FIDO U2F Now Offers Contactless, Tokenless, Passwordless Mobile Authentication

Stina Ehrensvard

Stina Ehrensvard

3 minute read

2016 is the year when FIDO U2F will unfold its promise of a “universal” second factor.

Successfully deployed with Gmail, Dropbox, and GitHub in 2015, the U2F open standard is now expanding to mobile devices. At the ShowStoppers @ CES (Consumer Electronics Show) event in Las Vegas, Yubico is demonstrating the first FIDO U2F-certified, NFC-enabled YubiKey device as well as a software-based U2F mobile client that brings public key cryptography to both consumer and enterprise mobile users with a tokenless and passwordless experience.

Near Field Communication (NFC) was developed as an open standard more than a decade ago, and is today supported in all leading mobile platforms and hundreds of millions of mobile devices. Designed for contactless identification and authentication, NFC has also successfully found its way into mobile payment systems and credit cards.

The YubiKey NEO is now the first device certified for U2F mobile authentication over NFC. GitHub is pioneering support for mobile U2F for their users, combining a username and password with a simple tap of the YubiKey to an NFC-enabled mobile device. And later this year, the first U2F devices with Bluetooth will enter the market, addressing high-security login from iOS devices where NFC capabilities currently are limited to systems owned by Apple.

Also at Showstoppers @ CES, Yubico is demonstrating a software-based U2F mobile client that does not require additional hardware. It’s designed for both iOS and Android, the second factor can be a password or the fingerprint used to unlock the phone, enabling the first tokenless and passwordless user experience for FIDO U2F. While external hardware authenticators, without internet connections, offer the highest level of identity protection, this software-based U2F mobile client does provide a heightened level of security compared to a static username and password login. For example, an online bank that adds supports for U2F allows its mobile users to perform lower-value transactions using the U2F mobile client only, while higher-value transactions would require U2F hardware authentication.

As a co-author and driving contributor to the FIDO U2F open standard, Yubico’s mission is to make secure login easy and available for everyone, while safeguarding privacy. The YubiKey NEO is available today at Amazon and Yubico web store  for $50 in single quantity retail price. During the coming spring, Yubico will be piloting the FIDO U2F mobile client with large-scale service providers.

Want more interesting reading on FIDO U2F?

How journalists and human rights organizations use FIDO U2F to protect their identity
How Google reduced time, support costs, and fraud with FIDO U2F

, ,
Talk to our teamTalk to our team

Share this article:
  • Works with YubiKey Spotlight: Passkeys are here – are you ready?With 2025 at its midpoint, enterprises worldwide are grappling with how to protect their users and data against emerging challenges around user security. Since 2022, generative AI has fueled a 4,000% surge in phishing – exploiting human vulnerability in 68% of breaches. It’s no longer a question – the world has a password problem that […]Read morepartnerspasskeysWorks with YubiKeywwyk
  • Yubico LogoYubico liefert PIN-Verbesserungen mit dem neuen YubiKey 5 – Verbesserte PIN-SchlüsselUm sich auf die sich ständig weiterentwickelnden Cyber-Bedrohungen vorzubereiten, passen Regierungen weltweit die Authentifizierungsanforderungen für Online-Dienste an und aktualisieren sie, was direkte Auswirkungen auf viele Unternehmen und deren Mitarbeiter hat. Zwar gibt es derzeit keine universelle Regelung für eine robustere Multi-Faktor-Authentifizierung (MFA), doch wird deren Notwendigkeit in einer Reihe von Anforderungen hervorgehoben, darunter PSD2, DSGVO […]Read moreYubiKey
  • Yubico delivers PIN advancements with new YubiKey 5 – Enhanced PIN keysTo prepare for continuously evolving cyber threats, governments around the world are adapting and updating authentication requirements for online services which directly impact thousands of organizations and their employees. While there’s currently no universal regulation for more robust multi-factor authentication (MFA), the need is highlighted across a range of requirements including PSD2, GDPR, and the […]Read moreCompany NewsProduct NewsYubiKeyYubiKey 5 – Enhanced PINYubiKey 5 SeriesYubiKey as a Service
  • An inside look at Yubico’s transition to passwordlessBefore “passkey” became a familiar term in our industry, Yubico had long delivered hardware-backed and phishing-resistant FIDO2 based authentication. Today, the adoption of passkey usage is accelerating. However, it’s taken quite a bit longer to integrate passwordless authentication into the everyday, enterprise-grade authentication flows that are required for today’s businesses.  As long as it’s been […]Read moreOktapasswordless