Latest news with #Yubico
Scoop
6 days ago
- Scoop
Driving Passkey Adoption In New Zealand While Keeping The User Experience Seamless
Press Release – Yubico Users can authenticate using biometrics (like Face ID or fingerprint), a PIN, or a physical security key, removing the need to remember or manage passwords entirely. This significantly reduces human error and simplifies the login experience. By Geoff Schomburgk, Asia Pacific & Japan Vice President for Yubico At their core, passkeys are built on public-key cryptography. When a user creates a passkey, their device generates a unique key pair: a private key securely stored on the device and a public key shared with the service provider. Since the private key never leaves the device and cannot be entered manually, passkeys inherently resist phishing and credential theft. Users can authenticate using biometrics (like Face ID or fingerprint), a PIN, or a physical security key, removing the need to remember or manage passwords entirely. This significantly reduces human error and simplifies the login experience. Reimagining Modern Multi-Factor Authentication Passkeys offer a seamless form of modern multi-factor authentication (MFA) that doesn't rely on SMS codes or authenticator apps. But not all passkeys are created equal, and there are two main types to consider for various use cases: Syncable passkeys – stored in cloud-based password managers or platform-bound keychains (e.g., Apple iCloud, Google Password Manager), allow users to access credentials across multiple devices. Device-bound passkeys – stored on a physical device like a hardware security key (i.e. a YubiKey), device-bound passkeys offer a much higher level of security by keeping the credential locked to a single, physical object. While syncable passkeys prioritise convenience to sync passkeys across multiple devices in the cloud, they also introduce new vulnerabilities: if cloud storage is compromised, the keys could be intercepted or misused. Device-bound passkeys, on the other hand, ensure that authentication requires physical possession of the device, raising the bar significantly for attackers. Why device-bound passkeys? Adoption friction is often blamed on the novelty of passkeys and users' resistance to change. Indeed, some users have encountered issues with syncable passkeys, particularly around cross-platform compatibility, device syncing and usability. These poor experiences can turn users off from trying passkeys again. Device-bound passkeys solve many of these problems. They offer superior protection and operate independently across platforms by delivering fast, secure and consistent logins without relying on potentially fragile cloud syncing mechanisms. By eliminating passwords and the sync-related errors, hardware passkeys reduce friction rather than increase it. A new path forward: Striking the right balance of security and usability The security versus convenience debate is real, but it's no longer a binary choice. Passkeys, especially device-bound options, allow users not to compromise: they offer the ease of passwordless authentication with the assurance of unbreakable cryptographic protection. Device-bound passkeys are becoming more accessible and affordable. Businesses and platforms should take this moment to lead users toward this stronger standard. To accelerate the adoption of passkeys without compromising user experience, a multi-faceted approach is essential. First, user education must take centre stage. People need to understand not just what passkeys are, but why they matter, how they eliminate the risks of phishing and password-related breaches while simplifying everyday login experiences. Clear communication around the benefits and ease of use is key to overcoming initial scepticism and encouraging behavioural change. Equally important is promoting device-bound passkeys as the gold standard for secure authentication. While synced passkeys offer convenience, hardware-based alternatives provide unmatched protection by ensuring credentials remain physically tied to the user. Framing this not as a trade-off, but as a balanced and superior solution, will help build user trust and confidence. On the technical side, developers and platform providers must work to simplify the implementation and integration of passkey support across devices, browsers, and operating systems. Reducing fragmentation and ensuring compatibility will remove friction for users and organisations alike. At the same time, fallback mechanisms should be designed with care, offering alternative access without reverting to weak, legacy methods that undermine the integrity of passwordless systems. Passkeys, especially device-bound variants, represent a turning point in the evolution of digital security. By aligning usability with robust protection, they have the potential to make secure authentication both practical and pervasive.
