Showing results for: U2F

Stina Ehrensvard

The Key to Trust

As the principal inventor behind both the Security Key and U2F protocol, we are true supporters of open standards. To realize our mission of making secure login ubiquitous, we designed the original Security Key, and provided the majority of the open source code and test tools for FIDO U2F and the latest version of the standard, FIDO2, which offers a passwordless experience.

Innovation is core to all we do, and as the ecosystem continues to mature, U2F and FIDO2 functionality will come in many different form factors, communications methods (USB/BLE/NFC) and features, from Yubico and others.

Over the past several years, Google has deployed hundreds of thousands of FIDO U2F-enabled Yubico devices internally with amazing results. Today, Google released their own version of a security key, and while we have received the question if we were part of this production, these devices are not manufactured by Yubico.

Yubico strongly believes there are security and privacy benefits for our customers by manufacturing and programming our products in the USA and Sweden.

Google’s offering includes a Bluetooth (BLE) capable key. While Yubico previously initiated development of a BLE security key, and contributed to the BLE U2F standards work, we decided not to launch the product as it does not meet our standards for security, usability and durability. BLE does not provide the security assurance levels of NFC and USB, and requires batteries and pairing that offer a poor user experience.

Yubico is a believer in NFC, and the YubiKey NEO design has proven at scale to deliver a superior contactless user experience for U2F.  Also, Yubico will soon announce another secure and user friendly solution for iOS.

YubiKey authentication devices

The FIDO U2F and FIDO2 standards work has been a long, challenging and inspiring journey convincing and engaging all leading platforms and browsers to subscribe to the Yubico mission: to make secure login easy and available for everyone.  

U2F is just one tool in the YubiKey toolbox. Today, the majority of our customers use our multi-function YubiKeys across multiple applications, services, and operating systems. In addition to FIDO U2F, we offer smart card (PIV), Yubico OTP, OpenPGP, and OATH-HOTP/TOTP, in a single device, over both USB and NFC, as well as in USB-C form factors. 

Yubico continues to work closely with Microsoft, Google and the global open standards community on FIDO2, the passwordless evolution of U2F. This next-generation standard enables the option to use a security key as a single factor, with an optional PIN or biometrics on the user device, removing the need for service providers to store and manage passwords.

We will continue to create market defining authentication products, which we are currently demonstrating at Google Cloud Next, booth #S1426. We welcome you to join us.

Ronnie Manning

Yubico CEO and Founder wins Gold Stevie Award for Female Executive of the Year

We are proud to announce that Stina Ehrensvard, CEO and Founder of Yubico has been named the Gold Stevie Award winner for Female Executive of the Year – Business Products. The Stevie Awards for Women in Business were announced Friday, November 14. The awards shine a spotlight on women executives, entrepreneurs, and organizations run by women.

“Yubico has seen a tremendous 2014!” said Ehrensvard. “Our technology has been adopted by the leading Internet companies, and as a driving contributor of FIDO U2F we are defining new global standards for simple and secure login. This award speaks very highly, and is a clear result of amazing work from all members of the Yubico team”

The Stevie, the Greek word for “crowned,”  is widely considered to be the world’s premier business award, and the 2014 awards received entries from 22 nations and territories. The awards presentations were broadcast live across the U.S.A., and simulcast around the world by Biz Talk Radio. The ceremony will be featured in a television special on Biz TV in January.

More than 160 executives worldwide who participated in the judging process this year selected the Stevie Award winners. Details about the Stevie Awards for Women in Business and the list of Stevie Award winners are available at www.StevieAwards.com/Women.

Stina Ehrensvard

Google Unveils FIDO U2F Security Key Support

Google today announced on its security blog an extra layer of security for Google Accounts based on the emerging strong authentication standard; Universal 2nd Factor or U2F.

This is a good day for the Internet.

As a driving contributor to FIDO U2F specifications, Yubico celebrates this big day by releasing a new blue campaign version of our YubiKey that is designed to work with U2F support Google has added to Chrome. This U2F-only Security Key, as well as our multi-technology YubiKey NEO, pioneers the market for U2F devices.

This U2F support is a milestone in a standards journey that began a couple of years ago. Along with Internet thought leaders, we recognized the advantages of high-security, public key cryptography for scalability and for protecting against advanced Trojans, phishing and man-in-the-middle attacks. With a mission to make great security available for every Internet user, we decided to focus on the essential; to keep it really lean.

