In addition to the driverless and platform independent features of the YubiKey, a tight integration with a client application can be implemented in YubiKey 2.2 (launched in September 2010). The challenge-response feature supports both the YubiKey OTP algorithm, as well as standard HMAC-SHA1. 

 

The feature enables companies providing online games and streamed media to charge for their services as long as the YubiKey is inserted in the USB port of the computer. This function also makes it possible to electronically sign data, such as account numbers and amounts in the context of a financial transaction, ensuring that this information is correct before funds are wired. Leading software encryption companies are also testing the new YubiKey firmware to enhance their security. 

 

The YubiKey 2.2 is fully interoperable with early YubiKey versions, providing the same set of trusted authentication functionality. The challenge-response capability requiring client software is not applicable for most cloud services or the majority of existing YubiKey applications that makes the YubiKey's clientless interoperability of high value. 

 

» For more information (PDF)