YubiKey protects nations: eIDAS and eID projects in Europe

Security has been moving to the forefront of government regulations — and rightfully so. From DFARS to FIPS, PSD2, GDPR, and eIDAS, nations and service providers are being forced to address user security and privacy with a more mindful approach. For years, Yubico has helped organizations like GOV.UK deliver secure authentication options and meet regulatory compliance requirements, and today, we’re seeing this work expand.

Several Europen countries are now in the process of deploying modern web authentication, including YubiKeys, for their citizens. This comes in large part due Yubico’s recent work around the eIDAS regulation (Electronic Identification, Authentication and Trust Services), which was introduced by the EU Commission in 2014 to provide a predictable regulatory environment for secure and seamless electronic interactions in the European Single Market.

eIDAS Compliance

During the past five years, the eIDAS regulation has been widely adopted by the EU member states, and several eIDAS-compliant services and schemes have been rolled out across the European continent. However, what continues to trouble eIDAS Qualified Trust Service Providers is how to ensure that users are securely authenticated to their service, so that they get sole control over the remote signature creation.

In order to address this challenge, Yubico has designed a solution whereby FIDO2 can be used to secure access to a remote signing service and give users sole control over the signature creation process.

Using a YubiKey, FIDO authentication is used for unlocking the signing key and certificate at the service provider.

In addition to securing remote signing solutions, the YubiKey can also be used for national electronic ID-card projects and eIDAS-compliant eID schemes, such as the National Digitalisation Programme at the Faroe Islands. Digital identity is one of four major pillars in the new digital infrastructure and will be launched in 2020.

eIDAS High Level Assurance

Yubico is partnering with Nexus to deliver the eID solution, which enables all Faroese citizens, above the age of 15, to securely and easily access government and banking services with a YubiKey 5 Series device. The resulting eID scheme will be classified as eIDAS assurance level ‘high’, which allows it to be recognized across all European online services.  eIDAS assurance levels can be classified under low, medium, and high, with high providing the highest degree of confidence and credibility.

“One of the reasons we chose Yubico’s YubiKey, is the fact that it is supported on almost all major mobile and desktop platforms and embraced by top internet players, including browser suppliers. In the near term, we see it as an added benefit to our citizens to offer an eID while at the same time offering an easy way to secure their online presence,“ said Janus Læarsson, Chief IT Architect, Talgildu Føroya.

The next generation of the National Digitalisation Programme at the Faroe Islands will support  FIDO2, the emerging open standard for web authentication. Which will allow the YubiKey to be accredited as an eID card and further establish the YubiKey is eIDAS-compliant. 

Yubico is very active in projects, standardization and cutting-edge technology that are related to eIDAS and national eID projects in Europe. Sign up for our newsletter to stay tuned for more exciting news announced during 2020.

Talk to our teamTalk to our team

Share this article:


  • Yubico LogoYubico liefert PIN-Verbesserungen mit dem neuen YubiKey 5 – Verbesserte PIN-SchlüsselUm sich auf die sich ständig weiterentwickelnden Cyber-Bedrohungen vorzubereiten, passen Regierungen weltweit die Authentifizierungsanforderungen für Online-Dienste an und aktualisieren sie, was direkte Auswirkungen auf viele Unternehmen und deren Mitarbeiter hat. Zwar gibt es derzeit keine universelle Regelung für eine robustere Multi-Faktor-Authentifizierung (MFA), doch wird deren Notwendigkeit in einer Reihe von Anforderungen hervorgehoben, darunter PSD2, DSGVO […]Read moreYubiKey
  • Yubico delivers PIN advancements with new YubiKey 5 – Enhanced PIN keysTo prepare for continuously evolving cyber threats, governments around the world are adapting and updating authentication requirements for online services which directly impact thousands of organizations and their employees. While there’s currently no universal regulation for more robust multi-factor authentication (MFA), the need is highlighted across a range of requirements including PSD2, GDPR, and the […]Read moreCompany NewsProduct NewsYubiKeyYubiKey 5 – Enhanced PINYubiKey 5 SeriesYubiKey as a Service
  • An inside look at Yubico’s transition to passwordlessBefore “passkey” became a familiar term in our industry, Yubico had long delivered hardware-backed and phishing-resistant FIDO2 based authentication. Today, the adoption of passkey usage is accelerating. However, it’s taken quite a bit longer to integrate passwordless authentication into the everyday, enterprise-grade authentication flows that are required for today’s businesses.  As long as it’s been […]Read moreOktapasswordless
  • Mission matters – my reflections on winning the EY World Entrepreneur of the Year “This is the biggest mission any of the entrepreneurs have presented in this competition.”  I heard these words a few weeks ago from one of the judges for the EY World Entrepreneur of the Year award program – whom I had the honor to meet during the final step of the world’s largest entrepreneur competition.  […]Read moreawardsFounderStina Ehrensvard