As the principal inventor behind both the Security Key and U2F protocol, we are true supporters of open standards. To realize our mission of making secure login ubiquitous, we designed the original Security Key, and provided the majority of the open source code and test tools for FIDO U2F and the latest version of the standard, FIDO2, which offers a passwordless experience.
Innovation is core to all we do, and as the ecosystem continues to mature, U2F and FIDO2 functionality will come in many different form factors, communications methods (USB/BLE/NFC) and features, from Yubico and others.
Over the past several years, Google has deployed hundreds of thousands of FIDO U2F-enabled Yubico devices internally with amazing results. Today, Google released their own version of a security key, and while we have received the question if we were part of this production, these devices are not manufactured by Yubico.
Yubico strongly believes there are security and privacy benefits for our customers by manufacturing and programming our products in the USA and Sweden.
Google’s offering includes a Bluetooth (BLE) capable key. While Yubico previously initiated development of a BLE security key, and contributed to the BLE U2F standards work, we decided not to launch the product as it does not meet our standards for security, usability and durability. BLE does not provide the security assurance levels of NFC and USB, and requires batteries and pairing that offer a poor user experience.
Yubico is a believer in NFC, and the YubiKey NEO design has proven at scale to deliver a superior contactless user experience for U2F. Also, Yubico will soon announce another secure and user friendly solution for iOS.
The FIDO U2F and FIDO2 standards work has been a long, challenging and inspiring journey convincing and engaging all leading platforms and browsers to subscribe to the Yubico mission: to make secure login easy and available for everyone.
U2F is just one tool in the YubiKey toolbox. Today, the majority of our customers use our multi-function YubiKeys across multiple applications, services, and operating systems. In addition to FIDO U2F, we offer smart card (PIV), Yubico OTP, OpenPGP, and OATH-HOTP/TOTP, in a single device, over both USB and NFC, as well as in USB-C form factors.
Yubico continues to work closely with Microsoft, Google and the global open standards community on FIDO2, the passwordless evolution of U2F. This next-generation standard enables the option to use a security key as a single factor, with an optional PIN or biometrics on the user device, removing the need for service providers to store and manage passwords.
We will continue to create market defining authentication products, which we are currently demonstrating at Google Cloud Next, booth #S1426. We welcome you to join us.