Google offers the Firebase suite of application development tools, available free or at cost for higher degree of usages, priced flexibly accorded to features needed. The suite includes A/B testing and Crashlytics, Cloud Messaging (FCM) and in-app messaging, cloud storage and NoSQL storage (Cloud Firestore and Firestore Realtime Database), and other features supporting developers with flexible mobile application development.
$0.01
Per Verification
Yubico YubiKeys
Score 9.4 out of 10
N/A
Yubico YubiKeys make the internet safer with phishing-resistant multi-factor authentication (MFA) by providing simple and secure access to computers, mobile devices, servers, and internet accounts. The Yubico YubiKey stops account takeovers at scale by mitigating phishing and ransomware attacks, and delivers users authentication with a simple touch or tap.
Firebase should be your first choice if your platform is mobile first. Firebase's mobile platform support for client-side applications is second to none, and I cannot think of a comparable cross-platform toolkit. Firebase also integrates well with your server-side solution, meaning that you can plug Firebase into your existing app architecture with minimal effort.
Firebase lags behind on the desktop, however. Although macOS support is rapidly catching up, full Windows support is a glaring omission for most Firebase features. This means that if your platform targets Windows, you will need to implement the client functionality manually using Firebase's web APIs and wrappers, or look for another solution.
I think, as I said, it's perfectly suited for second-factor authentication where all you have to do is a security team registers the key and you put it in your laptop and then you use it as a second factor. I think that's the best use case governing all access to making it a mandatory second factor so not relying on your cell phone or authenticator app, you just have this hardware thing which is much more secure and you can carry it with you as well when you are traveling.
Analytics wise, retention is extremely important to our app, therefore we take advantage of the cohort analysis to see the impact of our middle funnel (retargeting, push, email) efforts affect the percent of users that come back into the app. Firebase allows us to easily segment these this data and look at a running average based on certain dates.
When it comes to any mobile app, a deep linking strategy is essential to any apps success. With Firebase's Dynamic Links, we are able to share dynamic links (recognize user device) that are able to redirect to in-app content. These deep links allow users to share other deep-linked content with friends, that also have link preview assets.
Firebase allows users to effectively track events, funnels, and MAUs. With this simple event tracking feature, users can put organize these events into funnels of their main user flows (e.g., checkout flows, onboarding flows, etc.), and subsequently be able to understand where the drop-off is in the funnel and then prioritize areas of the funnel to fix. Also, MAU is important to be able to tell if you are bringing in new users and what's the active volume for each platform (Android, iOS).
Remote access. I'm able to sign documents with the certificates that we have placed on our Yubico YubiKeys, so it's nice to be able to sign a document from anywhere, from any computer with my YubiKey instead of having to look for an adapter for my common access card.
Attribution and specifically multi-touch attribution could be more robust such as Branch or Appsflyer but understand this isn't Firebases bread and butter.
More parameters. Firebase allows you to track tons of events (believe it's up to 50 or so) but the parameters of the events it only allows you to track 5 which is so messily and unbelievable. So you're able to get good high-level data but if you want to get granular with the events and actions are taken on your app to get real data insight you either have to go with a paid data analytics platform or bring on someone that's an expert in SQL to go through Big Query.
City-specific data instead of just country-specific data would have been a huge plus as well.
It can be about access control because either right now it's just you have access or you don't have access. I think there can be a use case where you are allowed a particular set of servers and not a particular set of servers. I think maybe it's there or we don't use it, but I haven't seen that. I think I've used Yubico YubiKeys at two companies and I haven't seen that. Maybe that's something that can be added.
As for implementing YubiKey its simple so I don't see us using anything else as we have experienced no issues so fare. Adding these to our environment is still new for us currently but in the transition phase I only see us buying YubiKey. It is highly rated and well known and cost is reasonable so no need to find another solution.
Firebase functions are more difficult to use, there are no concepts of triggers or cascading deletes without the use of Firebase functions. Firebase functions can run forever if not written correctly and cause billing nightmares. While this hasn't happened to us specifically it is a thing that happens more than one realizes.
I give slightly better than average rating because of the complexity in using a Yubikey. It is not as easy as native push notifications for 2FA products, however, it provides much better strength. Rating this higher or lower would be a disservice to people reading this review. If you are in the market for a hardware 2FA tool, Yubikey will be a great asset in your toolbox.
We have not experienced any issues with availability which is very important when you are dealing with a company that holds the keys to the gate. We have had more issues with availability from our SaaS providers before with authentication but that was on their end. YubiKey has worked every time for us over the course of the last 6 or so months we began testing phase.
We have not seen any lag in loading pages and getting into systems or sites. In comparison to other 2FA and MFA options it is actually faster most of the time to authenticate due to not having to type in. We require users to have long passwords and when there is an option given for password less they jump on it with excitement. As we explore going password less on their PC's the YubiKey is going to make their lives a lot easier to access the resources they need.
Our analytics folks handled the majority of the communication when it came to customer service, but as far as I was aware, the support we got was pretty good. When we had an issue, we were able to reach out and get support in a timely fashion. Firebase was easy to reach and reasonably available to assist when needed.
I figured it all out on my own with the excellent product documentation provided by Yubico. I even managed to produce a backup YubiKey in case I lost my frequently used one. This was crucial when I temporarily lost the original.
Before using Firebase, we exclusively used self hosted database services. Using Firebase has allowed us to reduce reliance on single points of failure and systems that are difficult to scale. Additionally, Firebase is much easier to set up and use than any sort of self hosted database. This simplicity has allowed us to try features that we might not have based on the amount of work they required in the past.
Yubico YubiKeys has been a leader in the security key market, and I think they have a new product we just read about two days back and they can store up to a hundred private keys now. So I think this is what it distinguishes them from the market, apart from this, whatever features we need personally and for our customers. So they provide all those features, but versus the other brands.
For us I feel like the ease of deployment has made this product very appealing, overall this will make the scalability very easy for us to push out once we roll out to our users and the management tools that we have looked at will make the admins like me happy as it is clear and easy to use. The rollout process looks to be very straight forward from the demos that we have looked at regarding the enterprise tools.
Makes building real-time interfaces easy to do at scale with no backend involvement.
Very low pricing for small companies and green-fields projects.
Lack of support for more complicated queries needs to be managed by users and often forces strange architecture choices for data to enable it to be easily accessed.
I think it's the flexibility in being able to let users pick the type of authentications that they want to use. Some are comfortable with the touch device on the physical Yubico YubiKeys. Others prefer the mobile app. So it provides flexibility for our users to choose how they want to authenticate without running a file of our security requirements.
