Yubico and ID.me provide remote identity proofing, YubiKey delivery, and strong authentication for NY Air National Guard (and see our joint presentation at Identiverse)

June 9, 2021 4 minute read

The pandemic has forced a digital transformation of how and where employees work at an accelerated rate, driving remote work scenarios for tens of thousands of state and federal personnel. These accelerated work scenarios require users to be strongly verified and authenticated. A strong binding between the remote identity proofing process and the authenticator is needed in order to achieve high confidence that the user working remotely is who they say they are. The authenticator plays a pivotal role to maintain the high level of assurance when using an anti-phishing protocol. 

The NY State Air National Guard (NY ANG) had these requirements and needed an agile and modern cyber security solution to advance its security beyond basic username and passwords for access to the NY State Disaster Local Area Network (DLAN) system for their remote users. Given NY ANG’s mission, the remote identity proofing solution needed to allow for quick turn around that could be implemented in the field. 

Yubico and ID.me had, separately, received NIST grants to work on next generation citizen facing services that could scale user verified Identities and authentication. The advancements and adoption of WebAuthn/FIDO2 standards by popular browsers, platforms, and tech companies provided the ideal opportunity to work together and create a unique, streamlined remote ID proofing solution to not only ID proof NY state civilian and military members, but also bind strong, modern hardware-based authentication, with the seamless delivery of YubiKeys. Together, we will be delivering a joint presentation at the upcoming Identiverse conference, registration details are below. 

How do Yubico and ID.me provide remote identity proofing?

ID.me is able to remotely ID proof NY ANG and DMNA (Division of Military and Naval Affairs) members for logging into DLAN. Upon verification, users are able to directly order YubiKeys from ID.me’s online identity verification system. To further simplify, using Yubico APIs, ID.me integrated YubiEnterprise Delivery functionality into the platform, to easily allow a user to order and quickly receive YubiKeys.  

Once the YubiKey is received, they sign into DLAN via ID.me, which will then prompt the user to register the YubiKey they just received using WebAuthn and bind it to the ID verified account. With their YubiKey registered, users will now be able to easily log into DLAN and authenticate themselves with their YubiKey. The ID.me system performs the role of the   Identity Provider where authentication happens and acts as a federated single sign-on (SSO) to DLAN. The NY ANG team requested configuration of the ID.me access policy to only allow access to DLAN if a successful FIDO authentication has occurred.

As cyber security threats such as phishing and account takeovers continue to be rampant, Yubico and ID.me are helping the NY ANG ensure the security and confidentiality of its networks and data remain safe. This pilot has proven binding remote ID proofing with a modern, hardware-based authenticator (i.e. YubiKey) is the future for an ID verified account. If you are interested in exploring this approach for your organization, or to request a demonstration, please contact us.

Available in multiple form factors, and the ability to be mailed directly to residential addresses, YubiKeys are a high-assurance, DoD-authorized hardware authentication security solution that can be rapidly and easily deployed to remote government workers.

We invite you to join our panel discussion at Identiverse to go in-depth about how the joint remote identity proofing solution was designed, integrated and deployed. Register for the event here.

‘New York Air National Guard Takes Flight with Remote ID Proofing and Phishing-Resistant Authentication’ 

Tuesday, June 22; 7:30am – 8:20am PDT

Panelists include Major Liaquat Ali, RPA Cyber Operations Officer, U.S Air Force; Jerrod Chong, Chief Solutions Officer, Yubico; and Jeremy Haynes, Account Executive, ID.me.

Share this article:

Recommended content

Thumbnail

Zero Trust is the new regulatory minimum for Federal agencies: what does that mean for authentication?

The deadline is looming for federal agencies to implement impersonation-resistant multi-factor authentication (MFA), just one of the new stronger security requirements under President Biden’s new cybersecurity executive order (EO 14028). The EO puts security front and center to address some of the worst cyber attacks against the federal government, setting up new federal compliance expectations ...

Thumbnail

Everything you need to know about the revised eIDAS regulation

In June 2021, the EU Commission announced its plans for a revised eIDAS regulation. eIDAS (electronic IDentification, Authentication and trust Services) is the EU regulation 910/2014 on electronic identification and trust services in the EU. It came into force in 2014, so the revision is a major update to eIDAS. The past two years the ...

Thumbnail

Seven tips if you’re still scratching your head after reading Biden’s cybersecurity executive order

Yubico works with a lot of federal agencies and contractors, as well as with customers in regulated industries, so we understand the challenges new compliance regulations can bring. The executive order that was released May 12 can be seen as the federal government fully embracing the move toward multi-factor authentication (MFA) for use cases where ...

Thumbnail

Entrust to add support for YubiKeys with PIV alternative and PIV derived credentials, advancing secure mobile and desktop authentication

Today marks an important day for expanding Yubico’s reach to support the growing requirement for Government agencies to issue government credentials beyond Personal Identity Verification (PIV) cards. We are celebrating that our partner Entrust will soon launch support for derived PIV credentials for YubiKeys. Customers will be able to take advantage of YubiKeys with derived ...