Endpoint //

Authentication

11/13/2014
12:00 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Entrust Datacard Bridges Digital Identity From Physical to Mobile

Organizations now able to use investments in smartcard security as powerful mobile-based identities for authentication, secure login.

MINNEAPOLIS, Minn.—(Nov. 11, 2014)—Entrust Datacard delivers enterprise-grade security via mobile devices that serve as trusted identity credentials for secure physical, logical and cloud access. Via the next evolution of the Entrust Mobile Smart Credential, organizations may extend digital certificate or smartcard investments into the mobile environment to reduce costs, enable business efficiency and empower users.

“Mobile devices are quickly replacing the traditional desktop and IT organizations want to be at the forefront of this movement,” said Entrust president David Wagner. “As the shift away from the office-bound workforce continues, mobile devices are often replacing the traditional desktop PC. These modern work patterns create the need for crucial enterprise-class security and support for mobile devices, identities and applications.”

Entrust Datacard helps organizations transform mobile devices into multipurpose digital identities for authentication, digital signing and encryption. The mobile-based identities may be issued, managed, derived and authenticated via the on-premise Entrust® IdentityGuard software authentication platform or the easy-to-use Entrust IdentityGuard Cloud Services. Using innovative mobile-derived credentials, identities also may be originated from users’ existing vetted smartcard or digital IDs.

Simple Authentication for Mobile Users
The Entrust Mobile Smart Credential eliminates the need for one-time-passcode (OTP) requirements, multiple mobile applications, complex integrations and login frustrations. Because the certificate-based identity and the mobile device are already securely bound, end-users only require their PIN to complete once-tedious logins or authentication processes.

What is a Mobile-Derived Credential?
The challenge for any mobile authentication system is ensuring authorized employees are issued their correct and verified credential. The derived Entrust Mobile Smart Credential solution simplifies this process by taking a trusted credential and extending it to a secured mobile device.
When the solution is deployed, a trusted user or employee owns a digital identity that has already endured a rigorous and thorough vetting process. Enterprises and governments alike may extend their security investment by recreating this digital identity — via the Entrust IdentityGuard software authentication platform — to derive a trusted identity on secured mobile devices.

The Entrust Datacard solution complies with rigorous government standards, making it an ideal mobile identity solution for governments and other security-conscious organizations. The solution may be deployed at the customer premises or via Entrust IdentityGuard Cloud Services, which is secured in the same facility as the existing U.S. Federal Shared Service Provider certification authority (CA).

Derived Credentials in Government
For U.S. government agencies, managing the surge of BYOD demands is particularly challenging. Governments are responsible for the nation’s interest, citizens and data it holds. Government agencies must follow and comply with many policies — including FIPS 201, NIST SP 800-157, HSPD 12, etc. — that shape how employees and IT organizations conduct day-to-day business. The Entrust new mobile approach eliminates the need for government agencies to build custom solutions that comply with various regulations and policy.

This innovation further extends the Entrust Datacard investment in the U.S. government space. From FIPS 201 PIV credentials to advanced mobile identity solutions that conform to NIST SP 800-157, Entrust Datacard leads the way in security technology that meets rigorous U.S. government standards.

Integrating with Trusted Security Vendors
To increase effectiveness for different use cases and environments, Entrust Datacard has partnered with trusted software security vendor Thursby. Integration with the Thursby PKardPro Reader application — available for both Apple iOS and Google Android — creates a single authorized digital identity on a user’s mobile device. This empowers customers to perform secure browser transactions on mobile devices while increasing usability and decreasing costs.

Thursby’s growing ecosystem of partners — including Acronis, Silanis and Juniper — may leverage the Entrust Mobile Smart Credential solution in their applications via the PKardPro Reader Toolkit, providing an alternative to a standard physical smartcard. These applications support a variety of use cases commonly found in the enterprise, including certificate-based authentication to Web applications, secure email, secure file sharing and secure document-signing.

About Entrust Datacard
Consumers, citizens and employees increasingly expect anywhere-anytime experiences — whether they are making purchases, crossing borders, accessing e-gov services or logging onto corporate networks. Entrust Datacard offers the trusted identity and secure transaction technologies that make those experiences reliable and secure. Solutions range from the physical world of financial cards, passports and ID cards to the digital realm of authentication, certificates and secure communications. With more than 2,000 Entrust Datacard colleagues around the world, and a network of strong global partners, the company serves customers in 150 countries worldwide. For more information, visit www.entrustdatacard.com.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Higher Education: 15 Books to Help Cybersecurity Pros Be Better
Curtis Franklin Jr., Senior Editor at Dark Reading,  12/12/2018
'PowerSnitch' Hacks Androids via Power Banks
Kelly Jackson Higgins, Executive Editor at Dark Reading,  12/8/2018
Worst Password Blunders of 2018 Hit Organizations East and West
Curtis Franklin Jr., Senior Editor at Dark Reading,  12/12/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
10 Best Practices That Could Reshape Your IT Security Department
This Dark Reading Tech Digest, explores ten best practices that could reshape IT security departments.
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-14623
PUBLISHED: 2018-12-14
A SQL injection flaw was found in katello's errata-related API. An authenticated remote attacker can craft input data to force a malformed SQL query to the backend database, which will leak internal IDs. This is issue is related to an incomplete fix for CVE-2016-3072. Version 3.10 and older is vulne...
CVE-2018-18093
PUBLISHED: 2018-12-14
Improper file permissions in the installer for Intel VTune Amplifier 2018 Update 3 and before may allow unprivileged user to potentially gain privileged access via local access.
CVE-2018-18096
PUBLISHED: 2018-12-14
Improper memory handling in Intel QuickAssist Technology for Linux (all versions) may allow an authenticated user to potentially enable a denial of service via local access.
CVE-2018-18097
PUBLISHED: 2018-12-14
Improper directory permissions in Intel Solid State Drive Toolbox before 3.5.7 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2018-3704
PUBLISHED: 2018-12-14
Improper directory permissions in the installer for the Intel Parallel Studio before 2019 Gold may allow authenticated users to potentially enable an escalation of privilege via local access.