Yubico Security Key Enterprise Edition
The Security Key with a serial number you can read at registration. For organisations that want attestation tied to procurement.
Yubico Security Key Enterprise Edition
CTAP 2.1
Supports CTAP 2.1, including features like enforced PIN complexity, credBlob, largeBlob, and alwaysUv
More InfoEnterprise Attestation
Reveals a unique attestation certificate during FIDO registration so identity providers can tie a credential to a specific device
More Info
Resident Cryptographic Keys
Supports WebAuthn discoverable resident credentials, the building block of passkeys
More Info
Resident ECDSA keys
Supports ECDSA discoverable keys
Resident ED25519 keys
Supports ED25519 discoverable keys
The Security Key Enterprise Edition is structurally identical to the Security Key NFC and the Security Key C NFC, but it ships with an Enterprise Attestation certificate. When an organisation has the right relying party configuration, the key reveals its serial number during FIDO registration. That lets identity teams tie a registered credential to a specific physical key, which in turn lets them invalidate registrations when a key is lost without affecting other users.
Yubico sells the Enterprise Edition through their YubiKey as a Service program rather than the public store. It is available in USB-A plus NFC and USB-C plus NFC.
This feature only matters if your identity provider actually consumes attestation. Microsoft Entra ID does, Google Workspace does, Okta does. Most consumer relying parties do not, so for personal use the regular Security Key NFC is the same key without the cost premium.