Yubico Delivers PIN Advancements With New YubiKey 5 Enhanced PIN Keys
Yubico is committed to meeting the growing demand for phishing-resistant YubiKeys and enabling faster, more affordable delivery of keys to markets like the EU and APJ, where regulatory pressures for phishing-resistant authentication are intensifying.
Yubico is today introducing the YubiKey 5 – Enhanced PIN, available exclusively via YubiKey as a Service, providing enterprises with seamless flexibility to roll out device-bound passkeys with impactful cost savings at scale to 175 countries and 24 territories.
Pre-configured with the ability to deliver great PIN controls and user enforcement, the YubiKey 5 – Enhanced PIN features a minimum PIN length and an increase in overall PIN complexity. Customers now have the ability to easily meet policy and audit requirements, as well as evolving compliance and regulatory guidance for authentication, with an 'off-the-shelf' product.
To prepare for continuously evolving cyber threats, governments around the world are adapting and updating authentication requirements for online services, which directly impact thousands of organisations and their employees. While there's currently no universal regulation for more robust multi-factor authentication (MFA), the need is highlighted across a range of requirements, including PSD2, GDPR, and the upcoming Cyber Resilience Act (CRA), emphasising the importance of ensuring cyber resilience against unauthorised access from credential phishing attacks.
The cybersecurity industry agrees, with best practices leaning towards adoption of phishing-resistant MFA and some organisations requiring longer PINs (at least six characters) and PIN complexity on security keys for the most robust protection.
Features are now available for the YubiKey 5 NFC and YubiKey 5C NFC models on the Enhanced PIN product via YubiKey as a Service, including:
PIN Complexity turned on automatically
Minimum PIN Length set to 6 characters
Complete PIN control and user enforcement policies for all users via alwaysUV (always user verify) turned on by default
Unique FIDO AAGUID to allow policy enforcement
The added YubiKey 5 – Enhanced PIN keys offer the ability for organisations in these countries to be able to meet the latest authentication regulations and requirements, and stay ahead of evolving cyber threats. Yubico is committed to meeting the growing demand for phishing-resistant YubiKeys and enabling faster, more affordable delivery of keys to markets like the EU and APJ, where regulatory pressures for phishing-resistant authentication are intensifying.
To meet continued global demand for phishing-resistant YubiKeys and varying regional requirements, Yubico recently announced the expanded availability of YubiKey as a Service to all countries in the European Union (EU), as well as YubiEnterprise Delivery across 117 new locations around the world. Now totalling 199 locations (175 countries and 24 territories), Yubico has been able to double the existing delivery coverage of YubiKeys to both office-based and remote users.
This new release follows the introduction of the YubiKey 5.7 firmware and the Security Key – Enterprise Edition last year, where PIN complexity has been an optional feature available on YubiKeys with firmware version 5.7 or later.
These advancements allow organisations to be more agile and flexible in their adoption of phishing-resistant YubiKeys, and build upon the company's existing reach in markets such as the United States, Canada, Japan, Singapore, Australia, India and the UK.
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Scoop
8 minutes ago
- Scoop
Driving Passkey Adoption In New Zealand While Keeping The User Experience Seamless
By Geoff Schomburgk, Asia Pacific & Japan Vice President for Yubico At their core, passkeys are built on public-key cryptography. When a user creates a passkey, their device generates a unique key pair: a private key securely stored on the device and a public key shared with the service provider. Since the private key never leaves the device and cannot be entered manually, passkeys inherently resist phishing and credential theft. Users can authenticate using biometrics (like Face ID or fingerprint), a PIN, or a physical security key, removing the need to remember or manage passwords entirely. This significantly reduces human error and simplifies the login experience. Reimagining Modern Multi-Factor Authentication Passkeys offer a seamless form of modern multi-factor authentication (MFA) that doesn't rely on SMS codes or authenticator apps. But not all passkeys are created equal, and there are two main types to consider for various use cases: Syncable passkeys - stored in cloud-based password managers or platform-bound keychains (e.g., Apple iCloud, Google Password Manager), allow users to access credentials across multiple devices. Device-bound passkeys - stored on a physical device like a hardware security key (i.e. a YubiKey), device-bound passkeys offer a much higher level of security by keeping the credential locked to a single, physical object. While syncable passkeys prioritise convenience to sync passkeys across multiple devices in the cloud, they also introduce new vulnerabilities: if cloud storage is compromised, the keys could be intercepted or misused. Device-bound passkeys, on the other hand, ensure that authentication requires physical possession of the device, raising the bar significantly for attackers. Why device-bound passkeys? Adoption friction is often blamed on the novelty of passkeys and users' resistance to change. Indeed, some users have encountered issues with syncable passkeys, particularly around cross-platform compatibility, device syncing and usability. These poor experiences can turn users off from trying passkeys again. Device-bound passkeys solve many of these problems. They offer superior protection and operate independently across platforms by delivering fast, secure and consistent logins without relying on potentially fragile cloud syncing mechanisms. By eliminating passwords and the sync-related errors, hardware passkeys reduce friction rather than increase it. A new path forward: Striking the right balance of security and usability The security versus convenience debate is real, but it's no longer a binary choice. Passkeys, especially device-bound options, allow users not to compromise: they offer the ease of passwordless authentication with the assurance of unbreakable cryptographic protection. Device-bound passkeys are becoming more accessible and affordable. Businesses and platforms should take this moment to lead users toward this stronger standard. To accelerate the adoption of passkeys without compromising user experience, a multi-faceted approach is essential. First, user education must take centre stage. People need to understand not just what passkeys are, but why they matter, how they eliminate the risks of phishing and password-related breaches while simplifying everyday login experiences. Clear communication around the benefits and ease of use is key to overcoming initial scepticism and encouraging behavioural change. Equally