Scoop
6 days ago
- Scoop
Driving Passkey Adoption In New Zealand While Keeping The User Experience Seamless
By Geoff Schomburgk, Asia Pacific & Japan Vice President for Yubico At their core, passkeys are built on public-key cryptography. When a user creates a passkey, their device generates a unique key pair: a private key securely stored on the device and a public key shared with the service provider. Since the private key never leaves the device and cannot be entered manually, passkeys inherently resist phishing and credential theft. Users can authenticate using biometrics (like Face ID or fingerprint), a PIN, or a physical security key, removing the need to remember or manage passwords entirely. This significantly reduces human error and simplifies the login experience. Reimagining Modern Multi-Factor Authentication Passkeys offer a seamless form of modern multi-factor authentication (MFA) that doesn't rely on SMS codes or authenticator apps. But not all passkeys are created equal, and there are two main types to consider for various use cases: Syncable passkeys - stored in cloud-based password managers or platform-bound keychains (e.g., Apple iCloud, Google Password Manager), allow users to access credentials across multiple devices. Device-bound passkeys - stored on a physical device like a hardware security key (i.e. a YubiKey), device-bound passkeys offer a much higher level of security by keeping the credential locked to a single, physical object. While syncable passkeys prioritise convenience to sync passkeys across multiple devices in the cloud, they also introduce new vulnerabilities: if cloud storage is compromised, the keys could be intercepted or misused. Device-bound passkeys, on the other hand, ensure that authentication requires physical possession of the device, raising the bar significantly for attackers. Why device-bound passkeys? Adoption friction is often blamed on the novelty of passkeys and users' resistance to change. Indeed, some users have encountered issues with syncable passkeys, particularly around cross-platform compatibility, device syncing and usability. These poor experiences can turn users off from trying passkeys again. Device-bound passkeys solve many of these problems. They offer superior protection and operate independently across platforms by delivering fast, secure and consistent logins without relying on potentially fragile cloud syncing mechanisms. By eliminating passwords and the sync-related errors, hardware passkeys reduce friction rather than increase it. A new path forward: Striking the right balance of security and usability The security versus convenience debate is real, but it's no longer a binary choice. Passkeys, especially device-bound options, allow users not to compromise: they offer the ease of passwordless authentication with the assurance of unbreakable cryptographic protection. Device-bound passkeys are becoming more accessible and affordable. Businesses and platforms should take this moment to lead users toward this stronger standard. To accelerate the adoption of passkeys without compromising user experience, a multi-faceted approach is essential. First, user education must take centre stage. People need to understand not just what passkeys are, but why they matter, how they eliminate the risks of phishing and password-related breaches while simplifying everyday login experiences. Clear communication around the benefits and ease of use is key to overcoming initial scepticism and encouraging behavioural change. Equally important is promoting device-bound passkeys as the gold standard for secure authentication. While synced passkeys offer convenience, hardware-based alternatives provide unmatched protection by ensuring credentials remain physically tied to the user. Framing this not as a trade-off, but as a balanced and superior solution, will help build user trust and confidence. On the technical side, developers and platform providers must work to simplify the implementation and integration of passkey support across devices, browsers, and operating systems. Reducing fragmentation and ensuring compatibility will remove friction for users and organisations alike. At the same time, fallback mechanisms should be designed with care, offering alternative access without reverting to weak, legacy methods that undermine the integrity of passwordless systems. Passkeys, especially device-bound variants, represent a turning point in the evolution of digital security. By aligning usability with robust protection, they have the potential to make secure authentication both practical and pervasive.
