YubiKey firmware update: YubiKey 5 Series with firmware 5.4

Yubico Team

Yubico Team

3 minute read

As of today, Yubico will start shipping the YubiKey 5 Series with firmware 5.4. This new firmware release will enable easier integration with Credential Management System (CMS) solutions, secure remote provisioning of YubiKeys, and expanded methods for PIV management. 

Key benefits of the YubiKey Firmware Update for the YubiKey 5 Series with 5.4 firmware include:

  1. Improved security for integration with CMS services by enabling secure remote provisioning of YubiKeys for CMS vendors through an encrypted transport protocol. Secure channel communication to any host system (server, laptop, desktop, tablet, etc.) enables transfer of data that is resistant to eavesdropping and tampering. 
  1. YubiKey and YubiHSM2 now work together: With this YubiKey firmware update, it is now possible to use a YubiKey to authenticate and establish a session to the YubiHSM2.

Yubico has developed two new modules that have been added in this release which will have a significant impact for our customers who have a PKI infrastructure secured with YubiHSM2 and YubiKey. 

Secure Channel Protocol ‘03’ (SCP03)

We are enhancing our ability to integrate with CMS vendors by enabling support for Secure Channel Protocol ‘03’ to securely establish a mutually authenticated and encrypted communication channel to the YubiKey. SCP03 is a protocol that relies on the Encrypt-then-MAC method, a way of transferring data that is resistant to overhearing and tampering. A secure channel is always recommended to securely connect and manage the PIV application on the YubiKey.

Secure channel allows services and client software to obtain information and provision YubiKey PIV credentials from a remote centralized location. YubiKeys can be locked in such a way that only the CMS vendor can unlock and program keys for their enterprise customers, ensuring greater trust as YubiKeys are deployed to their employees or partners remotely.

YubiHSM Auth

With this YubiKey firmware update, we also introduce YubiHSM Auth, a new YubiKey module that serves as a key storage for authenticating against a YubiHSM2 with a YubiKey instead of using a session password only. To fully leverage this functionality you will need the latest release of YubiHSM2 SDK, which is available for download here

Yubico is always working to advance the functionality and security of our products, and we thank our users for their continued product feedback and support to drive technical improvements like the ones listed above. 

To purchase a YubiKey with the most recent firmware, visit Yubico.com, request a Yubico sales consultation, or contact any of Yubico’s official channel partners. To learn more about which firmware version your devices have, please use the YubiKey Manager

,
Talk to our teamTalk to our team

Share this article:
  • Works with YubiKey Spotlight: Passkeys are here – are you ready?With 2025 at its midpoint, enterprises worldwide are grappling with how to protect their users and data against emerging challenges around user security. Since 2022, generative AI has fueled a 4,000% surge in phishing – exploiting human vulnerability in 68% of breaches. It’s no longer a question – the world has a password problem that […]Read morepartnerspasskeysWorks with YubiKeywwyk
  • Yubico LogoYubico liefert PIN-Verbesserungen mit dem neuen YubiKey 5 – Verbesserte PIN-SchlüsselUm sich auf die sich ständig weiterentwickelnden Cyber-Bedrohungen vorzubereiten, passen Regierungen weltweit die Authentifizierungsanforderungen für Online-Dienste an und aktualisieren sie, was direkte Auswirkungen auf viele Unternehmen und deren Mitarbeiter hat. Zwar gibt es derzeit keine universelle Regelung für eine robustere Multi-Faktor-Authentifizierung (MFA), doch wird deren Notwendigkeit in einer Reihe von Anforderungen hervorgehoben, darunter PSD2, DSGVO […]Read moreYubiKey
  • Yubico delivers PIN advancements with new YubiKey 5 – Enhanced PIN keysTo prepare for continuously evolving cyber threats, governments around the world are adapting and updating authentication requirements for online services which directly impact thousands of organizations and their employees. While there’s currently no universal regulation for more robust multi-factor authentication (MFA), the need is highlighted across a range of requirements including PSD2, GDPR, and the […]Read moreCompany NewsProduct NewsYubiKeyYubiKey 5 – Enhanced PINYubiKey 5 SeriesYubiKey as a Service
  • An inside look at Yubico’s transition to passwordlessBefore “passkey” became a familiar term in our industry, Yubico had long delivered hardware-backed and phishing-resistant FIDO2 based authentication. Today, the adoption of passkey usage is accelerating. However, it’s taken quite a bit longer to integrate passwordless authentication into the everyday, enterprise-grade authentication flows that are required for today’s businesses.  As long as it’s been […]Read moreOktapasswordless