• Phishing-resistant MFA and passwordless for Financial Services

    Secure employees and customers, and drive compliance
    Home » Industries » Protecting financial organizations from cyber security threats

     The YubiKey: Modern security and exceptional UX

    Legacy mobile-based authenticators such as SMS, OTP and push notification apps are common across the financial services sector, but these are highly susceptible to modern cyber threats such as phishing attacks, account takeovers SIM swaps and attacker-in-the-middle attacks.
    Yubico offers the YubiKey—a phishing-resistant hardware security key for modern and simple multi-factor and passwordless authentication, to ensure secure user access, protect critical customer data, and drive regulatory compliance.

    YubiKeys are highly suitable for organizations across the financial sector such as banking, fintech, insurance, payment services and others to secure office workers, remote employees, call centers, shared workstations and devices, and even for securing customer-facing digital services.

    “MFA is critical, but not all MFA methods are created equal. Twitter used application-based MFA, which sent a request for authentication to an employee’s smart phone. This is a common form of MFA, but it can be circumvented. During the Twitter Hack, the Hackers got past MFA by convincing the Twitter employees to authenticate the application-based MFA during the login. The most secure form of MFA is a physical security key, or hardware MFA, involving a USB key that is plugged into a computer to authenticate users. This type of hardware MFA would have stopped the Hackers, and Twitter is now implementing it in place of application-based MFA”.
    New York Department of Financial Services, Twitter Investigation Report,October 2020


    Securing financial services with phishing resistant-MFA

    Learn why mobile-based authenticators are putting your organization at risk of being hacked, and how to successfully defeat modern cyber threats using the YubiKey for phishing-resistant multi-factor and passwordless authentication.


    Accelerating financial services from legacy MFA to modern passkey authentication

    Learn the pros and cons of different types of passkey approaches financial services institutions should consider in their move away from legacy authentication.

    Prevent cybercrime and fraud with phishing-resistant MFA

    Yubico helps financial services organizations minimize cyber risk by providing phishing-resistant MFA and passwordless authentication for critical business and customer data. By offering differentiated security and the best user experience, financial service organizations can drive high security, employee satisfaction, and new customer growth.

    Benefits of the phishing-resistant YubiKey

    Secure user access and drive regulatory compliance

    The YubiKey provides phishing-resistant multi-factor and passwordless authentication ensuring highest-assurance security across all financial services use cases. Whether it’s securing high-risk transactions or securing access for office workers, remote employees, privileged users, call center workers, and tellers and other retail banking employees that use shared workstations and devices, the YubiKey has you covered. YubiKeys help you drive compliance to existing and emerging regulations including SOX, PSD2, PCI DSS 4.0, FIPS, and GDPR, and offer a bridge to modern passwordless without a rip and replace of existing infrastructures. A single YubiKey works across multiple devices including desktops, laptops, mobile, tablets, and notebooks, helping you deploy phishing-resistant MFA at scale.YubiKeys are also easily re-programmed, making them suitable for rotating-shift and temporary workers.

    Improve efficiency and enhance user experience

    Not all forms of multi-factor authentication (MFA) offer an optimal balance of strong security with a fast and easy user experience. Mobile authenticators typically increase the number of steps in the authentication process, requiring users to wait for SMS, OTP or push app codes, and are reliant on wifi or cellular network connectivity.
    The YubiKey offers strong MFA and passwordless authentication with just one touch or tap of the YubiKey, and is 4 times faster than typing in an OTP, ensuring that your quick and easy access to services for both employees and end customers.

    YubiKeys do not require a battery or network connectivity, and YubiKeys with NFC capability are highly suitable for shared workstation environments such as call centers and retail banking kiosks that may have USB port restrictions.

    Reduce IT support costs and drive high ROI

    The combination of frictionless user experience, data breach prevention, mobile device and service cost savings, and the YubiKeys versatility with multi-protocol support results in high ROI for any shared workstation environment. 

    YubiKeys also enable self-service password resets, eliminating IT support costs related to help desk password-reset requests. 

    In addition to reducing risk by 99.9%, the YubiKey has been shown to drive a 203% 3-year ROI and a drop in password-related help desk tickets by 75%.

    Read more
    Protect digital customer accounts

    Global regulations are evolving to demand higher security to protect digital consumer accounts. PCI DSS v4.0 references the NIST SP 800-63 update on phishing-resistant MFA with guidelines that all MFA processes using shared secrets are vulnerable to phishing attacks. In the U.S. CFPB Circular 2022-04 states that inadequate security for sensitive consumer information collected, processed, maintained, or stored by the company can constitute an unfair practice in violation. 

    Differentiated security can help you drive new customer acquisition and high customer retention. Show customers that you value their security and privacy by offering modern and simple authentication using phishing-resistant hardware security keys such as the YubiKey, to protect customer accounts against phishing and account takeovers.


    Best practices to get started with phishing-resistant MFA at scale

    Learn the six deployment best practices that can help your organization accelerate adoption of modern, phishing-resistant MFA at scale using the YubiKey.

    TEI Forrester report

    Risk reduction, business growth, and efficiency enabled by YubiKeys

    A recent Forrester Consulting Total Economic Impact™ (TEI) study commissioned by Yubico found that a composite organization representative of interviewed customers who use YubiKeys reduced risk of successful phishing and credential theft attacks by 99.9%, saw a drop in password-related helpdesk tickets by 75%, and experienced a 203% 3-year ROI with YubiKeys.

    BUT…. all organizations are different. Enter your own company data to create a custom Dynamic TEI study and instantly see how Yubico’s solutions can help your organization!