What are PIV Mobile Derived Credentials?

The US federal government’s PIV program was introduced to provide secure two-factor authentication (2FA) for government and military employees into the buildings, computers and systems they need to access as part of their day-to-day duties.

PIV is based on a cryptographically protected credential, associated with an individual, that is placed onto an employee’s smart card. That employee would then be able to use their smart card as proof of identity, granting them access to secure buildings through access control readers and computers and networks through built-in or external smart card reader technology.

The PIV card meant that insecure username and password logins could be replaced with strong 2FA. The smart card being the first factor (something the employee has) and a PIN being the second factor (something the employee knows).

However, whilst this greatly improved security for federal and military employees it has become cumbersome, inflexible and expensive. As technology has changed it has also fallen short as a user-friendly, mobile solution for employees; who wants to carry around external card readers, and what about technology card readers can’t connect to like smartphones and tablets?

Federal government recognized a need for a mobile, convenient form of employee authentication that would not compromise on security.

Read more at: Intercede