Yubico Preferred Partner · Indonesia
Physical-device login protection for critical accounts
& high-stakes access
YubiKey reduces phishing, password theft, and account takeover through strong yet practical hardware authentication — with integration and compliance guided by DTI (OJK · BI · BSSN).
ABOUT YUBIKEY
Hardware-grade authentication, by design.
SMS OTP and software authenticators look secure until a phishing attack succeeds. Real-world breaches against Indonesian banks, ministries, and enterprises increasingly route through credential theft and session hijacking — exactly the vectors that FIDO2 hardware keys are designed to defeat.
YubiKey binds authentication to the legitimate origin via cryptographic challenge-response. A phishing page can’t capture the credential because the credential never leaves the device. No batteries means no expired tokens. No network requirement means it works offline, in air-gapped environments, in classified facilities.
As Yubico’s Preferred Partner in Indonesia, DTI ships in any quantity — from 10-key pilot deployments to enterprise-wide rollouts of thousands. We handle logistics, registration, integration support, and post-deployment user training.
PRODUCT CATALOG
Choose your YubiKey
Compare the YubiKey series by protocol and form factor, then request a quote — all handled by DTI.
WHY YUBIKEY
Six things hardware does that software can’t
YubiKey adds a physical authentication layer that is harder to trick than passwords, OTPs, or standard software-based approvals.
Phishing-resistant
FIDO2/WebAuthn protocols bind authentication to the legitimate origin. Phishing pages can’t capture the credential because it never leaves the device.
Multi-protocol
One key supports FIDO2, U2F, smart card (PIV), OTP, OpenPGP. Single device, broad coverage across identity providers and systems.
No batteries, no network
Powered by the host (USB/NFC). Works offline. Never expires from low battery. Survives air-gapped and classified environments.
Crush-resistant
Solid-state, waterproof, drop-tested. Lasts years of daily use on a keyring or in a wallet without performance degradation.
Form factors
YubiKey 5 NFC (USB-A + NFC), 5C NFC (USB-C + NFC), 5Ci (USB-C + Lightning), Bio (fingerprint). Match the key to your device fleet.
FIPS variants
YubiKey 5 FIPS Series for FIPS 140-2 Level 2 — required by some government and regulated procurements for classified system access.
USE CASES BY INDUSTRY
Where YubiKey hardens access
Banking & FSI
Core banking admin, treasury systems, internal app SSO, executive access.
Healthcare
EHR/EMR admin access, pharmacy controls, billing system protection.
Government & BUMN
Classified system access, ministry SSO, BUMN executive controls.
Enterprise
Executive accounts, IT admin, vendor portals, M365/Google Workspace SSO.
WHY THROUGH DTI
More than buying a key — we make sure it’s deployed, integrated, and compliant
YubiKey can be bought anywhere. Secure, compliant outcomes can’t.
STANDARDS & CERTIFICATIONS
Relevant credentials
GLOBALLY TRUSTED
Why the world’s most security-conscious organizations choose YubiKey
According to Yubico
- FIPS 140-3 validated — NIST Certificate #5291 (5 FIPS Series), meeting AAL3, the highest assurance level for phishing-resistant MFA.
- OpenAI now issues custom YubiKeys and requires passkey login for access to its most powerful AI models (2026).
- Forrester (commissioned by Yubico, 2026): 265% ROI and a 99.99% reduction in addressable breach risk when replacing traditional MFA/OTP.
Adoption and ROI figures are reported by Yubico / Forrester (2026). The FIPS 140-3 certification is an independent NIST CMVP record (Cert #5291).
FAQ
Common questions
Does this meet Indonesian banking regulation (POJK 11/2022 / PADK 1/2026)?
Indonesian rules are technology-neutral — no regulation mandates a specific method or bans any. PADK 1/2026 requires risk-based authentication chosen from "what you know / what you have / something you are." A YubiKey is a hardware "what you have" token (and "something you are" on Bio models) — a recognized factor that strengthens authentication for high-risk accounts. DTI helps map this to your risk profile. (Guidance, not legal advice.)
Is it expensive compared to OTP?
YubiKey is a one-time purchase with no recurring SMS costs. Weigh it against the cost of a single account-takeover incident.
Is integration hard?
It supports the FIDO2/WebAuthn standard. DTI helps integrate SSO (M365, Google Workspace, core banking).
What about user training?
Tap-and-go — very simple. DTI provides a short walkthrough for your team.
What if a key is lost?
We help design backup-key & recovery policies so access stays secure and continuous.
FREE DOWNLOADS
Guides, checklists & whitepapers
Download the YubiKey buyer's guide, the FIDO2-vs-SMS-OTP whitepaper, and the POJK 11/2022 & PADK 1/2026 migration checklist.
OTHER PRODUCTS
Specialist depth in three categories
Tilaka Digital Signature
Certified electronic signatures for approval workflows that are faster, legally valid, and easy to trace and audit.
DHealth SIMRS
Hospital information system and electronic medical records that help hospitals operate more cohesively and efficiently.
Data Sanitization
Permanent hardware data destruction (HDD & SSD) — degaussing, physical destruction, and shredding, with a certificate of destruction.
READY TO DEPLOY YUBIKEY?
Sandbox access and a tailored walkthrough.
Schedule a discussion to identify which accounts, systems, and users should be prioritized for hardware authentication.
