Showing results for: yubico.com

Stina Ehrensvard

Yubico’s Vision for Secure Online Identities

Wired Magazine recently announced that Google is working on a new online authentication protocol as an alternative to legacy username/password login. Yubico and NXP are co-creators of this protocol, designed to be integrated across a wide range of devices, including SIM cards, YubiKey NEOs, or a ring you carry on your finger, and to solve some of the fundamental problems with online identity. And these are problems we need to fix soon. Very soon. Or billions of people, along with the great creation named the Internet, will be in serious trouble.

At this stage we cannot say which route we will choose to ensure mass adoption of this new security protocol. But we can say that Yubico has decided to engage in the project as we believe it could be a game changer.

And this is the vision: 

Imagine that you have one single key and one single password to securely access all your Internet life. 

The key would not be issued, controlled or hosted by a government or a service provider. Instead, you would buy this key at your retail store, such as 7-Eleven or Amazon.com, similar to a gift card or pre-paid phone card.

The key would remain in your own full control, guarding your privacy. And you may even choose to have multiple keys and identities, enabling you to protect your digital identity while remaining anonymous.

From your computer or mobile device, you would be able to instantly, with no required software installed, connect your key to any number of online services. Placed in the USB-port or tapped to your NFC phone/tablet/laptop you would replace all your multiple, long, painful passwords with a simple touch. Combined with a simple PIN or password, you would then securely access your email, bank, healthcare records or any online account.

With built-in support for platforms and browsers, the key would offer superior security, protecting against man-in-the-middle and phishing – but with no drivers or client software needed.

With an open source approach and a clever ecosystem, there would be no fees for service providers, and the costly Certificate Authority model associated with traditional smart cards could be eliminated. But more importantly, there would be no single token or service provider who would control your digital identity or any cryptographic secrets.

Yes, there are a few obstacles to overcome, including aligning influential thought-leaders and global stake holders on the same page. But if enough people want to, it would be possible to create a new, really simple, secure and affordable online identity solution as outlined above.

Bring it out – click – go!

PS. Please find additional comments on this topic in the Future of Authentication FAQ 

Yubico Team

Yubico.com and Our Blog

Finally! We are very happy to launch our new website, based on the open source CMS WordPress. But that’s not enough! We have an exciting future ahead of us, including the long awaited release of the YubiKey NEO in volume production and a whole range of other things we are getting ready to talk about. While the awareness and discussion about online security, breaches and two-factor authentication continues to rise, this blog will be the place where we publicly talk and discuss these topics with you. At this blog you will also get product updates, how to-guides and other fun stuff going on in the Yubico world.

You will meet Stina Ehrensvärd, CEO & Founder, Simon Josefsson, Security Architect, David Maples, Technical Support, Evelina Ander, our Marketing Manager, as well as the rest of the Yubico team here at the YubiBlog. You might also find guest blog posts written by our friends and partners, and our very important community (you!) in the future.

As always, a brand new site is likely to have minor errors that we are just blind about. Please let us know, or if you have any other feedback, in the comments below or with an email to info@yubico.com. We would also love to hear your thoughts about what you would like us to blog about! And of course, stay tuned by subscribing to the YubiBlog via RSS.

All the best,
The Yubico team

PS. If you would like to secure your own WordPress site with YubiKey two-factor authentication, read more here.