Techday NZ
15-07-2025
- Business
- Techday NZ
Yubico launches Enhanced PIN YubiKey to boost enterprise security
Yubico has introduced the YubiKey 5 – Enhanced PIN, which is available through its YubiKey as a Service programme, providing additional PIN capabilities for enterprises seeking advanced authentication measures in 175 countries and 24 territories. The latest product from Yubico comes pre-configured with features intended to improve PIN management and user enforcement. Included in the configuration are a mandatory minimum PIN length and requirements for increased PIN complexity. This helps organisations meet evolving policy, compliance, and audit requirements for user authentication. As cyber threats facing enterprises continue to evolve, government standards and regulations regarding secure authentication are also changing. Enhanced authentication requirements, including those outlined in PSD2, the General Data Protection Regulation (GDPR), and the upcoming Cyber Resilience Act (CRA), are prompting organisations across multiple industries to update their authentication methods. These regulations underscore the importance of resisting unauthorised access, particularly credential phishing attacks. Industry standards are trending towards the use of phishing-resistant multi-factor authentication (MFA). Some organisations are requiring longer PINs, with a minimum of six characters, as well as increased complexity on hardware security keys, in order to strengthen security protections for their users. The new Enhanced PIN features are available on the YubiKey 5 NFC and YubiKey 5C NFC models, specifically through the YubiKey as a Service platform. Notable capabilities include PIN complexity set by default, a minimum PIN length requirement of six characters, comprehensive PIN management for users with enforcement policies applied by default, and always-on user verification (alwaysUV). In addition, a unique FIDO AAGUID is utilised to support policy enforcement. "Customers now have the ability to easily meet policy and audit requirements, as well as evolving compliance and regulatory guidance for authentication, with an 'off-the-shelf' product." The introduction of the Enhanced PIN YubiKeys aims to support organisations in meeting new regulatory and authentication standards in markets such as the European Union and Asia-Pacific Japan (APJ) region. Regulatory pressures for phishing-resistant authentication solutions are intensifying in these regions, increasing the demand for these types of security keys. Yubico has responded to this by expanding the reach of its YubiKey as a Service to include all European Union countries, and its YubiEnterprise Delivery has been broadened to a further 117 locations globally. The company's total distribution now covers 199 locations, which includes 175 countries and 24 territories. This expansion is designed to support both office-based and remote employees, effectively doubling the delivery coverage compared to previous years. Prior to this release, Yubico launched the YubiKey 5.7 firmware and the Security Key – Enterprise Edition, which introduced optional PIN complexity for devices running firmware version 5.7 or later. The Enhanced PIN capability now arrives as a standard feature for supported models acquired through the company's service platform. Organisations adopting these new keys are better equipped to streamline their approach to phishing-resistant authentication in markets where regulatory compliance is a growing concern. The expanded reach includes increased availability in regions such as the United States, Canada, Japan, Singapore, Australia, India, and the United Kingdom. The expanded service and new key features reflect Yubico's effort to address the challenges posed by a changing cybersecurity landscape and varying global regulatory requirements, supporting enterprise customers in their transition to more robust authentication systems.
Scoop
15-07-2025
- Business
- Scoop
Yubico Delivers PIN Advancements With New YubiKey 5 Enhanced PIN Keys
Press Release – Yubico Yubico is committed to meeting the growing demand for phishing-resistant YubiKeys and enabling faster, more affordable delivery of keys to markets like the EU and APJ, where regulatory pressures for phishing-resistant authentication are intensifying. Yubico is today introducing the YubiKey 5 – Enhanced PIN, available exclusively via YubiKey as a Service, providing enterprises with seamless flexibility to roll out device-bound passkeys with impactful cost savings at scale to 175 countries and 24 territories. Pre-configured with the ability to deliver great PIN controls and user enforcement, the YubiKey 5 – Enhanced PIN features a minimum PIN length and an increase in overall PIN complexity. Customers now have the ability to easily meet policy and audit requirements, as well as evolving compliance and regulatory guidance for authentication, with an 'off-the-shelf' product. To prepare for continuously evolving cyber threats, governments around the world are adapting and updating authentication requirements for online services, which directly impact thousands of organisations and their employees. While there's currently no universal regulation for more robust multi-factor authentication (MFA), the need is highlighted across a range of requirements, including PSD2, GDPR, and the upcoming Cyber Resilience Act (CRA), emphasising the importance of ensuring cyber resilience