Solutions for Common Access Card

For U.S. Department of Defense (DoD) agencies, ActivIdentity® Solutions for Common Access Card (CAC) allow usage of government-issued CAC cards for a variety of applications.

ActivClient®, the market-leading smart card middleware from ActivIdentity, allows usage of the CAC certificates for strong authentication to networks, workstations, and applications, as well as secure information and transactions with digital signature and encryption.

For agencies concerned about the rising threat of confidentiality or privacy breach due to lost or stolen laptops, ActivClient works together with leading mobile data protection solutions.

ActivIdentity also enables secure access to legacy applications that are not
PKI-enabled: SecureLogin® SSO works together with ActivClient to extend CAC authentication to virtually any application (through single sign-on technology).

What is a Common Access Card?

The U.S. DoD Common Access Card (CAC) is the standard ID card for nearly four million active duty military personnel, DoD civilian employees and eligible contractor personnel. It is used for physical access to buildings, for logical access to computer networks and systems, as a passport while traveling outside the US and as an electronic purse for new recruits.

The Integrated Chip Circuit (ICC) on the CAC contains digital certificates for authentication, signature and encryption, demographic data pertaining to the cardholder, as well as other relevant data and credentials.

The Common Access Card program is the largest deployment of multi-function smart card in the world. Since 2000 the Department of Manpower Data Center (DMDC) has issued over 10 million CAC using industry-leading card management technology provided by ActivIdentity and its partners.

Features

Strong Authentication to IT resources: ActivClient provides CAC certificate authentication for remote access, workstation and network access, and application access. Extend CAC authentication to non PKI-enabled applications with SecureLogin SSO.
Secure communications and transactions: ActivClient enables CAC-based digital signature and encryption with leading e-mail clients, office suites, file encryption software, and virtually any other security application that supports industry standard cryptographic interfaces such as PKCS#11, Microsoft Crypto API, U.S. GSC-IS, and others.
Mobile Data Protection with CAC: ActivClient is integrated with leading mobile data protection solutions including PointSec®, SafeBoot®, WinMagic® and more.
Multi-Platform CAC support: ActivClient enables CAC usage on a variety of operating systems including Windows®, Solaris®, Sun Ray® and Linux®.

Business benefits

Risk mitigation: In today’s world, a security or privacy breach can result in grave consequences, especially for government agencies who handle sensitive information. ActivIdentity solutions for CAC reduce the risk of such events by enabling strong proof of identity and secure access to information.
Accountability: When a security incident occurs, the organization must be able to identify the individuals who broke the rules. Strong proof of identity is key to providing legally enforceable proof of any access to facilities, IT systems and information.
Cost reduction: Many agencies have separate processes and systems for issuance of IT security tokens for remote access. This results in high cost due to duplicate costs for issuance and management of additional devices. With ActivIdentity solutions, CAC cards can be used interoperably for all identity and access control needs throughout the organization - increasing security and reducing operating costs.
Productivity: In a typical government agency, users login with user names and static passwords multiple times per day. With smart card authentication, the login experience is fast with an ATM-like experience (insert your card and type your PIN).

Technical benefits

Field-proven – ActivIdentity solutions are used by many government agencies around the world including the U.S. DoD, Veterans Affair and Department of Interior, as well as Singapore Defense Science and Technology Agency (DSTA).
Security across IT infrastructures – Enable multi-factor security with smart cards across the IT infrastructure, including secure access to workstations, networks and application as well as secure information and secure transactions. ActivClient is available for a variety of platforms including Windows®, Solaris®, Sun Ray®, Linux® and Mac OS®.
Ease of deployment and support – ActivClient supports software push technologies for seamless and costeffective deployment, and offers unique troubleshooting and diagnostics features for optimal supportability.
Extensible and open – Public APIs and SDKs allow easy integration with additional security applications and for creation of agency-specific functionality leveraging the digital certificates or the demographic data in the CAC.
Future-proof – ActivClient middleware shields organizations from the headaches of evolving interoperability standards by providing transparent support for multiple generations of specifications including U.S. DoD CAC, GSC-IS 2.1 and PIV, and will continue to evolve to support new standards.
A name you can trust – With over a decade of domain expertise, a broad patent portfolio and an extensive investment in ongoing research and development, ActivIdentity develops all its software products internally and ensures that its solutions continue to provide the industryleading security, usability, and interoperability that government agencies require.

Standards support

U.S. DoD CAC
U.S. DoD GSC-IS
GlobalPlatform / OpenPlatform
Java Card™
FIPS 201 / PIV certified cards and applications
FIPS 140-2 certified cards and applications
FIPS 140-2 certified Hardware Security Modules
Section 508 accessibility requirements
A variety of Public Key Infrastructure standards including PKCS#7, PKCS#10, PKCS#11, X509, CRMF / CMMF / CRM