The Need for Mobile Derived Credentials
As U.S. Government agencies establish plans to embrace mobile devices as alternatives to traditional desktop computers, special consideration must be given to ensure compliance with HSPD12 / FIPS 201 Personal Identity Verification (PIV) requirements. As such, NIST specification 800-157 outlines how PIV identities can be implemented and deployed directly on mobile devices. The mobile PIV credential is called a Derived PIV Credential.
The Entrust Datacard Mobile Derived Credential solution provides government agencies and contractors with a comprehensive, frictionless, and proven solution for placing Derived PIV Credentials onto mobile devices. Entrust Datacard Mobile Derived Credentials are easily accessed by employees and help harness the power of mobile as the new desktop by providing secure, anywhere, anytime access to work files and systems.
Entrust Datacard has put together a white paper to help you understand the need for mobile derived credentials.
Deriving Trust from Bound Identities
The Entrust IdentityGuard Mobile Smart Credential application is encoded like a PIV smartcard, with a digital structure that follows the current PIV standard. This allows the Mobile Smart Credential to be encoded by Entrust IdentityGuard with the same certificate types and use the same communication language traditionally used on a physical PIV smartcard. The Entrust IdentityGuard Mobile Smart Credential is available for use on Apple iOS, Google Android and BlackBerry mobile operating systems.
Entrust IdentityGuard is unique in its ability to provide a Self-Service Module (SSM); granting users’ access to request and manage their Derived PIV Credentials without the need for administrative interaction. This approach helps reduce operational costs by limiting the need to deploy specialized enrollment stations and kiosks abroad for derived credential enrollment.
PIN Unlock, Reset via SSM
Unlike PIV smartcards, PIN unblock and reset is easily self-managed through both the Entrust IdentityGuard SSM and directly on the mobile device through the Entrust Mobile Smart Credential application. With this solution, there is no need for a specialized kiosk for derived credential issuance and management. If policy does not allow for users to unlock or reset their derived credential PIN, or if the user loses their mobile device, the SSM allows for the old derived credential to be quickly suspended or revoked.
Entrust IdentityGuard can be configured for several different Derived PIV Credential activation methods, providing the most flexible solution to meet the needs of various policies and requirements. These activation methods include:
These various activation options provide multiple, secure workflows for allowing a user to generate and activate their Derived PIV Credential.
There are two main ways a derived credential could be leveraged to increase security.
An advantage of the Entrust Mobile Smart Credential application is that both methods of access can be easily configured, and are enhanced through Entrust partnerships with other leaders in the mobile device industry.
Get Started Now
By partnering with key technology players, Entrust Datacard supports and solves some of the most commonly requested use cases in a variety of government agencies at many different levels with the Entrust IdentityGuard Mobile Derived Credential solution that is ready for deployment today.
Get downloads, documentation and support for your On-Demand Card Issuance products:
For immediate assistance Entrust Datacard has Customer Care Centers that are available to serve customers in the Americas, EMEA, and Asia Pacific regions.CONTACT SUPPORT
Easily support the diverse needs of people to securely access and transact across networks, applications, devices, and physical locations. Entrust Datacard offers a broad range of authentication solutions that help organizations respond and stay ahead in a more mobile, connected and ever-changing world.
Transform your business and protect against breaches and fraud while staying in compliance with corporate and government regulations. Entrust Datacard leverages proven industry experience to deliver trusted identity and authentication solutions that help organizations support the needs of increasingly mobile and connected people, systems, and devices.