TrustAlert™ Enrollment Solutions

Is your agency preparing to implement an HSPD-12 program? If so, then Enrollment needs to be part of the planning process. A primary benefit of government-issued credentials is that the credential contains information normally needed for enrollment into a PACS. This information includes:

• the users name
• agency
• expiration date
• credential number (FASC-N)

• photograph
• biometric template
• PKI certificates

BridgePoint offers a suite of tightly integrated hardware and software solutions that authenticate and locally enroll CAC and compliant PIV Credentials (including TWIC, FRAC and PIV-I) into compatible access control systems, including Lenel OnGuard, Cisco, Honeywell Vindicator, SoftwareHouse CCURE and Quintron Access NSite. By importing data stored on the credential, you eliminate manual data entry- increasing efficiency and ensuring accuracy. Whereas typical legacy enrollments take nearly 10 minutes to complete, the TrustAlert Enrollment Software Application provides one button seamless enrollment into a PACS in less than 15 seconds.

The TrustAlert solution includes desktop enrollment stations and a software application running on a Windows based PC client. Both 2-Factor and 3-Factor Enrollment Stations are available. Each Station is self-contained and plugs directly into the USB port on a client PC workstation. The integrated all-in-one design makes the Station easy to use and expedites the enrollment process, saving time and money.

2-Factor Desktop Enrollment Station
The 2-Factor Desktop Station provides robust authentication of a PIV Credential by verifying the User’s CARD, PIN, PHOTO and PKI challenge-response to both the Personal Certificate Private Key (PAK) and the Card Authentication Private Key (CAK)

3-Factor Desktop Enrollment Station
The 3-Factor Desktop Station provides robust authentication of a PIV Credential by verifying the User’s CARD, PIN, BIO, PHOTO and PKI challenge-response to both the Personal Certificate Private Key (PAK) and the Card Authentication Private Key (CAK).

BridgePoint engineers have designed the enrollment process to be efficient and user-friendly by optimizing which authentications are performed in hardware and which are performed in software by the client PC. In a typical integration with a PACS provider, it takes one click of the mouse to enroll the User into a list of default access profiles.

The TrustAlert application includes a Security Configuration menu where the administrator can set the authentication policy for granting access privileges. The application even allows an optional Supervisor override.

See the graphic below for the primary window for enrollment.

TrustAlert Software Application
The GUI displays the information important in the enrollment process including the User Name, agency/department affiliation, expiration date, FASC-N (agency/system/credential number), and results of the BIO match, PAK challenge and CAK challenge. The GUID is displayed if present.

The results are displayed in real time as the User is enrolled, allowing the attendant to view results of the authentication factors including Card Expiration Date, BIO Scan result, Photograph, Private Key Challenge(s) and Certificate Status.

If the pre-configured security policy is met, the attendant can click on the Enroll button to complete the process. If the minimum security policy is not met, a Supervisor can enter their security code to enable an Override (if authorized to do so).

The TrustAlert Enrollment application can be integrated with BridgePoint’s Certificate Repository and Validation application to provide a full enrollment and validation suite capable of recurring validation updates to compatible PACS.

Contact us today to schedule a free consultation.