• Contact Sales
  • Resellers
  • Support
Yubico Header Text LogoYubico Header Text Logo
Why Yubicoexpand_more
Why Yubico
  • Enterprises
  • SMBs
  • Individuals
  • Developers
  • Careers
  • Partner programs
  • Affiliate program
  • Contact Sales
  • Events
  • Press room
  • Yubico Blog
  • Yubico Executive Connect
  • About us
  • The team
  • Innovation history
  • Secure it Forward
Easy-to-use, secure authentication

With YubiKey there’s no tradeoff between great security and usability

Why YubiKey
  • MFA
  • retail
  • shared workstation
Proven at scale at Google

Google defends against account takeovers and reduces IT costs

Google Case Study
  • MFA
  • retail
  • shared workstation
Protecting vulnerable organizations

Secure it Forward: One YubiKey donated for every 20 sold

Learn about Secure it Forward
  • MFA
  • retail
  • shared workstation
Productsexpand_more
All products
  • YubiKey 5 Series
  • YubiKey 5 FIPS Series
  • YubiKey Bio Series
  • Security Key Series
  • YubiKey 5 CSPN Series
  • YubiHSM 2 & YubiHSM 2 FIPS
  • YubiEnterprise Subscription
  • YubiEnterprise Delivery
  • Yubico Authenticator
  • Computer login tools
  • Software Development Toolkits
  • YubiCloud
  • Using YubiKey is easy
  • Find the right YubiKey
  • Works with YubiKey
  • Compare YubiKeys
One key for hundreds of apps and services

YubiKey works out-of-the-box and has no client software or battery

Yubico protects you
  • MFA
  • retail
  • shared workstation
See YubiKeys as a Service
YubiEnterprise Subscription delivers scale and savings

Gain a future-proofed solution and faster MFA rollouts

See YubiKeys as a Service
  • MFA
  • retail
  • shared workstation
Solutionsexpand_more
Solutions overview
  • Zero Trust
  • Executive Order OMB M-22-09
  • Phishing-resistant MFA
  • Passwordless
  • Compliance
  • Cyber Insurance
  • Secure supply chain
  • Hybrid & remote workers
  • Secure privileged users
  • Mobile restricted environments
  • Call centers
  • Shared workstations
  • Microsoft ecosystem
  • Salesforce workspace
  • IAM solutions
  • AWS environment
The Bridge to Passwordless

Begin the journey to make your organization passwordless

Get the white paper
  • MFA
  • retail
  • shared workstation
Accelerate your Zero Trust Strategy

7 best strong authentication practices to jumpstart your Zero Trust program

Get the white paper
  • MFA
  • retail
  • shared workstation
Federal cybersecurity requirements

See guidance for CIOs and leaders to prepare for the modern cyber threat era

See Gartner® Report
  • MFA
  • retail
  • shared workstation
Industriesexpand_more
Industries overview
  • High tech
  • Federal government
  • State & local government
  • Education
  • Financial services
  • Manufacturing
  • Energy & natural resources
  • Retail & hospitality
  • Telecommunications
  • Healthcare
  • Pharmaceuticals
  • Cryptocurrency
  • Elections & campaigns
Manufacturing and supply chain security

Authentication best practices for manufacturing using highest-assurance security

Get the white paper
  • MFA
  • retail
  • shared workstation
Phishing-resistant MFA: Fact vs. Fiction

Meet requirements for phishing-resistant MFA in OMB M-22-09 guidelines

Get the white paper
  • MFA
  • retail
  • shared workstation
Secure energy and natural resources from cyber threats

Best practices for phishing-resistant MFA to safeguard your critical infrastructure

Get the white paper
  • MFA
  • retail
  • shared workstation
Resourcesexpand_more
All resources
  • Yubico Blog
  • Cybersecurity glossary
  • Authentication standards
  • Resource library
  • Developer program
  • Product briefs
  • Solution briefs
  • Case studies
  • Get a pilot started
  • White papers and reports
  • Webinars
BeyondTrust: secured with a subscription

A leader in Privileged Access Management simplifies YubiKey deployment

How they optimized ROI
  • MFA
  • retail
  • shared workstation
S&P Global Market Intelligence report: old habits die hard

Only 46% of respondents protect their applications with MFA. How about you?

