Successfully piloted by leading enterprises, the new product eliminates the risk of card and PIN being remotely hacked by Trojans, which has recently happened to other smart cards used by the Federal government.
Last year, it was revealed that a new Trojan had been used by hackers to compromise smart cards to access sensitive information in military networks and aerospace technology firms. The hackers had adapted the Sykipot Trojan to lift card credentials from compromised systems.
Using phishing emails, users were then tricked to then download a key-logger on their machines stealing PINs associated with the smart cards. Once attackers had the authentication codes and associated PINs they gained the same level of trusted access to sensitive networks as the user whose smart card credentials they have stolen.
The rugged, minimally sized YubiKey NEO fits naturally on a keychain. It can be ordered from the Yubico web store for $50.
“Easy to use and highly secure, the user simply inserts the device into a USB-port, or taps it to an NFC enabled mobile device. As an additional form of authentication, the user then physically touches the device to generate an encrypted pass code that cannot be triggered remotely by malware,” explains Stina Ehrensvard, Yubico CEO & founder.