FIPS 201 News
Entrust Inc. finalized a pair of government approvals with FIPS 201 and FIPS 140 certifications for the company’s PIV smart card credential technology, which was reviewed, tested and certified by the National Institute of Standards and Technology.
These certifications demonstrate interoperability with established NIST standards. To ensure a seamless deployment, many organizations will only purchase solutions that carry certain certifications.
Based on standards set by the U.S. government, these certifications help ensure interoperability by vetting protocol conformance for smart cards – FIPS 201 – and testing cryptography strengths – FIPS 140. These approvals complement and support Entrust’s existing Common Criteria EAL 5 certification.
Reviewed by the NIST PIV Platform Validation Authority, FIPS 201 certification focuses on interoperability between the PIV application and other parts of the PIV solution, including physical access readers and logical access clients. The strict certification also verifies the smart card can withstand many years of rigorous wear and tear.
FIPS 140 certification ensures a solution meets or exceeds U.S. government security standards that specify requirements for cryptography modules and physical tamper-resistance. An example includes testing the elliptic curve cryptography implementation used within the solution.
Biometric and identification specialists Suprema have announced that their latest fingerprint live scanner has been fully tested and has attained certification from the Federal Bureau of Investigation (FBI) for meeting FIPS 201 standards.
FIPS 201 certification imposes thorough requirements on the image quality of fingerprint capturing devices for authentication of government employees and contractors.
Three Suprema printer models have attained FIPS 201 certification— the RealScan-G10, RealScan-D and RealScan-G1.
The RealScan-G10 is a ten-print live scanner that captures slaps, two thumbs and single flat/rolled fingerprint images. The RealScan-G10 also has FBI IQS Appendix F certification and features an IP54-rated durable structure.
The RealScan-D is also an FBI IQS Appendix F certified device, but is a portable live scanner, which captures dual fingerprint, single flat and rolled fingerprint images.
Rounding out the FIPS 201 certified devices if the RealScan-G1— the latest addition to the company’s line of fingerprint live scanners. The RealScan-G1 features a high-precision, durable optical structure, captures 500dpi images, is IP54-rated and features a dust and waterproof structure.
Ultra Electronics Card Systems— creator of the Magicard series of ID card printers— has announced that its Prima 4 reverse transfer printer has completed the U.S. General Services Administration (GSA) Evaluation for card printers.
Completion of the GSA evaluation means that the Prima 4 card printer will be added to the GSA Approved Product List (APL) for the FIPS 201 Specification. Magnetic stripe as well as a range of smart card encoding options are supported on the printer, producing both standard and customized holographic print options.
Reinforcing secure card issuance with a combination of inline and post-printing options, the Prima 4 uses ultra-violet images or text and can be outfitted with over-laminates for added durability and security. FIPS 201 compliance means that the printer solution can be used or secure issuance in any number of Federal, state or local agencies.
Published in the wake of the Homeland Security Presidential Directive 12 (HSPD-12) – which mandated a common ID credential for physical and logical access to Federal facilities and information systems— FIPS 201 outlines the identity testing, enrollment and issuance requirements for a common identity credential.
Ultra Electronics Card Systems has been producing its Magicard line of card printers for more than 18 years. The company offers solutions that are trusted and employed by hundreds of governmental agencies and private sector firms alike.
Schlage unveiled its FIPS 201-1 AD-series locks, offering government security personnel a customized electronic locks solution normally reserved for the private sector.
Sold as a complete system in either hard-wire (AD-301) or wireless (AD-401) versions, Schlage’s new electronic locks aim to provide increased connectivity while lowering the cost of opening doors.
The lock and reader and components of Schlage’s new system are FIPS 201-1 compliant and will communicate with the access control system through either RS-485 or Wiegand paths.
The readers will support both PIV and PIV-I cards and will feature hardware an firmware from Ingersoll Rand Security Technologies.
Multiple AD-301 hardwired locks can be configured to one panel, while the wireless AD-401 version will allow for up to 16 access points. Additionally, the wireless AD-401 model can utilize either the RS-485 of Wiegand interface modules. Schlage’s new electronic locks utilize a 900 MHz secure encrypted data transmission.
Ascertia, a digital signature and PKI certificate validation software provider, has received the U.S. General Service Administration’s FIPS 201 certification for its ADSS SCVP Server.
