To prepare for continuously evolving cyber threats, governments around the world are adapting and updating authentication requirements for online services which directly impact thousands of organizations and their employees. While there’s currently no universal regulation for more robust multi-factor authentication (MFA), the need is highlighted across a range of requirements including PSD2, GDPR, and the upcoming Cyber Resilience Act (CRA) – emphasizing the importance of ensuring cyber resilience against unauthorized access from credential phishing attacks. The cybersecurity industry agrees, with best practices leaning towards adoption of phishing-resistant MFA and some organizations requiring longer PINs (at least 6 characters) and PIN complexity on security keys for the most robust protection.
This is why we’re excited to introduce the YubiKey 5 – Enhanced PIN available exclusively via YubiKey as a Service – providing enterprises with seamless flexibility to roll out device-bound passkeys with impactful cost savings at scale to 175 countries and 24 territories. Pre-configured with the ability to deliver great PIN controls and user enforcement, the YubiKey 5 – Enhanced PIN features minimum PIN length and an increase in overall PIN complexity. Customers now have the ability to easily meet policy and audit requirements, as well as evolving compliance and regulatory guidance for authentication, with an “off-the-shelf” product.
This new release follows the introduction of the YubiKey 5.7 firmware and the Security Key – Enterprise Edition last year, where PIN complexity has been an optional feature available on YubiKeys with firmware version 5.7 or later. Features now available for the YubiKey 5 NFC and YubiKey 5C NFC models on the Enhanced PIN product via YubiKey as a Service include:
- PIN Complexity turned on automatically
- Minimum PIN Length set to 6 characters
- Complete PIN control and user enforcement policies for all users via alwaysUV (always user verify) turned on by default
- Unique FIDO AAGUID to allow policy enforcement
To meet continued global demand for phishing-resistant YubiKeys and varying regional requirements, Yubico recently announced the expanded availability of YubiKey as a Service to all countries in the European Union (EU), as well as YubiEnterprise Delivery across 117 new locations around the world. Now totalling 199 locations (175 countries and 24 territories), Yubico has been able to double existing delivery coverage of YubiKeys to both office and remote users.
These advancements allow organizations to be more agile and flexible in their adoption of phishing-resistant YubiKeys, and builds upon the company’s existing reach in markets such as the United States, Canada, Japan, Singapore, Australia, India and the UK. The added YubiKey 5 – Enhanced PIN keys offer the ability for organizations in these countries to be able to meet the latest authentication regulations and requirements, and stay ahead of evolving cyber threats. Yubico is committed to meet the growing demand for phishing-resistant YubiKeys and enabling faster, more affordable delivery of keys to markets like the EU and APJ, where regulatory pressures for phishing-resistant authentication are intensifying.
For more information on the YubiKey 5 – Enhanced PIN product, visit here. For questions, contact our team.
