Put Your Finger on the Pulse of What’s New with the YubiKey Bio Series

October 5, 2021 5 minute read

Today, we are announcing the YubiKey Bio Series, Yubico’s first-ever YubiKeys supporting biometric authentication. The YubiKey Bio was first previewed at Microsoft Ignite in 2019 where we showed a live demo of passwordless sign-in to Microsoft Azure Active Directory accounts. We’ve taken the time to ensure that we are launching products that are highly secure and user friendly.

The YubiKey Bio Series is where Yubico’s hallmark hardware security meets a new user experience with fingerprint on device authentication. As of today, the YubiKey Bio Series is generally available in both USB-A and USB-C form factors delivering secure second factor and passwordless logins for desktop-based FIDO-supported services and applications. The YubiKey Bio Series is available for purchase on yubico.com at a retail price of $80 for the USB-A form-factor and $85 for the USB-C form-factor. 

When developing the YubiKey Bio Series, we challenged ourselves to reimagine the architecture of biometric authentication on a security key. These series of keys incorporate a three chip design, allowing the biometric fingerprint material to be stored in a separate secure element which delivers enhanced protection from physical attacks. Ultimately, we created devices that enable modern and streamlined passwordless authentication, while, most importantly, not sacrificing security. The YubiKey Bio acts as a portable and hardware-backed root of trust which allows the user to authenticate with the same key across different desktop devices, operating systems, and applications. 

Here’s some fast facts on what to expect with the YubiKey Bio Series:

  1. Consistent reliable design. The YubiKey Bio Series leverages the same sleek and simple keychain design as other YubiKeys, including its durability and water resistant features. In lieu of the classic gold contact on other YubiKeys that establishes user presence, the fingerprint sensor on the YubiKey Bio authenticates the user with fingerprint recognition. 
  2. Meets passwordless demand. Organizations increasingly want to free users from the pain of managing multiple passwords, and demand solutions that enable passwordless experiences. YubiKeys enable this today with a single PIN, and the YubiKey Bio Series, which supports FIDO2/WebAuthn and U2F, allows fingerprint authentication in place of the PIN. However, should a user’s fingerprint not register on the device during a login attempt, users will be able to unlock the YubiKey Bio with a personal PIN which is added during initial setup. 
  3. Hardware security keys. YubiKey Bio integrates with the native biometric enrollment and management features supported in the latest platforms and operating systems. Fingerprints can also be enrolled, added, and deleted with the Yubico Authenticator for Desktop app on Windows, macOS and Linux. Templates of the fingerprints are derived from the fingerprints presented to the key, and those fingerprint templates are stored and matched on a separate secure element that helps protect against physical attacks. Fingerprint materials never leave the YubiKey Bio Series.
  4. A new user experience, portability, and enhanced workflow with FIDO protocol support. Secure second factor and passwordless login experiences, backed by biometrics, enhances the user experience. FIDO-supported services and applications also allow for applications to become ‘trusted’, only needing YubiKey Bio login during the initial authentication flow into the service. 
  5. Portable authenticator purpose built for security. Nowadays, many devices provide built-in authenticators, but if a device is compromised then the built-in authenticator might be too. This can leave users more vulnerable to sophisticated cloning attacks and account takeovers, slowing down their ability to access their accounts. The YubiKey Bio and all other YubiKeys, are built solely for one function and focus – strong security.  

The YubiKey Bio Series enables biometric login on desktop with all applications and services that support FIDO2/WebAuthn/U2F and works out-of-the-box with Citrix Workspace, Duo, GitHub, IBM Security Verify, Microsoft Azure Active Directory and Microsoft 365, Okta and Ping Identity

To know if the YubiKey Bio is right for you, take our quiz, and we recommend using the YubiKey Bio Series when:

  • Securing an account with a service that supports only FIDO U2F or FIDO2/WebAuthn protocols
  • Authenticating primarily using a desktop device
  • In cloud-first environments
  • Use cases such as shared workstations and mobile restricted environments

However, if you need the following, we recommend that you choose a key from the YubiKey 5 Series:

  • Require broader form factors and NFC support
  • Need to work across desktop and mobile devices
  • Supporting applications and services using a range of protocols such as OTP, FIDO U2F and FIDO2/WebAuthn and Smart card/PIV
  • Securing legacy and modern environments and offers a bridge to passwordless, utilizing non-FIDO protocols

Yubico always strives to innovate with its YubiKeys. One example of this is through its Premium tier YubiEnterprise Subscription, where customers experience upgrades, including adding additional protocol support and functionality to products like the YubiKey Bio Series.

To learn more about the capabilities and specs, visit here. Also, don’t forget to join our upcoming webinar at 10 a.m. PT on Monday, October 18 to discuss strong biometric authentication.

Share this article:

Recommended content

Thumbnail

Now is the time to accelerate phishing resistant MFA (and find us at AWS re:Invent Las Vegas next week)

While 2021 isn’t quite over yet, at Yubico, we took a moment to reflect on many of the changes and impacts that have happened in the cybersecurity industry. This year has marked some of the biggest security breaches in history including the SolarWinds and Colonial Pipeline hacks. And with these cybersecurity attacks, we’ve seen: Action ...

Thumbnail

In passwordless authentication, who is holding the keys?

Strong authentication practices are based on validating a number of authentication factors to a relying party (RP) or identity provider (IDP) to prove you are who the RP expects. Examples of relying parties could be Dropbox or Salesforce. Identity providers, who can also be a relying party that interacts with the authenticator, include Microsoft Azure, ...

Thumbnail

Getting biometric authentication right: high security + great user experience

Learn about biometric authentication reimagined to deliver strong security

Thumbnail

Making the internet safer for everyone, one YubiKey at a time

When the internet was designed 30 years ago, security was not a priority as it was primarily created as a way to connect and easily share information with others around the world. Fast forward to today with news of hacks and breaches almost daily, much of the online world is trying to play catch up ...