Now available! FIPS 140-2 validated YubiKey series

Jerrod Chong

Jerrod Chong

2 minute read

Today, we’re excited to announce the certification and availability of our YubiKey FIPS series, the first multi-protocol FIPS 140-2 validated security keys.

FIPS 140-2 is a US government computer security standard, published by the National Institute of Standards and Technology (NIST), that covers the use of cryptographic functionality such as encryption, authentication, and digital signatures. The FIPS 140-2 validated YubiKeys meet the most stringent security requirements of US federal agencies.

The YubiKey FIPS Series includes keychain and nano form-factors for USB-A and USB-C interfaces.

The YubiKey FIPS series uses the YubiKey 4 Cryptographic Module that received FIPS 140-2 validated at Overall Level 2, Physical Security Level 3 with certificate number 3204. At this level, the YubiKey FIPS series meets Authenticator Assurance Level 3 (AAL3) as defined in NIST SP800-63B, that enables compliance with Federal Risk and Authorization Management Program (FedRAMP)  and Defense Federal Acquisition Regulation Supplement (DFARS) requirements.

FIPS certification is essential for many branches of the US government and contractors, in addition to those in the private sector that collect and transmit sensitive but unclassified (SBU) information.

The YubiKey FIPS Series hardware authentication devices include keychain and nano form-factors for USB-A and USB-C interfaces. The YubiKey FIPS Series is the only FIPS validated multi-protocol security key in the market supporting five authentication protocols; FIDO U2F, smart card (PIV), Yubico OTP, OpenPGP, and OATH-HOTP/TOTP.  Now, federal entities and federal-compliant enterprises can comply with the high assurance security requirements for on-premise or cloud deployments using the YubiKey FIPS Series.

Companies including Google, Facebook, Salesforce and thousands more trust the YubiKey to protect account access to computers, networks and online services. Now, we are able to deliver the same simple, trusted protection as a FIPS validated solution.

For more information and technical details on the new product line, visit the YubiKey FIPS page. Starting at $46, YubiKey FIPS Series security keys are available now for purchase online at the  Yubico store or by contacting Yubico Sales.

, ,
Talk to our teamTalk to our team

Share this article:
  • Piloting Europe’s future ID: Passkeys securing digital walletsOver the last several years, passkeys have become ubiquitous. They are available on every mobile platform, in every leading browser, as part of all major enterprise IAM solutions, and in most major cloud services. Until wwWallet came along, the only place where passkeys hadn’t yet made an impact is in the rapidly developing world of […]Read moredigital identity walletspasskeysSIROSwwWallet
  • We’re excited for what’s to come – meet us in-person to find out whyIt’s been a busy year for our team, filled with exciting company and product updates aimed at better serving our customers and helping them achieve cyber resilience as AI-driven phishing threats continue evolving globally. Between industry award recognitions and key new executive leadership hires to lead Yubico to its next stage of growth and a […]Read more
  • FIPS certified vs. FIPS compliant: What’s the real difference?“Is your MFA solution FIPS compliant, or is it certified?”  This is a question we hear a lot, and for good reason. In industries where security and compliance are critical (especially in government contracts), understanding the difference between FIPS certified and FIPS compliant isn’t just semantics – it can mean the difference between meeting requirements […]Read moreFIPSNIST
  • 2025 Global State of Authentication survey: A world of difference in cybersecurity habitsIn a world that’s more connected than ever, the landscape of cybersecurity threats is constantly evolving. Bad actors, now supercharged with artificial intelligence (AI), are becoming increasingly adept at exploiting human error through sophisticated phishing and social engineering attacks. This makes robust cybersecurity a universal issue, impacting everyone from individuals to the largest global enterprises. […]Read moreGlobal State of Authenticationsurvey