Below is a short summary of the main differentiators between U2F security keys and traditional smart card- and hardware-based authentication devices:

  • No need for drivers, client software and middleware – Uses native drivers and built-in support directly into the browser. No installation, no configuration – just works !
  • Highly scalable while protecting your privacy – Generates a new set of encryption keys for every service, that is only stored on the specific service it connects to. With this approach no secrets are shared among service providers, and even low-cost security keys can support any number of services.
  • Great user experience – To register and authenticate, all it takes is a simple touch of a button!

In January 2013 Wired Magazine first wrote about the U2F project. As a response to all the inquiries Yubico received, we published a blog summarizing our vision of a single key for securing access to all Internet. Since then, U2F has continued to develop within the FIDO Alliance open standards consortium.

And now our vision has been turned into reality.

You can get your own FIDO U2F Security Key today at Amazon.com. A key that you own and control allowing you to securely login into your Google Account, which lets you access services such as Gmail. The same is true for any number of service providers who choose to adopt simple and strong Universal 2nd Factor authentication.

A special thanks to everyone in the FIDO Alliance working groups for making this happen!

Learn more about the new FIDO U2F Security Key by Yubico

John Salter

YubiKey NEO & FIDO U2F: One Key for All Apps

I’ve been in this business for a long time and watched a lot of promise collapse and a fair number of snake oil salesmen flourish.

Strong authentication is one of those technology conundrums that always seems to be partially solved. The drawbacks of traditional one-time passcodes are well understood and we’ve always truly known their shelf life was limited.

I have been searching for something that would be more appropriate in today’s Internet, that would move past “partially solved” and would blossom into elegant simplicity spanning the technology, the plumbing and the user.

My eyes were opened to the answer while watching a room full of engineers work with their code — checking out, checking in, deploying live —and authenticating each time as they supported a massive cloud service that counts billions of users around the globe.

To cross each virtual security boundary the engineers simply press a small flashing Yubico YubiKey tucked into their USB ports to activate strong authentication. They were taking advantage of their body’s ability to hold an electrical charge and trigger a capacitance sensor.

A few years ago when I first saw this technology, I underestimated the capacitive touch. I did not think it had the needed security properties, but what I missed was how important it was to the end-user.

Once I realized that error, I began adding in the significance of the hermetically sealed, driverless YubiKey that is impervious to viruses and malware. I thought about its improvements over second-factor mobile devices that hackers can compromise, and over single sign-on, where conventional wisdom says authentication should happen as infrequently as possible then shared across domains boundaries.

I now understand security isn’t about limiting authentications but making hundreds, even thousands of them per day as easy as pushing another key on a computer keyboard. It’s a user-experience that requires zero training, even for technology’s bellwether grandmothers.

In addition, a previously missing piece is coming into focus with the FIDO Alliance’s Universal Second Factor (U2F) protocol, adding the standards-layer to enable one key to authenticate to all applications in our ecosystems while maintaining trust and end-user privacy.

Today, Yubico is releasing its YubiKey NEO with support for U2F and delivering it in two form-factors. This key will hold the promise of a significantly more secure online consumer experience, and a dramatic increase in enterprise security and ease-of-use.

This combination of all these factors (pun intended) leads me to believe we have our device and our extended shelf life for a proper “what you have” factor from a multi-factor authentication perspective.

And it has been a powerful enough epiphany for me after 30 years promoting and advancing strong authentication that I have joined Yubico as Chief Business Officer to explore this innovation and see it through to what I believe will be its rightful place in the security landscape.

As you will see in the coming weeks, my faith in these advancements will be validated by some of the most successful and influential Internet companies with arguably the largest end-user populations on the planet.

We can now challenge conventional wisdom around authenticating once then propagating credentials. I am a firm believer in SSO technology for gluing together computing across boundaries and would argue our SSO engines should play the primary role in directing identity traffic. They are, and will remain, essential in modern web architectures.

But, I argue fresh primary credentials trump older secondary credentials every time.  Application designers have never thought of a world where it is possible or desirable to verify primary credentials not just one time but many times. That world is coming into focus and I’m exited to have a front row seat, again.

John Haggard is Chief Business Officer at Yubico

John Fontana

When Will NEO Work with iPhone 6 NFC?

Yubico has heard this question a lot over the past days since the iPhone 6 was released with NFC support.

The answer would be “now” if Apple had an open ecosystem, but that likely won’t be the case for another 12-16 months. But put a pushpin on your roadmap, the YubiKey NEO will be a multi-factor authentication option, based on its current NFC support, for iPhone users once Apple opens it to developers.

And if Apple decides to join the FIDO Alliance, the Yubico promise of one authentication key for many services could get support from another heavyweight in the FIDO standardization effort.

