• Contact Sales
  • Resellers
  • Support
Yubico Header Text LogoYubico Header Text Logo
Why Yubicoexpand_more
Why Yubico
  • Enterprises
  • SMBs
  • Individuals
  • Developers
  • Careers
  • Partner programs
  • Affiliate program
  • Contact Sales
  • Events
  • Press room
  • Yubico Blog
  • Yubico Executive Connect
  • About us
  • The team
  • Innovation history
  • Secure it Forward
Easy-to-use, secure authentication

With YubiKey there’s no tradeoff between great security and usability

Why YubiKey
  • about Yubico
  • manufacturing
Proven at scale at Google

Google defends against account takeovers and reduces IT costs

Google Case Study
  • about Yubico
  • manufacturing
Protecting vulnerable organizations

Secure it Forward: One YubiKey donated for every 20 sold

Learn about Secure it Forward
  • about Yubico
  • manufacturing
Productsexpand_more
All products
  • YubiKey 5 Series
  • YubiKey 5 FIPS Series
  • YubiKey Bio Series
  • Security Key Series
  • YubiKey 5 CSPN Series
  • YubiHSM 2 & YubiHSM 2 FIPS
  • YubiEnterprise Subscription
  • YubiEnterprise Delivery
  • Yubico Authenticator
  • Computer login tools
  • Software Development Toolkits
  • YubiCloud
  • Using YubiKey is easy
  • Find the right YubiKey
  • Works with YubiKey
  • Compare YubiKeys
One key for hundreds of apps and services

YubiKey works out-of-the-box and has no client software or battery

Yubico protects you
  • about Yubico
  • manufacturing
See YubiKeys as a Service
YubiEnterprise Subscription delivers scale and savings

Gain a future-proofed solution and faster MFA rollouts

See YubiKeys as a Service
  • about Yubico
  • manufacturing
Solutionsexpand_more
Solutions overview
  • Zero Trust
  • Executive Order OMB M-22-09
  • Phishing-resistant MFA
  • Passwordless
  • Compliance
  • Cyber Insurance
  • Secure supply chain
  • Hybrid & remote workers
  • Secure privileged users
  • Mobile restricted environments
  • Call centers
  • Shared workstations
  • Microsoft ecosystem
  • Salesforce workspace
  • IAM solutions
  • AWS environment
The Bridge to Passwordless

Begin the journey to make your organization passwordless

Get the white paper
  • about Yubico
  • manufacturing
Accelerate your Zero Trust Strategy

7 best strong authentication practices to jumpstart your Zero Trust program

Get the white paper
  • about Yubico
  • manufacturing
Federal cybersecurity requirements

See guidance for CIOs and leaders to prepare for the modern cyber threat era

Get the white paper
  • about Yubico
  • manufacturing
Industriesexpand_more
Industries overview
  • High tech
  • Federal government
  • State & local government
  • Education
  • Financial services
  • Manufacturing
  • Energy & natural resources
  • Retail & hospitality
  • Telecommunications
  • Healthcare
  • Pharmaceuticals
  • Cryptocurrency
  • Elections & campaigns
Manufacturing and supply chain security

Authentication best practices for manufacturing using highest-assurance security

Get the white paper
  • about Yubico
  • manufacturing
Phishing-resistant MFA: Fact vs. Fiction

Meet requirements for phishing-resistant MFA in OMB M-22-09 guidelines

Get the white paper
  • about Yubico
  • manufacturing
Secure energy and natural resources from cyber threats

Best practices for phishing-resistant MFA to safeguard your critical infrastructure

Get the white paper
  • about Yubico
  • manufacturing
Resourcesexpand_more
All resources
  • Yubico Blog
  • Cybersecurity glossary
  • Authentication standards
  • Resource library
  • Developer program
  • Product briefs
  • Solution briefs
  • Case studies
  • Get a pilot started
  • White papers and reports
  • Webinars
BeyondTrust: secured with a subscription

A leader in Privileged Access Management simplifies YubiKey deployment

How they optimized ROI
  • about Yubico
  • manufacturing
S&P Global Market Intelligence report: old habits die hard

Only 46% of respondents protect their applications with MFA. How about you?

Read the report
  • about Yubico
  • manufacturing
Secure shared workstations against cyber threats

Shared workstations can be secured with phishing-resistant MFA

Get the white paper
  • about Yubico
  • manufacturing
Supportexpand_more
Support home
  • Find the right YubiKey
  • Set up your YubiKey
  • Downloads
  • Product documentation
  • Support articles
  • Support Services
  • Professional Services
  • YubiEnterprise Subscription
  • Works with YubiKey Program
  • Buying and shipping information
  • Security advisories
  • Help center
How to set up your YubiKey

Follow our guided tutorials to start protecting your favorite services

Set up your YubiKey
  • about Yubico
  • manufacturing
Find the best YubiKey for your needs

Take the guided quiz and see which YubiKey best fits your or your businesses needs

Take the quiz
  • about Yubico
  • manufacturing
Accelerate your YubiKey deployment

Technical and operational guidance for your YubiKey implementation and rollout

Professional Services
  • about Yubico
  • manufacturing
SubscribeStore
  • Home » Products » Secure Manufacturing

    Secure Manufacturing

    Because security is never stronger than its weakest link, we have considered the full lifecycle of our products, from component sourcing, through manufacturing, to integration within a customer system, to ensure the highest levels of security.