Read the report
  • MFA
  • retail
  • shared workstation
Secure shared workstations against cyber threats

Shared workstations can be secured with phishing-resistant MFA

Get the white paper
  • MFA
  • retail
  • shared workstation
Supportexpand_more
Support home
  • Find the right YubiKey
  • Set up your YubiKey
  • Downloads
  • Product documentation
  • Support articles
  • Support Services
  • Professional Services
  • YubiEnterprise Subscription
  • Works with YubiKey Program
  • Buying and shipping information
  • Security advisories
  • Help center
How to set up your YubiKey

Follow our guided tutorials to start protecting your favorite services

Set up your YubiKey
  • MFA
  • retail
  • shared workstation
Find the best YubiKey for your needs

Take the guided quiz and see which YubiKey best fits your or your businesses needs

Take the quiz
  • MFA
  • retail
  • shared workstation
Accelerate your YubiKey deployment

Technical and operational guidance for your YubiKey implementation and rollout

Professional Services
  • MFA
  • retail
  • shared workstation
SubscribeStore
  • Home » Industries » Protect against cyber threats in retail and hospitality

    Protect against cyber threats in retail and hospitality

    Prevent account takeovers, secure shared devices, and protect sensitive data across your supply chain

    Read the solution brief

    Strong security while enhancing customer experience 

    The high availability of sensitive data makes retail and hospitality organizations a lucrative target for cyberattacks. In order to protect against cyberattacks strong multi-factor authentication (MFA) is needed, however not all forms are created equal in terms of security nor in the user experience they provide–which is critical for these industries that are consumer and customer-facing. The YubiKey provides phishing-resistant two-factor, multi-factor, and passwordless authentication, helping retail and hospitality organizations stop phishing attacks, ransomware, and account takeovers, all while protecting sensitive customer and financial data, and driving regulatory compliance.

    Protecting against modern cyber threats in retail and hospitality

    Learn how modernizing authentication can secure shared devices, protect sensitive data, and prevent account takeovers while enhancing customer experience.

    Read now
    retail and hospitality wp

    Customer Spotlight:

    Hyatt Hotels is going passwordless

    Modern phishing-resistant MFA eliminates authentication fatigue for colleagues, while also creating improved guest experiences. YubiKeys work seamlessly with Hyatt’s existing Microsoft’s environment creating elevated security for employees and guest data.


    “We are taking great strides in protecting the safety of our guests and colleagues by requiring phishing-resistant MFA methods for all applications that can expose both PII and Card Holder data. We also believe that having Guest Services colleagues looking down at their phone to complete an MFA response or approval does not portray the message we want, to someone walking past the front desk. It  lends itself to the perception the colleague is engaged in their cell phone for social media or other personal activity. 

    Using a YubiKey not only provides a more seamless experience for the colleague while keeping our data safe, but also allows those colleagues to keep their cell phones stored away while performing guest-facing roles.”
    Art ChernobrovHyatt Hotels Corporation,
    Director of Identity, Access, and Endpoints

    checking in at hotel
    Secure access to critical systems, applications and data for in-person, hybrid or remote employees 

    With critical systems and payment card information (PCI) and employee and customer Personal Identifiable Information (PII) located across on-premises and the cloud, you need a simple yet effective way to ensure your applications, data, and critical systems are protected against unauthorized access. Whether it’s office workers, remote employees, contractors, or privileged users such as IT admins, strong authentication is the need of the hour, especially given a sharp increase in cybercrime.

    YubiKeys offer highest-assurance MFA and ensure that only authorized users have access to PII data and critical systems, such as O365. YubiKeys integrate seamlessly with existing IAM solutions such as Microsoft, Okta, Duo, and Ping, and provide secure authentication for hundreds of applications and services eliminating any rip or replace of existing solutions and sets you up well to eventually move to passwordless authentication—authentication that does not require the user to provide a password at login at all.

    Modernize security for POS terminals, shared workstations/devices, and RFID readers 

    Securing point-of-sale (POS) terminals, shared workstations/devices, and RFID readers with legacy username and password authentication puts you at risk of a cyber breach. Passwords also don’t offer the best user experience, and they increase IT help desk costs related to password resets.

    With the YubiKey you can secure access to POS terminals, shared workstations/devices, and RFID readers with highest-assurance MFA and passwordless authentication, and deliver a convenient user experience—even for remote access. YubiKeys are also easily re-programmed, making them suitable for seasonal and temporary workers, and they ensure self-service password resets, drastically reducing IT help desk costs.

