T-Mobile rolled out phishing-resistant, modern passwordless authentication with device-bound passkeys
SANTA CLARA, CA and STOCKHOLM, SWEDEN — January 21, 2025 — Yubico (NASDAQ STOCKHOLM: YUBICO), the leading provider of hardware authentication security keys, worked with T-Mobile US to deploy FIDO2 YubiKeys to its teams including employees, vendors and authorized retail partners in late 2023. The passwordless, device-bound passkeys replaced legacy authentication to further secure the Un-carrier’s work systems and information amidst the growing escalation of cyber threats, stopping unauthorized credential use by bad actors over the last year.
Enterprises and other organizations that rely on legacy multi-factor authentication (MFA) methods like passwords and one-time passwords (OTPs) can be susceptible to one of the most common tactics used by bad actors — phishing attacks. Typically, this involves sending a fake or fraudulent email, text or other communication in an attempt to steal someone’s sensitive information.
With Yubico’s FIDO2 security keys, T-Mobile’s teams no longer have to change or remember their passwords, or type in OTP codes that could be intercepted by bad actors; they use their YubiKey to passwordlessly authenticate and verify their identity to gain access to the resources they need.
“T-Mobile took a critical step forward to further reduce credential phishing by deploying the stronger, device-bound passkey solution that Yubico offers,” said Jeff Simon, chief security officer, T-Mobile. “Once we had our YubiKeys in hand we were able to get them up and running across the company in less than three months, and we’ve seen the positive results after just one year of having them. That progress is even more important in today’s environment where bad actors continue to wage sophisticated campaigns to attempt to infiltrate telecommunication networks. YubiKeys continue to be an important element of how we approach cyber protection.”
“AI and the sophistication of bad actors continue to evolve, putting enterprises and their personnel at higher risk than ever before. To protect against phishing attacks, companies need to act now to adopt and implement hardware-based security keys, which are the strongest multi-factor authentication available,” said Jerrod Chong, president and COO, Yubico. “T-Mobile’s deployment of YubiKeys is a great example of how enterprises committed to cybersecurity can rapidly and effectively deploy YubiKeys to reduce phishing.”
In 2023, the Anti-Phishing Working Group (APWG) observed almost five million unique phishing attacks, which is the worst year on record. These attacks not only result in billions of dollars in yearly losses for businesses but threaten the safe interconnected operation of critical infrastructure and services, from government agencies to financial institutions, factories, healthcare and human rights organizations.
Yubico has pioneered enterprise hardware-based security keys since 2007, championing open authentication standards and delivering modern, device-bound passkey authentication security at scale to customers. YubiKeys support multiple phishing-resistant authentication protocols such as FIDO2/WebAuthn, U2F and Smart Card (PIV). This provides a pathway to passwordless authentication for enterprises of any size. With support for hundreds of applications and services, YubiKeys deliver seamless operation across all operating systems and mobile devices, are easy to use and help save time for IT help desks in resetting passwords for employees. This form of modern MFA positions enterprises to take advantage of passwordless environments across their many applications, teams and business processes, including retail environments.
To hear more about T-Mobile’s cybersecurity, go here. For more information on how to deploy phishing-resistant MFA across the enterprise and cultivate phishing-resistant users, visit www.yubico.com.
###
About Yubico
Yubico (NASDAQ STOCKHOLM: YUBICO), the inventor of the YubiKey, offers the gold standard for phishing-resistant multi-factor authentication (MFA), stopping account takeovers in their tracks and making secure login easy and available for everyone.
Since the company was founded in 2007, it has been a leader in setting global standards for secure access to computers, mobile devices, servers, browsers, and internet accounts. Yubico is a creator and core contributor to the FIDO2, WebAuthn, and FIDO Universal 2nd Factor (U2F) open authentication standards, and is a pioneer in delivering modern, hardware-based passkey authentication security at scale to customers in over 160 countries.
Yubico’s solutions enable passwordless logins using the most secure form of passkey technology. YubiKeys work out-of-the-box across hundreds of consumer and enterprise applications and services, delivering strong security with a fast and easy experience.
As part of its mission to make the internet more secure for everyone, Yubico donates YubiKeys to organizations helping at-risk individuals through the philanthropic initiative, Secure it Forward. The company is headquartered in Stockholm and Santa Clara, CA. For more information on Yubico, visit us at www.yubico.com.
Media Contacts:
Yubico Media Relations
Press@yubico.com
