Crypto ID uses a customer managed, secure Physical Access Control System (PACS) applet that is similar to the Personal Identity Verification (PIV) model, taking advantage of a Cardholder Unique Identifier (CHUID). The PIV compatible CHUID includes a Federal Agency Smart Credential Number (FASC-N), a Globally Unique Identifier (GUID) and an expiration date. This makes BridgePoint’s Crypto ID an attractive, compatible tool to use in PACS that are configured to use PIV, Common Access Card (CAC) and Transportation Worker Identification Credential (TWIC) authentication systems as well as PIV-interoperable credentials.
Unlike other ISO 14443 cards, Crypto ID creates unique session keys upon each use to encrypt the communication between Crypto ID and the card reader, establishing a secure channel. Unlike similar cards, whereby this secure channel is not available, Crypto ID mitigates man-in-the-middle attacks.
Crypto ID is also different from other cards because it can be re-configured by the customer up to four times, adding a heightened level of personalization and thus security. This approach makes it possible to issue the card with unique FASC-N’s and GUID’s until the card is reissued to a fifth user. It also makes the card much more cost-effective than others, reducing the credential expense per user by 80 percent.
“We designed Crypto ID with an eye toward the new Federal Government HSPD-12 directive, which, at its core, aims to eliminate the use of many proprietary access cards in favor of one, common, secure credential that uses Personal Identity Verification rules to authenticate all employees and contractors,” said Thomas E. Corder, president and CEO of BridgePoint Systems. “In addition to operating in a secure channel mode, Crypto ID gives clients the choice of adding the CHUID in a second location as a freely readable applet so they can use it in low security scenarios with readers from BridgePoint as well as alternative suppliers. This open capability provides added flexibility, making it a perfect choice for commercial and government facilities that use two levels of security.”
“The Crypto ID card gives customers peace-of-mind, knowing that their system keys are under their own control and the system is compatible with PACS that conform to the government’s PIV program,” added Corder.
- Identive Delivers Additional Smart Card Readers for Spanish National Electronic ID Program (security-news-tv.com)