    Drive compliance to industry regulations and authentication standards 

    Securing sensitive data and strengthening cybersecurity across retail and hospitality has never been more critical. Industry Regulations such as The Payment Card Industry Data Security Standard (PCI DSS) v4.0 requires the use of strong MFA for all accounts that have access to cardholder data. Further retailers and hoteliers should pay attention to Requirement 12 of PCI DSS v4.0 which details the need for an information security policy and programs. Strong customer authentication is also a key provision of the Payment Services Directive (PSD) 2, a process that seeks to make online payments more secure by reducing fraud.

    YubiKeys enable strong verification of users keeping organizations compliant with existing and emerging regulations such as PCI DSS, EU Payment Services Directive 2 (PSD2), GDPR, and more. YubiKeys are also FIDO2/WebAuthn compliant streamlining workflows and increasing productivity.


    To learn more, read the ebook Securing your critical assets in an ever changing regulatory environment.

    Protect your entire supply chain and eliminate vulnerability gaps

    Global business and inventory supply chain networks can result in expansive attack surfaces. If even a single point in your supply chain is weak or unsecured, it can have devastating consequences.  Mandating strong MFA from your vendors minimizes your cyber risk, liability, and damage to your brand reputation.

    The YubiKey offers secure, convenient, and scalable security making it easy for you and your supply chain vendors to deploy strong authentication. With YubiEnterprise Delivery from Yubico, it’s easy for your supply chain to get security keys directly into the hands of their users. Authentication of users is vital along the supply chain, but so is authentication between systems and machines, which is provided by the world’s smallest hardware security module (HSM), the YubiHSM 2.

    Provide strong security for customer accounts and loyalty programs

    Most online customer accounts and loyalty programs today still use legacy username and password based authentication which doesn’t keep your customers safe against phishing attacks and account takeovers.

    Drive competitive differentiation by showing your customers you care about the safety and privacy of their sensitive information. By offering strong 2FA or MFA using hardware security keys for your customers’ online and mobile accounts, your customers get peace of mind that their accounts are protected against account takeovers.


    YubiKeys as a Service enable faster and wider rollouts of modern MFA in 2023

    Watch this webinar to learn about how to procure YubiKeys as a Service with the new and expanded YubiEnterprise Subscription offering for greater business agility and predictability.

    Watch now >

    Case in point:


    Retail Control Systems (RCS) chooses YubiKey

    Situation

    • RCS sought a robust, convenient, and manageable MFA solution for use internally, and integrated with RCS software portfolio to protect their customer’s access to sensitive data
    • Needed PCI DSS compliant authentication, while ensuring no bottlenecks for their desired customer experience

    The YubiKey Solution

    • YubiKeys coupled with Cisco’s Duo Security provided an easily understood, implemented, and managed solution for RCS and their client’s growth and needs.
    • With the YubiKey, RCS is able to offer their clients a PCI DSS compliant environment

    Result

    • Convenient and secure MFA managed across 2500+ identities, and powering over 11,000 authentications every day
    • Low support costs due to simplicity of the platform
    Read the full case study
    “Whether it’s an attack on your online store or your credit card processing system, a data breach could leave you with massive tech bills and thousands of frustrated customers.”
    insureon logo
    InsureonRetail Business Insurance Provider
    Top 5 Risks for Stores and Retail Businesses


    Risk reduction, business growth, and efficiency enabled by YubiKeys

    A recent Forrester Consulting Total Economic Impact™ (TEI) study commissioned by Yubico found that a composite organization representative of interviewed customers who use YubiKeys reduced risk of successful phishing and credential theft attacks by 99.9%, saw a drop in password-related helpdesk tickets by 75%, and experienced a 203% 3-year ROI with YubiKeys.

    BUT…. all organizations are different. Enter your own company data to create a custom Dynamic TEI study and instantly see how Yubico’s solutions can help your organization!

    Create my custom study
    TEI Forrester report

    YubiEnterprise Subscription: peace of mind and flexibility for less than a cup of coffee per user/month

    YubiEnterprise Subscription simplifies purchase and support while also providing financial benefits. Estimate your potential savings as compared to one-time perpetual purchasing model


    array of logos

    Get started

    YubiKey 5 series
    Find the right YubiKey

    Contact our sales team for a personalized assessment of your company’s needs.

