Business Wire

CA-YUBICO

6.5.2024 15:01:34 CEST | Business Wire | Press release

Share
Yubico’s Key Product Innovations Empower Enterprise Security and Phishing-Resistant Passwordless Authentication at Scale

Today Yubico (NASDAQ: YUBICO), the leading provider of hardware authentication security keys, announced the upcoming release of YubiKey 5.7 firmware for the YubiKey 5 Series, Security Key Series and Security Key Series - Enterprise Edition. With a focus on enterprise needs, these updates reinforce Yubico’s commitment to providing secure, simple, and scalable authentication solutions. Security keys with firmware 5.7 will be available to purchase in late May 2024, offering enhanced features such as improved PIN complexity, enterprise attestation, and expanded passkey credentials storage. These updates empower organizations to adopt passwordless-first, modern authentication, fostering phishing-resistant users worldwide.

As part of Yubico’s goal of helping enterprises raise the bar for security with greater flexibility, the company also announced the availability of Yubico Authenticator 7 which will support the upcoming YubiKey 5.7 features.

“Organizations are continuing to face a surge in the variety and complexity of cyber threats at historical rates, often fueled by compromised employee login credentials, frequently resulting from attacks such as phishing. This trend is exacerbated by the rise in use of Artificial Intelligence (AI),” said Jeff Wallace, senior vice president of product at Yubico. “We’re excited to continue offering best-in-class solutions that protect organizations and accelerate their transition to passwordless with the latest enterprise-focused updates to the YubiKey. We’re confident that organizations are now better equipped than ever to enforce compliance requirements and elevate their security posture throughout their organization.”

YubiKey 5.7: Accelerating enterprises to passwordless

To help organizations tackle this challenge, Yubico’s key updates and enhancements to the YubiKey 5 Series and Security Key Series* include:

  • Enhanced PIN complexity across all YubiKey applications
    • Block simple patterns and common PINs at the hardware level to enable compliance with upcoming NIST requirements and corporate mandates. This includes FIDO2, PIV, and OpenPGP.
  • Enterprise attestation
    • Allow organizations to enforce the usage of YubiKeys that they purchased via custom programmed keys with enterprise attestation. Working in conjunction with identity providers, this capability can also facilitate the retrieval of unique identifiers during FIDO2 registration to streamline asset tracking and account recovery.
  • FIDO2 enhancements
    • Empower organizations to enforce compliance requirements and elevate security measures surrounding PIN usage. YubiKey 5.7 implements FIDO Client-to-Authenticator Protocol (CTAP) 2.1, embracing the latest FIDO2 protocol features such as Force PIN Change and Minimum PIN Length.
  • Expanded passkey and passwordless storage
    • Provide ample storage space to meet authentication needs while maintaining strong security standards. More storage for FIDO2 discoverable credentials (passkeys) and OATH one-time passwords will now accommodate up to 100 passkeys, 24 PIV certificates, 64 OATH seeds, and 2 OTP seeds at once for a total of 190 credentials.
  • Expansion and enhancement of public key algorithms for PIV applications
    • Align with DoD memo requirements and offer advanced key management functions, enhancing flexibility for organizations through support of larger RSA keys (RSA-3072 and RSA-4096), as well as Ed25519 and X25519 key types.
  • Migration to Yubico’s own cryptographic library
    • Yubico has developed a library in-house that performs the underlying cryptographic operations (decryption, signing, etc.) for RSA and ECC.

“The new features within 5.7 allow enterprises to streamline critical processes such as asset tracking and account recovery, while also enhancing flexibility,” said Wallace. “These updates empower enterprises with the latest authentication advancements and tools to build specific strategies for creating phishing-resistant users and mitigating phishing threats for employees, external identities, and customers.”

Capabilities in the new 5.7 YubiKeys also align with recent U.S. Government memo requirements on adopting phishing-resistant MFA and offer advanced key management functions. Compliance with upcoming NIST requirements and corporate mandates is also supported by enforcing the blocking of simple patterns and common PINs at the hardware level.

