Note: This article lists the technical specifications of the YubiKey Bio Multi-protocol Edition. If you're looking for setup instructions for your YubiKey Bio Multi-protocol Edition, see https://www.yubico.com/start.
The YubiKey Bio Multi-protocol Edition has three distinct applications, which are all independent of each other and can be used simultaneously. To find out if an application is compatible with the YubiKey Bio - Multi-protocol Edition, browse to the Works With YubiKey Catalog, and in the Series drop-down, select YubiKey Bio Series to only display services that are compatible with it.
Storage
YubiKey Application | Firmware 5.7+ | Firmware 5.6 |
FIDO2 | Up to 100 discoverable credentials (unlimited non-discoverable) | Up to 25 discoverable credentials (unlimited non-discoverable) |
FIDO U2F | Unlimited credentials | Unlimited credentials |
PIV (Smart card) | Up to 24 certificates* | Up to 24 certificates* |
*YubiKeys comply with the PIV standard for smart cards. See https://developers.yubico.com/PIV/Introduction/Certificate_slots.html for additional details on this standard and the associated slots. When used with Windows and the YubiKey Smart Card Minidriver, it is possible to load up to 12 certificates and use them for authentication. With standard PIV support (no minidriver, and/or operating systems other than Windows), only one authentication certificate is supported, and it must be stored in slot 9a. Most applications that support PIV (no minidriver) will only read from up to the first 4 slots. The remaining slots are intended to hold retired keys for the purpose of preserving the ability to decrypt encrypted e-mail, etc., and for attestation purposes.
Interface
The YubiKey Bio Multi-protocol Edition uses a USB 2.0 interface. All of the applications are available through this interface.
Applications
FIDO2
The FIDO2 application allows for secure single and multi-factor authentication, and can store up to 25 discoverable credentials (100 with firmware 5.7+). These credentials, which are protected by user verification (PIN or fingerprint), enable passwordless login, where the YubiKey, unlocked by user verification and authorized by touch, can log you in to your accounts without entering a username or password. For FIDO certification information, see YubiKey Hardware FIDO2 AAGUIDs.
USB Interface: FIDO
FIDO U2F
The U2F application can hold an unlimited number of U2F credentials.
USB Interface: FIDO
PIV (Smart Card)
Note: The YubiKey Bio Multi-protocol Edition supports using fingerprint verification in lieu of the PIN when performing cryptographic operations. In the case of PIV smart card however, to provide users with this fingerprint option, client software or middleware is required. Yubico has implemented support for this in the Yubico Minidriver from version 4.6.1. If users attempt to use PIV smart card on the YubiKey Bio Multi-protocol Edition without supporting middleware, they will encounter limitations. In scenarios where supporting middleware is not available or not utilized, users can still access the PIV application on the YubiKey Bio Multi-protocol Edition. However, they will not have the option to utilize fingerprint authentication for cryptographic operations. Instead, they will need to rely on traditional methods such as entering a PIN. While users can still access the PIV application and perform cryptographic operations, they miss out on the convenience and potentially enhanced security offered by biometric authentication. Without the fingerprint option, users may need to rely on the PIN.
This application provides a PIV compatible smart card. On Windows, the smart card functionality can be enhanced with the YubiKey Smart Card Minidriver.
Default Values:
- PIN: 123456
- PUK: 12345678
- Management Key: 010203040506070801020304050607080102030405060708 (AES)
Supported Algorithms:
- ECC P256
- ECC P384
- RSA 1024
- RSA 2048
Additional Supported Algorithms (firmware 5.7+):
- RSA 3072
- RSA 4096
- Ed25519
- X25519
Management Key Algorithms:
- TDES and AES
Slot Information:
- Slot 9a: Authentication
- Slot 9b: Management Key
- Slot 9c: Digital Signature
- Slot 9d: Key Management
- Slot 9e: Card Authentication
- Slot f9: Attestation
- Slots 82-95: Retired Key Management
USB Interface: CCID
Physical Specifications
Form Factor
Connector: USB-A
Dimensions: 18mm x 45mm x 3.35mm
Weight: 4.3g
Temperatures
Operational range: 0 °C to 40 °C (32 °F to 104 °F)
Storage range: -20 °C to 85 °C (-4 °F to 185 °F)