Logo Image

Derived Credentials

Discover more

The use of mobile devices has accelerated rapidly in recent years, compromising the high levels of security necessary for remote access, particularly within federal government agencies where the Personal Identity Verification (PIV) program ensures secure access to resources. 

To mitigate this risk, the National Institute of Standards and Technology (NIST) has defined the use of a ‘derived credential’ for use on mobile devices. With derived credentials, the cryptographic credential is stored securely on a mobile device, and can be used to provide secure access to agency systems, services and data from smartphones, tablets and laptops. There’s no need for a dedicated reader, and there’s much more flexibility for users. 

MyID is currently deployed and trusted by 16 US Federal agencies, and delivers a complete derived credential ecosystem using currently available components and services. Federal Government agencies and commercial organizations are equally able to ensure secure mobilization of their employees, contractors and customers with derived credentials delivered by MyID.

MyID can issue Derived PIV Credentials to any PIV credential holder, regardless of whether the original credential was issued by MyID or a third-party issuer, either on-premises or via a managed service. It was the first Derived PIV Credential solution to receive an Authority to Operate (ATO) for a Federal agency and supports both smartphones (iOS, Android, Windows & BlackBerry) and tablets (iOS, Android & Windows).

NIST have issued helpful guidelines for deploying derived credentials. Click here for more information.

Icon Image

MyID for Derived Credentials

Use MyID to replace employee passwords with FIPS 201 compliant derived PIV credentials

  • Delivers NIST recommended derived credentials, acting as a single, secure portable credential.
  • Manage the lifecycle of credentials, automatically revoke them if a user leaves the organization, or update them in advance of expiry.  All credential issuance and lifecycle events are recorded within MyID allowing full visibility of who has active credentials.
  • Deploy as a cloud service or on-premise.
Discover More
Icon Image

How can PIV help your organisation?

Download our free guide to PIV and see how MyID enables FIPS 201 best practice

  • Understand the issues and requirements of FIPS 201.
  • See a FIPS 201 approved market-leading product used to issue millions of PIV cards.
  • Make PIV best practice work for your organization.

Download Now