san francisco In almost every hacker attack, passwords are stolen and misused. Even improved methods such as sending a code via SMS or app are vulnerable. Security experts have been working on better solutions for years. The Swedish-American entrepreneur Stina Ehrensvärd is convinced that she has found the right approach: she has succeeded in bringing the rival tech giants Apple, Google and Microsoft together for a common standard.
Ehrensvärd is the head of the Yubico company in San Francisco, which sells the security key Yubikey. The small device is used like a conventional key to open locked accesses – just digitally. The Yubikey can be plugged into the computer via the USB interface, and with a smartphone or tablet it can be released via NFC by holding the device in front of it.
Without the physical key, attackers are denied access. “It offers a very high level of security. You must not lose your key under any circumstances,” says Ehrensvärd in an interview with the Handelsblatt.
A number of large technology companies such as Google, Twitter and Microsoft are already using Yubico’s keys among their employees. The technology will soon have an even greater reach. “Our goal is to make passwords obsolete and the internet safer,” said Ehrensvärd.
Top jobs of the day
Find the best jobs now and
be notified by email.
The company boss founded Yubico in 2007 together with her husband in Stockholm. In 2009, the topic of cyber security skyrocketed in importance worldwide: Large US technology companies fell victim to numerous hacker attacks over a period of several months. The series of attacks was described as “Operation Aurora” and blamed on state attackers from China. Google was one of the victims.
Yubico’s technology should then make the world’s largest search engine operator more secure. “Google wanted 20,000 Yubikeys from us,” says Ehrensvärd. “They have rolled out the technology for all their employees.”
Ehrensvärd relocated the company headquarters to Silicon Valley in order to convince other companies of the approach. The founder created an alliance of technology companies that developed the open standard called Fido to be able to do without passwords in the future.
Apple, Google and Microsoft rely on dialing in without a password
Password-free dial-up could soon be rolled out across large parts of the Internet. Apple, Google and Microsoft have announced that they will in future offer options on their platforms for doing without passwords. This does not necessarily mean that a Yubikey has to be used. It can also scan a fingerprint, face, or other characteristics to provide secure access.
The responsible Google manager Mark Risher says: “This milestone is a testament to the joint work across the industry to improve protection and get rid of the outdated authentication with passwords.” Risher announced that dialing in without a password on all Google – Roll out offers like Chrome, ChromeOS or Android.
Microsoft is taking similar steps. Users can already log on to Windows by scanning their face. “The full shift to a passwordless world will begin with consumers making it a natural part of their lives,” said Microsoft executive Alex Simons.
>> Read also: Zero Trust: This technology is changing cyber security – and the world of work
iPhone manufacturer Apple also wants to implement the technology. “Just as we design our products to be intuitive and powerful, we design them to be private and secure,” said Apple executive Kurt Knight.
As long as companies like Google, Microsoft and Apple also rely on their own systems for the changeover, Yubico should only benefit to a limited extent from the development. Ehrensvärd expects the company to achieve sales of around $200 million this year, about 60 percent more than last year. “We are profitable and growing well,” says Ehrensvärd.
Your company has raised a total of around $80 million from investors and was valued at around $730 million in the last round of financing in 2020.
Ehrensvärd expects a new impetus from a new regulation in the USA. US President Joe Biden has instructed all federal agencies to transition their computer systems to dial-up methods that are not vulnerable to stolen passwords by 2024.
But Ehrensvärd is also looking at Europe. The Yubikey can also help with online IDs. There are talks in the EU. “But it’s still too early to say anything concrete,” says Ehrensvärd.
More: The invisible war: Global hacker gangs are threatening Germany – affected companies are unpacking