    Made in Sweden & USA

    Yubico is a Swedish company that owns subsidiaries in the USA, UK and Germany. We strongly believe there are security and privacy benefits for our customers by manufacturing and programming our products in Sweden and the USA.

    To ensure that we are very close to all aspects of manufacturing, we have set up production where we are geographically based. That means we manufacture and finish our parts close to our two main offices in Sweden and the USA, where we can make continuous improvements while keeping a tight control over what’s made.

    Secrets Protected with Secure Elements

    Yubico products are built on state-of-the-art secure elements, used for the majority of smart card payment cards and passports, providing a high degree of resilience for secret information. The design of the YubiKey minimizes the attack surface, by moving storage of cryptographic keys and secure processing away from the computer and into an external dedicated hardware authentication device. In today’s highly complex systems, this is becoming increasingly important.

    Device Protections

    By using secure elements within the YubiKey, both the Yubico software and hardware is protected in a way that makes it very difficult to tamper with.

    We have invented a new and efficient way to manufacture the USB YubiKeys — in one solid and robust piece of plastic. We use a high degree of automation for electronics assembly to molding, testing, laser marking and packing of our products. Yubico products are available in tamper-evident blister packaging for YubiKey sales on Yubico store and Amazon.com.

    Yubico offers an online portal for users to test the authenticity of your YubiKey.

    Customer Controlled Secrets

    YubiKeys are delivered to our logistics centers as “stem cells”, with the means to prevent any modifications during transit and storage. The authentication and encryption features are programmed at the time of shipment to customers. Customer cryptographic secrets are not stored by Yubico, and customers may choose to use their own computers and equipment for programming.

    All YubiKeys sold on our web store can be programmed by customers using our free programming tools. Cryptographic keys cannot be read out from the device. 

    Yubico OTP Security

    For high-security applications, we recommend the use of our public key offerings, including FIDO2/WebAuthn, FIDO U2F, GPG, and PIV.

    For one-time password (OTP) applications,  the Yubico OTP supported in the YubiKey offers enhanced security compared to traditional OTP tokens. Because the YubiKey automatically enters the passcode for you, we have chosen the full 128-bit key strength, represented by a 32 ModHex character passcode, offering a level of security several magnitudes higher than the common 6 or 8 digits. To further enhance security, the Yubico OTP is offered with an optional time variant code. The YubiKey has no battery but features a built-in clock that uses the power from the USB port or NFC (in supported models). This clock can be used to measure the time between two OTPs, verifying user presence so that pre-recorded OTPs cannot be used.

    Communications Security

    While Yubico previously initiated development of a BLE security key and contributed to the BLE U2F standards work, we decided not to launch the product as it does not meet our standards for security, usability and durability. BLE does not provide the security assurance levels of NFC and USB as it can be intercepted within 20 meters, and is a more complex protocol with a larger attack surface. Also, it requires batteries and pairing that offer a poor user experience.

    Yubico is a believer in NFC, and the YubiKey design has proven at scale to deliver a superior contactless user experience.

    FIDO Ecosystem Security

    YubiKeys need websites, browsers, and operating systems to work in harmony to protect people. Therefore, to achieve a trusted Ecosystem, the security of browsers and devices are critical.

    Attestation

    Attestation is built-in to the FIDO and WebAuthn protocols, which enables each service provider to choose which security keys to trust, or to be more skeptical of, based on their individual needs and concerns. Each vendor can provide root attestation certificates which can be used to verify the authenticity of any security key they produce. The root certificate that issues all YubiKey attestation certificates is available at: https://developers.yubico.com/U2F/yubico-u2f-ca-certs.txt. This covers both U2F and FIDO2 devices.

    More information for developers and administrators, including our recommendations on how to use attestation in a scalable way, can be found here.

    Securing Secrets on Servers

    We use our own cost-efficient and convenient YubiHSM hardware server module to protect access to all Yubico servers and systems, including for OTP secrets for YubiCloud, Yubico’s hosted validation service.

    Technical Transparency

    We are a strong believer in transparency and do whatever we can to provide documentation and open source software and libraries. We are also committed to ongoing work with third parties for certifications, security reviews and scrutiny.

    The Yubico team, investors and advisors, have a long proven track record and are well respected in the security industry and open standards communities. Our goal has always been to be transparent and take responsibility for the quality and integrity of our products.