It’s not far-fetched to envision Apple as part of FIDO given that Apple’s Touch ID is built from technology acquired when it bought AuthenTec – which applied for the original trademark on the FIDO name. (The company left FIDO the day it was acquired by Apple).

Apple showed its new willingness to work in international standards settings two weeks ago when it joined the GlobalPlatform, which creates specifications that address standardized infrastructure for securing multiple apps on smart chip technology.

The group has three areas of focus: secure elements, trusted execution environments and messaging that holds it all together. And it adds in security, interoperability, responsibilities, provisioning and a common language to exchange information.

Or as Global Platforms puts it, we’re “a cross industry, non-profit association that identifies, develops and publishes specifications that promote the secure and interoperable deployment and management of multiple applications on secure chip technology. “

Now that’s a mouthful, but what’s important is in a world where standards are the only way to reach Internet scale, it appears Apple is coming out to play.

Bravo Apple!

You can read more about the Apple/GlobalPlatform alliance on my Identity Matters blog on ZDNet.

David Maples

The Future of Online Authentication

Last week, Yubico delivered a glimpse into the future of online authentication with a presentation at Mozilla. If you missed the live talk about FIDO Alliance Universal 2nd Factor (U2F) and in-the-browser authentication for the mass market, please watch the archived video below.

In the 60 minute presentation, Yubico discusses the motivation behind U2F, provides a demo of U2F in action, explains the user privacy and security issues that are addressed, highlights the importance of browser support for U2F and dives into some key details about the protocol.

FIDO Alliance U2F is a new, open authentication standard focused on adding public-key cryptography to existing password authentication mechanisms, offering high security with friction-less user experience. U2F represents a crucial step in driving the rapid adoption of strong authentication technology, where the user will be able to use a simple password/passcode, which even if compromised, does not compromise the user’s identity. The elegance of the protocol lies in the fact that the user in possession of the authenticator can authenticate to any number of web-based services using only one device, without the need to install any drivers or client software. The added benefit of U2F also lies in the simplicity of how this protocol can be easily integrated into an existing password authentication model.

For more background on Yubico’s work with the FIDO Alliance and the future YubiKey NEO with U2F, please visit here.

Ronnie Manning

Meet Yubico at Cloud Identity Summit

Yubico is invited to showcase the YubiKey and FIDO U2F ready devices at the upcoming Cloud Identity Summit, in Monterey, California. On Saturday, July 19, you can meet our team at the FIDO Alliance interoperability showcase and demo at the Bonsai II room from 1:30-4:30 p.m. On July 20-22, we welcome you to the Yubico booth #TT8. To schedule a meeting, please email us at press@yubico.com.

Ronnie Manning

See Yubico at RSA 2014

NXP booth #1341 in the South Expo Hall

Throughout the conference, Yubico will be demoing the YubiKey NEO and the industry’s first FIDO Universal 2nd Factor (U2F) Ready device at the NXP booth (Though successfully deployed inside cloud companies, FIDO enabled YubiKeys are not yet for sale for the public). We will also present the simplicity of two-factor authentication for other YubiKey NEO use cases, including Windows login, PIV, PKCS11, OpenPGP, password managers, and for leading cloud services with support for OATH TOTP.

FIDO Ready Showcase – Moscone North, Room 110

Additionally, on Wednesday, February 26, from 1:00 PM to 5:00 PM, Yubico will be participating in the FIDO Ready Showcase. The Showcase will feature a FIDO Alliance member panel, FIDO Ready live product demonstrations, and a chance to meet and interact in one-to-one meetings.

FIDO Alliance Member Panels – Moscone North, Room 110

Yubico is honored to be participating on two panel discussions during the FIDO Ready Showcase.  Read more about the FIDO Alliance.

Date and Times: Wednesday, February 26, 2014. 1:00 PM and 3:00 PM

  • 1:00 PM – Business Drivers for the FIDO Solution
    Moderator – Brett McDowell, PayPal
    Participants – Stina Ehrensvard, Yubico, Michael Barrett, FIDO Alliance and Kayvan Alikhani, RSA
  • 3:00 PM – FIDO Technology: a Primer
    Moderator – Brett McDowell, PayPal
    Participants – Jerrod Chong, Yubico (U2F) and Davit Baghdasaryan, Nok Nok Labs (UAF)

Schedule a meeting with the Yubico team

If you would like to set up a meeting at RSA, please email Ronnie@Yubico.com. Looking forward to seeing you at the show!

