Yubico launches YubiKey Bio Series for enhanced security

Yubico has announced the global availability of its YubiKey Bio Series - Multi-protocol Edition keys, designed to enhance phishing-resistant authentication for enterprises.

The introduction of biometric logins marks a significant shift towards improved security in the corporate sector, increasingly becoming necessary as organisations prioritise seamless multi-factor authentication (MFA) solutions to enhance both security and user productivity. The YubiKey Bio Series aims to provide this by leveraging biometric technology to facilitate passwordless login, thereby addressing the evolving demands of modern cybersecurity.

The YubiKey Bio Series - Multi-protocol Edition, available in USB-C and USB-A form factors, supports biometric authentication for FIDO and Smart Card/PIV protocols. Ludwig Ward from Yubico stated, "As adoption of biometric logins continues to increase globally, enterprises and cybersecurity teams require stronger security combined with user convenience to improve user adoption of multi-factor authentication (MFA) and ensure productivity."

The keys are part of Yubico's broader YubiKey as a Service offering, available with the Compliance tier or as an add-on in the Advanced tier.

They are not offered under the Base tier, which is limited to FIDO-only functionalities.

The YubiKey Bio Series offers enhanced security features and flexibility, aiming to reduce dependence on PINs through biometric solutions, resulting in a smoother user experience on various devices and platforms. Yubico indicated that this also helps lower IT helpdesk costs due to increased speed of authentication processes.

Among the enhancements introduced in the YubiKey 5.7 firmware is advanced Smart Card functionality, allowing support for new key types and expanded key management options, including moving and deleting PIV keys. This is intended to cater to the growing enterprise need for enhanced authentication tools.

Yubico has also focused on better asset tracking and custom configuration options. The new Enterprise Attestation capability ensures that only organisation-approved authenticators are utilised, which is coupled with asset tracking functionalities through serial numbers.

There is also enhanced PIN complexity compliance built into the devices.

This feature ensures users employ robust PINs, deterring the use of easily guessed combinations and aiding organisations in meeting compliance standards both internally and externally.

Administrators can ensure that temporary FIDO2 PINs set during enrolment must be changed by users upon first use. Additionally, a minimum PIN length can be configured to align with corporate and regulatory standards.

Yubico continues to support an expanding range of credentials within the devices, offering storage for up to 100 passkeys and 24 PIV certificates, thus meeting varied enterprise requirements.

The YubiKey Bio Series is compatible with various technology partners and applications, with HYPR noted as a prominent partner providing a seamless user experience.

The partnership between Yubico and HYPR facilitates a transition to full passwordless environments while addressing different authentication scenarios with phishing-resistant methods.