White Papers
White Papers with Steve Rogers as a Contributing Author
Host Card Emulation 101
Host card emulation (HCE) is one of the most talked about mobile innovations today, providing solutions providers with a new architecture to implement convenient mobile NFC-based solutions. But how does the new architecture impact application security? The Smart Card Alliance “HCE 101” white paper takes a deep dive into HCE and NFC opportunities and security considerations. (August 2014) Steve Rogers was a Contributing Author to this white paper. Read or Download
Bluetooth Low Energy (BLE) 101 A Technology Primer With Example Use Cases
This white paper defines Bluetooth low energy (BLE), including the key features that can benefit businesses and consumers, and the BLE ecosystem. The paper explores the origins of BLE’s development, the BLE design principles, and the applications to which it can respond. BLE is discussed in the context of merchant, venue, and transportation-oriented applications. Example use cases illustrate category-specific issues and are included to stimulate thought on how to overcome constraints and explore new applications. (June 2014) Steve Rogers was a Contributing Author to this white paper. Read or Download
Physical Access Control Systems in a Federal Identity, Credentialing and Access Management Framework
Physical Access Control Systems in a Federal Identity, Credentialing and Access Management Framework (March 2014) Steve Rogers was a Contributing Author to this white paper. Read or Download
FICAM in Brief: A Smart Card Alliance Summary of the Federal Identity, Credential, and Access Management (FICAM) Roadmap and Implementation Guidance
The Smart Card Alliance Identity Council and Physical Access Council developed the summary of the Federal Identity, Credential, and Access Management (FICAM) Roadmap and Implementation Guidance to highlight key concepts and to make it more accessible to its target audiences. In developing and publishing the summary, the Smart Card Alliance hopes to expand the audience reading the document and promote its concepts broadly through the identity, credential and access management industry. The summary includes the FICAM segment architecture, as-is and target use cases, and roadmap and initiatives for Federal implementation of the FICAM architecture. (May 2010) Steve Rogers was a Contributing Author to this white paper. Read or Download
Interoperable Identity Credentials for the Air Transport Industry
This white paper was developed by the Smart Card Alliance Physical Access Council and Identity Council to provide the air transport industry with educational material on the use and applicability of interoperable identity credentials for use at airport facilities, and to propose a model for an interoperable identity credential that can leverage FIPS 201 and meet airport operational requirements. (October 2008) >>Steve Rogers was a Contributing Author to this white paper. Read or Download
Smart Cards and Biometrics
This white paper was developed by the Smart Card Alliance Physical Access Council to describe the benefits of combining smart cards and biometrics to enable strong verification and authentication of an individual's identity. The white paper provides an overview of biometrics technology, discusses how it's used for identification and verification, and describes the benefits of using smart cards and biometrics to enable strong verification and authentication of the cardholder's identity. The white paper includes eight case study examples of identity verification systems that combine smart cards and biometrics, including the Singapore Immigration Automated Clearance System, the Canadian Airport Restricted Area Identification Card, Amsterdam Schiphol Airport workforce ID card, the University of Arizona Keyless Access Security System, the FIPS 201 Personal Identity Verification (PIV) card, the U.S. Department of Defense Common Access Card (CAC), the U.S. Transportation Worker Identification Credential (TWIC), and the electronic passport. (March 2011) Steve Rogers was a Contributing Author to this white paper. Read or Download
Best Practices for the Use of RF-Enabled Technology in Identity Management
The Smart Card Alliance Identity Council developed this statement and FAQ to describe the industry position regarding recommended security and privacy best practices when using RF-enabled technology for identity management and to position RF-enabled contactless smart cards vs. RFID tags. (January 2007) >>Steve Rogers was a Contributing Author to this white paper. Read or Download
The Consequences to Citizen Privacy and National Security in Adopting RFID Technology for Border Crossing Identity Documents