David Maples

User-Centric ID Live

If you are attending User-Centric ID Live at the Washington DC Convention Center, be sure to check out the ¨Drivers and innovators: Meet leaders from the major identity initiatives¨ session today (10/15/13) from 4:00pm – 5:15pm. Our CEO and Founder, Stina Ehrensvard, will be participating on this panel with other FIDO Alliance members from Google, Blackberry, NXP Semiconductors and Nok Nok Labs. The panel will be discussing how the FIDO Alliance works on open standards for simpler, stronger open authentication standards.

Also, do not miss the session “Track 1: Identity Ecosystems & Technologies: User-centric identity concepts, technologies and how they will impact business”  tomorrow (10/16/13)  from 9-10:15 AM. In this session Stina will be presenting more details about Universal 2nd Factor Authentication (U2F). As one of the technical specifications hosted by FIDO Alliance, U2F introduces the first driverless smart card with user presence. Successfully deployed inside Google, it also challenges the traditional business model for secure online identities, allowing users to buy and control any number of real and “anonymous” identities to easily and securely access any number of services.

User-Centric ID Live is an event focused on the business of user-centric identity. Conference sessions focus on technologies, standards, implementations, applications, and business models in the new user-centric identity ecosystem.

Stina Ehrensvard

Yubico at TechCrunch Disrupt

As a Swedish-American innovator, Yubico has been selected to represent cutting edge Swedish innovation, and will demonstrate the YubiKey NEO on Tuesday, September 10, at the Nordic Pavilion at TechCrunch Disrupt.

At the event, Yubico will also outline the basics for U2F (Universal 2nd Factor); the new online security standards initiative, developed by Google, Yubico and NXP, focused on scaling high security smart card technology beyond government and enterprise to every Internet user. The YubiKey NEO with initial U2F specifications are already successfully proven with thousands of users, and by the end of the year, we expect more than 200,000 YubiKey NEOs will be deployed within Google and elsewhere for U2F authentication.

To TechCrunch Disrupt web site

Stina Ehrensvard

Yubico joins FIDO Alliance

Yubico has joined FIDO Alliance as a board member, and will be a part of the Universal 2nd Factor (U2F) working group that Google is creating  focusing on open authentication standards work for strong, universal second-factor devices.

The U2F working group will continue the work that was presented earlier this year in an IEEE paper and Wired, based on the technical specifications that jave now been successfully proven with thousands of YubiKey NEOs and users. By end of the year we expect more than 200,000 U2F protocol compliant YubiKey NEOs being deployed within Google and elsewhere.

U2F will be available as a stand-alone offering, and the working group will also collaborate closely with the already existing FIDO UAF Technical working group, to ensure harmonization of specifications. UAF aims to create a web eco-system including a broader range of authentication methods, including biometrics.

 

Ronnie Manning

UK Becomes the First Government to Offer Secure Online Identities Based on FIDO U2F Standards

STOCKHOLM & AMSTERDAM, March 23, 2016 – Yubico, the leading provider of simple, open and strong authentication, and Digidentity, a leading identity service provider, today announced a partnership to enable FIDO Universal 2nd Factor (U2F) authentication and YubiKeys for UK government services. The joint solution allows all UK citizens to easily and securely access GOV.UK Verify digital public services.

Compromised online identities have reached a level that has exposed the weaknesses in usernames and passwords as well as traditional software security solutions. Government services around the world have a growing demand for strong two-factor authentication, but traditional hardware technologies have been too costly and complicated to scale for most countries and internet users.

The new open authentication standard FIDO U2F changes that model. Successfully deployed and supported by leading commercial service providers, including Gmail and Dropbox, FIDO U2F is now also supported in UK government services, including for identity assurance.

GOV.UK Verify is a new simple way for UK citizens to access an increasing range of UK government services online. This is the first government service in the world to make support for simple and strong FIDO U2F authenticators. The service works using a roster of identity providers, who check and confirm a user’s identity before they can access a government service. Digidentity is one of the UK government’s certified identity service providers.

“UK citizens can easily purchase a FIDO U2F device online and register it with Digidentity,” says Marcel Wendt, Digidentity CTO and co-founder. “With a quick online process, the user’s identity is verified and tied to the U2F device, and the data is encrypted to safeguard a user’s privacy. We are pleased to partner with Yubico, a driving contributor of the FIDO U2F standard, to make this happen.”

To authenticate to GOV.UK Verify using Digidentity with FIDO U2F, the user inserts a U2F YubiKey device into their computer’s USB port, and then touches the device. There are no drivers or client software to install. Later this year, U2F authentication via Near Field Communication (NFC) and Bluetooth will be supported by Digidentity for secure login from mobile devices.

