Credentsys™ is a secure smart card family that is designed for national ID systems, passports, and multi-use enterprise security environments. The family is certified to FIPS 140-2 and 201-1/SP800-73-1 specifications. CardLogix Credentsys smart cards achieve high security assurance by resisting identity fraud and tampering, using rapid electronic authentication. Credentsys cards offer a combination of high performance and cost-effectiveness by running on advanced 32-bit RISC processor cores with DES & PKI crypto acceleration.
Two different Java™ configurations are available, supporting standard Java GlobalPlatform compliant applets. All cards include contactless communication protocol ISO 14443 Type B. Credentsys cards offer a high level of built-in security with abnormal condition detection sensors to uncover changes in voltage, light, temperature, frequency, and other forms of tampering, such as glitch generation. All cryptographic key objects, PIN objects and other sensitive data are always stored in nonvolatile memory in an encrypted format. Integrity checks are performed on all critical system and data components prior to each access in order to detect tampering, allowing the Credentsys secure kernel to take defensive action. The memory protection unit is used for secure isolation of applications and OS code. All supported chips have received Common Criteria EAL 5+ certification.
The Credentsys card's crypto library utilizes hardware crypto accelerators for 3DES, RSA, and DSA operations. The chips and OSs are designed to withstand differential timing and power attacks (DTA and DPA) and are fully compliant with FIPS 140-2 Level 3 requirements. On-card RSA asymmetric key pair generation is supported up to 2048 key lengths. The Credentsys card family also supports full implementation of a logical credential data model that includes, but is not limited to, PIV II, Card Holder Unique ID, and PIV Authentication data as well as biometric, facial, and fingerprint data.
The optional extension to the PIV data model includes dedicated key pairs with a certificate for digital signatures and key management, plus a special authentication key for additional physical access applications. All standard PIV key reference values are supported in the PIV II interface. Credentsys cards are ideal for U.S. government Personal Identity Verification (PIV II) projects, as mandated by the HSPD-12 Directive.