Physical Access
Home>Products>Physical Access>ICAM ProofCards>Credentials
ICAM PROOFCARDS™/CREDENTIALS
ICAM ProofCards are carefully crafted to maximize your solution's testing integrity using the smallest possible set of credentials. Easy to use, ICAM ProofCards provide a convenient and systematic way to approach unit testing, acceptance testing, and even Certification and Accreditation activities. ICAM ProofCards help you prove your system's reliability.
The following table provides a description of the cards that are included in your set:
| ProofCard # | Description | Threat Type |
|---|---|---|
| 1 | Golden PIV | None |
| 2 | Golden PIV-I | None |
| 3 | Deprecated: Substituted keypair in PKI-AUTH certificate (AKID/SKID mismatch) | Manipulated Data |
| 4 | Tampered CHUID | Manipulated Data |
| 5 | Tampered PIV and Card Authentication Certificates | Manipulated Data |
| 6 | Tampered PHOTO | Manipulated Data |
| 7 | Tampered FINGERPRINT | Manipulated Data |
| 8 | Tampered SECURITY OBJECT | Manipulated Data |
| 9 | Expired CHUID signer | Invalid Date |
| 10 | Expired certificate signer | Invalid Date |
| 11 | PIV Authentication Certificate expiring after CHUID | Invalid Date |
| 12 | Authentication certificates valid in future | Invalid Date |
| 13 | Expired authentication certificates | Invalid Date |
| 14 | Expired CHUID | Invalid Date |
| 15 | Valid CHUID copied from one card to another (PIV) | Copied Credential |
| 16 | Valid Card Authentication Certificate copied from one card to another (PIV) | Copied Credential |
| 17 | Valid PHOTO copied from one card to another (PIV) | Copied Credential |
| 18 | Valid FINGERPRINT copied from one card to another (PIV) | Copied Credential |
| 19 | Valid CHUID copied from one card to another (PIV-I) | Copied Credential |
| 20 | Valid Card Authentication Certificate copied from one card to another (PIV-I) | Copied Credential |
| 21 | Valid PHOTO copied from one card to another (PIV-I) | Copied Credential |
| 22 | Valid FINGERPRINT copied from one card to another (PIV-I) | Copied Credential |
| 23 | Private and Public Key mismatch | Manipulated Keys |
| 24 | Revoked authentication certificates | Revoked Credential |
| 25 | Discovery object is not present | Only Application PIN is present and shall be used. |
| 26 | Discovery object tag 0x5F2F is present; first byte: 0x40, second byte: 0x00 | Only Application PIN is present and shall be used. |
| 27 | Discovery object tag 0x5F2F is present; first byte: 0x60, second byte: 0x10 | Application and Global PINs are present. Application PIN is primary. |
| 28 | Discovery object tag 0x5F2F is present; first byte: 0x60, second byte: 0x20 | Application and Global PINs are present. Global PIN is primary. |
| 37 | Card with PPS F=512, D=64 (625,000 baud) | ISO Standards Conformance |
| 38 | Hash value within the Security Object does not match hash value of its corresponding data group buffer. | Manipulated Data |
| 39 | Federally issued PIV-I card using FASC-N with the agency's Agency Code plus System Code, Credential Number, Credential Series Code, and Issue Code. | Incorrect Identifier |
| 41 | Public Key on card does not match Public Key previously registered to the system. | Copied container |
| 42 | Certificates on the card refer to an OCSP responder that uses an expired response signing certificate. | Invalid Date |
| 43 | Valid certificates on the card refer to an OCSP responder that uses a response signing certificate that is revoked but contains the id-pkix-ocsp-nocheck OID. | Invalid Credential |
| 44 | Certificates on the card refer to an OCSP responder that uses a response signing certificate that is revoked, and the id-pkix-ocsp-nocheck OID is not present. | Invalid Credential |
| 45 | Certificates on the card refer to an OCSP responder that uses a response signing certificate with an invalid signature. | Manipulated Data |
| 46 | Valid FIPS 201-2 card with card UUIDs in the SubjectAltName extensions are sequentially after the FASC-Ns (replaces Card 1). | None |
| 47 | Golden FIPS 201-2 PIV card with card UUIDs in the SubjectAltName extensions are sequentially before the FASC-N. | SP 800-73-4 Standards Conformance |
| 49 | FIPS 201-2 PIV card profile with exception that Cardholder Facial Image CBEFF has expired. | Invalid Date |
| 50 | Golden FIPS 201-2 PIV card profile with exception that Cardholder Facial Image CBEFF will expire before CHUID expiration date. | Invalid Date |
| 51 | FIPS 201-2 PIV card profile with exception that Cardholder Fingerprints CBEFF has expired. | Invalid Date |
| 52 | Golden FIPS 201-2 PIV card profile with exception that Cardholder Fingerprints CBEFF will expire before CHUID expiration date. | Invalid Date |
| 53 | Golden FIPS 201-2 PIV card profile with slightly larger than recommended Card Authentication Certificate (2160 bytes). | SP 800-73-4 Standards Conformance |
| 54 | Golden FIPS 201-2 Non-Federally Issued PIV-I card (replaces Card 2). | None |
| 55 | FIPS 201-2 PIV card missing its Security Object | Tampered Data |
| 57 | FIPS 201-2 PIV card with revoked CHUID signing cert | Invalid Credential |
| 58 | FIPS 201-2 PIV cards with revoked Card Authentication cert | Invalid Credential |