Entrust is extending their Non-Federal Identity SSP service to include Personal Identity Verification-Interoperable (PIV-I) compliance for state governments, the private sector and entities that wish to securely communicate and interoperate with the U.S. federal government.
Entrust, who is only one of three security vendors with such capabilities, is now on the U.S. government’s list of approved PIV-I providers.
PIV-I is based on the same standards of vetting and issuance developed by the U.S. government for its employees, but it has been tailored for state, local and enterprise use (e.g., state law enforcement agencies, private government contractors and suppliers).
Entrust’s PIV-I solution, which includes smartcard components from security vendor XTec’s AuthentX line of identity management solutions, has been approved by the Federal PKI Policy Authority.
Entrust also implements PIV-I capabilities to allow for additional versatility so other card solutions can be easily added and have them fully validated to meet PIV-I requirements.
Developed by the U.S. government to comply with Homeland Security Presidential Directive 12 (HSPD-12), Personal Identity Verification (PIV) credentials provide government users with physical and logical access to U.S. federal buildings and networks via a PKI-enabled smartcard.
The digital identities contained in the PIV credentials are issued by Entrust for all agencies using the USAccess program and major agencies such as the U.S. Departments of Treasury, State and Labor, as well as the Department of Homeland Security (DHS), and NASA. The PIV credentials also enable government employees to digitally sign documents and e-mails — promoting secure collaboration and increasing operational efficiency.
Entrust PIV-I capabilities add government-strength physical and logical credentialing as a core component of the company’s versatile authentication platform. This platform approach enables organizations to layer security — according to access requirements or the risk of a given transaction — across diverse users and applications.
Entrust’s other authentication capabilities include username and password, IP-geolocation, device, questions and answers, out-of-band one-time passcode (delivered via voice, SMS or e-mail), grid and eGrid cards, digital certificates (in software or on smart cards/USB Tokens) and a range of one-time-passcode tokens.