YubiKey, U2F Tracking Bluetooth Maturity

At Yubico, we have been experimenting and innovating for a long time with additional YubiKey interface options, like Bluetooth Classic and Bluetooth Smart. Once the Bluetooth work stream was formed within FIDO U2F, we were active in completing the specification. We have passed the FIDO U2F BLE interoperability tests, and are happy to report that this week FIDO awarded us our BLE certification.

However, Bluetooth comprises several practical challenges that make it tough to incorporate the product design, security lineage and user experience one would expect from a YubiKey. We have tested a few different designs with user groups and are now proud to deploy the latest version of YubiKey BLE into initial pilot projects.

Although we’re both proud and excited about this new wireless solution, we do want to share some of the practicalities we will continue to improve on, both for our own product and within the scope of the FIDO Alliance.

  • Pairing process. Bluetooth pairing is the most critical function from a user experience point of view. Although it is perfectly understandable from an engineering perspective, the pairing can be highly confusing for the user. Whereas USB and NFC devices are “connect by intent” by their very nature, Bluetooth devices can have up to 30 meters of range. Since this is a security product, as a user you want to be certain you are communicating with the correct endpoint.
  • Device and operating system compatibility issues. Bluetooth has evolved over a long period of time, and early versions of iOS and many Android flavors today still have aging BLE implementations with user interface issues. While support in audio and peripherals is common, mobile devices and operating systems embedding Bluetooth have been slow to support security-centric protocols and devices. U2F Bluetooth devices rely on the most recent version of the standard, known as Bluetooth Low Energy, a.k.a. BLE, but there are still major platforms that have either inadequate or limited support. Over time this issue goes away, but today it is at the heart of some design and implementation challenges.
  • Battery life. Bluetooth devices require batteries; YubiKeys do not. This is a signature trait of our products and allows for a practically unlimited lifetime and shelf life. The Bluetooth battery requirement provides a number of design challenges around usability and regulatory issues, such as product safety, environmental concerns, disposal, and logistics.
  • Radio regulatory issues. Although Bluetooth works in an open radio spectrum, devices that emit radio frequency do have to pass certain certifications. This is a complex procedure and is unfortunately tied to geographic regions.

In summary, we are selectively releasing the YubiKey BLE into specific pilots. As platform support matures during the second half of 2017, we will increase the pace of our Bluetooth certifications. Stay tuned and once the entire ecosystem is ready for prime-time, we are too.

Talk to our teamTalk to our team

Share this article:


  • CEO Corner: Maintaining stable growth while navigating global uncertaintyAs we officially close out the first quarter of 2025,  I am pleased we saw a quarter with solid growth and profitability along with ongoing demand for phishing-resistant authentication. We continue to see new types of high-profile cyber attacks appearing regularly, and a major reason for the success of phishing attacks is stolen credentials. As […]Read moreCEOCEO CornerEarningsMattias Danielsson
  • Introducing the Yubico Academy: Enabling partners for a phishing-resistant futureAt Yubico, strong partnerships are fundamental to a more secure digital world. Our commitment goes beyond providing leading security keys; it’s about actively fostering the growth of our valued partners through impactful enablement programs. A cornerstone is the Yubico Academy, featuring our comprehensive certification program.  This program enables our partners’ teams to become Yubico experts, […]Read more
  • AI is booming — but proving you’re human matters more than everIf you walked the show floor at the RSA Conference this year, you probably noticed the same thing I did: Artificial Intelligence (AI) is everywhere. Agentic AI. AI in threat detection. AI in firewalls. AI in identity management. AI-generated demos. AI everything. The energy around AI was undeniable, and we’re seeing real innovation, efficiency gains […]Read moreAIArtificial IntelligencephishingRSAC
  • Ditching passwords for good: Celebrating the inaugural World Passkey DayHave you ever been stuck in a relationship with someone who constantly lets you down, exposes your secrets, and leaves you vulnerable? Odds are you cut your losses, packed up your things and moved on. Today is the day to do the same with your passwords: say goodbye forever! The reality is a majority of […]Read morepasskeyspasswordlessWorld Passkey Day