Skip to main content
purple hex pattern
closeup of a person holding phone

A complete solution for NIST 800-157

Our popular Derived PIV/CAC credential solution enables true mobility for government organizations by providing secure, anywhere-anytime access to applications, work files and systems. Our complete offering includes deployment, user enrollment and credential management. It aligns with NIST SP 800-157 for compliance with the HSPD12/FIPS 201-2 Personal Identity Verification (PIV) requirements.


plug icon

Integration with EMM Platforms

The Entrust derived PIV credential solution is fully integrated with leading EMM platforms.

screwdriver crossing wrench icon

Self-Service Capabilities

A unique self-service module enables anywhere-anytime onboarding and credential management.

certificate icon

Trust from Bound Identities

The mobile smart credential is encoded with the same certificate types and use the same communication language used on the physical PIV smart cards.

phone pin icon

PIN Unlock, Reset via SMS

PIN unblock and reset features are easily self-managed through our self-service module or directly on the user's mobile device.

The Derived Credential Enrollment Process

Entrust Identity Enterprise can be configured for several different Derived PIV Credential activation methods, including:

  • QR code with password displayed
  • QR code with password via encrypted email
  • Email with password displayed
  • Email with password via encrypted email

These activation options provide secure workflows for generating and activating Derived PIV Credentials.

Use Cases & Authentication Methods

Derived credentials are leveraged to increase security in two ways. An advantage of our mobile smart credential application is that both methods of access can be easily configured and are enhanced through partnerships we maintain with other leaders in the mobile device industry.

  1. Enabling access to certificate-enabled mobile applications for authentication directly though the mobile device — removing the need for username and password
  2. Using the derived credential to provide logical access to a traditional workstation or laptop; similar to how a PIV smartcard is used for SCLO

Identity Portfolio


Identity as a Service

Cloud-based IAM solution with multi-factor authentication (MFA), passwordless access, and SSO.

Identity Enterprise

Identity Enterprise multi-factor authentication establishes and maintains trusted identity for all users, providing strong digital security for your enterprise.

Identity Essentials

Use Identity Essentials to keep your systems and data safe with multi-factor authentication and more.