AI driving a critical need for proactive security
Cybersecurity is critical for financial institutions, which are prime targets for cyberattacks, with an average data breach cost of $5.56 million. These attacks threaten not just finances but also reputation, trust, and compliance. Most attackers don’t break in—they log in using user credentials and codes such as SMS and OTP that are easily intercepted and stolen, and the rise of AI enables them to craft convincing attacks at scale. In response, regulations require secure authentication methods like multi-factor authentication (MFA). However, not all MFA methods are created equal, and most regulations stop short of addressing these differences, leaving potential gaps in any cyber resilience strategy. Financial institutions must shift from reactive security to proactive, phishing-resistant, multi-factor and passwordless authentication. Eliminating passwords and mobile-based apps, and adopting device-bound passkeys like the YubiKey, offers the strongest protection to build and maintain cyber resiliency across the enterprise.
Proactive passwordless security with the YubiKey
Start your proactive security journey with the YubiKey —a critical combination of highest-assurance security along with an optimized user experience, enabling phishing-resistant multi-factor (MFA) and passwordless authentication at scale. The YubiKey contains the highest-assurance passkey that resides in a multi-protocol hardware security key form factor, supporting phishing-resistant protocols such as FIDO2/ WebAuthn and Smart Card along with FIDO U2F, OTP and OpenPGP. YubiKeys integrate seamlessly across both legacy and modern environments to help financial organizations bridge to a secure passwordless future.
The YubiKey secures 8 out of the Top 10 largest banks around the world
The YubiKey is proven to reduce risk by 99.9% and deliver significant business value to large enterprises at scale, delivering an ROI of 203%, all while delivering a frictionless user experience, letting users quickly and securely log in with a single tap or touch.
YubiKeys work with over 1,000 products, services and applications including leading identity and access management (IAM) platforms, privileged access management (PAM) solutions and cloud services.
Common use cases the YubiKey solves for the financial sector
Secure office workers and remote employees
Phishing-resistant MFA should be one of the top requirements for remote and hybrid work policies. YubiKeys provide highest-assurance MFA and passwordless authentication, and are easily integrated into existing systems and infrastructure including identity and access management systems such as Microsoft, Okta, Duo, Ping and Hypr. With the YubiKey, financial services organizations can ensure all employees and contractors have secure access to computers, VPN, applications and password managers—no matter where they work.
Secure high-risk, high-value transactions
Employees that perform high-risk, high-value transactions on a daily basis are often the target of cybercriminals. Access to high-risk systems can be strengthened by requiring strong and modern MFA using YubiKeys, ensuring only authorized account access and authorized high-value transactions.
Secure privileged users
Privileged users are prime targets for cybercriminals as they have greater access to sensitive company and customer information. Financial services organizations can strengthen privileged access management and stop targeted attacks by ensuring that authentication security best practices are followed by requiring privileged users to authenticate with phishing-resistant device-bound passkeys such as the YubiKey.
Secure call center workers
With high employee churn, seasonal peaks, and other challenging business dynamics, call center environments need a secure, yet simple approach to verify agent identities before providing access to critical systems and data. YubiKeys offer strong security that can securely verify the identity of call center agents before they are given access to PII and other sensitive data, or make any changes to a customer account, such as raising a credit limit. And unlike mobile phones that can capture images of customer and financial data, YubiKeys offers a much more secure authentication solution.
Secure shared workstations/terminals
Employees who work on shared workstations are common in banks and call centers. Tellers move from one station to another and supervisors move to authorize transactions. Users in these environments are often part-time employees with higher turnover and may have minimal commitment to the organization, increasing the insider threat. The YubiKey ensures strong authentication across shared access terminals and shared workstations to help prevent unauthorized access to high-value systems and resources.
Secure end customers
Yubico delivers modern cybersecurity to help you become a trusted partner to your retail and commercial customers and deliver innovative and differentiated security solutions to keep customer accounts safe against financial fraud. By offering YubiKeys, you can reduce fraud liability and help customers secure online and mobile banking accounts with state of the art security that is simple to use and seamless to roll out at scale. Many financial services organizations including Wells Fargo, Vanguard, Morgan Stanley and KeyBank offer clients strong authentication solutions, with support for YubiKeys.
Accelerate deployment of passwordless at scale
To make it easy to deploy passwordless authentication at scale, Yubico offers YubiKey as a Service and YubiEnterprise Delivery for easy procurement and delivery of YubiKeys.
With YubiKey as a Service, organizations receive a service-based and affordable model for purchasing YubiKeys in a way that meets their technology and budget requirements. This service also provides priority customer support, ease of form factor selection, backup key discounts, and replacement stock benefits.
With YubiEnterprise Delivery, organizations receive a cloud-based service that streamlines the distribution of YubiKeys to end-users, serving both domestic and international locations including residential addresses.
Yubico also offers the Yubico Enrollment Suite, delivering a complete registration experience for easy enrollment of YubiKeys on behalf of users, with support for Microsoft and Okta currently, and additional Identity Provider (IdP) support planned to come on board.