    Since 2014 and the launch of FIDO U2F in Gmail, Yubico has donated and discounted YubiKeys to journalists, dissidents and non-profit organizations working for civil rights. Learn more about the program here.

    Certifications

    Yubico’s products are certified against FIPS, FIDO, and CSPN to meet the compliance needs of some of our customers. However, as mentioned throughout, our investment in the safety and security of our products goes far beyond what these require. We do this in order to provide the safest products we can, and because most certifications focus on interoperability, few review cryptographic code, and none cover total system architecture, implementation, and supply chain security. You can read more about what FIDO certifications cover on their website, and what NIST’s FIPS certification covers on the NIST website.

    Error Loading. Please delete this block and re-add it.
Yubico Text LogoYubico Text Logo
  • RSS
  • Twitter
  • LinkedIn
  • Facebook
  • Instagram
  • YouTube
  • GitHub
  • Product finder quiz
  • Find set-up guides
  • Buy online
  • Contact sales
  • Get Yubico updates
  • Careers
  • Events
  • Press room
  • About us
  • Partner programs
  • Affiliate program
  • YubiKey 5 Series
  • YubiKey 5 FIPS Series
  • YubiKey Bio Series
  • Security Key Series
  • YubiKey 5 CSPN Series
  • YubiHSM 2 & YubiHSM 2 FIPS
  • Yubico Authenticator
  • Zero Trust
  • Phishing-resistant MFA
  • Passwordless
  • Cyber insurance
  • More solutions
  • Industries overview
  • Yubico blog
  • Resource library
  • Cybersecurity glossary
  • Authentication standards
  • Developer program
  • Works with YubiKey
  • Help center
  • Downloads
  • Product documentation
  • Support Services
  • Professional Services
  • Professional Services
  • Contact support
Yubico © 2023 All Rights Reserved.
  • Sitemap
  • Cookies
  • Legal
  • Privacy
  • Patents
  • Terms of use
  • Trust
We use cookies to ensure that you get the best experience on our site and to present relevant content and advertising. By browsing this site without restricting the use of cookies, you consent to our and third party use of cookies as set out in our Cookie Notice.

PreferencesAccept all
Yubico Privacy and Cookies Policy

Privacy Overview

Yubico.com uses cookies to improve your experience while navigating through the website. When you visit any website, it may store or retrieve information on your browser, mostly in the form of cookies. This information might be about you, your preferences or your device and is mostly used to make the site work as you expect it to. The information does not usually identify you, but it can give you a more personalized web experience.

Because we respect your right to privacy, you can choose not to allow some types of cookies.

Click on the different category headings to find out more and change our default settings.

Blocking some types of cookies may impact your experience on our site and the services we are able to offer.
Strictly necessary cookies
Always Enabled

These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information.

Functional cookies

These cookies enable the website to provide enhanced functionality and personalization. They may set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly.

Performance cookies

These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance.

Targeting cookies

These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Uncategorized

Undefined cookies are those that are being analyzed and have not been classified into a category as yet.

Matomo Anonymized Tracking
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
CookieDurationDescription
_hjIncludedInSessionSample_8352762 minutesDescription is currently not available.
_hjSession_83527630 minutesDescription is currently not available.
_hjSessionUser_8352761 yearDescription is currently not available.
_schn13 minutesDescription is currently not available.
_scid_r1 year 1 monthDescription is currently not available.
_vis_opt_exp_186_combi3 months 8 daysDescription is currently not available.
_vis_opt_exp_186_combi_choose3 months 8 daysDescription is currently not available.
_vis_opt_exp_187_combi3 months 8 daysDescription is currently not available.
_vis_opt_exp_187_combi_choose3 months 8 daysDescription is currently not available.
_vis_opt_exp_188_combi3 months 8 daysDescription is currently not available.
_vis_opt_exp_188_combi_choose3 months 8 daysDescription is currently not available.
cookielawinfo-checkbox-matomo1 yearDescription is currently not available.
loglevelneverNo description available.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
CookieDurationDescription
_ga_*1 year 1 month 4 daysGoogle Analytics sets this cookie to store and count page views.
_gat_UA-*1 minuteGoogle Analytics sets this cookie for user behaviour tracking.
_hjFirstSeen30 minutesHotjar sets this cookie to identify a new user’s first session. It stores the true/false value, indicating whether it was the first time Hotjar saw this user.
_hjRecordingEnabledneverHotjar sets this cookie when a Recording starts and is read when the recording module is initialized, to see if the user is already in a recording in a particular session.
_hjRecordingLastActivityneverHotjar sets this cookie when a user recording starts and when data is sent through the WebSocket.
ln_or1 dayLinkedin sets this cookie to registers statistical data on users' behaviour on the website for internal analytics.
Save & Accept