance with GDPR.
Copyright © 2018 RegTech Analyst
Copyright © 2018 RegTech Analyst