Mobile World Congress ― Barcelona — Centrify, the leader in securing enterprise identities against cyberthreats, today announced it is one of the first identity providers to implement derived credentials for secure mobile access to apps, websites and services that require smart card authentication. Derived credentials allow common access card (CAC) and personal identity verification (PIV) based authentication via mobile devices, without requiring cumbersome, dedicated smart card readers. This new capability extends Centrify’s integration of identity-based security to mobility, offering secure single sign-on (SSO) in even the most highly regulated environments.

“We are very excited that Centrify now offers derived credential authentication from mobile devices, which historically has failed to move beyond the proof of concept stage,” said Bill Mann, chief product officer of Centrify. “Until now, users could only access highly secured apps and content via laptops and desktops, due to regulations mandating smart card-based two-factor authentication. Attempting to use mobile devices with smart card readers for the same access was cumbersome at best. This announcement opens the door to full mobility for state and federal government as well as security-conscious companies that rely on smart cards for authentication.”

While some standalone enterprise mobility management (EMM) vendors have built partnerships for derived credentials, they do not fully provide identity management or cloud application single sign-on. Centrify not only provides the solution for managing the device and derived credential, but also the ability to leverage that credential on the device for policy-based authentication and SSO into thousands of managed applications.

At a glance, Centrify’s derived credentials offer the following benefits:

  • Secure CAC/PIV based SSO to cloud and on-premises apps
  • Integrated device management to manage and lock down devices
  • The ability to enroll devices and provision derived credentials to them
  • Derived credential issuance from popular certificate authorities
  • Compliance with FIPS 201-2 and NIST SP 800-157 to satisfy HSPD-12 and OMB-11-11, allowing mobile access to apps, websites, and services that require smart cards authentication
  • App provisioning to set up user accounts within target applications
  • Workflow to ensure only the right users get access
  • Easy deployment into existing enrollment and issuance portals

About Centrify

Centrify is the leader in securing enterprise identities against cyberthreats that target today’s hybrid IT environment of cloud, mobile and on-premises. The Centrify Identity Platform protects against the leading point of attack used in data breaches ― compromised credentials — by securing an enterprise’s internal and external users as well as its privileged accounts. Centrify delivers stronger security, continuous compliance and enhanced user productivity through single sign-on, multi-factor authentication, mobile and Mac management, privileged access security and session monitoring. Centrify is trusted by over 5000 customers, including more than half of the Fortune 50. 


Centrify is a registered trademark and Centrify Server Suite, Centrify Privilege Service and Centrify Identity Service are trademarks of Centrify Corporation in the United States and other countries.  All other trademarks are the property of their respective owners.