HID, Intercede Simplify FIDO Passkey Deployment

Published Date : 8/6/2025 

HID and Intercede have introduced new solutions to help enterprises adopt FIDO-certified passkeys and enhance security through centralized management and enterprise attestation. These solutions aim to simplify the deployment and management of passwordless authentication. 

HID has introduced a new suite of FIDO-certified credentials and a subscription-based Enterprise Passkey Management (EPM) platform designed to help organizations roll out passwordless authentication at scale.

The move comes as a legacy version of multi-factor authentication (MFA) could be on its last legs with FIDO recommending a fix to the vulnerability of “phishable” MFA. The FIDO Alliance has highlighted that while 87 percent of enterprises are moving toward passkeys, nearly half have yet to deploy, citing complexity and cost as hurdles.

“Phishing-resistant authentication isn’t one-size-fits-all,” says Sean Dyon, VP and head of the Authentication Business Unit at HID. “Rolling out passkeys isn’t just about issuing devices; it is about giving security teams the tools to manage them at the enterprise scale, with the same precision as the rest of the identity stack.”

At the heart of HID’s announcement is its EPM solution, which gives IT teams centralized control over provisioning, revocation, and audit trails for FIDO credentials. By automating device issuance and offering full lifecycle visibility, HID says it can significantly reduce both the manual effort and end-user training typically required to manage passkeys. The service is built on open standards to integrate with Microsoft Entra ID and other major identity providers and supports both cloud and on-premises deployments.

HID also expanded its Crescendo portfolio with three new authenticators. HID says the redesigned Crescendo Key features improved ergonomics, LED prompts, and support for FIDO2, PKI, and OATH protocols. Crescendo Cards combine physical-access badges with passwordless login capabilities in dual-interface or contactless form factors. Lastly, the OMNIKEY 5022 reader offers a cost-conscious, desktop-mounted solution for PC authentication.

HID highlighted its forthcoming one-card solution for unified digital and physical access. Leveraging Seos and MIFARE DESFire EV3 smart-card technologies alongside FIDO 2.1 authentication, the new cards aim to simplify deployments for organizations seeking both building security and phishing-resistant login in a single credential.

Cybersecurity for digital identities specialist Intercede has rolled out version 12.15 of its credential management system, MyID CMS, becoming one of the first platforms to support Enterprise Attestation under the FIDO authentication framework. The new release is integrated with Yubico’s YubiKey, offering organizations enhanced device control and auditability with the company’s Enterprise Attestation-enabled security keys.

Enterprise Attestation allows IT teams to confirm the identity of each hardware authenticator before granting access to sensitive networks and applications. Unlike standard FIDO deployments, which safeguard user privacy through anonymous attestation, the enterprise model reveals unique device identifiers — similar to serial numbers on PKI smart cards — so administrators can track, manage, or revoke any company-issued key.

“Our customers are often used to the levels of control, management, tracking, and traceability that PKI smart cards provide, where each device has a unique serial number that ensures they are only issuing keys that they own,” says Allen Storey, Chief Product Officer at Intercede. “Enterprise Attestation enables FIDO authenticators to be uniquely identified, bringing the increased security and visibility that our high-assurance customers require.”

Alongside attestation support, MyID CMS 12.15 introduces finer PIN management, including minimum PIN length and enforced PIN changes on first use. These features underpin “issue on behalf of” workflows and bolster organizational oversight during device issuance. Intercede’s partnership with Yubico creates a turnkey ecosystem for large-scale YubiKey deployments. The combined solution targets industries with the strictest security requirements such as government agencies, financial services, healthcare, and critical infrastructure where detailed device tracking and pre-approved authenticator lists are non-negotiable.

In May, Yubico announced the expanded availability of YubiKey as a Service to all countries in the European Union, allowing enterprises to quickly roll out phishing-resistant MFA. Last month, Intercede announced a strategic partnership with Gulf IT to bring its MyID CMS to the Middle East, a region that is accelerating digital transformation. Intercede and Yubico will host in-depth sessions on Enterprise Attestation implementation at the upcoming Authenticate conference, and a series of online demonstrations covering device enrolment, policy management, and audit reporting is available on Intercede’s website. MyID CMS 12.15 is available immediately to both new and existing customers. 

Frequently Asked Questions (FAQS): 

Q: What is FIDO authentication?

A: FIDO (Fast Identity Online) authentication is a set of open standards designed to reduce reliance on passwords by providing strong, passwordless authentication methods. It helps prevent phishing and other types of attacks by using secure cryptographic techniques.

Q: What is HID's Enterprise Passkey Management (EPM) platform?

A: HID's EPM platform is a subscription-based solution that helps organizations manage FIDO-certified passkeys at scale. It provides centralized control over provisioning, revocation, and audit trails for FIDO credentials, reducing manual effort and training.

Q: What is Enterprise Attestation and how does it work?

A: Enterprise Attestation is a feature that allows IT teams to confirm the identity of each hardware authenticator before granting access to sensitive networks and applications. It reveals unique device identifiers, similar to serial numbers on PKI smart cards, enabling better tracking and management.

Q: What are the benefits of using HID's Crescendo Key?

A: The HID Crescendo Key features improved ergonomics, LED prompts, and support for FIDO2, PKI, and OATH protocols. It is designed to enhance user experience and security, making it a versatile choice for enterprise environments.

Q: How does the partnership between Intercede and Yubico enhance enterprise security?

A: The partnership between Intercede and Yubico combines Intercede's MyID CMS with Yubico's YubiKey to create a turnkey ecosystem for large-scale deployments. This integration provides enhanced device control, auditability, and security, meeting the strict requirements of high-assurance industries. 

More Related Topics :