*Note: Smart Card/PIV capabilities, OATH and OTP credentials are not available on any Security Key Series thus these updates are not applicable. Enterprise attestation is available on the YubiKey 5 Series and Security Key Series - Enterprise Edition. See here for more details.

Yubico Authenticator 7: Hardware-backed authenticator app across desktop and mobile

Aligned with the 5.7 firmware release, significant updates within Yubico Authenticator 7 launched today in support of managing these new features. This new version enables use of the new public key algorithms for PIV, bringing more advanced management options and streamlines the interface for a better user experience when handling many credentials. Additionally, it adds localization with official support for French and Japanese, with additional community-provided translations. The app is now available for all major desktop platforms, as well as for Android. Enhanced features for iOS will be coming in the next version of the iOS application. It's the perfect companion to the new YubiKey 5.7, with its expanded credential storage.

The Yubico Authenticator delivers strong security by enabling users to store credentials on a YubiKey instead of a mobile phone, thereby significantly removing risks posed by remote attackers targeting software-based authenticator apps. By incorporating hardware-backed strong two-factor authentication in the YubiKey, credentials stays safe and the bar for security is raised while delivering the convenience of an authenticator app.

For more information on today’s innovation announcements from Yubico, visit here. To get the Yubico Authenticator 7 app, visit here.

About Yubico

Yubico (Nasdaq First North Growth Market Stockholm: YUBICO), the inventor of the YubiKey, offers the gold standard for phishing-resistant multi-factor authentication (MFA), stopping account takeovers in their tracks and making secure login easy and available for everyone. Since the company was founded in 2007, it has been a leader in setting global standards for secure access to computers, mobile devices, servers, browsers, and internet accounts. Yubico is a creator and core contributor to the FIDO2, WebAuthn, and FIDO Universal 2nd Factor (U2F) open authentication standards, and is a pioneer in delivering modern, hardware-based passkey authentication security at scale to customers in over 160 countries.

Yubico’s solutions enable passwordless logins using the most secure form of passkey technology. YubiKeys work out-of-the-box across hundreds of consumer and enterprise applications and services, delivering strong security with a fast and easy experience.

As part of its mission to make the internet more secure for everyone, Yubico donates YubiKeys to organizations helping at-risk individuals through the philanthropic initiative, Secure it Forward. The company is headquartered in Stockholm and Santa Clara, CA. For more information on Yubico, visit us at www.yubico.com.

To view this piece of content from cts.businesswire.com, please give your consent at the top of this page.

View source version on businesswire.com: https://www.businesswire.com/news/home/20240506185894/en/

About Business Wire

Business Wire
Business Wire
101 California Street, 20th Floor
CA 94111 San Francisco

http://businesswire.com
DK

Subscribe to releases from Business Wire

Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.

Latest releases from Business Wire

Forrester’s 2027 Budget Planning Guides: After A Year Of Caution, Business And Tech Leaders Are Ready To Invest Again15.7.2026 11:00:00 CEST | Press release

While leaders are betting on growth, in the age of AI, spending more is no longer enough According to Forrester’s (Nasdaq: FORR) 2027 Budget Planning Guides, business and technology leaders are approaching 2027 with renewed confidence as they increasingly accept volatility as a permanent feature of the business environment. After a year of more cautious spending, more than 80% of leaders expect their budgets to increase over the next 12 months, with as many as one-quarter anticipating growth of 10% or more. But planning in the age of AI demands more than bigger budgets: Increasing investment without modernizing operating models, strengthening data foundations, and improving AI readiness will only accelerate fragmented data, duplicated work, and technical debt. To realize AI’s full potential, leaders must rethink their strategies and prioritize investments in operational foundations, governance, and experimentation that drive tangible outcomes. This year, optimism is widespread across f

Post-Quantum’s Algorithm - Classic McEliece - Achieves Global ISO Standardization to Protect the World From Quantum Cyber Attack15.7.2026 10:00:00 CEST | Press release

