Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint //

Authentication

11/13/2014
12:00 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Entrust Datacard Bridges Digital Identity From Physical to Mobile

Organizations now able to use investments in smartcard security as powerful mobile-based identities for authentication, secure login.

MINNEAPOLIS, Minn.—(Nov. 11, 2014)—Entrust Datacard delivers enterprise-grade security via mobile devices that serve as trusted identity credentials for secure physical, logical and cloud access. Via the next evolution of the Entrust Mobile Smart Credential, organizations may extend digital certificate or smartcard investments into the mobile environment to reduce costs, enable business efficiency and empower users.

“Mobile devices are quickly replacing the traditional desktop and IT organizations want to be at the forefront of this movement,” said Entrust president David Wagner. “As the shift away from the office-bound workforce continues, mobile devices are often replacing the traditional desktop PC. These modern work patterns create the need for crucial enterprise-class security and support for mobile devices, identities and applications.”

Entrust Datacard helps organizations transform mobile devices into multipurpose digital identities for authentication, digital signing and encryption. The mobile-based identities may be issued, managed, derived and authenticated via the on-premise Entrust® IdentityGuard software authentication platform or the easy-to-use Entrust IdentityGuard Cloud Services. Using innovative mobile-derived credentials, identities also may be originated from users’ existing vetted smartcard or digital IDs.

Simple Authentication for Mobile Users
The Entrust Mobile Smart Credential eliminates the need for one-time-passcode (OTP) requirements, multiple mobile applications, complex integrations and login frustrations. Because the certificate-based identity and the mobile device are already securely bound, end-users only require their PIN to complete once-tedious logins or authentication processes.

What is a Mobile-Derived Credential?
The challenge for any mobile authentication system is ensuring authorized employees are issued their correct and verified credential. The derived Entrust Mobile Smart Credential solution simplifies this process by taking a trusted credential and extending it to a secured mobile device.
When the solution is deployed, a trusted user or employee owns a digital identity that has already endured a rigorous and thorough vetting process. Enterprises and governments alike may extend their security investment by recreating this digital identity — via the Entrust IdentityGuard software authentication platform — to derive a trusted identity on secured mobile devices.

The Entrust Datacard solution complies with rigorous government standards, making it an ideal mobile identity solution for governments and other security-conscious organizations. The solution may be deployed at the customer premises or via Entrust IdentityGuard Cloud Services, which is secured in the same facility as the existing U.S. Federal Shared Service Provider certification authority (CA).

Derived Credentials in Government
For U.S. government agencies, managing the surge of BYOD demands is particularly challenging. Governments are responsible for the nation’s interest, citizens and data it holds. Government agencies must follow and comply with many policies — including FIPS 201, NIST SP 800-157, HSPD 12, etc. — that shape how employees and IT organizations conduct day-to-day business. The Entrust new mobile approach eliminates the need for government agencies to build custom solutions that comply with various regulations and policy.

This innovation further extends the Entrust Datacard investment in the U.S. government space. From FIPS 201 PIV credentials to advanced mobile identity solutions that conform to NIST SP 800-157, Entrust Datacard leads the way in security technology that meets rigorous U.S. government standards.

Integrating with Trusted Security Vendors
To increase effectiveness for different use cases and environments, Entrust Datacard has partnered with trusted software security vendor Thursby. Integration with the Thursby PKardPro Reader application — available for both Apple iOS and Google Android — creates a single authorized digital identity on a user’s mobile device. This empowers customers to perform secure browser transactions on mobile devices while increasing usability and decreasing costs.

Thursby’s growing ecosystem of partners — including Acronis, Silanis and Juniper — may leverage the Entrust Mobile Smart Credential solution in their applications via the PKardPro Reader Toolkit, providing an alternative to a standard physical smartcard. These applications support a variety of use cases commonly found in the enterprise, including certificate-based authentication to Web applications, secure email, secure file sharing and secure document-signing.

About Entrust Datacard
Consumers, citizens and employees increasingly expect anywhere-anytime experiences — whether they are making purchases, crossing borders, accessing e-gov services or logging onto corporate networks. Entrust Datacard offers the trusted identity and secure transaction technologies that make those experiences reliable and secure. Solutions range from the physical world of financial cards, passports and ID cards to the digital realm of authentication, certificates and secure communications. With more than 2,000 Entrust Datacard colleagues around the world, and a network of strong global partners, the company serves customers in 150 countries worldwide. For more information, visit www.entrustdatacard.com.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
97% of Americans Can't Ace a Basic Security Test
Steve Zurier, Contributing Writer,  5/20/2019
How Security Vendors Can Address the Cybersecurity Talent Shortage
Rob Rashotte, VP of Global Training and Technical Field Enablement at Fortinet,  5/24/2019
TeamViewer Admits Breach from 2016
Dark Reading Staff 5/20/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Building and Managing an IT Security Operations Program
As cyber threats grow, many organizations are building security operations centers (SOCs) to improve their defenses. In this Tech Digest you will learn tips on how to get the most out of a SOC in your organization - and what to do if you can't afford to build one.
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-7068
PUBLISHED: 2019-05-24
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .
CVE-2019-7069
PUBLISHED: 2019-05-24
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution .
CVE-2019-7070
PUBLISHED: 2019-05-24
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .
CVE-2019-7071
PUBLISHED: 2019-05-24
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
CVE-2019-7072
PUBLISHED: 2019-05-24
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .