YubiKey for RSA SecurID® Access is a hardware-based FIDO authentication solution that provides superior defense against phishing, eliminates account takeovers, and reduces IT costs. Combined with best-in-class credential management and enterprise-grade security from RSA SecurID Access, the solution goes beyond traditional multi-factor authentication by using identity insights, threat intelligence and business context, and paves the way to a passwordless future. The YubiKey for RSA SecurID Access security key delivers expanded authentication options for web-based or SaaS applications, including:
- Strong Two-Factor—Password + Authenticator: Adds a second factor for secure two-factor authentication.
- Strong Multi-Factor—Passwordless + PIN: Combines authentication with a PIN, to reduce friction with a simple and secure experience for remote users to access business-critical resources.
Key benefits and features include:
- Preventing man-in-the-middle attacks and account takeovers: FIDO-based hardware key with the authentication secret stored on a separate secure chip built into the key, with no connection to the internet so it cannot be copied or stolen. Data is encrypted with strong public key cryptography where only the public key is stored on the RSA SecurID Access service, eliminating risks.
- Reducing risk for the organization and complexity and costs for administrators: With its conditional access and risk-based authentication, the solution simplifies policy and decision making, and mitigates advanced threats with invisible layers of protection. Administrators can easily set up authentication policies that are intuitively based on low to high levels of risk, and leverage the risk engine—which uses machine-learning algorithms and takes into consideration information about the user’s access, device, applications and behavior—for assurance that users are who they claim to be.
- Reducing IT time and costs: With enterprise-grade credential lifecycle management, the solution simplifies and secures enrollment, self-service and emergency access, and workflow integration. It dramatically reduces the number one IT support cost—password resets—by minimizing dependency on passwords.
- Enabling complete coverage with a consistent user experience: Provides dynamic workforces with a frictionless and consistent user experience across applications.
- Offering modern authentication choice: The Identity Assurance platform helps manage all authentication options to meet the scale and complexity of enterprise environments: two-factor authentication (2FA), multifactor authentication (MFA) or mobile MFA; and a variety of authentication methods, including push notifications, SMS, OTP, biometrics, voice and hardware, software and FIDO tokens.
- Supporting multiple protocols, systems, and form factors: Authentication and cryptographic protocols supported include FIDO Universal 2nd Factor (U2F), WebAuthn/FIDO2, Personal Identity Verification-compatible (PIV) Smart Card and OpenPGP smart card. Works across major operating systems including Windows, macOS, iOS, Android and Linux, as well as leading browsers. Available in a form factor that enables users to connect via USB or NFC.
To support the YubiKey for RSA SecurID Access product, RSA also announces the release of RSA Security Key Utility, a Windows utility that you deploy on users' Windows machines to manage user verification for FIDO2-certified security keys. Users can use the utility to manage a PIN for the security key or reset the key. RSA Security Key Utility works with any FIDO2-certified USB security key.