First US e-Government Services Protected with FIDO U2F Unphishable Security Keys

September 12, 2017 2 minute read

Today, at the 2017 Federal Identity Forum (FedID), we are taking an important step towards a more secure internet for everyone by introducing the first US federal services to offer identity proofing protection with an unphishable FIDO U2F security key.  This solution is enabled through identity proofing provider ID.me, and marks the first roll out of FIDO U2F two-factor authentication for government agencies in the US.

As the co-author of U2F and the leading maker of FIDO U2F security keys, Yubico is thrilled to see ID.me become the first in helping protect US government services using FIDO U2F security keys. Today, US citizens can use the same YubiKey to log in securely to leading internet services, including Google and Facebook, and now on federal sites where ID.me is used for identity proofing.  This is a great milestone for all the contributors of the FIDO U2F standards.

id.me u2f integration

Register your security key

“Thieves can guess or steal passwords from a database, and they can spoof biometrics,” said Blake Hall, CEO of ID.me.

“A physical FIDO U2F security key is ‘unphishable’ – to provide more robust and easy to use security to all customers, it’s essential to support FIDO U2F based standards and the adoption of security keys.”

This week’s announcement of US e-Government support for FIDO U2F follows last year’s launch by the UK government. Similar to the US government  initiatives, the GOV.UK Verify service for UK citizens offers a combination of identity proofing, single-sign on, and secure authentication with FIDO U2F security keys.  GOV.UK Verify used with FIDO U2F was enabled through identity provider Digidentity. Yubico is in dialogue with many other countries around the world that are considering offering U2F authentication for citizen-facing government services.

Share this article:

Recommended content

Thumbnail

Strong Authentication for U.S. Government Employees

Learn how to attain PIV compliance and the recent U.S. Cybersecurity Executive Order mandates that federal government agencies adopt multi-factor authentication (MFA) within 180 days.

Thumbnail

Seven tips if you’re still scratching your head after reading Biden’s cybersecurity executive order

Yubico works with a lot of federal agencies and contractors, as well as with customers in regulated industries, so we understand the challenges new compliance regulations can bring. The executive order that was released May 12 can be seen as the federal government fully embracing the move toward multi-factor authentication (MFA) for use cases where ...

Thumbnail

New-Era Authentication: For Federal Zero Trust Initiative

Read the SNG Fedscoop Report on new era authentication and how it aligns with the new White House Executive Order on protecting the nation's cybersecurity.

Thumbnail

Entrust to add support for YubiKeys with PIV alternative and PIV derived credentials, advancing secure mobile and desktop authentication

Today marks an important day for expanding Yubico’s reach to support the growing requirement for Government agencies to issue government credentials beyond Personal Identity Verification (PIV) cards. We are celebrating that our partner Entrust will soon launch support for derived PIV credentials for YubiKeys. Customers will be able to take advantage of YubiKeys with derived ...