YubiKey protects nations: eIDAS and eID projects in Europe

December 11, 2019 3 minute read

Security has been moving to the forefront of government regulations — and rightfully so. From DFARS to FIPS, PSD2, GDPR, and eIDAS, nations and service providers are being forced to address user security and privacy with a more mindful approach. For years, Yubico has helped organizations like GOV.UK deliver secure authentication options and meet regulatory compliance requirements, and today, we’re seeing this work expand.

Several Europen countries are now in the process of deploying modern web authentication, including YubiKeys, for their citizens. This comes in large part due Yubico’s recent work around the eIDAS regulation (Electronic Identification, Authentication and Trust Services), which was introduced by the EU Commission in 2014 to provide a predictable regulatory environment for secure and seamless electronic interactions in the European Single Market.

eIDAS Compliance

During the past five years, the eIDAS regulation has been widely adopted by the EU member states, and several eIDAS-compliant services and schemes have been rolled out across the European continent. However, what continues to trouble eIDAS Qualified Trust Service Providers is how to ensure that users are securely authenticated to their service, so that they get sole control over the remote signature creation.

In order to address this challenge, Yubico has designed a solution whereby FIDO2 can be used to secure access to a remote signing service and give users sole control over the signature creation process.

Using a YubiKey, FIDO authentication is used for unlocking the signing key and certificate at the service provider.

In addition to securing remote signing solutions, the YubiKey can also be used for national electronic ID-card projects and eIDAS-compliant eID schemes, such as the National Digitalisation Programme at the Faroe Islands. Digital identity is one of four major pillars in the new digital infrastructure and will be launched in 2020.

eIDAS High Level Assurance

Yubico is partnering with Nexus to deliver the eID solution, which enables all Faroese citizens, above the age of 15, to securely and easily access government and banking services with a YubiKey 5 Series device. The resulting eID scheme will be classified as eIDAS assurance level ‘high’, which allows it to be recognized across all European online services.  eIDAS assurance levels can be classified under low, medium, and high, with high providing the highest degree of confidence and credibility.

“One of the reasons we chose Yubico’s YubiKey, is the fact that it is supported on almost all major mobile and desktop platforms and embraced by top internet players, including browser suppliers. In the near term, we see it as an added benefit to our citizens to offer an eID while at the same time offering an easy way to secure their online presence,“ said Janus Læarsson, Chief IT Architect, Talgildu Føroya.

The next generation of the National Digitalisation Programme at the Faroe Islands will support  FIDO2, the emerging open standard for web authentication. Which will allow the YubiKey to be accredited as an eID card and further establish the YubiKey is eIDAS-compliant. 

Yubico is very active in projects, standardization and cutting-edge technology that are related to eIDAS and national eID projects in Europe. Sign up for our newsletter to stay tuned for more exciting news announced during 2020.

Share this article:

Recommended content

Top five pitfalls companies should avoid when rolling out a passwordless strategy

Given the number of breaches in the news today where passwords were at the root of the problem, many companies are now exploring the benefits of a secure passwordless future. Secure passwordless logins not only bring cost efficiencies and a more frictionless user login experience into the organization, but deliver the security that is necessary ...

Seven tips if you’re still scratching your head after reading Biden’s cybersecurity executive order

Yubico works with a lot of federal agencies and contractors, as well as with customers in regulated industries, so we understand the challenges new compliance regulations can bring. The executive order that was released May 12 can be seen as the federal government fully embracing the move toward multi-factor authentication (MFA) for use cases where ...

Entrust to add support for YubiKeys with PIV alternative and PIV derived credentials, advancing secure mobile and desktop authentication

Today marks an important day for expanding Yubico’s reach to support the growing requirement for Government agencies to issue government credentials beyond Personal Identity Verification (PIV) cards. We are celebrating that our partner Entrust will soon launch support for derived PIV credentials for YubiKeys. Customers will be able to take advantage of YubiKeys with derived ...

Yubico and ID.me provide remote identity proofing, YubiKey delivery, and strong authentication for NY Air National Guard (and see our joint presentation at Identiverse)

The pandemic has forced a digital transformation of how and where employees work at an accelerated rate, driving remote work scenarios for tens of thousands of state and federal personnel. These accelerated work scenarios require users to be strongly verified and authenticated. A strong binding between the remote identity proofing process and the authenticator is ...