Protect against cyber threats in retail and hospitality
Prevent account takeovers, secure shared devices, and protect sensitive data across your supply chain
Strong security while enhancing customer experience
The high availability of sensitive data makes retail and hospitality organizations a lucrative target for cyberattacks. In order to protect against cyberattacks strong multi-factor authentication (MFA) is needed, however not all forms are created equal in terms of security nor in the user experience they provide–which is critical for these industries that are consumer and customer-facing. The YubiKey provides phishing-resistant two-factor, multi-factor, and passwordless authentication, helping retail and hospitality organizations stop phishing attacks, ransomware, and account takeovers, all while protecting sensitive customer and financial data, and driving regulatory compliance.
Protecting against modern cyber threats in retail and hospitality
Learn how modernizing authentication can secure shared devices, protect sensitive data, and prevent account takeovers while enhancing customer experience.
“We are taking great strides in protecting the safety of our guests and colleagues by requiring phishing-resistant MFA methods for all applications that can expose both PII and Card Holder data. We also believe that having Guest Services colleagues looking down at their phone to complete an MFA response or approval does not portray the message we want, to someone walking past the front desk. It lends itself to the perception the colleague is engaged in their cell phone for social media or other personal activity.
Using a YubiKey not only provides a more seamless experience for the colleague while keeping our data safe, but also allows those colleagues to keep their cell phones stored away while performing guest-facing roles.”
Secure access to critical systems, applications and data for in-person, hybrid or remote employees
With critical systems and payment card information (PCI) and employee and customer Personal Identifiable Information (PII) located across on-premises and the cloud, you need a simple yet effective way to ensure your applications, data, and critical systems are protected against unauthorized access. Whether it’s office workers, remote employees, contractors, or privileged users such as IT admins, strong authentication is the need of the hour, especially given a sharp increase in cybercrime.
YubiKeys offer highest-assurance MFA and ensure that only authorized users have access to PII data and critical systems, such as O365. YubiKeys integrate seamlessly with existing IAM solutions such as Microsoft, Okta, Duo, and Ping, and provide secure authentication for hundreds of applications and services eliminating any rip or replace of existing solutions and sets you up well to eventually move to passwordless authentication—authentication that does not require the user to provide a password at login at all.
Modernize security for POS terminals, shared workstations/devices, and RFID readers
Securing point-of-sale (POS) terminals, shared workstations/devices, and RFID readers with legacy username and password authentication puts you at risk of a cyber breach. Passwords also don’t offer the best user experience, and they increase IT help desk costs related to password resets.
With the YubiKey you can secure access to POS terminals, shared workstations/devices, and RFID readers with highest-assurance MFA and passwordless authentication, and deliver a convenient user experience—even for remote access. YubiKeys are also easily re-programmed, making them suitable for seasonal and temporary workers, and they ensure self-service password resets, drastically reducing IT help desk costs.
Drive compliance to industry regulations and authentication standards
Securing sensitive data and strengthening cybersecurity across retail and hospitality has never been more critical. Industry Regulations such as The Payment Card Industry Data Security Standard (PCI DSS) v4.0 requires the use of strong MFA for all accounts that have access to cardholder data. Strong customer authentication is also a key provision of the Payment Services Directive (PSD) 2, a process that seeks to make online payments more secure by reducing fraud.
YubiKeys enable strong verification of users keeping organizations compliant with existing and emerging regulations such as PCI DSS, EU Payment Services Directive 2 (PSD2), GDPR, and more. YubiKeys are also FIDO2/WebAuthn compliant streamlining workflows and increasing productivity.
Protect your entire supply chain and eliminate vulnerability gaps
Global business and inventory supply chain networks can result in expansive attack surfaces. If even a single point in your supply chain is weak or unsecured, it can have devastating consequences. Mandating strong MFA from your vendors minimizes your cyber risk, liability, and damage to your brand reputation.
The YubiKey offers secure, convenient, and scalable security making it easy for you and your supply chain vendors to deploy strong authentication. With YubiEnterprise Delivery from Yubico, it’s easy for your supply chain to get security keys directly into the hands of their users. Authentication of users is vital along the supply chain, but so is authentication between systems and machines, which is provided by the world’s smallest hardware security module (HSM), the YubiHSM 2.
Provide strong security for customer accounts and loyalty programs
Most online customer accounts and loyalty programs today still use legacy username and password based authentication which doesn’t keep your customers safe against phishing attacks and account takeovers.
Drive competitive differentiation by showing your customers you care about the safety and privacy of their sensitive information. By offering strong 2FA or MFA using hardware security keys for your customers’ online and mobile accounts, your customers get peace of mind that their accounts are protected against account takeovers
Case in point:
Retail Control Systems (RCS) chooses YubiKey
Situation
- RCS sought a robust, convenient, and manageable MFA solution for use internally, and integrated with RCS software portfolio to protect their customer’s access to sensitive data
- Needed PCI DSS compliant authentication, while ensuring no bottlenecks for their desired customer experience
The YubiKey Solution
- YubiKeys coupled with Cisco’s Duo Security provided an easily understood, implemented, and managed solution for RCS and their client’s growth and needs.
- With the YubiKey, RCS is able to offer their clients a PCI DSS compliant environment
Result
- Convenient and secure MFA managed across 2500+ identities, and powering over 11,000 authentications every day
- Low support costs due to simplicity of the platform
“Whether it’s an attack on your online store or your credit card processing system, a data breach could leave you with massive tech bills and thousands of frustrated customers.”
Risk reduction, business growth, and efficiency enabled by YubiKeys
Read the Forrester Consulting study commissioned by Yubico and see how a composite organization reduced risk by 99.9%, saw a drop in password-related helpdesk tickets by 75%, and experienced a 203% 3-year ROI with YubiKeys.
YubiEnterprise Subscription: peace of mind and flexibility for less than a cup of coffee per user/month
YubiEnterprise Subscription simplifies purchase and support while also providing financial benefits. Estimate your potential savings as compared to one-time perpetual purchasing model
Get started
Find the right YubiKey
Contact our sales team for a personalized assessment of your company’s needs.
