HID Identity pivCLASS RP40-H 920PHRNEGE037E Leaflet
Product codes
920PHRNEGE037E
PHYSICAL ACCESS SOLUTIONS
pivCLASS
®
Readers
for FIPS 201
pivCLASS
®
READERS FOR "CONTROLLED" AREAS ENABLE
HIGH SECURITY, INTEROPERABILITY AND COMPLIANCE
Part of an integrated solution from a single, trusted provider – Enables FIPS
201 compliance and follows NIST SP 800-116 guidelines and the TWIC Reader
Specification.
201 compliance and follows NIST SP 800-116 guidelines and the TWIC Reader
Specification.
Contactless reader solution for "Controlled" security areas – Meets NIST's
"Controlled" security area assurance level requirements with a single-factor
authentication mode: CHUID or CAK.
"Controlled" security area assurance level requirements with a single-factor
authentication mode: CHUID or CAK.
Supports multiple card types – PIV, PIV-I, CAC, CIV (a.k.a., PIV-C), TWIC and FRAC,
as well as iCLASS® and HID Prox cards for easy, phased transitions from legacy
technology to new PKI-enabled smart cards.
as well as iCLASS® and HID Prox cards for easy, phased transitions from legacy
technology to new PKI-enabled smart cards.
HID Global pivCLASS
®
Government Solutions
enable facilities to upgrade their existing
physical access control system (PACS) to FIPS
201 compliance.
physical access control system (PACS) to FIPS
201 compliance.
The pivCLASS contactless readers that deliver
the "Controlled" assurance level (as defined
in NIST SP 800-116) work with the pivCLASS
Authentication Module to perform the following
single-factor authentication modes:
the "Controlled" assurance level (as defined
in NIST SP 800-116) work with the pivCLASS
Authentication Module to perform the following
single-factor authentication modes:
CHUID Authentication – The pivCLASS system
tests the signature on the PIV card holder
unique identifier (CHUID) data object. The
CHUID signature check ensures the card is
authentic (it came from a valid issuer) and has
integrity (it has not been altered).
tests the signature on the PIV card holder
unique identifier (CHUID) data object. The
CHUID signature check ensures the card is
authentic (it came from a valid issuer) and has
integrity (it has not been altered).
Because the CHUID is a “free read” and will
be transmitted unencrypted to any reader, it
could be possible for perpetrators to capture
be transmitted unencrypted to any reader, it
could be possible for perpetrators to capture
a PIV card's CHUID and create a counterfeit
card. However, the pivCLASS signature check
secures against this threat and identifies cards
that have been counterfeited or altered.*
card. However, the pivCLASS signature check
secures against this threat and identifies cards
that have been counterfeited or altered.*
CAK Authentication – pivCLASS readers work
with the pivCLASS Authentication Module to
perform a PKI challenge-response in addition
to a signature check to validate the card
authentication key (CAK). The challenge-
response test ensures the public key in the
Card Authentication Certificate is bound to
the private key on the card. pivCLASS CAK
authentication secures against cards that have
been counterfeited, altered, copied or cloned.
with the pivCLASS Authentication Module to
perform a PKI challenge-response in addition
to a signature check to validate the card
authentication key (CAK). The challenge-
response test ensures the public key in the
Card Authentication Certificate is bound to
the private key on the card. pivCLASS CAK
authentication secures against cards that have
been counterfeited, altered, copied or cloned.
pivCLASS readers are guaranteed to meet
stringent specifications for operation, reliability
and interoperability with other Genuine HID
stringent specifications for operation, reliability
and interoperability with other Genuine HID
™
products.
ADDITIONAL PRODUCT FEATURES:
Architected for maximum security and
affordability. pivCLASS utilizes the
pivCLASS
affordability. pivCLASS utilizes the
pivCLASS
®
Authentication Module to
perform the cryptographic functionality
and to pass Wiegand-formatted data to
the PACS controller. Locating the critical
security operations within the secure
perimeter, rather than on the attack
side of the door, increases security and
reader affordability.
and to pass Wiegand-formatted data to
the PACS controller. Locating the critical
security operations within the secure
perimeter, rather than on the attack
side of the door, increases security and
reader affordability.
Up to two pivCLASS readers can
connect to a pivCLASS Authentication
Module via four-wire RS-485 per reader,
typically enabling facilities to re-use
much of their existing wiring.
connect to a pivCLASS Authentication
Module via four-wire RS-485 per reader,
typically enabling facilities to re-use
much of their existing wiring.
Available in mullion, mini-mullion and
wall switch form factor designed to
mount and cover single-gang switch
boxes.
wall switch form factor designed to
mount and cover single-gang switch
boxes.
Available with either a pigtail or terminal
strip wiring termination.
strip wiring termination.
User communication provided by
8-Color LED and audio beeper.
8-Color LED and audio beeper.
For the following security areas per NIST SP 800-116:
“Controlled” Areas
“Exclusion” Areas
“Limited” Areas
* Per SP 800-116, to achieve "Controlled" assurance, the CHUID read must be combined with a visual check (VIS) of the
identification card.
identification card.