YubiKey

Description

Technology Description

The YubiKey is a multi-factor authentication device that protects numerous systems, networks, and applications from common cyber attacks with just a simple touch. With support for multiple authentication protocols, YubiKeys are powerful and flexible enough to secure a wide range of applications including: computer logins, remote VPN, identity access management platforms, password managers, and popular online services such as Google, Dropbox and Facebook.

Technology Tutorials / Documentation

Yubico has published integration libraries, plugins and documentation which you can use to make your application work with the YubiKey. More information can be found at https://developers.yubico.com/.

Technology Organization

Yubico sets new global standards for simple and secure access to computers, servers, and internet accounts.

The company’s core invention, the YubiKey, delivers strong hardware protection, with a simple touch, across any number of IT systems and online services. The YubiHSM, Yubico’s ultra-portable hardware security module, protects sensitive data stored in servers.

Yubico is also a leading contributor to the FIDO Universal 2nd Factor open authentication standard.

Challenges Tied to This Technology

DESCRIPTION:

Yubico believes that everyone deserves strong, easy, and affordable authentication, and we are committed to helping every internet citizen take control of their online identities. That’s why we invented the YubiKey — a multi-protocol multi-factor authentication (MFA) device used by millions around the globe — and co-authored the FIDO U2F and FIDO2 open authentication standards. The DeveloperWeek NYC Hackathon is your opportunity to ensure the innovative product(s) you're building are also secured with strong authentication using a YubiKey.


OUR CHALLENGE:

We want security to be a top priority during the Hackathon, and also easy to implement! Any connected device, mobile application, web service, or network requires adequate protection for user data and privacy, and the YubiKey is designed to make that a possibility with easy and strong authentication.

Our challenge is to incorporate YubiKey MFA support into a stand alone project, or any number of other DeveloperWeek challenges. Working with the YubiKey is flexible and agile as it supports multiple authentication protocols, including one-time password (OTP), smart card (PIV), OpenPGP, FIDO U2F, and FIDO2. YubiKeys are compatible with Microsoft Windows, Mac OS X, Linux, and Chrome OS operating systems; major web browsers (Opera, Chrome, and Firefox); and iOS, Android and Windows mobile devices.

Yubico has published integration libraries, plugins and documentation, which you can use to make your project work with the YubiKey. All YubiKey authentication protocols are welcome. Yubico employees will also be on site at Booth #203 to help answer integration questions.

TEAM INSTRUCTIONS:

- Visit the Yubico booth (#203) to familiarize yourself with the functionality of the YubiKey, and receive a complimentary YubiKey for your challenge.

- Decide if you want to build a stand-alone solution with the YubiKey, or if you would like to add YubiKey 2FA functionality to another DeveloperWeek challenge you are working on

- Establish what authentication protocol you would like to use for the integration. This is primarily dependent on how much time you have for the challenge, what type of data you are protecting, and what type of user experience you want to offer your users.

- Review YubiKey documentation from developers.yubico.com to being integrating with the YubiKey.


JUDGING:

Yubico judges will evaluate projects based on YubiKey integrations, but also the larger project as a whole. While the technical security architecture and implementation is critical, we are also looking for innovative solutions that address unique or important use cases for consumers and/or enterprises. Each challenge will be judged based on the following criteria:

- Originality/Innovation: How original or innovative is this solution compared to other products and platforms already available on the market? The challenge should provide a unique approach to solving a problem.

- Impact: What is the potential for the project to drive immediate real-world impact?

- Security and User Privacy: To what extent does the solution ensure user data is safe and kept private?

- Design / User Experience: How easy and intuitive is use of the solution? Does it adhere to Yubico’s standards of frictionless, strong secure authentication using the YubiKey?

- Functionality: Working functionality of the application as submitted.

- Strategic Approach: We recognize that this is a hackathon challenge and that time is limited. While some of the integrations may not be complete or perfected, we are looking for teams who can speak to the larger vision of the project, any long-term goals, and what might have been done differently if given more time.

Events Specific to This Technology

This is the DeveloperWeek 2018 SF Bay Hackathon!

Projects Utilizing This Technology

UWave is an innovative technology that plans to tackle the difficulty every-day users have with transfering cryptocurrencies. The idea is to enable easy, fast, and secure transactions to be initiated on the behalf of users, much like a credit card. UWave uses YubiKey technology to generate OTPs for others to transfer money out of your account with your permission. UWave uses Smart Contracts to obviscate the transfer of money, enabling private transactions to stay private even on the blockchain.

Mobile Web App to help with Mental Illness Treatment & Therapy.

Building a system that uses Yubico's YubiKey by sending over user data in a secure way.