YubiKey Bio Security Key Now in Private Preview Phase

Yubico has shed some light on the development of its upcoming biometric security key. The YubiKey Bio was first unveiled in November of 2019, and is now in a private preview phase with the company’s technology partners and with select enterprise customers. The biometric security key will be available in USB-A and USB-C form factors when it makes its debut.

Until then, Yubico is walking customers through the thinking that influenced the key’s final design. The company noted that smartphones normalized the concept of fingerprint recognition for millions of consumers, and that the technology can deliver a smooth authentication experience across multiple channels. With that in mind, building a security key with a fingerprint sensor was a logical next step for the company.

The problem, of course, is that a smartphone is much larger than the standard security key, which makes it easier to integrate a fingerprint sensor into the design. Since a smaller sensor might not work properly in certain environments, the YubiKey Bio will always allow users to log in with a PIN code in instances when the device’s default fingerprint sensor fails to deliver.

Once registered, the user’s fingerprint template is stored on a Secure Element dedicated to the purpose, while the biometric subsystem runs independently of the key’s core security functionality. All communication between the Secure Element and the rest of the key is encrypted to help thwart replay attacks.

In that regard, Yubico warned that no security system is foolproof, and that any fingerprint sensor can be beat with the right materials. However, a hacker with a fake print would still need to get their hands on the user’s physical device to take advantage of that print, which dramatically reduces the threat to the average YubiKey customer.

The YubiKey Bio will support the FIDO U2F, FIDO2, and WebAuthn protocols. In some cases, using the YubiKey to log into an app on a phone or a desktop computer will turn that phone or desktop into a trusted device, which will negate the need for daily verification when accessing certain applications. Step-up authentication would still be required for high-risk transactions.

Yubico has argued that its YubiKeys can help protect remote activity during the COVID-19 pandemic. The YubiKey Bio will be available through the company’s YubiEnterprise Subscription and YubiEnterprise Delivery services.

(Originally posted on FindBiometrics)

Sponsored Links

FaceTec’s patented, industry-leading 3D Face Authentication software anchors digital identity, creating a chain of trust from user onboarding to ongoing authentication on all modern smart devices and webcams. FaceTec’s 3D FaceMaps™ make trusted, remote identity verification finally possible. As the only technology backed by a persistent spoof bounty program and NIST/iBeta Certified Liveness Detection, FaceTec is the global standard for Liveness and 3D Face Matching with millions of users on six continents in financial services, border security, transportation, blockchain, e-voting, social networks, online dating and more. www.facetec.com

FACEPHI is a global leader in Facial Recognition technology and in Mobile Biometrics technologies. With a strong concentration in the financial sector, FacePhi’s product is rapidly becoming a service used by banks all over the world. Its implementation doesn’t just save money, it is also a way to attract clients and build loyalty, while increasing the security of transactions for both the customer and the business. To learn more about FacePhi, visit https://www.facephi.com/en/

Related News & Articles

Footer

Follow Us