important is promoting device-bound passkeys as the gold standard for secure authentication. While synced passkeys offer convenience, hardware-based alternatives provide unmatched protection by ensuring credentials remain physically tied to the user. Framing this not as a trade-off, but as a balanced and superior solution, will help build user trust and confidence. On the technical side, developers and platform providers must work to simplify the implementation and integration of passkey support across devices, browsers, and operating systems. Reducing fragmentation and ensuring compatibility will remove friction for users and organisations alike. At the same time, fallback mechanisms should be designed with care, offering alternative access without reverting to weak, legacy methods that undermine the integrity of passwordless systems. Passkeys, especially device-bound variants, represent a turning point in the evolution of digital security. By aligning usability with robust protection, they have the potential to make secure authentication both practical and pervasive.
Techday NZ
4 hours ago
- Techday NZ
Resilience is the real innovation - A founder's perspective on building enduring tech companies in New Zealand
In my 24 years of building and running technology companies in New Zealand, I've learned that we often celebrate the wrong thing. Often the thing that gets the real attention is the flashy idea, the "lightbulb moment." But ideas are plentiful. The real innovation - the kind that builds enduring companies - is resilience. It's the grit to see a real business problem and the tenacity to solve it, even when your initial plan gets thrown out the window. The story of Datamasque, a company born from within Spectrum, is a perfect example of this. The problem that wasn't going away Around 2015, we saw a fundamental change emerging within our enterprise clients and the rise of data virtualization technologies. Capitalising on this growth Spectrum worked with Actifio (now a Google technology) and later with our current key partner Cohesity. Data virtualization was a game-changer for development workflows. It gave teams the ability to spin up copies of production data for development and testing, Quality Assurance and user acceptance testing. However, this ability to spin up new environments created a massive, and at that time unmanaged, security risk. With GDPR on the horizon and data privacy becoming a board-level conversation, it was clear that this data sprawl was a ticking time bomb. Every developer wanted their own slice of the pie, but every new copy created a massive unmanaged security risk and every new stream of work expanded the company's attack surface exponentially. We saw clients with a single production database spawning 50+ copies, once even 90!, across their non-production environments. Each copy was a complete replica, full of sensitive, personally identifiable information (PII). A massive unplanned risk. The first plan, and the first pivot Our initial approach was pragmatic. We looked at third-party data masking tools, but they were incredibly complicated and expensive for the use cases our clients had. They didn't integrate cleanly into the modern, agile workflows our clients were adopting. So, Spectrum decided to invest in our own development team to build a new tool that solved the actual problem. Our initial plan was ambitious; we saw the emerging cloud and data management marketplaces as a potential route to a global audience, as such we started building with the idea of plugging directly into that ecosystem. We committed the resources and took the bet. As is often the case with cutting-edge technology, the timing wasn't quite right. The marketplace ecosystem was still in its early stages, and the deep integration points we needed hadn't been developed yet. This is the point where many ventures die; your core commercial strategy hits a roadblock, and it's easy to write off the investment. But resilience means you don't quit on the problem just because your first path is blocked. How resilience forged real innovation That initial roadblock forced us to rethink everything. It was the best thing that could have happened. We pivoted. Instead of building an integrated feature for someone else's platform, we decided to build a standalone, independent product - Datamasque. A tool that could be pointed at any database, in any environment, and simply work. This pivot forced us to solve harder problems. We couldn't rely on a host platform, so we had to perfect our own architecture. We had to build a solution that was not just functional, but flexible and powerful in its own right. This is how we developed "synthetically identical data" a unique solution for data masking that transforms sensitive information into artificial yet highly realistic data. This masked data maintains its structural integrity and realism for effective testing and development, while being irreversible and anonymous to ensure privacy and compliance. We also created the unique solutions, like our "run secrets" feature, which optionally allows masked data consistency across different environments to remain the same for the same original input, regardless of where it's used. This allows organizations to leverage production-like data for innovation without compromising security or regulatory requirements. The product that emerged from this period of challenge was ten times better than the one we had originally planned. Coming full circle, a partnership built on shared history Datamasque was split out from Spectrum in 2020, has gone on to win multiple awards, and serve major international clients. It is a testament to the culture of innovation we've fostered at Spectrum over the last 24 years. In the international context New Zealand is a small pond, however Spectrum looks after some of its biggest fish by building and caring for mission-critical infrastructure in some of our largest enterprises. These enterprises have the same data security requirements as their international counterparts, so the product very quickly went global. And we couldn't be more proud! Ultimately, the marketplace strategy proved it was the right one, and the story has now come full circle; Spectrum's storage partner Cohesity has grown into a market leader, and Datamasque is now a proud member of the Cohesity Data Security Alliance. Now, as part of Spectrum's renewed focus, we have become a key sales and implementation partner for Datamasque in New Zealand. We don't just understand the data privacy problem academically; we have lived it, solved it, and built a world-class company to address it. We are now bringing this powerful, Kiwi-born innovation back to the enterprises it was originally designed to protect. If your organisation is looking to unlock the value of its data for development, testing, or AI without compromising on security and privacy, then we should talk. As a key partner for both Datamasque and Cohesity, Spectrum is uniquely positioned to help you manage your data estate securely and efficiently. We have the solutions, because we had the resilience to build them.
