Yubikey Bio Multi-protocol Edition

Biometric Authentication

Allows or requires biometric authentication

CTAP 2.1

Supports CTAP 2.1, including features like enforced PIN complexity, credBlob, largeBlob, and alwaysUv

More Info

FIDO2 Certification

Certified by the FIDO Alliance as conforming to FIDO2 standards

More Info

FIDO L2 Certification

Certified by the FIDO Alliance to meet L2 Security Standards

More Info

Management Application

Vendor provides applications that extend or configure the device

MacOS management application

Management application runs on MacOS

Windows management application

Management application runs on Windows

Resident Cryptographic Keys

Supports WebAuthn discoverable resident credentials, the building block of passkeys

More Info

Resident ECDSA keys

Supports ECDSA discoverable keys

Resident ED25519 keys

Supports ED25519 discoverable keys

PKCS#11 SmartCard

Conforms to PKCS11 SmartCard interface standards

More Info

U2F Authentication

Conforms to the U2F Authenticator and WebAuthn standard

More Info

Windows Hello

Supports logging in using Windows Hello

The Yubikey Bio Multi-protocol Edition is Yubico’s answer to a long standing complaint about the original Yubikey Bio FIDO Edition: users wanted biometrics and PIV smart card support on the same device. This model adds PIV on top of FIDO2 and the capacitive fingerprint sensor.

It does not bring back YubiOTP, OATH, OpenPGP, or static passwords. If you want everything, you still want a regular Yubikey 5. If you want fingerprints with PIV for Windows logon and federated identity, this is the key.

The Multi-protocol Edition is sold only through Yubico’s enterprise YubiKey as a Service or Compliance tier subscriptions, not through the public store. Both USB-A and USB-C variants exist.

Fingerprint behaviour

The fingerprint sensor satisfies user verification for both FIDO2 and PIV operations. Up to five fingerprints can be enrolled per key. Failed fingerprints fall back to PIN.