HYPR and Yubico have expanded their longstanding collaboration to help enterprises scale secure passkey deployment and strengthen identity assurance across distributed workforces.
The partnership aims to address one of the most persistent challenges facing enterprises adopting passkey security: ensuring that every YubiKey is issued to, and activated by, the correct verified individual. As organisations continue to deploy YubiKeys in growing numbers, the need to protect provisioning against account takeovers, social-engineering attacks, and identity spoofing has heightened.
HYPR specialises in enabling phishing-resistant authentication and identity verification through its product HYPR Affirm, which orchestrates high-assurance verification methods such as government ID checks, biometric validation, liveness detection, location signals, and optional peer-based attestation. Yubico is best known for its YubiKey hardware security keys that support FIDO standards and provide hardware-backed, phishing-resistant login security for enterprises and consumers.
Through this deeper integration, HYPR Affirm now connects directly with Yubico’s provisioning infrastructure. This allows enterprises to link a verified user identity to a pre-registered FIDO credential before a YubiKey is shipped out. Yubico provisions the credential and binds it to the organisation’s identity provider, ensuring that the key can be activated only by the intended recipient. The end user then receives a device ready for secure activation within minutes, without shared secrets or manual IT intervention.
The solution is designed for organisations deploying hundreds or thousands of YubiKeys worldwide to support hybrid and remote teams. By anchoring each key to verified identity in advance, businesses can reduce failed enrolments, lower support volumes, and accelerate protection across global teams.
The integration also supports lifecycle needs such as re-verification when keys are lost, damaged, reassigned or needed for new role permissions, reducing potential social-engineering risks during helpdesk interactions.
The companies stated that the partnership signals a transition from manual, trust-based hardware issuance to a verifiable, automated, and scalable model for identity-bound passkey security in the enterprise.
Keep up with all the latest RegTech news here
Copyright © 2025 RegTech Analyst
Copyright © 2018 RegTech Analyst
