FIDO2 an Open Authentication Standard
FIDO2 is an open authentication standard that consists of the W3C Web Authentication specification (WebAuthn API), and the Client to Authentication Protocol (CTAP). CTAP is an application layer protocol used for communication between a client (browser) or a platform (operating system) with an external authenticator (Security Key by Yubico).
FIDO2 offers the same high level of security as FIDO U2F, as it is also based on public key cryptography and is intended to solve multiple user scenarios including strong first factor (passwordless), strong second factor, and multi-factor authentication. With these new capabilities, the hardware security key can entirely replace weak static username/password credentials with strong hardware-backed public/private-key credentials. These credentials cannot be reused, replayed, or shared across services, and are not subject to phishing and MiTM attacks or server breaches.
Yubico is a core contributor to the CTAP protocol, and the specification is hosted by the FIDO Alliance.