Yubico's latest physical security keys have another layer of security: fingerprint readers. The YubiKey Bio Series is the company's first lineup with built-in biometric authentication for passwordless and second-factor logins.
You can use the keys on desktop platforms that support WebAuthn, including Windows, macOS, Chrome OS and Linux operating systems and Chromium-based browsers including Edge and Chrome. With the Yubico Authenticator for Desktop app, users can add and remove fingerprints. If, for some reason, you can't use the fingerprint reader, you can enter a PIN instead.
YubiKey Bio devices support FIDO2/WebAuthn and U2F protocols, as well as the YubiEnterprise subscription service. You'll be able to use the same key for a variety of operating systems and desktop devices. It'll work with any app or service that supports FIDO protocols, including Citrix Workspace, GitHub, IBM Security Verify and Microsoft 365.
Yubico opted for a three-chip architecture, which allows it to store fingerprint data separately on a secure element. The company says that provides "enhanced protection from physical attacks."
YubiKey Bio keys are available from Yubico's website in either USB-A or USB-C formats. The USB-A model costs $80 and the USB-C is $85.