Yubico extends USB authentication device to NFC enabled smartphones

NFC mobile security

The device is called the YubiKey NEO and is expected to bring improved security to mobile smartphones through NFC technology (view press release). It can be used to authenticate operations such as an email account or an NFC payment service for example. When tapped by the YubiKey NEO the phone emits a securely encrypted one-time password (OTP) compatible with that of the YubiKey. There is no need to download an app in conjunction with the device as, when read on a smartphone, it triggers the browser with a programmable URL that includes the OTP. Apps can support the YubiKey as well though, such as LastPass for Android, which securely unlocks the password vault of the phone with a swipe of the key. YubiKey NEO is similar in size to a typical door key and fits on a key chain. It also includes a USB portal for use with a computer.

CEO and founder of Yubico, Stina Ehrensvard, explains that “mobile applications have shown to be vulnerable to several forms of attack. Having a separate easy-to-use hardware device that leverages two-factor authentication for your smartphone is critical for minimizing the risk of mobile malware.”

The technology will be presented to the RSA Conference in San Francisco February 27th – March 1st. Pre-production samples can be ordered from Yubico online from February 27th.

Related reading

Leave a comment