What is GDPR?

The General Data Protection Regulation 2016/679 is a regulation in EU law on data protection and privacy in the European Union and the European Economic Area. It also addresses the transfer of personal data outside the EU and EEA areas.
Why do they have GDPR?

In April of 2016, GDPR was adopted by European parliament to replace an outdated data protection act. With our lives revolving around the internet and the web being able to house sensitive information, GDPR was put in place to give EU citizens more control over their personal data. Organizations, companies, or businesses that collect or manage citizen’s data are under strict guidelines on how they treat that data.

What are the implications of not complying with GDPR?

The cost of not complying with GDPR can be substantial with the threat of hefty fines of €20M or 4% of worldwide turnover for non-compliance, whichever is greater. The European Union Agency for Network and Information Security describes authentication as ‘key to securing computer systems’ and as the first step ‘in using a remote service or facility, and performing access control’. Referenced as GDPR-compliant authentication solutions are one time password solutions, smart cards, and FIDO Universal 2nd Factor (U2F).

How can the YubiKey help with GDPR compliance?


Only need one YubiKey to provide strong authentication for secure access across systems


Works across a number of services without sharing information between platforms
Visit our Works with YubiKey Catalog to see compatible services


FIDO U2F does not store any means of personally identifiable information (PII)

Learn More