IDPrime PIV Card   In Production
 
 
 

In response to the US Presidential Directive HSPD 12, the Computer Security Division of the National Institute of Standards and Technology (NIST) initiated a new program to improve the identification and authentication of US Federal employees and contractors to access Federal facilities and information systems. As a result, NIST developed the standard "Personal Identity Verification (PIV) of Federal Employees and Contractors," published as Federal Information Processing Standards (FIPS) Publication 201. The US Secretary of Commerce approved this standard and it was issued on February 25, 2005.

Since then, interest in applying the standard expanded to private enterprise and non-US government organizations resulting in an identity card that is interoperable or compatible with a standard identity system such as PIV. Recognizing this need, the US Federal Chief Information Officers Council (CIO) issued the "Personal Identity Verification Interoperability for Non-Federal Issuers" specification to describe PIV Interoperable (PIV-I) and PIV Compatible (PIV-C) cards. The Smart Card Alliance has initiated an effort to provide guidance for a Commercial Identification Verification (CIV) credential based on PIV-C but with security and policy features attuned to the needs of the private sector and other government agencies throughout the world.

Gemalto's IDPrime PIV Cards is a standards-based smart card for Federal, state and local government, their contractors, private sector and non-federal organizations around the world that want to leverage the benefits of the PIV standard. The IDPrime PIV Cards come in a variety of models that are fully compliant to the PIV standard approved by the US Government Services Administration (GSA) and meet the NATO requirements to meet their respective PKI policies. These cards have distinctive characteristics such as:

The IDPrime PIV Cards are complemented by a range of certified smart card readers and tested for interoperability by vendors providing a variety of PIV compatible solutions.

Features and Benefits
  • Full compliance with regulations

With more than 10 products on the official GSA FIPS 201 APL and approved by NATO, Gemalto is a leading provider of PIV certified products and the preferred choice for a number of government customers and contractors wanting to comply with HSPD-12 as well as private companies and other organizations wanting to use the PIV card standard. These products are currently used by several Federal Agencies in the US as part of their FIPS 201 infrastructure, with some used as reference implementations by evaluation laboratories.

  • Leaner operations and cost reduction

FIPS 201 products provide secure and rapid electronic identification of employees, which translates in faster and simpler procedures for your personnel. Organizations can also leverage these products in world-class operational improvements such as digital signature, whose adoption through paperless operations saves time, money and ultimately benefits the environment.

  • Improves productivity and accountability by simplifying access to information systems

Employee identification and strong authentication have proven to significantly improve productivity by simplifying the access to IT systems. Through a single sign on experience, users avoid the hurdles of multiple passwords, organizations save in their management (reset, synchronization, etc), and the overall infrastructure can step up to accountability standards required from modern IT systems through the capability to undoubtedly account for every use of its network or application components.

  • Maximizes adaptability through a broad industry interoperability

Beyond the compliance with the standard, the FIPS 201 certification process ensures a strong level of compatibility between products, providing a stable infrastructure to build additional applications and improve your return on investment.

 

News
  • December 2012: IDPrime PIV Card v2.0 suite was approved by the GSA for the FIPS 201 APL, FIPS 201 Compliant and FIPS 140-2 Validated. The new release brings support for ECC, AES, and OTP as an option that is FIPS 140 validated with and without PIV, as well as other features. The product is available in dual- and tri-interface models as the IDPrime PIV Card v2.0 (128K v2 dual-interface) and IDPrime PIV Card v2.0 (128K v2 tri-interface).
  • July 2011: Protiva PIV v1.55 on TOP DL, DM, and WM cards are approved by the GSA for the FIPS 201 APL, FIPS 201 Compliant and FIPS 140-2 Validated.
  • February 2009: Gemalto and ActivIdentity receive FIPS 140-2 Level 2 evaluation for a card combining the Gemalto TOP DM card platform and ActivIdentity's Digital Identity Applet Suite V2 for Extended PIV.
  • November 2008: Gemalto PIV DL card receives FIPS 140-2 and NPIVP evaluations, making it the first large memory (128K addressable EEPROM) PIV card, also known as SafesITe PIV DL.
  • May 2007: Gemalto receives FIPS 140-2 Level 3 evaluation for the first 128K addressable smart card. 
  • September 2006: Gemalto announces a large memory dual-interface Java card called Protiva TOP DL. This card platform is targeted to the public sector market and will be the basis of a large memory Protiva PIV Cards. It provides 128K of addressable memory for applications and data.
  • July 2006: Gemalto first to receive FIPS 140-2 evaluation for its PIV DM smart card.
FIPS 140-2 Validated: A Certification Mark of NIST, which does not imply product endorsement by NIST, the U.S. or Canadian Governments.
Technical Specifications

Several versions of the IDPrime PIV Card product line are available as listed on the GSA FIPS 201 APL and NATO tested product lists:

  • The latest IDPrime PIV Card v2.0 is available in certified configurations in a dual interface or tri-interface model with OTP as an option. Additional information is available from the Product Brief. An optional single interface (contact-only) model is available that is FIPS 140 Validated with a PIV Card application interface that is compatible with FIPS 201.
  • The legacy Protiva/IDPrime v1.55 and v1.2 (SafesITe) have a reduced feature sets from the latest and is available in several models.

v1.55: details are available from the Product Brief

v1.2: details on the technical specification are available in the product brochure

Compatibility

The PIV standard and certification process ensure a certain level of product interoperability. However, this sometimes lacks a system-wide application approach. To address these situations, we work with various PIV solution providers to verify interoperability down to the feature level. The table below attempts to list the applications that proved complementary to our PIV Card offer.

 

Category Application Vendor IDPrime PIV v2.0 IDPrime PIV v1.55 IDPrime PIV v1.2
OS Support TokenD Apple Y Y  
PIV Class mini-driver Microsoft Y Y  
Encryption Whole Disk Encryption PGP   on-going  
Thin Client   Citrix   Y Y
Identity Management DirectControl 4.2 Centrify   Y  
CMS/IDMS MyID PIV Intercede Y
MyID 9 SP1 w/patches
Y
MyID 9 SP1
Y
MyID 9
ANDiS BellID   Y Y
ActivIdentity HID     Y
vSEC:CMS T-Series Versatile Security Y Y  
Middleware CSSI PIV charismathics Y Y  
PKI Client versions 2.3
and newer
Symantec Y Y Y
Readers
D430 / D630 / D830 Dell   Y  
SmartCard Keyboard HP   Y  
Multi-function Printers   Canon     Y
  HP   Y  

 

Useful Links