SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Australia

Guides

#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware

Search

Unnamed
#
Encryption
#
Crypto
#
Quantum Computing

Yubico unveils post-quantum security keys & new digital identity features

Thu, 23rd Oct 2025
Author image
By Sean Mitchell, Publisher

Yubico has presented new Post-Quantum Cryptography (PQC) prototypes alongside expanded digital identity features.

The company previewed developments designed to strengthen authentication and digital identity security, emphasising capabilities that go beyond traditional password replacement. Yubico showed how passkeys can be utilised for not only securely logging into systems but also for signing and authorising other sensitive digital operations via a YubiKey inside a standards-based digital wallet.

According to the company, this approach relies on a single root of trust used for phishing-resistant login, which can also be extended to approve other sensitive actions, streamlining security for users and developers alike.

Passkey capability

The company highlighted three key benefits of the extended passkey solution: increased flexibility for developers building high-assurance experiences, a familiar and simple user experience requiring no changes in user habits, and stronger privacy by keeping sensitive operations physically anchored to a device controlled by the user.

Yubico's co-founder, Stina Ehrensvärd, has described how passkeys and verifiable credentials work best together, rather than as competing solutions. Yubico is involved in a collaboration with Sunet, GUNet, SURF, and the SIROS Foundation to enhance wwWallet, a digital identity wallet for the web which is enabled for passkey usage.

Post-quantum demonstration

The company also showcased an early-stage prototype performing post-quantum signatures via a hardware security key. The demonstration was designed to show that although the user only needs to activate the device and produce a signature, the underlying cryptography could withstand advanced attacks, such as those anticipated from future quantum computers.

Yubico clarified several points regarding this PQC prototype. Progress on standards is ongoing, with groups such as FIDO and IETF active in the development process. The company underlined that the prototype is a demonstration of feasibility and performance and is not a commercial product announcement. It also stated that new hardware will be necessary for final products using PQC algorithms, as current hardware does not have the required capacity.

Potential applications

According to the company, the advances in PQC and passkey-enabled identity solutions could support multiple critical use cases. These include high-assurance approvals for tasks like code deployment, wire transfers, rotating a KMS root, or policy changes, conducted through a single hardware key press. A privacy-preserving design means decryption processes remain confined to the user's own device, keeping sensitive data away from potentially vulnerable cloud environments.

The company also noted that verifiable credentials and passkeys could complement one another. Passkeys confirm control of an authenticator, whereas verifiable credentials can be used to prove personal attributes such as employment or citizenship status, without sharing unnecessary information. Yubico's approach seeks to allow secure authentication and selective information disclosure through a single device.

"The industry's ongoing commitment to crypto-agility is vital. Adopting PQC across protocols and products will take time, but that's a strength, not a weakness. Rushing crypto transitions has never ended well in security history," said Christopher Harrell, Chief Technology Officer at Yubico.

The demonstrations were met positively by event attendees, with a number noting the practical demonstration of post-quantum authentication provided tangible insight into the evolving security landscape.

"Security is evolving from 'prove you know a password' to 'prove possession and intent,' and increasingly, 'prove just enough about yourself with privacy intact.' Hardware-backed credentials remain the most dependable way to achieve that balance at scale," said Christopher Harrell. "Our mission is to make the strongest option the easiest option across login, approvals and identity-rich scenarios," he concluded.
Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Hexaware boosts cybersecurity with strategic CyberSolve acquisition
Ping Identity launches platform to secure & manage AI agents
Gigamon unveils quantum-safe cryptography in GigaVUE update
Australians warned over AI-driven scams ahead of Christmas sales
2026 to bring AI reckoning as value & trust trump hype

Top stories

Fortinet unveils Secure AI Data Centre to protect large models
Bitdefender unveils Security Data Lake to cut alert overload
Harnessing the power of ICT to propel your enterprise forward: Five key trends you need to be across in 2026
The cybersecurity imperative for smart factories
Fortinet unveils Secure AI Data Centre with 69% power saving