High Assurance Profile
Assurance profiles are definitions within NIST1 FIPS-201 and the SCE-PACS2 to provide a vendor independent classification of readers and cards following the security they provide.
As per these documents, all traditional AmeriSys cards and readers can be classified as High Assurance Profile devices. Many other vendors, now claiming fame with new product lines, are in reality announcing products which can be classified in the Low and Medium Assurance profile. Buyer beware...
AmeriSys proximity Smart Card systems have had means to authenticate Smart Cards and prevent access to card contents and to detect and deter attacks from "spoof cards" presented to AmeriSys readers. AmeriSys Smart Cards also have means to authenticate readers and will deny access to their contents by unauthorized readers. They both use strong, well recognized cryptography, which to our knowledge, has never been broken. Every communication session between an AmeriSys Smart Card and a reader is encrypted by a randomly selected cryptographic sequence. Together, these means have effectively detected and resisted all attacks, both in the labs and in the field.
1 - NIST: United States National Institute of Science and Technology
2 - United States Government Smart Card Enabled Access Control Systems Implementation Guide
       (approved by the Government Smart Card Interagency Advisory Board)
|