According to the NIST SP 800-63-3, digital identity is “the online persona of a subject.” Unlike personal identity, an individual can convey multiple digital identities across various networks and communities. In other words, one person can have one digital identity for their work email and another for a social media account. Given the possibility of […]
Read moreThe EU General Data Protection Regulation (GDPR) is a new set of mandates aimed to protect the privacy of internet users. From May, 2018, any organization operating, storing or processing data of EU citizens will be subject to the requirements. With the threat of hefty fines of €20M or 4% of worldwide turnover for non-compliance, […]
Read moreHow the FIDO U2F security key and YubiKey stop phishing and man-in-the-middle attacks Security is never stronger than its weakest link, and that weakest link is often the user. Not surprisingly, phishing attacks that target users are increasing not only in volume, but also in sophistication. Google knows that. Recently, the search giant updated their […]
Read moreThis week, Mozilla enabled support for FIDO U2F (Universal 2nd Factor) security keys in the pre-beta release of Firefox, Firefox Nightly. Firefox is the second largest internet browser by user base. In the near future, 80% of the world’s desktop users, including Chrome and Opera users, will benefit from the open authentication standard and YubiKey […]
Read moreAfter a year of review, the National Institute for Science and Technology (NIST) today released version 3 of its latest digital identity guidelines, outlining a number of updates that play to the multi-protocol functionality of the YubiKey. NIST Special Publication 800-63 Revision 3 covers guidelines on identity proofing and authentication of users (such as employees, […]
Read moreNow more than ever, security must be built into everything. By leveraging open standards, instead of building security protocols from the ground up, organizations can provide strong authentication faster than ever before. We created the Universal 2nd Factor (U2F) protocol together with Google several years ago and offered it the world for free along with […]
Read moreAfter a successful deployment of FIDO U2F enabled YubiKeys for all its staff, Google is now seeing the benefits of offering the technology to its customers with AdWords accounts. Hijacking of online advertising accounts not only costs customers whose accounts get bumped offline, but Google loses revenue when those accounts are dormant. The Association of […]
Read moreGoogle yesterday released a third option for its two-step verification, complementing the Google Authenticator phone app and FIDO U2F Security Keys. This release supports moving from two-factor to a true multi-factor authentication offering Google Prompt is a push app for mobile authentication, similar to two-factor push solutions offered by others like Duo Security. There is […]
Read moreA year ago, Yubico described a cord-cutting mobile world where hard-wired ports were not needed to accommodate the security benefits of strong authentication. Since then, growth in the mobile device market has continued its explosion, including 1.4 billion smartphones shipped worldwide in 2015, according to IDC. Couple this development with standards work by the FIDO […]
Read moreCompromised online identities have reached a level that has exposed the weaknesses in usernames and passwords as well as traditional software security solutions. Government services around the world have a growing demand for strong two-factor authentication, but traditional hardware technologies have been too costly and complicated to scale for most countries and internet users. The […]
Read more