DerivID: Derived Credentials for PIV and CAC

Securely validate the identity of mobile users while reducing risk

DerivID is a patent pending, first-of-its-kind derived credentials solution for PIV and CAC that validates the identity of mobile users seamlessly, simply and securely. It exceeds NIST and DISA security standards and eliminates the need for an external card reader. Our credential issuance process guarantees the highest level of assurance.

What is DerivID?

DERIVID CREDENTIALS

Security

Usability

Flexibility

DerivID eliminates vulnerabilities associated with brute force attacks against stored derived credentials, including dictionary attacks, and enables the detection and prevention of multiple sign-in attempts.

DerivID deploys and scales simply and seamlessly, enabling access to networks and applications, to digitally sign documents in a secure manner, and more.

More cost-effective than other derived credentials technologies, DerivID is designed to integrate and actively function with multiple Certificate Authorities on the Federal Bridge.

Why use DerivID?

Security

Identity Management

Usability

Turn-Key Setup

DerivID for PIV and CAC uses split credentials and integrated derived crypto path technology to securely validate the identity of mobile users

Achieve universal identity management at the enterprise level

No smart card reader required

Deploys and scales simply and seamlessly, integrating with leading MDM/EMM providers

How Does DerivID Work?

Native Apps

Custom Apps

Scalable. Proven. Trusted.

Route1 Security Solutions Are Trusted By The U.S. Department Of Defense, The U.S. Navy, The U.S. Department Of The Interior, The U.S. Marine Corps And Other Government And Enterprise Security Teams.

DerivID Features

A turnkey, enterprise-ready technology that validates the identity of mobile users seamlessly simply and securely.

Secure Processes & Technology

  • Architected based on NIST SP 800-157
  • Patent Pending High Security Smart Card technology that eliminates the possibility of brute force attacks – including dictionary attacks
  • Configurable user re-authentication triggers and credential validity periods
  • Enables the detection and prevention of multiple sign-in attempts

Flexible Solution

  • Automated credential lifecycle management
  • Designed to integrate with existing Certificate Authorities on the Federal Bridge
  • Actively functions with multiple Certificate Authorities
  • More cost-effective than other derived credentials technologies
  • Includes Route1 24/7/365 expert support

Seamless Deployment

  • Eliminates the need for an external reader currently required to authenticate with a CAC or PIV card
  • Deploys and scales simply and seamlessly
  • Integrates with leading MDM and EMM providers
  • Accredited infrastructures already deployed and available to both DOD and civilian government
  • Level of Assurance 3 (LOA3)

Excellent Usability

  • Android and iOS-compatible
  • Support for both multiple user credentials per mobile device and multiple user devices
  • Supports native, MDM/EMM and custom Apps, with APIs available for mobile App development
  • Operates in both online and offline mode
  • Self-service: no security officer required to facilitate issuance of derived credentials