MyID CMS (Credential Management System)
Overview
MyID CMS is a credential management system for issuing and lifecycle-managing PKI-based digital identities on smart cards, USB tokens, smartphones, and virtual smart cards. It replaces password-based authentication with strong multi-factor credentials, providing the policy engine, operator interfaces, self-service applications, and integration connectors needed to manage credential issuance, renewal, suspension, and revocation across the organisation.
Unsung is an Intercede Bronze Partner and Value-Added Solutions Provider. We design, implement, and support MyID CMS deployments for UK customers in government, defence, and enterprise environments where strong identity credentials are required for secure access to systems, networks, and physical facilities.
The Challenge
Organisations that rely on passwords for user authentication face well-documented security risks: credential theft, phishing, brute-force attacks, and the operational burden of password resets. High-assurance environments — government departments, defence organisations, and critical infrastructure operators — require stronger authentication based on PKI certificates held on physical smart cards, USB tokens, or mobile devices.
However, issuing and managing PKI credentials at scale introduces significant operational complexity. Each credential must be issued against a verified identity, bound to a specific physical or virtual token, and managed through its full lifecycle including renewal, replacement, and revocation. Without a dedicated credential management system, these processes are manual, error-prone, and difficult to audit.
What It Does
MyID CMS provides the complete infrastructure for PKI credential lifecycle management. It connects to certificate authorities to request and manage certificates, integrates with identity directories and identity management systems to verify subjects, and communicates with smart card middleware, card printers, and mobile device management platforms to provision credentials onto the appropriate tokens.
The platform includes an operator interface for credential administrators, a self-service application for end users to manage their own credentials within policy boundaries, and a policy engine that enforces organisational rules governing who can receive which credentials and under what conditions. Comprehensive audit logging records every credential operation for compliance reporting. MyID CMS integrates with HSMs including Thales Luna for secure key generation and card issuance operations.
How Unsung Helps
Unsung helps clients assess their credential management requirements, design appropriate architectures, and implement MyID CMS integrated with their existing PKI, identity management, and physical access control systems. Our experience in government and defence environments means we understand the specific assurance requirements and operational processes these sectors demand. Our PKI Consultancy service provides independent guidance on credential management strategy and platform selection.
Related Unsung Services
PKI Consultancy — Advisory on credential management strategy and strong authentication architecture.
PKI Design & Build — Design and implementation of PKI and credential management environments.
Hardware Security Modules — HSM deployment for credential issuance and key generation.
PKI Management & Hosting — Managed credential services including ongoing lifecycle operations.