The Department of Homeland Security (DHS) is incorporating radio frequency identification (RFID) technology in several border crossing documents that will be used to verify the identity of citizens re-entering the United States. The Smart Card Alliance Identity Council developed this white paper to discuss the security, privacy and operational issues with using RFID in human identification systems. The paper provides an overview of the use of RFID for supply chain applications, describes how RFID is proposed to be used in the DHS program, identifies key vulnerabilities with RFID systems that could be exploited, and proposes an alternative secure smart card-based solution for these border crossing identity programs. (October 2007) >>Steve Rogers was a Contributing Author to this white paper. Read or Download
Considerations for the Migration of Existing Physical Access Control Systems to Achieve FIPS 201 Compatibility
The Smart Card Alliance Physical Access Council developed this white paper to assist government agencies with the first phases of PACS migration to provide support for the new PIV cards that are being issued. It focuses on the current security environment for physical access and, through a series of questions, makes recommendations for how agencies can migrate and upgrade their current PACS to align them with the requirements of HSPD-12 and FIPS 201. (September 2006) Steve Rogers was a Contributing Author to this white paper. Read or Download
Contactless Smart Chip Technology: The Business Benefits
This briefing provides an overview of why businesses are implementing contactless smart chip technology in broadly different environments and applications both within the United States and around the world. (2005)> Steve Rogers was a Contributing Author to this white paper.Read or Download
ePassport Frequently Asked Questions
The new electronic passports (ePassports) include digital and physical security technologies that are integrated together to provide significantly higher levels of security. ePassports use advanced technologies that secure identities and new processes throughout the entire chain of trust - from manufacturing to use of the ePassport. This frequently asked questions (FAQ) document was developed by the Smart Card Alliance Identity Council to answer questions about how the ePassport works and what technology is used to protect an ePassport holder's personal information. (March 2009)> Steve Rogers was a Contributing Author to this white paper. Read or Download
EPC Gen 2 RFID Tags vs. Contactless Smart Cards: Frequently Asked Questions
The Identity Council developed this frequently asked questions document to discuss the differences between EPC Gen 2 RFID tags and contactless smart cards. The FAQ has a specific focus on how each technology supports security. (July 2006) Steve Rogers was a Contributing Author to this white paper.>Read or Download
Physical Access Control System Migration Options for Using FIPS 201-1 Compliant Credentials
This white paper was developed by the Smart Card Alliance Physical Access Council, in collaboration with the Security Industry Association (SIA), Open Security Exchange (OSE) and International Biometric Industry Association (IBIA), to assist government agencies with developing migration plans for using FIPS 201 compliant credentials in physical access control systems. The white paper describes key elements of a typical PACS, identifies migration considerations relative to each, and outlines different migration options and their benefits and challenges. The white paper also discusses options for integration, PACS enrollment and registration, and biometrics. (September 2007)> Steve Rogers was a Contributing Author to this white paper.Read or Download
Questions and Answers about the Proposed Use of RFID for U.S. Border Crossing Documents
The Identity Council developed this Q&A document to accompany the white paper, "The Consequences to Citizen Privacy and National Security in Adopting RFID Technology for Border Crossing Identity Documents." (October 2007) Steve Rogers was a Contributing Author to this white paper.Read or Download
RF-Enabled Applications and Technology: Comparing and Contrasting RFID and RF-Enabled Smart Cards
This Smart Card Alliance white paper compares RFID technology and RF-enabled smart cards and describes key requirements in RF-enabled applications. (January 2007) Steve Rogers was a Contributing Author to this white paper.Read or Download
Using Smart Cards for Secure Physical Access
This report provides a primer for understanding physical access control systems that use a smart ID card for personal identification. Designed as an educational overview for decision makers and security planners, the report describes physical access system architecture and components, provides guidance on key implementation considerations, describes smart card technologies used for physical and logical access, discusses migration considerations in moving from legacy physical access systems to smart card-based systems and showcases other applications that can be combined with a smart card-based secure physical access system. (July 2003) Steve Rogers was a Contributing Author to this white paper.Read or Download