against unauthorised access from credential phishing attacks. The cybersecurity industry agrees, with best practices leaning towards adoption of phishing-resistant MFA and some organisations requiring longer PINs (at least six characters) and PIN complexity on security keys for the most robust protection. Features are now available for the YubiKey 5 NFC and YubiKey 5C NFC models on the Enhanced PIN product via YubiKey as a Service, including: PIN Complexity turned on automatically Minimum PIN Length set to 6 characters Complete PIN control and user enforcement policies for all users via alwaysUV (always user verify) turned on by default Unique FIDO AAGUID to allow policy enforcement The added YubiKey 5 – Enhanced PIN keys offer the ability for organisations in these countries to be able to meet the latest authentication regulations and requirements, and stay ahead of evolving cyber threats. Yubico is committed to meeting the growing demand for phishing-resistant YubiKeys and enabling faster, more affordable delivery of keys to markets like the EU and APJ, where regulatory pressures for phishing-resistant authentication are intensifying. To meet continued global demand for phishing-resistant YubiKeys and varying regional requirements, Yubico recently announced the expanded availability of YubiKey as a Service to all countries in the European Union (EU), as well as YubiEnterprise Delivery across 117 new locations around the world. Now totalling 199 locations (175 countries and 24 territories), Yubico has been able to double the existing delivery coverage of YubiKeys to both office-based and remote users. This new release follows the introduction of the YubiKey 5.7 firmware and the Security Key – Enterprise Edition last year, where PIN complexity has been an optional feature available on YubiKeys with firmware version 5.7 or later. These advancements allow organisations to be more agile and flexible in their adoption of phishing-resistant YubiKeys, and build upon the company's existing reach in markets such as the United States, Canada, Japan, Singapore, Australia, India and the UK.
Scoop
15-07-2025
- Business
- Scoop
Yubico Delivers PIN Advancements With New YubiKey 5 Enhanced PIN Keys
Yubico is today introducing the YubiKey 5 – Enhanced PIN, available exclusively via YubiKey as a Service, providing enterprises with seamless flexibility to roll out device-bound passkeys with impactful cost savings at scale to 175 countries and 24 territories. Pre-configured with the ability to deliver great PIN controls and user enforcement, the YubiKey 5 – Enhanced PIN features a minimum PIN length and an increase in overall PIN complexity. Customers now have the ability to easily meet policy and audit requirements, as well as evolving compliance and regulatory guidance for authentication, with an 'off-the-shelf' product. To prepare for continuously evolving cyber threats, governments around the world are adapting and updating authentication requirements for online services, which directly impact thousands of organisations and their employees. While there's currently no universal regulation for more robust multi-factor authentication (MFA), the need is highlighted across a range of requirements, including PSD2, GDPR, and the upcoming Cyber Resilience Act (CRA), emphasising the importance of ensuring cyber resilience against unauthorised access from credential phishing attacks. The cybersecurity industry agrees, with best practices leaning towards adoption of phishing-resistant MFA and some organisations requiring longer PINs (at least six characters) and PIN complexity on security keys for the most robust protection. Features are now available for the YubiKey 5 NFC and YubiKey 5C NFC models on the Enhanced PIN product via YubiKey as a Service, including: PIN Complexity turned on automatically Minimum PIN Length set to 6 characters Complete PIN control and user enforcement policies for all users via alwaysUV (always user verify) turned on by default Unique FIDO AAGUID to allow policy enforcement The added YubiKey 5 - Enhanced PIN keys offer the ability for organisations in these countries to be able to meet the latest authentication regulations and requirements, and stay ahead of evolving cyber threats. Yubico is committed to meeting the growing demand for phishing-resistant YubiKeys and enabling faster, more affordable delivery of keys to markets like the EU and APJ, where regulatory pressures for phishing-resistant authentication are intensifying. To meet continued global demand for phishing-resistant YubiKeys and varying regional requirements, Yubico recently announced the expanded availability of YubiKey as a Service to all countries in the European Union (EU), as well as YubiEnterprise Delivery across 117 new locations around the world. Now totalling 199 locations (175 countries and 24 territories), Yubico has been able to double the existing delivery coverage of YubiKeys to both office-based and remote users. This new release follows the introduction of the YubiKey 5.7 firmware and the Security Key - Enterprise Edition last year, where PIN complexity has been an optional feature available on YubiKeys with firmware version 5.7 or later. These advancements allow organisations to be more agile and flexible in their adoption of phishing-resistant YubiKeys, and build upon the company's existing reach in markets such as the United States, Canada, Japan, Singapore, Australia, India and the UK.