Ascertia’s ADSS SCVP Server provides RFC 5055 compliant certificate path validation services. It can delegate certificate path discovery across various PKI topologies, including hierarchy, cross-certificates and mesh architectures.
It also has delegated certificate path validation that meets PKIX RFC3280 with real-time certification status validation. The server can handle multiple validation policies, advance transactional logging and advanced trust anchor management and data caching.
Ascertia says the server also was successfully evaluated against the most recent NIST PKITS path discovery and validation test suite, which tested its compliance with the SHA-256 and ECDSA algorithms.
atsec information security conducted the FIPS 201 testing and used a SafeNet Luna SA HSM.
The Canadian company Lumenera and Japanese firm Tamron have partnered to create a new camera that has now received the FIPS 201 certification to meet specifications for PIV requirements for facial image capturing systems.
The Lu375C camera is a USB 2.0, 3.1MP color camera. Its digital interface provides uncompressed images in still image captures. It can also capture live streaming video. It features 2048x1536 resolution with on-board processing.
The camera comes equipped with Tamron’s M12VM412 CCTV lens. The lens has a focal length of 4-12 mm. Its f/1.4-close aperture provides images in low-light conditions. It has afocus range of 0.3 m, manual iris, zoom and focus with lock and in air back focus of 9.05 mm to 18.90 mm. The lens surface is multi-coated to reduce ghosting and flare in backlit conditions.
The joint product is being geared toward companies needing images for industrial and security applications.
Thursby Software Systems, Inc. has released the PKard Reader, a touch Web browser solution for the iOS that includes secure authentication to a personal smart card.
With the PKard Reader, users can access a Web portal, collaboration sites and e-mail through either an iPad or an iPhone. A combination plug-in card reader and two-factor authentication app provide a secure user experience. The card reader accepts industry standard CAC, PIV, PIV-I and CIV smart cards and supports many industry and U.S. government standards, including ISO 7816, EMV level 1, NIST IR 6887, FCC class B part 15, CE, RoS, HSPD-12, FIPS 140-2 and FIPS 201.
The device is geared toward government agencies and private enterprises that issue smart cards to their employees. The reader is available for $149.99.
Thursby intends for this to be the first in a portfolio of software products that deliver secure enterprise functionality to iOS mobile devices.
3M Cogent announced that the U.S. General Services Administration, in accordance with FIPS 201, has certified its MiY-ID Gov biometric access control reader as an approved biometric authentication system standard.
At a high-level, the Biometric Authentication System performs: one-to-one biometric match, validation of the biometric signer’s certificate and interfacing with Online Certificate Status Protocol (OCSP) and Server-based Certificate Validation Protocol (SVCP).
MiY-ID is 3M Cogent’s biometric access control reader. As new security standards emerge, organizations are looking for a security product that meets current physical access control system standards for PIV, CAC, TWIC, and others. 3M Cogent’s MiY-ID-Gov enables them to meet current standards and adapt to changing standards without having to replace their PACS readers.
ARX received FIPS 201 approval from the U.S. Government’s General Services Administration on the Approved Products List for compliance for its PrivateServer network-attached hardware security module.
The ARX PrivateServer HSM is a network-attached HSM and key management system. It comes with a load balancing option, and enables organizations to stay in compliance with several regulations that address information privacy and integrity.
The PrivateServer HSM is a solution designed to be network-attached and to serve multiple users and applications.
PrivateServer HSM has a number of API plug-n-play interfaces that support ID card systems, including full support for Microsoft’s CAPI/CNG, PKCS#11, and JCA standards.
SecuGen announced that the General Services Administration added two of its fingerprint scanners to the FIPS 201 Evaluation Program Approved Products list.
The solutions, which are both compliant with the National Institute of Standards and Technology’s Personal Identity Verification FIPS 201 standard, are the Hamster IV v2 fingerprint reader and ID-USB SC/PIV v2 combined fingerprint and smart card reader.
The SecuGen Hamster IV v2 is an updated version of its FBI Certified, single fingerprint reader while the ID-USB SC/PIV v2 is an updated version of its FBI Certified fingerprint reader combined with a smart card reader.
SecuGen distributes its biometric products through Systems Integrators, Independent Software Vendors and Original Equipment Manufacturers.