Table of Contents
Advertisement
pivCLASS Introduction
®
HID Global's pivCLASS
Government Solutions portfolio is an extensive product family making it easy for U.S.
Federal Government, government contractors and other facilities to comply with security regulations. By using
Personal Identity Verification (PIV) and other smart cards for physical access control results in compliance,
interoperability and high security.
The pivCLASS modular approach provides government agencies the ability to use their PIV identity cards for strong
Public Key Infrastructure (PKI)-based validation for physical access control. The solution enables this functionality
without the need to "rip and replace" existing Physical Access Control systems (PACs), reducing costs, and removing
complexities to make it easy and affordable to acquire, install and maintain compliant physical access control
systems.
pivCLASS accomplishes this in part by communicating with an agency's PACs and external trust authority PKIs to
deliver functionality specified by National Institute of Standards and Technology (NIST) Federal Information
Processing Standards Publication 201 (FIPS 201).
Ordering information for all Release 3.2 pivCLASS components are included in this How to Order guide.
pivCLASS Certification
You must be a pivCLASS certified reseller to order either the pivCLASS Validation Server or the pivCLASS
Authentication Module (PAM). You do NOT need to be certified to order any pivCLASS reader. Certification is
achieved by having at least two members of your staff successfully complete the pivCLASS training program.
Reader Configuration Choices
All pivCLASS readers are designed to be "transitional readers". Transitional readers can be configured to support two
different operational modes:
1.
Wiegand Mode – in this mode the reader will read the FASC-N or UUID from the card and pass this data
directly to the door controller or panel over a Wiegand interface. The FASC-N output can be configured to
provide various output formats including 64 bit BDC, 75 bit GSA and 200 bit full FASC-N. The UUID output
is always 128 bits. Custom FASC-N output formats are available but some of these may not be supported in
PAM mode. It is important to note that in this mode NO AUTHENTICATION is done; it is provided to enable
a phased implementation approach.
2.
PAM Mode – in this mode the reader is connected to a pivCLASS Authentication Module (PAM) using
RS485 communication protocol. This mode supports CHUID, CAK (card authentication key), PIV+PIN,
PIV+PIN+BIO authentication, as defined in FIPS 201, depending on the capabilities of the reader (i.e.,
contactless, contact or biometric). This mode also supports the additional TWIC authentication modes
CHUID + BIO and CAK + BIO.
These readers can be reconfigured in the field to support either mode. For example, the following two step process
can be used to reconfigure from Wiegand to PAM mode:
•
Connect the reader to the PAM
•
Reconfigured the reader to PAM mode using a pivCLASS
Reader Part Number Configuration Aides
In addition to this document HID provides an online tool for determining the part number for various pivCLASS
readers. You can access this tool on the PIV & FIPS 201 Solutions page by following the link
https://www.hidglobal.com/government/piv
Guide" link under the Related Documents column.
Note: This is a large Excel file that will take some time to download.
May 2013
© 2012-2013 HID Global Corporation/ASSA ABLOY AB. All rights reserved.
Reader Programming Card
and clicking on "pivCLASS, iCLASS SE, multiCLASS WE Configuration
pivCLASS How to Order Guide – D00456, A.4
Page 3 of 11
Advertisement
Table of Contents
