Smart cards pass NIST security test

Datakey Inc. last week announced that its model 330 smart card is among

the first smart cards to earn the high-level security standard validated

by the National Institute of Standards and Technology.

All government agencies are required to use only cryptography products

that are validated under the NIST Federal Information Processing Standard

140-1. The Level 2 validation earned by Datakey's model 330 smart card means

the card will protect unclassified information by providing role-based authentication

and evidence of tampering. Spyrus Inc.'s Rosetta Smart Card Version 2.01

also earned Level 2 validation.

Datakey's 330 smart card is part of the company's public-key infrastructure

(PKI) solution called SignaSURE Cryptographic Interface Provider. It uses

the Datakey Cyptographic Card Operating System to create a user's key directly

on the card every time the card is used and can be used as the authentication

for many PKI-enabled applications.

Perhaps most important for federal agencies, Datakey is one of the smart

card providers that works with all three prime contractors on the General

Services Administration's Access Certificates for Electronic Services contract.

ACES is designed to provide PKI products and services — including digital

certificates with the cryptographic keys stored on smart cards — that can

be used by any agency that has signed on to the program. Datakey has also

partnered with the contractors serving as Interim External Certificate Authorities

on the Defense Department's PKI program.