    Contact sales
    YubiKey in an ice cream cone
    Get protected today

    Browse our online store today and buy the right YubiKey for you.

    Buy now
Yubico Text LogoYubico Text Logo
  • RSS
  • Twitter
  • LinkedIn
  • Facebook
  • Instagram
  • YouTube
  • GitHub
  • Product finder quiz
  • Find set-up guides
  • Buy online
  • Contact sales
  • Get Yubico updates
  • Careers
  • Events
  • Press room
  • About us
  • Partner programs
  • Affiliate program
  • YubiKey 5 Series
  • YubiKey 5 FIPS Series
  • YubiKey Bio Series
  • Security Key Series
  • YubiKey 5 CSPN Series
  • YubiHSM 2 & YubiHSM 2 FIPS
  • Yubico Authenticator
  • Zero Trust
  • Phishing-resistant MFA
  • Passwordless
  • Cyber insurance
  • More solutions
  • Industries overview
  • Yubico blog
  • Resource library
  • Cybersecurity glossary
  • Authentication standards
  • Developer program
  • Works with YubiKey
  • Help center
  • Downloads
  • Product documentation
  • Support Services
  • Professional Services
  • Professional Services
  • Contact support
Yubico © 2023 All Rights Reserved.
  • Sitemap
  • Cookies
  • Legal
  • Privacy
  • Patents
  • Terms of use
  • Trust
We use cookies to ensure that you get the best experience on our site and to present relevant content and advertising. By browsing this site without restricting the use of cookies, you consent to our and third party use of cookies as set out in our Cookie Notice.

PreferencesAccept all
Yubico Privacy and Cookies Policy

Privacy Overview

Yubico.com uses cookies to improve your experience while navigating through the website. When you visit any website, it may store or retrieve information on your browser, mostly in the form of cookies. This information might be about you, your preferences or your device and is mostly used to make the site work as you expect it to. The information does not usually identify you, but it can give you a more personalized web experience.

Because we respect your right to privacy, you can choose not to allow some types of cookies.

Click on the different category headings to find out more and change our default settings.

Blocking some types of cookies may impact your experience on our site and the services we are able to offer.
Strictly necessary cookies
Always Enabled

These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information.

Functional cookies

These cookies enable the website to provide enhanced functionality and personalization. They may set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly.

Performance cookies

These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance.

Targeting cookies

These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Uncategorized

Undefined cookies are those that are being analyzed and have not been classified into a category as yet.

Matomo Anonymized Tracking
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
CookieDurationDescription
_hjIncludedInSessionSample_8352762 minutesDescription is currently not available.
_hjSession_83527630 minutesDescription is currently not available.
_hjSessionUser_8352761 yearDescription is currently not available.
_schn13 minutesDescription is currently not available.
_scid_r1 year 1 monthDescription is currently not available.
_vis_opt_exp_186_combi3 months 8 daysDescription is currently not available.
_vis_opt_exp_186_combi_choose3 months 8 daysDescription is currently not available.
_vis_opt_exp_187_combi3 months 8 daysDescription is currently not available.
_vis_opt_exp_187_combi_choose3 months 8 daysDescription is currently not available.
_vis_opt_exp_188_combi3 months 8 daysDescription is currently not available.
_vis_opt_exp_188_combi_choose3 months 8 daysDescription is currently not available.
cookielawinfo-checkbox-matomo1 yearDescription is currently not available.
loglevelneverNo description available.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
CookieDurationDescription
_ga_*1 year 1 month 4 daysGoogle Analytics sets this cookie to store and count page views.
_gat_UA-*1 minuteGoogle Analytics sets this cookie for user behaviour tracking.
_hjFirstSeen30 minutesHotjar sets this cookie to identify a new user’s first session. It stores the true/false value, indicating whether it was the first time Hotjar saw this user.
_hjRecordingEnabledneverHotjar sets this cookie when a Recording starts and is read when the recording module is initialized, to see if the user is already in a recording in a particular session.
_hjRecordingLastActivityneverHotjar sets this cookie when a user recording starts and when data is sent through the WebSocket.
ln_or1 dayLinkedin sets this cookie to registers statistical data on users' behaviour on the website for internal analytics.
Save & Accept