“We are impressed with the online identity services that GOV.UK and Digidentity have developed and are now offering to UK citizens,” says Stina Ehrensvard, CEO and founder, Yubico. “We share their mission of making secure online identities easy and available for everyone.”

YubiKeys with FIDO U2F support are available (starting from £13/$18) at Amazon.com or from the Yubico Store. The same U2F key that works with GOV.UK Verify and Digidentity also works for logging in to a growing number of large scale commercial services, without any personal data or encryption secrets shared between service providers.

About Yubico
Yubico sets new world standards for simple, secure login, preventing unauthorized access to computers, servers, and internet accounts.

Supporting multiple authentication and encryption protocols on all devices and platforms, YubiKeys protect access to user accounts for the world’s largest enterprises with a simple touch, and with no driver or client software needed. Yubico is a leading contributor to the FIDO Universal 2nd Factor open authentication standard, and Yubico’s technology is used, and loved, in more than 150 countries.
Founded in 2007, Yubico is privately held with offices in Sweden, US and UK. For more information, please visit www.yubico.com.

About Digidentity
Digidentity makes your online life simpler and safer by enabling secure and verified digital identities for everyone.

To do this, Digidentity developed services focused on a unique digital identity, where the user and their privacy are key. Digidentity is also a supplier of SSL certificates and qualified digital signatures. Digidentity provides national digital identity solutions to the Dutch and British governments, as well as solutions for a large variety of organizations. Providing identities to more than 12 million Europeans, Digidentity executes more than 150 million secure online transactions per year between people, organizations, and governments.

Founded in 2008, Digidentity is privately held in The Netherlands. For more information, please visit www.digidentity.com.

Media Contact
Ronnie Manning
Director, Public Relations
Yubico, Inc.
Ronnie@Yubico.com
1.619.822.2239

Ronnie Manning

YubiKey and U2F at CES ShowStoppers – Yubico Demonstrates Mobile Contactless, Tokenless, and Passwordless Authentication

PALO ALTO, CA, JAN. 6, 2016 – Yubico, the leading provider of simple and open online identity protection, today announced it will be participating at ShowStoppers @ CES (Consumer Electronics Show) 2016.  Yubico will be demonstrating the first FIDO U2F-certified NFC-enabled YubiKey and a preview of a software-based U2F mobile client that brings public-key cryptography to both consumer and enterprise mobile users with a tokenless and passwordless experience.

YubiKey NEO

One Touch, Secure Login with YubiKey at ShowStoppers @ CES

Yubico will be exhibiting at booth B-12 at ShowStoppers on Wednesday, January 6, 2016, 6-10 p.m., at the Wynn Las Vegas.

Hacking, data loss, and identity theft is no longer just a concern to enterprises, but a threat that reaches everyone online.  The time is now and the technology is here for consumers to protect themselves beyond just a username and password.  Yubico’s YubiKey holds the promise of a more secure online and mobile consumer experience, and a dramatic increase in enterprise security.

The YubiKey NEO is the first device certified for U2F mobile authentication over NFC (Near Field Communication).  At ShowStoppers, Yubico will demonstrate how a single YubiKey NEO securely authenticates to both online services via USB and a U2F supported mobile login, with a simple tap of the YubiKey to an NFC-enabled mobile device.

“2016 is the year when FIDO U2F will unfold its promise of a ‘universal’ second factor,” said Stina Ehrensvard, CEO and Founder, Yubico, Inc. “This year, we expect to see many more large-scale online service providers announce their support for U2F and YubiKeys, targeting both consumers and enterprises.”

Also at Showstoppers, Yubico is demonstrating a software-based U2F mobile client (iOS/Android) that does not require additional hardware. With the U2F mobile client, second-factor authentication can be a password or the fingerprint used to unlock the phone, enabling the first tokenless and passwordless user experience for FIDO U2F.

While external hardware authenticators without internet connections offer the highest level of identity protection, Yubico’s U2F mobile client provides a heightened level of security compared to a static username and password login. As an example, an online bank that adds supports for U2F can allow its mobile users to perform lower-value transactions using the U2F mobile client only, while higher-value transactions would require U2F hardware authentication.

The YubiKey NEO is available today at Amazon.com and Yubico web store for $50 (single quantity retail price).

 

 

 

Media Contact
Ronnie Manning
Director, Public Relations
619.822.2239
Ronnie@Yubico.com