Ultra-secure encryption algorithm added to ISO standard for Asymmetric Ciphers Classic McEliece is first PQC algorithm to achieve global standardization Organisations in 177 ISO member states can now adopt Classic McEliece to remain secure from attack by both classical and quantum computers Governments including Germany and the Netherlands already recommend the highly secure Classic McEliece algorithm due to its unmatched security credentials It’s proven that today’s encryption is vulnerable to attack by a sufficiently mature quantum computer running Shor’s algorithm - a catastrophic event commonly known as Q-Day. Even before such a cryptographically relevant quantum computer emerges it is known that adversaries are stealing encrypted data now, which can be decrypted later - also known as Harvest Now, Decrypt Later (HNDL). Google’s recent use of Artificial Intelligence (AI) to optimise Shor’s algorithm reduces the number of physical qubits required to break today’s encryption, therefor

Thredd Joins The Visa Agentic Ready Programme, Bringing Agent Network Readiness To Issuers Across Europe, Starting With Zilch15.7.2026 09:00:00 CEST | Press release

Thredd, the AI-first issuer processing platform, today announced it has joined the Visa Agentic Ready programme, enabling issuers across Europe to participate in agent-initiated payments without rebuilding their payments infrastructure. Consumer payments platform Zilch will be among the first issuers on the platform to enable agent-initiated payments for its cardholders. As a processor and enabler, Thredd sits at the trust layer of the payments ecosystem. By joining the programme, Thredd is ready to support Visa and its clients as the market moves into agentic commerce. Agentic commerce introduces a new type of payment initiator: An AI agent acting on a cardholder's behalf. The core payments principles do not change. Cardholder permission, issuer approval, authentication and fraud monitoring all still apply. What changes is how trust is established and enforced at the point an agent transacts. Taking a Zilch customer as an example, a cardholder might ask an AI agent to find a product w

Surgerii Robotics Announces First European Installation of the SHURUI® Single-Port Surgical System at Vall d'Hebron University Hospital15.7.2026 09:00:00 CEST | Press release

Surgerii Robotics today announced the first European installation of its SHURUI Single-Port (SP) Surgical System at Vall d'Hebron University Hospital in Barcelona, Spain, one of Europe's leading academic medical centers. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260713209503/en/ The first pediatric procedure performed with the SHURUI SP system was a nephroureterectomy on a twelve-year-old boy whose kidney and ureter had become infected and non-functional due to multiple stones. The SHURUI SP system is CE-marked for adult and pediatric use, making it the only CE-marked single-port robotic surgical system currently indicated for pediatric procedures in Europe. The installation marks an important milestone in the international expansion of Surgerii Robotics and the introduction of the technology into a major European reference center. As part of this collaboration, Vall d'Hebron University Hospital has become the first hos

SES, Airbus and Dutch Municipality of Noordwijk to Build Satellite Optical Ground Station for EAGLE-115.7.2026 08:50:00 CEST | Press release

The parties signed a ground lease agreement allowing installation of the optical ground station (OGS) at the NL Space Campus SES, a space solutions company, jointly with Airbus Netherlands B.V. signed a ground lease agreement with the Dutch municipality of Noordwijk for a plot at the NL Space Campus, next to the European Space Agency’s (ESA) technical center ESTeC. The facility will host a dedicated optical ground station (OGS) to communicate with the EAGLE-1 satellite and receive quantum safe keys via laser technology. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260714786947/en/ Breaking the ground of the EAGLE-1 Optical Ground Station, Municipality of Noordwijk, the Netherlands. Pictured left to right: Pim van Strien, Alderman for the Municipality of Noordwijk; Rob Postma, President and Managing Director, Airbus Netherlands; Alan Kuresevic, Managing Director, SES Techcom, SES. The station, to be built by Airbus for SES,

In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.

Visit our pressroom
World GlobeA line styled icon from Orion Icon Library.HiddenA line styled icon from Orion Icon Library.Eye