Governments around the world are mandating increased levels

of security to counter the increasingly sophisticated and complex

attacks on computer systems and facilities. To comply with these

new regulations, security solutions need to enable agencies and

organizations to prove and establish trust in the identities accessing

their network, applications, buildings and other resources.

Throughout the industry, compliance with open standards such as FIPS 201

and Global Platform are driving new products that offer cost effective and

easier to deploy solutions to address continually evolving threats to critical

cyber and physical infrastructures.

Only ActivIdentity, part of HID Global, trusted leader in solutions for the

delivery of secure identity, has the technology expertise to offer a complete

Identity Assurance solution, from the reader and smart cards to the

appliance and authentication software.

Currently, we work with more than 200 local, state, federal and

international government agencies in the U.S., Europe, Asia, Australia and

beyond. In fact, to date, millions of government employees are carrying and

using security credentials issued by ActivIdentity solutions. Cost-effective

and highly secure, ActivIdentity’s Credential Issuance and Verification

solutions comply with stringent government regulations. They provide the

right level of security, at an appropriate cost, to deliver secure access to

multiple physical and logical assets across agencies for government and

non-government employees.

The ActivIdentity Certificate-based Credential Issuance and Verification Solution

is comprised of a series of interoperable products. Government agencies can

select one or more of these products to create a solution that meets their

specific Identity Assurance requirements, mandates, and use cases.

Benefits

• Enhanced productivity by providing a single platform to issue and manage devices and credentials

• Scales to support very large user populations

• Proven technology that has been leveraged by the most security-minded agencies worldwide to issue and verify hundreds of millions of credentials

• Appliance option that reduces deployment time and costs

• Compliance with stringent government and industry standards including U.S. Federal FIPS 201 for Personal Identity Verification (PIV) credentials

• Enforcement of logical security policies for local, remote and smartphone mobile access

• Upgrades existing physical access control systems (PACS) to authenticate credentials at full range of assurance levels

ActivIdentity Certificate-based Credential Issuance and Verification

Government Credential Management. Complete. Secure. Interoperable.

SOS

OL

UT

ION

OV

ER

VIE

W

security

trustcompliance

confidence

expertise

Key Solution Components

• 4TRESS Authentication Appliance provides a complete multi-layered versatile strong authentication solution to secure access conveniently and cost-effectively

• ActivID Credential Management System (CMS) issues and provides full life cycle management of certificate-based credentials

• ActivClient and ActivClient Mobile verify credentials for logical access on computers and smartphones

• ActivEntry upgrades physical access control systems to verify credentials across the full range of assurance levels

• ActivEntry Mobile provides for mobile verification of credentials and associated attributes

Complementary Solution Components

• CoreStreet® Validation Authority enables the validation of credential status via OCSP

• CoreStreet Path Builder enables the validation of credential trust and status via SCVP

• CoreStreet Attribute Authority enables the verification of attributes associated with credentials

Register and Enroll Identity: The ActivID™ Identity Registration System is

a FIPS 201 compliant solution that enables sponsorship, enrollment and

adjucation of applicants. The solution can enroll the applicant’s biographic,

biometric, and capture the applicant’s physical ID (with optional advanced

hardware) as well as perform background checks with external identity

proofing systems (e.g., government Automated Fingerprint Identification

Systems [AFIS]).

Issue and Manage Credentials: The ActivID Credential Management

System (CMS), and CMS Appliance, are reliable, proven, and extensible

solutions that enable government customers to quickly and easily issue

and manage digital credentials on devices such as cards, tokens, and

smartphones, for secure access to PCs, Windows login, cloud applications,

remote access and building facilities.

The CMS Appliance manages credentials throughout their lifecycle,

updating users’ access in real time without additional cost and resources.

Government contractors can quickly and easily obtain PIV-I cards through

the HID-PIV Service for access to government facilities and networks, as

well as meet compliance mandates regarding the protection of classified

information.

Scales for Large User Populations: An add-on Batch Management

System (BMS) module enables communication with a service bureau for

the personalization and encoding of smart cards in centralized high-volume

card production environments. The CoreStreet Validation Authority and

CoreStreet Path Builder products expand the solution for large user

populations and enable inter-agency trust for federated environments. The

CMS API enables integration to systems such as IDMS or other databases

to create seamless, operationally efficient solutions.

