Codebench Inc. announced that the Department of Veterans Affairs Financial Services Center in Austin, Texas has deployed Codebench’s PIVCheck Plus and Certificate Manager software to check and authenticate Personal Identity Verification cards for employees at its new facility.
By deploying Codebench’s PIVCheck Plus Software, in conjunction with the Software House C•CURE 800/8000 physical access control system, the VA’s Financial Services Center is using the PIV card as a single card access control solution facility-wide. Card holders use the PIV ID card to gain access into the building and verify privileges once inside the facility.
The Financial Services Center is running a pilot on using the PIV card to log onto their computers. Results thus far are excellent, and they expect full implementation of systems access using the PIV card by December 2010.
Codebench’s PIVCheck Plus software has been used to read, validate, authenticate and then register each cardholder’s PIV card into the C•CURE 800/8000 database without any manual data entry. Codebench’s PIVCheck Certificate Manager is a PC-based application that, after registration, re-validates imported cardholder certificates on a periodic basis. It checks the revocation status of the card, enabling the system to revoke access privileges on the spot.
Systems integrator Tech Systems Inc., Duluth, Ga., installed the system for the Veterans Affairs Financial Services Center, a facility that opened in Austin in 2009.
PIVCheck provides three-factor authentication, managing the acquisition of cardholder data from a smart card and performing off-card biometric matching. The software uses an asymmetric key authentication scheme to identify forged or cloned cards. Digital certificates may be verified by querying the issuer’s validation authority or an OCSP/SCVP responder. PIVCheck is FIPS 201-certified in several of the NIST SP 800-116 categories, including PIV Authentication System and Caching Status Proxy.