You will soon be in a room with 500+ of Vietnam’s most senior financial decision-makers – CISOs, CTOs, and risk heads. What does Yubico prioritize in a gathering like that?
Yubico will share that the rise of AI has enabled attackers to increase the threat of phishing and malware exposing confidential information, and wiping out digital banking accounts in a split second. We want focus on the root cause of most data breaches and the solution that prevents or protects without relying on end-user vigilance.
Read
Passkeys are everywhere now. Apple, Google, Microsoft are all pushing synced passkeys to consumers. Why does Yubico insist that device-bound, hardware passkeys are fundamentally different?
While mobile-based passkeys (synced via iCloud/Google/Microsoft) are considered high-security (AAL2), they remain vulnerable to OS alteration by virus, malware, backdoor. Hardware keys (isolated secure element) are the only way to achieve Authenticator Assurance Level 3 (AAL3), the gold standard for high-value corporate accounts. Below is a comparison of storing passkeys on various devices for your reference:
Please note that platform passkeys on a PC or mobile phone can still be compromised by remote control malware; therefore, a hardware token (out of band) like a YubiKey remains the gold standard because it requires the user’s FIDO hardware and presence (touch) to authenticate. See how a malware scammer steals your money.
Read
Vietnam’s State Bank has been pushing banks towards stronger authentication, but regulatory mandates here move slowly compared to the threat landscape. How does Yubico navigate this?
The SBV issued Circular No. 50/2024/TT-NHNN, which took effect on January 1, 2025; however, some clauses take effect on January 1, 2026. Although FIDO is on the required list of strong authentication methods, other options like SoftOTP, TokenOTP, e-signature exist. Therefore, many banks still comply with regulations using their existing banking systems. Yubico has been meeting with many banks individually to educate them on the importance of phishing-resistant MFA to protect the banks and their digital banking users. We want to leverage WFIS 2026 in Vietnam to help more financial institutions address their current threats.
Read
Yubico recently opened its third global headquarters in Singapore, specifically to accelerate Asia Pacific growth – and Vietnam is one of the fastest-growing digital banking markets in the region. What would you say is your plan for this market?
Yubico has been selling to and influencing regulators, including the State Bank of Vietnam (SBV) since 2017. We have also influenced the Monetary Authority of Singapore (MAS), Bangko Sentral ng Pilipinas (BSP), and Bank Negara Malaysia (BNM), among others, to protect regional financial institutions from phishing and remote control malware that takes over digital banking users’ accounts. Our third global headquarters in Singapore will support these fastest-growing markets, including government and other industry sectors, by quickly sending finished products across Asia.
Read
Yubico invented the YubiKey, co-created the FIDO standard, and spent nearly two decades advocating for hardware-based authentication is the only real answer to credential theft. Walk us through that conviction
To date, NIST has endorsed only two phishing-resistant solutions: FIDO and Smart Card/PIV (PKI), Gartner has endorsed the FIDO Security Key and X.509 Hardware Token as the highest trust level for authentication. While mobile-based passkeys (synced via iCloud/Google/Microsoft) are considered high-security (AAL2), they remain vulnerable to OS alteration by virus, malware, backdoor. Hardware keys are the only way to achieve Authenticator Assurance Level 3 (AAL3), the gold standard for high-value corporate accounts
Read
