Aaron Boyd writes DoD employees began to use derived credentials in sending emails on their mobile devices sans the need for an authorized common access card in September.
The system works to derive the credentials from the access card using a native key repository, according to the report.
Mark Norton, senior systems engineer at the Office of the Chief Information Officer, said the DoD intends for the process to help mobile users encrypt their emails.
A DoD memo released in September states that possessing a CAC “provides proof that face-to-face in-person verification was completed,” Federal Times reports.
âAs we move from the hard tokens to derived credentials itâs going to require a new supporting infrastructure and will most likely require upgrades to the middleware software that links the credentials to the applications,” Norton added.