Yubico’s new hardware key features a fingerprint reader for passwordless logins

Yubico, the maker of hardware security keys, has unveiled the YubiKey Bio, its first key to support biometric authentication for passwordless logins and multifactor authentication (2FA)

The launch of the YubiKey Bio comes as tech giants transition away from traditional password-based logins, a prime target for cyberattacks. Microsoft recently rolled out a passwordless sign-in option to all consumer accounts, and Google this year announced plans to eventually eliminate the password.

The YubiKey Bio — first teased almost two years ago at Microsoft Ignite in November 2019 — jumps on the passwordless bandwagon by embedding a built-in fingerprint reader to the key. Yubico describes this as the “next logical step” for the company, particularly as most modern laptops still don’t feature built-in biometric security.

Once a fingerprint is enrolled on the device, the data is stored in a secure element, while the biometric subsystem runs independently of the key’s core security functionality. All communication between the secure element and the rest of the key is encrypted to help thwart replay attacks.

“With the launch of the YubiKey Bio Series, we are proud to raise the standard for biometric security keys, enabling simple and strong passwordless authentication for our enterprise customers and everyday YubiKey users,” said Stina Ehrensvärd, CEO and co-founder of Yubico.

YubiKey Bio

YubiKey Bio (Image Credits: Yubico/supplied)

The company also notes that while no security system is foolproof, a hacker with a fake print would need to get their hands on the user’s physical device to take advantage of that print, which dramatically reduces the threat to the average YubiKey customer. Yubico will allow users to use their PINs to log in in case biometric authentication does not work due to variables in skin texture related to moisture or temperature.

Like Yubico’s other hardware security keys, such as the YubiKey 5C NFC, the YubiKey Bio is a plug-and-play device; it doesn’t require any batteries, drivers or associated software, and it will work across macOS, Windows and Linux machines. YubiKeys also support open security and authentication standards — FIDO U2F, FIDO2 and WebAuthn protocols — so they work on Macs, iPhones, Windows PCs and Android devices, as well as apps and services that support FIDO protocols out of the box.

The YubiKey Bio is out now in both USB-A ($80) and USB-C ($85) versions.