**NOTE: This blog was originally published on August 1, 2024 and has been updated to reflect the shipping timeline of the keys on August 13, 2024
Following the release of 5.7 firmware on the YubiKey 5 Series and Security Key Series in May, we are excited to announce that YubiKey Bio Series – FIDO Edition keys enhanced with the latest 5.7 firmware are available for purchase and now officially shipping to customers as of August 13. Similar to existing keys with 5.7 updates, YubiKey Bio Series – FIDO Edition keys will have an added range of new capabilities which aim to help individuals and enterprises stay phishing-resistant consistently, and accelerate to passwordless.
The YubiKey Bio Series – FIDO Edition offers the gold standard for biometric security key authentication and is available in two form factors: USB-A and USB-C. The keys support FIDO2/WebAuthn device-bound passkeys and FIDO U2F to enable secure passwordless and second factor login for cloud-first environments or cloud and on-premise hybrid environments. The fingerprint sensor enables biometric authentication in lieu of the PIN or a touch/tap action which verifies user presence for greater convenience.
As the cyberthreat landscape evolves and becomes more sophisticated, users and organizations alike need to consistently stay phishing-resistant to create a strong defense against cyber attacks. Moving beyond the technology of phishing-resistant MFA to focusing on the end user is key to creating phishing-resistant users who are protected with authentication that travels seamlessly with them, across devices, platforms and scenarios. YubiKeys enable organizations to foster phishing-resistant users by securing all aspects of the online user account lifecycle including onboarding, authentication and account recovery.
With the lineup now on the latest 5.7 firmware, the YubiKey Bio Series – FIDO Edition keys have new capabilities for individuals and businesses alike, including:
- Support for more passkeys: While current YubiKeys offer a sufficient number of FIDO2 credentials (also known as device-bound passkeys) to meet most enterprise user needs, there has been expansion of the storage for up to 100 passkeys.
- Enhanced PIN complexity for compliance: This capability, when enabled through custom configuration at the time of order, will apply to all YubiKey applications that rely on PINs, including FIDO2. Organizations can rely on the fact that users are not using simple, common, or easy to guess PINs.
- Added flexibility on managing PINs: Already available in the earlier version of the biometric key lineup, it is worth noting that PIN management flexibility enables administrators to enforce that users change their temporary FIDO2 PIN during enrollment, upon first use. In addition, organizations can configure a minimum PIN length on the YubiKey to meet corporate and regulatory compliance mandates.
- Better asset tracking and use of allowed authenticators: Available on custom programmed keys, the new Enterprise Attestation capability allows identity providers to assure that only authenticators approved by the organization are being used and the availability of serial numbers further enables asset tracking.
- FIDO Level 2: FIDO Level 2 certification to meet customer demand for assurance of attestable hardware bound credentials.
- Migration to Yubico’s own cryptographic library: Performs the underlying cryptographic operations (decryption, signing, etc.) for RSA and ECC.
With the YubiKey Bio Series keys, biometric fingerprint-derived credentials are stored in a secure element that helps protect them against physical attacks. The result is a single, portable, and trusted hardware-backed root of trust delivering a seamless login experience across different devices, operating systems and applications. The YubiKey Bio Series – FIDO Edition keys are available via two pricing plans for businesses looking for flexibility:
- Perpetual: Keys can be purchased directly from Yubico’s store here as well as on Amazon and via our distributors and resellers globally.
- YubiEnterprise Services: YubiKey Bio – FIDO Edition keys are available as an optional add-on to all YubiKey as a Service (YubiEnterprise Subscription) tiers (Base, Advanced, Compliance). Customers can gain phishing-resistant MFA for less than the price of a cup of coffee per user per month (OPEX) utilizing YubiKey as a Service via additional subscription-only entitlements and discounts built-in. Keys will also be available from direct Yubico resellers.
The only effective approach to removing phishing from an organization’s threat landscape is to shift from implementing phishing-resistant multi-factor authentication (MFA) and instead focus on ensuring that every user and process within the organization becomes phishing-resistant. Secure authentication across the onboarding, authentication, and recovery processes that moves with users across all devices, platforms and services is critical in today’s fast-moving digital landscape.
The device-bound passkeys residing within YubiKeys can help organizations cultivate phishing-resistant users, and the enhanced YubiKey Bio Series – FIDO Edition lineup ensures that users and organizations can consistently maintain strong phishing defense and accelerate toward cyber resilience.
For more information on the 5.7 firmware updates for YubiKey 5 Series and Security Key Series keys, visit here. For more info on the YubiKey Bio Series – FIDO Edition keys, visit here or contact us.
Interested in added security protocols for your organization? Contact our sales team here regarding the Early Access program for the YubiKey Bio – Multi-protocol Edition available exclusively via YubiKey as a Service.
Disclaimer: This article is sourced from the official Yubico website. As official partners of Yubico, we have obtained permission to utilize both articles & resources for further updates with regards to Yubico’s products.