Yubico is a Swedish American security startup, founded in 2007 and based in Stockholm Sweden and Sunnyvale CA.
Yubico’s mission is to “make Internet identification secure, easy, and affordable for everyone”. The firm offers a physical token called YubiKey, which can be used for secure identification to web services.
The device is a simple one-button USB keyboard designed to generate a unique user identity and a one-time passcode, which will be sent to the PC as keyboard characters, thus saving the user from typing. When submitting the web form with the passcode, the information is verifed against the security provider’s authentication server. YubiKey can also be combined with a PIN or password for two-factor authentication.
YubiKey has quite good differentiating benefits compared to competing solutions. It also doesn’t require any client software or installation, and thus works on any USB-enabled computer. YubiKey can currently be used with any website supporting OpenID. At the moment other possible uses include Windows login, WordPress, Web single sign on, OpenVPN, Phpbb Forum, and Windows ActiveDirectory. Yubico has a developer community working on gradually spreading the support.
The company states the product suits perfectly any high security web-based application where fast and frequent online authentication is needed, for example government services and financial transactions as well as different purchases. According to their own words they aim to serve everyone from individuals to large corporations and the web community (which sounds ok for a universal security solution provider, though somewhat unfocused for a startup).
Yubico sells the YubiKey hardware online for quite an affordable price of 30 USD and offers the basic SDK under open source, to enable building customized authentication services. They also run their own validation servers and offer the service for subscription.
