!!! Overview
[{$pagename}], generically, is a [credential] (or a ticket or [token]) that was derived based on the claims or other [credentials] of the [Credential Holder] which are issued to permit access to a particular [Protected Resource].


[{$pagename}] defined by [NIST] as used with [PIV] can be issued to any PIV [Credential Holder], regardless of whether the original [credential] was issued by MyID or a [third-party] issuer, either on-premises or via a managed service.

The Electronic Authentication Guideline, [NIST.SP.800-63], defines a derived credential more broadly as:
A [credential] issued based on [Proof-of-Possession] and control of a [claim] associated with a previously issued [credential], so as not to duplicate the [Identity Proofing] process.

This would be similar to the adding of a [Payment Card] to a [Digital Wallet] so the representation within the [Digital Wallet] is a [{$pagename}] from the [Payment Card].

In [Public Key Infrastructure] ([PKI]) a [certificate] is a [{$pagename}] issued from the [Certificate Issuer] based on the [claims] made.

!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
----
* [#1] - [Protecting Derived Credentials without Secure Hardware in Mobile Devices|http://pomcor.com/2014/04/01/protecting-derived-credentials-without-secure-hardware-in-mobile-devices/|target='_blank'] - based on information observed on 2014-04-02
* [#2] - [Guidelines for Derived Personal Identity Verification (PIV) Credentials|https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-157.pdf|target='_blank'] - based on information obtained 2014-12-30