Easy to Deploy: The CMS Appliance is delivered preconfigured, which

significantly reduces deployment time and costs, and ensures a best-

practice deployment. The value of credentials is closely tied to their range

of use cases across interoperable systems, the multiple levels of assurance

they enable, and their compliance with standards. ActivIdentity ActivID

products deliver a full range of use cases for logical and physical access, support

all assurance levels, and are fully compliant with government standards including

FIPS 201 and Global Platform.

Logical Access Verification: ActivClient™ and ActivClient Mobile help government

agencies comply with regulations and manage the risk of unauthorized access

to computers, networks and smartphones for employees working in the office,

remotely or via mobile devices. This capability enables agencies to use strong

authentication, encryption, and digital signatures to protect high-value resources

and communications. 4TRESS Authentication Appliance provides complete,

multi-layered, versatile strong authentication so government agencies can

secure access conveniently and cost-effectively. More than 20 versatile

authentication methods enable organizations to address each user group’s

business needs, while optimizing the balance between security, convenience and

cost. 4TRESS Authentication Appliance can also enable strong authentication to

cloud applications. Government agencies can choose the authentication method

that is most appropriate for each application.

Physical Access Verification: ActivEntry and ActivEntry Mobile help government

agencies upgrade and extend physical access control to comply with mandated

standards at fixed door readers and mobile checkpoints, respectively.

Remarkably, only ActivIdentity offers a complete Credential Issuance and

Verification solution that is compliant, scalable, secure, simple to implement,

and based on open standards.

Why ActivIdentity?

ActivIdentity, part of HID Global, is a leading provider of secure identity solutions,

enabling organizations to establish trust in online identities. For over 20 years,

ActivIdentity has been helping enterprise, government and financial service

organizations meet their information security and compliance requirements.

That’s why more than 2,500 of the most security conscious customers around

the globe trust ActivIdentity for their secure identity needs. HID Global and

ActivIdentity are committed to continually enhancing customer value through

secure identity solutions that drive down costs, are easy to use, and increase

end user and administrative convenience.

Trusted by hundreds of government agencies worldwide including

• U.S. Department of Defense

• U.S. General Services Administration

• U.S. Department of Energy

• U.S. Department of Veterans Affairs

• U.S. Department of Health and Human Services

• NASA

• U.K. Metropolitan Police

• State of Colorado

• Queensland Department of Transportation

“The decision to select ActivIdentity

was based on their proven track

record in large-scale Identity

Assurance deployments, a highly

configurable, full-featured smart

card management system, and long-

term support for open standards.”

– Cathi Taylor, Chief Information

Officer, Queensland Department

of Transportation

Certificate-based Credential Issuance and Verification Overview

user

enrollment

certificate authority credential device options

credential statusand trust check

built on open standardsvalidationauthority

pathbuilder

CoreStreet

attributeauthority

ISSUE

credentials to users

* Previously calledFIPS-201 F5 Solution

** Previously calledPIVMAN Solution

USE

logical access verification

physical access verification

ActivID CardManagement

System (CMS)

Compliance and Risk Management

Was the credential issued to this user?Was it copied or cloned?

Is it counterfeit?Is it still valid?

Do I trust the issuer?

ActivIdentityProducts

4TRESS Authentication

Server (AS)

ActivID CMS Appliance

smart card

USB token

ActivClient

LAN access

web access

VPN access

digital signature

card management

application access

ActivClient Mobile

ActivEntry*fixed reader access control

mobile reader access controlActivEntry Mobile**

smartphone

SO0212V02

Americas +1 510.574.0100

US Federal +1 510.574.0100

Europe +33 (0) 1.42.04.84.00

Asia Pacific +61 (0) 2.6208.4888

Email info@actividentity.com

Web www.actividentity.com

About ActivIdentity

ActivIdentity, a global leader in identity assurance, enables customers to prove and establish

trust in a person’s identity when accessing resources on the network. The business’s

strong authentication and smart card solutions are relied upon by more agencies, including

the U.S. Department of Defense, than any other provider, and has issued more than 100

million credentials to enterprise, government and commerce customers. ActivIdentity is

headquartered in Silicon Valley, California. ActivIdentity is part of HID Global, an ASSA ABLOY

Group brand. For more information, visit www.actividentity.com

Copyright © 2012 ActivIdentity. All rights reserved. ActivIdentity and 4TRESS are trademarks of ActivIdentity. All other trademarks, trade names, service marks, service names, and images mentioned and / or used herein belong to their respective owners.

Follow Us On: