
- Google Play Services update expands support for NFC-enabled FIDO2 security keys, while YubiKey Passkey Enabler helps organisations roll out hardware-backed passkeys at scale
To support this shift, Yubico has announced the general availability of YubiKey Passkey Enabler, a dedicated Android Credential Provider designed to make passkey registration and authentication with YubiKeys more seamless across Android devices.
While passkeys are designed to eliminate many of the weaknesses associated with passwords and legacy multi-factor authentication, successful enterprise adoption depends on employees being able to use them easily and consistently across all their devices.
“Passkeys are one of the most important shifts in digital identity, but security only works when people can actually use them,” said Geoff Schomburgk, Vice President, Asia Pacific and Japan, Yubico. “Google’s expanded support for NFC-enabled FIDO2 security keys on Android is a major step forward for the ecosystem. With YubiKey Passkey Enabler, available from Google Play Services, organisations can now deliver a more intuitive Android passkey experience while raising the security bar with hardware-backed, phishing-resistant authentication.”
YubiKey Passkey Enabler is built on the Android Credential Manager Provider API and Yubico’s YubiKit SDK. The app bridges the gap between strong hardware-backed security and everyday usability by helping users complete passkey registration and authentication with fewer barriers.
For enterprise customers, the app can also be centrally deployed and configured using Mobile Device Management software. This allows IT teams to roll out a consistent, high-assurance authentication workflow across Android fleets without burdening end users with configuration.
Key features include:
- Passkey configuration: The app guides the user to the appropriate Android settings to enable passkey providers and to update the preferred service to YubiKeys.
- Always ask for PIN: When this option is enabled, the user is only required to tap the YubiKey once, instead of twice (once before and once after the PIN). This provides a nicer user experience.
- Temporary PIN Support: When a user assumes ownership of a new YubiKey, they are sometimes required to change the PIN on the YubiKey when used for the first time. The app enables this to occur over USB or NFC.
- PIN complexity: The app reads the PIN complexity configuration from the YubiKey firmware and provides guidance to the user.
- Antenna hints: Each Android phone manufacturer places the NFC antenna in a different spot, so the antenna hint shows the user exactly where to place the YubiKey.
- MDM / managed configuration: The Passkey Enabler app allows corporate IT administrators to deploy the correct configuration settings so that the end user can simply use YubiKeys.
Passkeys are designed to resist phishing and adversary-in-the-middle attacks by cryptographically binding each credential to the website’s origin. This means a passkey cannot be used on a lookalike or proxy site. The YubiKey Passkey Enabler helps enforce this protection by verifying the authenticating user before any signing occurs.
For browser-based requests, the app accepts requests only from trusted browsers and checks that the website’s origin matches the relying party ID. For native Android apps, the provider uses Digital Asset Links to confirm the calling app is authorised by the relying party. If verification fails, the request is rejected before any cryptographic operation is performed.
The YubiKey Passkey Enabler is available now for Android users and enterprise deployments.
IndianWeb2.com is an independent digital media platform for business, entrepreneurship, science, technology, startups, gadgets and climate change news & reviews.
No comments
Post a Comment