HID ActivID® Credential Management System

Secure Management of Smart Cards and Token

Overview | Specifications
  • Secure Management of Smart Cards and Token

HID Global’s ActivID® Credential Management System (CMS) enables organizations to issue an authentication credential that goes beyond perimeter security. Choose from smart cards, smart tokens or virtual smart cards for secure access to individual workstations and servers within the firewall, as well as VPNs and applications. The high assurance credential can also encrypt data, hard drives, documents and emails, and enable digital signing.

The ActivID Credential Management System is ideal for:

  • Medium to large enterprises issuing employees with converged access cards or smart tokens for authentication, data encryption and data signing
  • Organizations deploying Personal Identity Verification (PIV) cards and commercial organizations deploying PIV Interoperable (PIV-I) or Commercial Identity Verification (CIV) cards.
  • Governments issuing citizens identification cards with PKI-based credentials

ActivID CMS is the only offering in the industry that makes it possible for organizations to create, manage and use a single PKI smart card for both IT and physical access – using a unified solution from a single vendor.

Organizations deploying ActivID CMS are able to securely provision PKI certificates and other credentials to a range of different devices, including smart cards, virtual smart cards, tokens and mobile devices. It is also scalable to millions of credentials in distributed complex environments with multiple user groups. ActivID CMS interfaces with physical access control systems (PACS) to automate the PIV or PIV-I card enrollment process enabling users to use their card to authenticate at the door without the need to re-enroll their card.

The ActivID Credential Management System (CMS) gives organizations a way to simply and securely manage deployment of high assurance credentials. The solution supports:

Extensibility: In conjunction with ActivClient®, as well as public key cryptography standards (PKCS) #11-compliant middleware, the ActivID CMS can be used to support the issuance and management of smart cards for a wide variety of desktop, network security, and productivity applications. When fully leveraged, the credentials can be used for both logical and physical access. ActivID CMS also supports the issuance of digital certificates on virtual smart cards and mobile devices to enable flexibility in terms of form factors and assurance level options.

Lifecycle management: Effectively manages an organization’s authentication devices (e.g., smart cards, smart USB Tokens, virtual smart cards, mobile devices), data (e.g., static passwords, biometrics, and demographic data), applets (e.g. one-time password applications and Personal Identity Verification [PIV] applets), and digital credentials (including PKI certificates). ActivID CMS’ unique, patented post-issuance update capabilities ensure organizations are in control of their credentials at all times.

Integration: Interoperable with a wide variety of environments, including operating systems, directories, front- or back-end identity management and provisioning systems, certificate authorities, card printers including FARGO® printers and physical access control systems.

Robust reporting: Provides full, tamper-evident audit features that log all event activities for reporting.

Strong security: Delivers a secure, transparent method for transmitting secrets held on smart cards or smart USB tokens connected to user workstations. Keys and personally identifiable information are protected on the server using a Hardware Security Module and transmitted securely end-to-end to the secure element chip. ActivID CMS also supports stringent U.S. Federal Government standards for PIV and PIV-I.