Security Model

The default PIVKey security model is compatible with the Microsoft Smart Card Minidriver Specification. It has also been designed to support typical enterprise scenarios, such as user provisioning, and contactless access.

 The following are differences with the US Government security model. 

    PIVKey Difference
User Key Generation   Requires User PIN
User Certificate Loading      Requires User PIN
Contactless Access   Allowed for all certificates
Card Authentication Cert   Requires user PIN 
Have more questions? Submit a request

2 Comments

  • 0
    Avatar
    Robert Quattlebaum

    The fact that the Card Authentication Certificate requires a pin code makes it useless for physical access control. Allowing access to all certificates over the contactless interface (and no way for the administrator to disable this capability) is a security liability.

    I was really hopeful about this product, but my primary motivation is physical access control. Big disappointment.

  • 0
    Avatar
    Taglio Support

    Most user of PIVKey use certificates for Logical access only. This provides them with one addition certificate to use. It is a compromise.  If you need a standard Card Authentication Certificate, we recommend a standard PIV card.

Article is closed for comments.
Powered by Zendesk