Yubico on Wednesday announced the release of YubiKey 5C NFC, the latest YubiKey 5 series security key, which allows users to authenticate through either near-field communication (NFC) or USB-C.
Yubico has been offering hardware-based authentication solutions with both NFC and USB-C, but this is the first device that combines both — the company says this is one of its “most sought-after security keys.”
The YubiKey 5C NFC can be used to authenticate on many email, IAM, VPN, social media, collaboration, and password management services accessed through smartphones, laptops and desktop computers running Windows, macOS, Linux, Android or iOS.
The list of supported authentication protocols includes FIDO2 (WebAuthn), FIDO U2F, PIV, OATH-HOTP and OATH-TOTP, OpenPGP, YubiOTP, and challenge-response.
The YubiKey 5C NFC, sold for $55, is protected against physical damage by a fiberglass-reinforced body and military-grade hardened gold. It’s also advertised as water- and crush-resistant.
Yubico says the new security key is also ideal for enterprises, which can use its YubiEnterprise services for fast and cost-effective procurement and delivery of the devices.
“Users are no longer tied to just one device or service, nor do they want to be,” said Guido Appenzeller, chief product officer at Yubico. “That’s why the YubiKey 5C NFC is one of our most sought-after security keys — it’s compatible with a majority of modern-day computers and mobile phones and works well across a range of legacy and modern applications. At the end of the day, our customers crave security that ‘just works’ no matter what.”
Security keys are considered a highly secure and efficient authentication solution but, just like any other product, they can also have vulnerabilities.
Yubico last year replaced YubiKey FIPS security keys following the discovery of a cryptography-related issue that could cause RSA keys and ECDSA signatures generated on the device to have reduced strength.
Google also offered a free replacement for its Titan dongles last year due to a potentially serious vulnerability that exposed the devices to Bluetooth attacks.