Physical Access

ICAM ProofCards™ / Credentials

ICAM ProofCards™ have been carefully crafted to maximize the testing integrity of your solution using the smallest possible set of credentials. Easy to use, ICAM ProofCards provide a convenient and systematic way to approach unit testing, acceptance testing and even C&A activities. ICAM ProofCards help you prove the reliability of your system.

The following table provides a description of the cards that are included in your set:



ProofCard # Description Threat Type
1 Golden PIV None
2 Golden PIV-I None
3 Deprecated: Substituted keypair in PKI-AUTH certificate (AKID/SKID mismatch) Manipulated Data
4 Tampered CHUID Manipulated Data
5 Tampered PIV and Card Authentication Certificates Manipulated Data
6 Tampered PHOTO Manipulated Data
7 Tampered FINGERPRINT Manipulated Data
8 Tampered SECURITY OBJECT Manipulated Data
9 Expired CHUID signer Invalid Date
10 Expired certificate signer Invalid Date
11 PIV Authentication Certificate expiring after CHUID Invalid Date
12 Authentication certificates valid in future Invalid Date
13 Expired authentication certificates Invalid Date
14 Expired CHUID Invalid Date
15 Valid CHUID copied from one card to another (PIV) Copied Credential
16 Valid Card Authentication Certificate copied from one card to another (PIV) Copied Credential
17 Valid PHOTO copied from one card to another (PIV) Copied Credential
18 Valid FINGERPRINT copied from one card to another (PIV) Copied Credential
19 Valid CHUID copied from one card to another (PIV-I) Copied Credential
20 Valid Card Authentication Certificate copied from one card to another (PIV-I) Copied Credential
21 Valid PHOTO copied from one card to another (PIV-I) Copied Credential
22 Valid FINGERPRINT copied from one card to another (PIV-I) Copied Credential
23 Private and Public Key mismatch Manipulated Keys
24 Revoked authentication certificates Revoked Credential
25 Discovery object is not present Only Application PIN is present and shall be used.
26 Discovery object tag 0x5F2F is present; first byte: 0x40, second byte 0x00 Only Application PIN is present and shall be used.
27 Discovery object tag 0x5F2F is present;first byte: 0x60, Second byte: 0x10 Application and Global PINs are present. Application PIN is primary.
28 Discovery object tag 0x5F2F is present; first byte: 0x60, Second byte: 0x20 Application and Global PINs are present. Global PIN is primary.
37 Card with PPS F=512, D=64 (625,000 baud) ISO Standards Conformance
38 Hash value within the Security Object does not match hash value of its corresponding data group buffer. Manipulated Data
39 Federally issued PIV-I card using FASC-N with the agency's Agency Code plus System Code, Credential Number, Credential Series Code, and Issue Code. Incorrect Identifier
41 Public key on card does not match public key previously registered to the system. Copied container
42 Certificates on the card refer to an OCSP responder that uses an expired response signing certificate. Invalid Date
43 Valid certificates on the card refer to an OCSP responder that uses a response signing certificate that is revoked but contains the id-pkix-ocsp-nocheck OID. Invalid Credential
44 Certificates on the card refer to an OCSP responder that uses a response signing certificate that is revoked, and the id-pkix-ocsp-nocheck OID is not present. Invalid Credential
45 Certificates on the card refer to an OCSP responder that uses a response signing certificate with an invalid signature. Manipulated Data
46 Valid: FIPS 201-2 card with card UUIDs in the SubjectAltName extensions are sequentially after the FASC-Ns (replaces Card 1). None
47 Golden FIPS 201-2 PIV card with card UUIDs in the SubjectAltName extensions are sequentially before the FASC-N. SP 800-73-4 Standards Conformance
49 FIPS 201-2 PIV card profile with exception that Cardholder Facial Image CBEFF has expired. Invalid Date
50 Golden FIPS 201-2 PIV card profile with exception that Cardholder Facial Image CBEFF will expire before CHUID expiration date. Invalid Date
51 FIPS 201-2 PIV card profile with exception that Cardholder Fingerprints CBEFF has expired. Invalid Date
52 Golden FIPS 201-2 PIV card profile with exception that Cardholder Fingerprints CBEFF will expire before CHUID expiration date. Invalid Date
53 Golden FIPS 201-2 PIV card profile with slightly larger than recommended Card Authentication Certificate (2160 bytes). SP 800-73-4 Standards Conformance
54 Golden FIPS 201-2 Non-Federally Issued PIV-I card (replaces Card 2). None
55 FIPS 201-2 PIV card missing its Security Object Tampered Data
57 FIPS 201-2 PIV card with revoked CHUID signing cert Invalid Credential
58 FIPS 201-2 PIV cards with revoked Card Authentication cert Invalid Credential

About CertiPath

CertiPath focuses on the use of digital identity in the modern connected world. Trusted digital identities are one of the most important components to securing your network, data and buildings but achieving ubiquitous trust online has been a challenge for 30 years.

Contact Us
  • Address: 1900 Reston Metro Plaza
    Suite 303, Reston, VA 20190, USA
  • Toll Free: 1.855.758.0075
  • Phone: 1.703.793.7870
  • Email: info@certipath.com
Videos
© 2016 CertiPath®. All rights reserved. CertiPath® and the CertiPath® logo are trademarks of CertiPath®. Privacy  ⁄  Terms of Use