Derived credentials are part of our everyday lives. For example, if you have a US driver’s license, you presented a birth certificate in order to obtain it.
What about Apple Pay? When used for a purchase, it identifies you to Apple, provides an association with your credit card, and allows Apple to pay the merchant on your behalf.
Frequently, the weak link in a chain of derived credentials isn’t any single credential, but rather the vetting process used to establish each link. Whether vetting entails in person or online verification, the devil is in the details. To learn more, check out Identity Theft and Derived Credentials in the latest JW Secure Informer newsletter.