NZ Herald
a day ago
- NZ Herald
US tariffs: Why Christopher Luxon couldn't lower US tariffs on New Zealand goods
Some are baffled as to why Australia has a lower rate than New Zealand. The answer lies not in diplomacy, but in Donald Trump's world view. The President believes the United States' trade deficit is caused by other countries taking unfair advantage. His solution? Impose tariffs on countries that run a trade surplus with the US in the belief that it will bring manufacturing home. On April 3 (NZT), the President declared 'Liberation Day' for American industry and announced a sweeping tariff plan: a 10% universal tariff on all imports and a punitive, up-to-50% tariff on countries running a trade surplus with the US. No country, certainly not the United Kingdom, has negotiated to 'secure a low tariff rate'. The best any country has done is reduce their proposed tariff. The UK and European Union have trade agreements with the US. Australia and New Zealand do not. The result? The UK and Australia face a 10% tariff. New Zealand and the EU face 15%. What's the difference? Not the deal – the difference is the trade balance. The US has a trade surplus with the UK and Australia. It has a trade deficit with the EU and New Zealand. That's the 'logic' behind the new rates. Critics who want to blame Luxon must explain how Hipkins could have done better. Australia – despite being 'America's sheriff' – still hasn't secured a meeting with Trump. Canberra is spending eye-watering sums on American nuclear submarines. It hasn't helped. Back in April, when Trump's tariff list was released, New Zealand officials were surprised we had the same tariff as Australia. The best explanation? The White House's grasp of geography. Uninhabited Antarctic Herald Island reportedly also received the same tariff. The best explanation is the White House thought New Zealand was part of Australia, a belief I have encountered often in America. Any negotiation would have had to begin by explaining that New Zealand is not part of Australia, and having to admit we have a trade surplus. Keeping our head down made sense. The minister publicly warned our tariff was likely to go up. Those who think tough talk would have helped should look to Canada. A founding Nafta member and one of America's closest allies, Canada has been negotiating longer than anyone. Its tariff? Thirty-five percent. If we had followed O'Connor's advice, we too could have a 35% tariff. Trade Minister Todd McClay has pointed out that New Zealand does not run a consistent trade surplus. Every time Air New Zealand buys a Boeing, the balance swings the other way. Over time, our trade is roughly even. If Trump's tariffs were rational, we would have a free trade agreement. But Trump doesn't do rational. Instead of engaging in politics, O'Connor should support New Zealand's long-standing bipartisan trade policy. He should tell exporters that no New Zealand Government could have negotiated a better deal. But he could also point out that these tariffs are not sustainable. It is Stein's Law that what is unsustainable will pass. What will change Trump is reality – and reality hit hard last Friday. Trump claims tariffs will bring jobs home and be paid for by exporting countries. The textbooks say otherwise – and now the data do too. Last Friday's US jobs report revealed 258,000 fewer jobs than previously reported, due to sharp revisions for May and June. Trump responded by firing the independent commissioner who released the figures so no one will believe future job reports. The job losses are exactly what economic theory predicts. The latest data also say manufacturing is contracting and inflation remains above the Federal Reserve guideline. Tariffs are sales taxes paid by consumers. While they hurt exporters, Americans pay the bill. According to the Yale Budget Lab, the new tariffs will cost the average American family around US$2400 ($4050) a year. Voters in Ohio don't like rising living costs any more than in Ōtara. If Trump doesn't make a U-turn – and he could – it is likely the Republicans, despite Texas gerrymandering, will lose the House next year. That would strip Trump of the power to impose tariffs, a responsibility that constitutionally belongs to Congress. The Trump tariffs will not last. Exporters who can hang on will be the beneficiaries.
