Securing mobile web app browsing for the U.S. military: Q&A with Jason Christensen and Alex Antrim

We’ve heard from customers and Yubico employees that have experienced first hand how difficult it can be for government employees to remotely and securely access essential web services like email, MyPay, and Defense Travel System. In the past, they would typically be required to login to a desktop, making access on the go essentially impossible. This all changed today with Yubico and Straxis, a mobile application provider, announcing a new app called MilSecure Mobile.

To learn more about how this innovation came to be and better understand the authentication challenges that the Defense Department (DOD) and service members face, we recently sat down for a Q&A with Jason Christensen, Lead Developer, Straxis Technology, and Alex Antrim, Senior Solutions Engineer, Yubico.

Can you share a bit more about the history between Straxis and Yubico?

Jason: Our partnership began thanks to Tri Trinh, Yubico’s Director of Federal Sector Development, and retired Air Force Colonel, who played a crucial role in implementing Air Force Connect – one of Straxis’s enterprise offerings for the Air Force. Yubico’s expertise in software and certification setup was invaluable to help us overcome a few challenges. Their solutions significantly enhanced accessibility for Air Force personnel, making it easier for them to access secure information quickly and efficiently.

Alex: Straxis’ existing applications and success in solving mobile challenges for DOD groups made them an ideal partner. Their work on Air Force Connect to streamline authentication processes laid the groundwork for our collaboration. By combining our resources, we tackled the complex issue of Smart Card authentication on mobile devices, which was not inherently supported by mobile operating systems.

How did the idea for this application come to be?

Alex: Initially, we utilized Yubico’s authenticator app to integrate Smart Card authentication. Over time, through iterative development and close collaboration, we built these features directly into the Straxis app, improving the user experience significantly. Cybersecurity isn’t supposed to be limiting or hard, and that wasn’t apparent in modern mobile phone systems. By working with Straxis, we were able to meet requirements from the US government while still making it easier to access the data. We’re confident that the DOD’s data stays where it’s supposed to stay but is able to be accessed by service members in a properly secured application. On a personal note, as a former Senior Chief Petty Officer in the Navy, I experienced first the need for an app of this nature and couldn’t have been more excited to partner with Jason and Straxis on this. 

Jason: For Straxis, it was a natural progression to make security measures more accessible and efficient for end users, particularly within the military.

How do your roles work together to facilitate this integration?

Alex: As a Senior Solutions Engineer for Yubico, I engage with various DOD customers and agencies, identifying their challenges on a daily basis. Hearing these issues firsthand allowed us to develop solutions tailored to their needs. Straxis’ expertise in mobile application development was crucial in making this integration user-friendly.

Jason: It was straightforward to collaborate with Alex. Our goal was to drive traffic to applications like AF Connect and Marine Reserve Connect, providing a seamless experience for our users. The partnership with Yubico has been mutually beneficial, leveraging their hardware solutions with our software to enhance overall functionality.

Government agencies are quite different from other kinds of organizations and enterprises when it comes to security requirements and needs. What challenges around cybersecurity were the DoD facing, especially regarding remote work for Air Force  members?

Alex Antrim: I’ve been in Federal Security for almost 15 years now and cybersecurity is not supposed to be limiting. It’s actually supposed to enhance and allow collaborative environments to really flourish. That was apparent in modern mobile phone operating systems. In working with Straxis, we were able to meet the cybersecurity requirements from the US government and from the DOD while still making it easier to access the data, there is no introduced risk. There is no data loss and we are confident that the DOD’s data stays where it’s supposed to stay, but it’s still able to be accessed by service members with DOD credentials with their YubiKey and a properly secured configured application.

Jason: The biggest challenge was that new capabilities were being made available to service members online, but it was only easily accessible on desktops. We know at times It can be challenging to access resources meant for desktops and the YubiKey can close that gap, making it accessible to everyone.

How did the creation of MilSecure Mobile address these challenges?

Alex: We were able to take what we learned with previous apps that had Smart Card authentication with our Yubico Authenticator, and built it directly into MilSecure Mobile. Another exciting feature is the dynamic bookmarking system, making it easier for service members to access essential sites. This system, combined with YubiKey’s secure authentication, ensures quick and secure access to DOD resources for service members. 

Near Field Communication (NFC) is also something new that we’re excited to introduce – allowing security accessible with the tap of a YubiKey. Straxis was able to leverage the NFC technology with the YubiKeys for an even more seamless end-user experience.

As government cybersecurity mandates around phishing-resistant multi-factor authentication continue being implemented, how do hardware security keys like the YubiKey help government agencies tackle requirements while achieving Zero Trust and modern passwordless authentication goals?

Alex: YubiKeys have always been a robust and flexible security token because it can solve many different use cases with one token. We hope to see FIDO2 on the horizon, and I look forward to seeing where we can take it further in a mobile application with Straxis.

Jason: The YubiKey simplifies the authentication process, making it seamless and user-friendly. It addresses the need for secure, mobile-friendly solutions, especially for tasks that don’t require full-scale desktop capabilities but still need secure access, such as checking emails or signing documents.

What future plans does Straxis have to address challenges the government agencies are facing around cybersecurity?

Jason: It’s exciting to be involved with a technology like the YubiKey which supports many different protocols. The way the token is structured and the way we’ve partnered with Yubico’s integration leaves any type of change to be grown in the future. Having a partner like Yubico is invaluable because that means whatever the DOD comes out with in terms of authentication or security, we’ll be able to provide a solution.

Alex: I’m most excited for MilSecure Mobile to be turned on in already existing apps in the DOD space, starting with Air Force Connect. But there are many other branches and services that we can see adopt Straxis’ applications in the future. We hope the partnership and the app speak for themselves when they’re in the hands of service members.

For more information, see the press release here. iOS app can be downloaded here and will be coming soon to Android.

Talk to our teamTalk to our team

Share this article:


  • Platform independent digital identity for all Many are understandably concerned that the great invention called the Internet, initially created by researchers for sharing information, has become a major threat to democracy, security and trust. The majority of these challenges are caused by stolen, misused or fake identities. To mitigate these risks, some claim that we have to choose between security, usability […]Read moreDigital IdentityEUDIFounderStina Ehrensvard
  • Q&A with Yubico’s CEO: Our move to the main Nasdaq market in StockholmAs 2024 draws to a close, it’s the perfect time to reflect on the incredible journey we’ve had this year and how it has shaped where we stand today as a company. To mark this moment, I sat down with our CEO, Mattias Danielsson, to look back on the milestones and achievements of 2024—culminating in […]Read moreCEOMattias Danielsson
  • Exploring DORA: A look at the next major EU mandateFinancial institutions have historically managed operational risk using capital allocation, but under EU Regulation 2022/2554 – also known as the Digital Operational Resilience Act (DORA) – the financial sector and associated entities in the European Economic Area (EEA) must also soon follow new rules. These new rules focus on the protection, detection, containment, and the […]Read moreDORAEU
  • Securing critical infrastructure from modern cyber threats with phishing-resistant authenticationAcross the globe, 2024 has seen a whirlwind of change. With ongoing wars, recent political change-ups and more, growth in data breaches targeting critical infrastructure continue to be on the rise. Critical infrastructure is integral to our everyday life – from the energy and natural resources powering our hospitals and providing clean drinking water, telco […]Read moreCISAcritical infrastructurezero trust