Card Management System (CMS)

A Certificate Authority (CA) with a Credential Management System (CMS) or Smart Card Management System provides certificate issuance and card creation in batch. A CMS enables administration and management capabilities of authentication credentials in a secure and convenient way. A CMS can provide an organization the ability manage virtual and physical smart cards, RFID devices, corporate badges or tokens with PKI, PIV or FIDO capabilities.

Card Management involves controlling the life-cycle of a card. It could be a Credit card, ID card or Transport card, and it may include some electronic credential on the card (card serial number, e-wallet, digital ID). The life-cycle is the process that starts from generating the need for a card, i.e. a request, moving to approval and then issuance, and follows with the monitoring of use, expiry, blocking and re-issuance of expired, lost or stolen cards. Each business will have its own rules around each stage of this process.

Other CMS like “Identification Card Management Systems” are more generic and are used in universities and corporations to manage staff and student ID cards and may just focus on the request and issuance of the cards alone, though some are able to integrate with third-party systems like access control, copier and printing cost recovery systems. Despite the distinction between Identification and Credential Management Systems, there are instances of overlap, as many universities issue student cards that may double as a bank card or wallet.