In 2005, Personal Identity Verification (PIV) credentialing focused on authentication through traditional computing devices, such as desktops and laptops, where a PIV card would provide a common authentication through integrated smart card readers. Today, the proliferation of mobile devices that do not have integrated smart card readers complicates PIV credentials and authentication.
Derived Personal Identity Verification (PIV) Credentials helps organizations authenticate individuals who use mobile devices and need secure access to information systems and applications.
The project demonstrates a feasible security platform based on federal PIV standards that leverages identity proofing and vetting results of current and valid PIV credentials to enable two-factor authentication to information technology systems via mobile devices while meeting policy guidelines. Although the PIV program and the NCCoE Derived PIV Credentials project are primarily aimed at the federal sector’s needs, both are relevant to mobile device users in the commercial sector using smart card-based credentials or other means of authenticating identity and supports operations in federal (PIV), non-federal critical infrastructure (PIV-interoperable or PIV-I), and general business (PIV-compatible or PIV-C) environments.
The NCCoE reference design includes the following capabilities: