Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Mobile

10/16/2012
04:19 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

HID Global Identity Assurance partners With Precise Biometrics To Deliver Strong Authentication For iOS

New solution combines ActivClient Mobile Software Development Kit (SDK) for iOS with two sleeves from Precise Biometrics

IRVINE, Calif., October 14, 2012– HID Global®, a worldwide leader in secure identity solutions, will, today announced a solution for government agencies interested in securing iOS devices with access to sensitive data. The solution combines the recently announced ActivClient Mobile Software Development Kit (SDK) for iOS &trade with two sleeves from Precise Biometrics: the Tactivo&trade iPhone® sleeve and the Tactivo&trade iPad® sleeve. This solution enables government agencies of all kinds to use their Common Access Card (CAC) or Personal Identity Verification (PIV) cards to secure communications and access to sensitive information by encrypting it through standard Public Key Infrastructure (PKI) encryption methods.

"The massive popularity of iOS devices has completely changed the way organizations of all types, including government, approach how these devices access information," said Thomas Marschall, Precise Biometrics President & CEO. "Our solution with HID Global takes a pragmatic approach to the problem, ensuring that the CAC and PIV cards already in use can now secure the mobile devices government employees are already using."

For government agencies interested in deploying a more integrated solution, HID Global offers a solution leveraging "derived credentials", a concept recently introduced in the FIPS 201-2 PIV standard, which is currently in draft form. The integrated approach taken by HID Global applies the "derived credential" to a secure microSD card, a secure element with the same cryptographic services as the CAC or PIV smart card. This microSD format can be connected to iPhones with a sleeve. This approach brings both significantly increased convenience and security to the iPhone BYOD scenarios.

The ActivClient Mobile Software Development Kit (SDK) for iOS enables application developers and government entities to deliver two-factor authentication, signature and decryption technologies for all iOS devices, including iPhone and iPad. These devices have led the charge in the Bring-Your-Own-Device (BYOD) phenomenon, causing a shift in the way government employees access their corporate email and other resources.

The Precise Biometrics Tactivo&trade Smart Card & Fingerprint Reader enables multi-factor authentication on iPad and iPhone, supporting U.S. government credentials including PIV, PIV-I, CAC and TWIC, as well as the Precise Match-on-Card credentials used in many national IDs. As a smart casing that slips easily over the device, Tactivo&trade makes security convenient and easy to use; pass-through charging and synchronization and a slim design mean users don't have to remove the casing for regular, daily use. Tactivo&trade for iPad was also designed to accommodate the popular iPad Smart Cover®.

"It is incredibly important for us to bridge the gap from the cards in use today to the mobile devices of the future," said Julian Lovelock, vice president of product marketing, Identity Assurance, with HID Global. "As the market shifts from workstations to smartphones and tablets, there is an increased use of these devices to access corporate emails and resources. By incorporating our iOS SDK with sleeves like those from Precise Biometrics, we ensure a smooth transition for government agencies and their employees."

ActivClient Mobile SDK for iOS provides a layer of middleware that connects strong two-factor authentication credentials to applications and encrypted 'containers' running secure application stacks on the mobile device. HID Global's new ActivClient SDK supports a previously unseen standard of secure BYOD usage by enabling the benefits of pervasive smart mobile devices, with reasonable and responsible enterprise policy enforcement for even for the most security-minded enterprise and government organizations.

ActivClient Mobile SDK for iOS currently supports several hardware options:

Three types of smart cards: standard-compliant PIV and CAC smart cards and the HID Global CrescendoÒ 1150

The Precise Biometrics Tactivo&trade

One MicroSD option: the ActivIdentity secure microSD

Availability

The HID Global ActivClient Mobile SDK for iOS and the Precise Biometrics Tactivo&trade are available now.

About Identity Assurance Solutions

HID Global's Identity Assurance Solutions enable customers to prove and establish trust in a person's identity when accessing resources on the network. The business's strong authentication and smart card solutions are relied upon by more agencies, including the U.S. Department of Defense, than any other provider, and has issued more than 100 million credentials to enterprise, government and commerce customers. The Identity Assurance Solutions business (formerly ActivIdentity) is headquartered in Silicon Valley, California. For more information, visit www.actividentity.com.

About HID Global

HID Global is the trusted source for innovative products, services, solutions, and know-how related to the creation, use, and management of secure identities for millions of customers around the world. The company's served markets include physical and logical access control, including strong authentication and credential management; card printing and personalization; visitor management systems; highly secure government and citizen ID; and identification RFID technologies used in animal ID and industry and logistics applications. Primary brands are ActivIdentity®, EasyLobby®, FARGO® and HID®. Headquartered in Irvine, California, HID Global has over 2,000 employees worldwide and operates international offices that support more than 100 countries. HID Global® is an ASSA ABLOY Group brand. For more information, visit www.hidglobal.com.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Eric_Brown
50%
50%
Eric_Brown,
User Rank: Apprentice
10/22/2012 | 4:51:08 PM
re: HID Global Identity Assurance partners With Precise Biometrics To Deliver Strong Authentication For iOS

It's
nice to see another company giving users the perfect balance between security
and user experience by implementing 2FA which allows us to telesign into our
accounts. I know some will claim this make things more complicated, but the
slight inconvenience each time you log in is worth the confidence of knowing
your info is secure. I'm hoping that more companies start to offer this
awesome functionality. This should be a prerequisite to any system that wants
to promote itself as being secure.
Edge-DRsplash-10-edge-articles
7 Old IT Things Every New InfoSec Pro Should Know
Joan Goodchild, Staff Editor,  4/20/2021
News
Cloud-Native Businesses Struggle With Security
Robert Lemos, Contributing Writer,  5/6/2021
Commentary
Defending Against Web Scraping Attacks
Rob Simon, Principal Security Consultant at TrustedSec,  5/7/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-32089
PUBLISHED: 2021-05-11
** UNSUPPORTED WHEN ASSIGNED ** An issue was discovered on Zebra (formerly Motorola Solutions) Fixed RFID Reader FX9500 devices. An unauthenticated attacker can upload arbitrary files to the filesystem that can then be accessed through the web interface. This can lead to information disclosure and c...
CVE-2020-24586
PUBLISHED: 2021-05-11
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that received fragments be cleared from memory after (re)connecting to a network. Under the right circumstances, when another device sends fragmented frames encrypted us...
CVE-2020-24587
PUBLISHED: 2021-05-11
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames and...
CVE-2020-24588
PUBLISHED: 2021-05-11
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802....
CVE-2020-26139
PUBLISHED: 2021-05-11
An issue was discovered in the kernel in NetBSD 7.1. An Access Point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. This might be abused in projected Wi-Fi networks to launch denial-of-service attacks against connected clients and...