/
Mobile App Security Key (YubiKey) Support: Enhanced Authentication for Organizations

Mobile App Security Key (YubiKey) Support: Enhanced Authentication for Organizations

Mobile App: Security Key (YubiKey) Support

Overview

PreVeil now supports the use of a security key (such as a YubiKey) as an additional authentication method for mobile app access.

This feature provides organizations with an extra layer of protection beyond standard login methods. When enabled, users must verify their identity using a physical security key in addition to their usual device authentication (such as Face ID or fingerprint).

What This Means for Your Organization

Security keys introduce a stronger form of account protection by requiring something the user physically possesses. This helps reduce the risk of unauthorized access, even if a device is compromised.

  • Adds a second authentication factor on top of device-based login

  • Uses industry-standard security (WebAuthn) for authentication

  • Supports hardware keys such as YubiKey

  • Helps organizations meet stricter security and compliance requirements

Availability

This feature is not enabled by default.

  • It is controlled by an organization-level setting (F_ry)

  • Can be enabled by PreVeil Technical Support or backend teams upon request

  • Applies specifically to mobile app users within that organization

What Users Will Experience

Once enabled for an organization:

  • Users will be prompted to register a security key the next time they access their account on mobile

  • This prompt appears before any account data is accessed

  • After setup, users will see a confirmation (success) screen indicating their security key is ready

On future logins:

  • Users will authenticate using:

    1. Their device authentication (e.g., Face ID or fingerprint)

    2. Their registered security key

Session Behavior

  • A successful authentication using a security key remains valid for 24 hours

  • After this period, users will be asked to authenticate again with their security key

  • All subsequent account access will continue to require the security key

App Version Requirements

To support this feature:

  • Users must be on a compatible version of the PreVeil mobile app

    • iOS 2.0.0

    • Android 1.10.0

  • Users on older app versions may still access their accounts, but organizations may require them to upgrade to continue using the service

Administrative Notes

  • The security key requirement is enforced only after the feature is enabled for the organization

  • Configuration is handled server-side and does not require user-side setup until prompted

  • The feature integrates with PreVeil’s existing secure authentication model, which already relies on device-based authentication rather than passwords

Summary

Security key support on mobile enhances PreVeil’s already strong authentication system by introducing a hardware-based second factor. Organizations can enable this feature to provide users with a higher level of protection while maintaining a streamlined login experience.