SAN LEANDRO, Calif. – December 13, 2011 – BridgePoint™ Systems, the broadest provider of smart-card readers and enrollment software for Physical Access Control Systems (PACs), today launched its new Crypto ID™ smart card. The new card sets a higher security standard for smart card usage in the facility access industry.
Crypto ID uses a customer managed, secure Physical Access Control System (PACS) applet that is similar to the Personal Identity Verification (PIV) model, taking advantage of a Cardholder Unique Identifier (CHUID). The PIV compatible CHUID includes a Federal Agency Smart Credential Number (FASC-N), a Globally Unique Identifier (GUID) and an expiration date. This makes BridgePoint’s Crypto ID an attractive, compatible tool to use in PACS that are configured to use PIV, Common Access Card (CAC) and Transportation Worker Identification Credential (TWIC) authentication systems as well as PIV-interoperable credentials.
Unlike other ISO 14443 cards, Crypto ID creates unique session keys upon each use to encrypt the communication between Crypto ID and the card reader, establishing a secure channel. Unlike similar cards, whereby this secure channel is not available, Crypto ID mitigates man-in-the-middle attacks.
Crypto ID is also different from other cards because it can be re-configured by the customer up to four times, adding a heightened level of personalization and thus security. This approach makes it possible to issue the card with unique FASC-N’s and GUID’s until the card is reissued to a fifth user. It also makes the card much more cost-effective than others, reducing the credential expense per user by 80 percent.
“We designed Crypto ID with an eye toward the new Federal Government HSPD-12 directive, which, at its core, aims to eliminate the use of many proprietary access cards in favor of one, common, secure credential that uses Personal Identity Verification rules to authenticate all employees and contractors,” said Thomas E. Corder, president and CEO of BridgePoint Systems. “In addition to operating in a secure channel mode, Crypto ID gives clients the choice of adding the CHUID in a second location as a freely readable applet so they can use it in low security scenarios with readers from BridgePoint as well as alternative suppliers. This open capability provides added flexibility, making it a perfect choice for commercial and government facilities that use two levels of security.”
“The Crypto ID card gives customers peace-of-mind, knowing that their system keys are under their own control and the system is compatible with PACS that conform to the government’s PIV program,” added Corder.
Crypto ID makes full use of the strong security capabilities of NXP Semiconductor’s DESFire platform. Upon each use, a session key is derived from the unique card key and a random number is generated by the card and the card reader. With this client-managed key generation solution, Crypto ID’s easy-to-use application ensures that only customer issued ID cards are allowed in the system, offering greater confidence in the facility’s overall security.
BridgePoint’s Crypto ID technology also allows the client to define up to four additional containers for future use with identifiers such as a user name, biometric template and security clearance.
For over a decade, BridgePoint Systems has delivered solutions to help security managers face an ever-changing landscape of threats and challenges. Located at the edge of Silicon Valley, the company offers innovative technology that embeds public key infrastructure in an agile, user friendly way for assuring identity in physical access systems. Among other pioneering efforts, BridgePoint Systems was the first U.S. company to develop smart card readers for use by the Department of Defense in a physical access system. The company was also first to integrate the Department of Defense’s CAC with biometrics in a real world deployment and first to install an interoperable Personal Identification Verification reader in a government, multi-tenant facility.
Some of the nation’s largest government contractors and security integrators such as the U.S. Army, U.S. Navy, U.S. Air Force, U.S. Marines, Army Corps of Engineers, General Services Administration (GSA) and the Department of Homeland Security (DHS) use BridgePoint Systems’ technology. All of BridgePoint Systems’ products are securely designed and built in the United States. For more information, visit BridgePoint Systems’ website at www.BridgePointsystems.com or call (510) 346-1510.
# # #