To date, NIST has endorsed only two phishing-resistant solutions: FIDO and Smart Card/PIV (PKI), Gartner has endorsed the FIDO Security Key and X.509 Hardware Token as the highest trust level for authentication. While mobile-based passkeys (synced via iCloud/Google/Microsoft) are considered high-security (AAL2), they remain vulnerable to OS alteration by virus, malware, backdoor. Hardware keys are the only way to achieve Authenticator Assurance Level 3 (AAL3), the gold standard for high-value corporate accounts
Related Posts
- You will soon be in a room with 500+ of Vietnam’s most senior financial decision-makers – CISOs, CTOs, and risk heads. What does Yubico prioritize in a gathering like that? 15.04.2026
- Passkeys are everywhere now. Apple, Google, Microsoft are all pushing synced passkeys to consumers. Why does Yubico insist that device-bound, hardware passkeys are fundamentally different? 15.04.2026
- Vietnam’s State Bank has been pushing banks towards stronger authentication, but regulatory mandates here move slowly compared to the threat landscape. How does Yubico navigate this? 15.04.2026
- Yubico recently opened its third global headquarters in Singapore, specifically to accelerate Asia Pacific growth – and Vietnam is one of the fastest-growing digital banking markets in the region. What would you say is your plan for this market? 15.04.2026