YubiKey firmware update: YubiKey 5 Series with firmware 5.4

Yubico Team

Yubico Team

3 minute read

As of today, Yubico will start shipping the YubiKey 5 Series with firmware 5.4. This new firmware release will enable easier integration with Credential Management System (CMS) solutions, secure remote provisioning of YubiKeys, and expanded methods for PIV management. 

Key benefits of the YubiKey Firmware Update for the YubiKey 5 Series with 5.4 firmware include:

  1. Improved security for integration with CMS services by enabling secure remote provisioning of YubiKeys for CMS vendors through an encrypted transport protocol. Secure channel communication to any host system (server, laptop, desktop, tablet, etc.) enables transfer of data that is resistant to eavesdropping and tampering. 
  1. YubiKey and YubiHSM2 now work together: With this YubiKey firmware update, it is now possible to use a YubiKey to authenticate and establish a session to the YubiHSM2.

Yubico has developed two new modules that have been added in this release which will have a significant impact for our customers who have a PKI infrastructure secured with YubiHSM2 and YubiKey. 

Secure Channel Protocol ‘03’ (SCP03)

We are enhancing our ability to integrate with CMS vendors by enabling support for Secure Channel Protocol ‘03’ to securely establish a mutually authenticated and encrypted communication channel to the YubiKey. SCP03 is a protocol that relies on the Encrypt-then-MAC method, a way of transferring data that is resistant to overhearing and tampering. A secure channel is always recommended to securely connect and manage the PIV application on the YubiKey.

Secure channel allows services and client software to obtain information and provision YubiKey PIV credentials from a remote centralized location. YubiKeys can be locked in such a way that only the CMS vendor can unlock and program keys for their enterprise customers, ensuring greater trust as YubiKeys are deployed to their employees or partners remotely.

YubiHSM Auth

With this YubiKey firmware update, we also introduce YubiHSM Auth, a new YubiKey module that serves as a key storage for authenticating against a YubiHSM2 with a YubiKey instead of using a session password only. To fully leverage this functionality you will need the latest release of YubiHSM2 SDK, which is available for download here

Yubico is always working to advance the functionality and security of our products, and we thank our users for their continued product feedback and support to drive technical improvements like the ones listed above. 

To purchase a YubiKey with the most recent firmware, visit Yubico.com, request a Yubico sales consultation, or contact any of Yubico’s official channel partners. To learn more about which firmware version your devices have, please use the YubiKey Manager

,
Talk to our teamTalk to our team

Share this article:
  • Mission matters – my reflections on winning the EY World Entrepreneur of the Year “This is the biggest mission any of the entrepreneurs have presented in this competition.”  I heard these words a few weeks ago from one of the judges for the EY World Entrepreneur of the Year award program – whom I had the honor to meet during the final step of the world’s largest entrepreneur competition.  […]Read moreawardsFounderStina Ehrensvard
  • Yubico recognized by TrustRadius 2025 Award for top customer reviewsAs AI-driven cyber threats like credential phishing evolve and grow in complexity, phishing-resistant YubiKeys are an important component toward cyber resilience — and our mission to make the internet more secure has never been more critical. To support this, customer feedback is something we take very seriously and is an invaluable tool to ensure we’re […]Read moreawardsTrustRadius
  • CEO Corner: Maintaining stable growth while navigating global uncertaintyAs we officially close out the first quarter of 2025,  I am pleased we saw a quarter with solid growth and profitability along with ongoing demand for phishing-resistant authentication. We continue to see new types of high-profile cyber attacks appearing regularly, and a major reason for the success of phishing attacks is stolen credentials. As […]Read moreCEOCEO CornerEarningsMattias Danielsson
  • Introducing the Yubico Academy: Enabling partners for a phishing-resistant futureAt Yubico, strong partnerships are fundamental to a more secure digital world. Our commitment goes beyond providing leading security keys; it’s about actively fostering the growth of our valued partners through impactful enablement programs. A cornerstone is the Yubico Academy, featuring our comprehensive certification program.  This program enables our partners’ teams to become Yubico experts, […]Read more