A complete solution for NIST 800-157
Our popular Derived PIV/CAC credential solution enables true mobility for government organizations by providing secure, anywhere-anytime access to applications, work files and systems. Our complete offering includes deployment, user enrollment and credential management. It aligns with NIST SP 800-157 for compliance with the HSPD12/FIPS 201-2 Personal Identity Verification (PIV) requirements.
The Entrust derived PIV credential solution is fully integrated with leading EMM platforms.
A unique self-service module enables anywhere-anytime onboarding and credential management.
The mobile smart credential is encoded with the same certificate types and use the same communication language used on the physical PIV smart cards.
PIN unblock and reset features are easily self-managed through our self-service module or directly on the user's mobile device.
The Derived Credential Enrollment Process
Entrust Identity Enterprise can be configured for several different Derived PIV Credential activation methods, including:
- QR code with password displayed
- QR code with password via encrypted email
- Email with password displayed
- Email with password via encrypted email
These activation options provide secure workflows for generating and activating Derived PIV Credentials.
Use Cases & Authentication Methods
Derived credentials are leveraged to increase security in two ways. An advantage of our mobile smart credential application is that both methods of access can be easily configured and are enhanced through partnerships we maintain with other leaders in the mobile device industry.
- Enabling access to certificate-enabled mobile applications for authentication directly though the mobile device — removing the need for username and password
- Using the derived credential to provide logical access to a traditional workstation or laptop; similar to how a PIV smartcard is used for SCLO
Our identity portfolio capabilities:
The identity portfolio suited to your authentication needs