Western Hemisphere Travel Initiative PASS Card: Recommendations for Using Secure Contactless Technology vs. RFID
The Identity Council developed this position paper to provide support for the use of ISO/IEC 14443-based technology for the Western Hemisphere Travel Initiative PASS card system and to recommend a technology trial to evaluate the performance of both EPC Gen 2 and ISO/IEC 14443-based technologies before DHS makes a final implementation decision. (June 2006) Steve Rogers was a Contributing Author to this white paper.Read or Download
A Comparison of PIV, PIV-I and CIV Credentials
This brief was developed by the Smart Card Alliance Access Control Council to provide an easy-to-use comparison of Personal Identity Verification (PIV), PIV-Interoperable (PIV-I) and Commercial Identity Verification (CIV) credentials. Download brief. View brief. (February 2012) Steve Rogers was a Contributing Author to this white paper.Read or Download
The Commercial Identity Verification (CIV) Credential-Leveraging FIPS 201 and the PIV Specifications
This white paper was developed by the Smart Card Alliance Physical Access Council to provide guidance on how enterprises can take advantage of FIPS 201 and the PIV credential specifications to implement a standards-based commercial identity credentialing program. The white paper defines the Commercial Identity Verification (CIV) credential as a credential that uses the same technology and data model as the PIV-I credential. (October 2011) Steve Rogers was a Contributing Author to this white paper.Read or Download
Emergency Response Official Credentials: An Approach to Attain Trust in Credentials across Multiple Jurisdictions for Disaster Response and Recovery
The Smart Card Alliance Identity Council and Physical Access Council developed this white paper to describe the benefits of using FIPS 201-based smart cards for ERO credentials and present credential use cases that support both emergency response and daily use. (October 2008) Steve Rogers was a Contributing Author to this white paper.Read or Download
NSTIC Frequently Asked Questions
This FAQ was developed by the Smart Card Alliance to answer questions about the National Strategy for Trusted Identities in Cyberspace (NSTIC). (August 2011) Steve Rogers was a Contributing Author to this white paper.Read or Download
Personal Identity Verification Interoperability (PIV-I) for Non-Federal Issuers: Trusted Identities for Citizens across States, Counties, Cities and Businesses.
This white paper was developed by the Smart Card Alliance Physical Access Council and Identity Council to describe the benefits of FIPS 201, PIV standards and PIV-I framework for state and local governments to enable interoperability and trust across different government issuers for a wide variety of identity credentialing programs. The white paper discusses policy, process and technology considerations related to the implementation of state and local government identity credentialing initiatives. The white paper summarizes important aspects of the current state of policy, process and technology and identifies opportunities to support additional work to further improve each through the use of the PIV-I framework and the PIV standard. (February 2011) Steve Rogers was a Contributing Author to this white paper.Read or Download
PIV-Interoperable Credential Case Studies
This white paper was developed by the Smart Card Alliance Identity Council to document the benefits of using PIV-interoperable credentials for enterprises and to provide implementation case studies of enterprises that are issuing or planning to issue PIV-I credentials. (February 2012) Steve Rogers was a Contributing Author to this white paper.Read or Download
Using FIPS 201 and the PIV Card for the Corporate Enterprise
The Smart Card Alliance Identity Council and Physical Access Council developed this white paper to provide an overview of FIPS 201 for corporate enterprise executives and to describe the benefits of using FIPS 201 as the foundation for enterprise identity management programs. (October 2008) Steve Rogers was a Contributing Author to this white paper.Read or Download
Wiegand Message Recommendations
The Smart Card Alliance Physical Access Council developed this industry recommendation to respond to requests for sample Wiegand message formats that will handle the additional fields of the Federal Agency Smart Credential Number (FASC-N) for programs that use Credential Series fields and Individual Credential Issue to identify credential holders. In addition, the recommendation defines device status messages to log field device activity. Additional Wiegand formats are defined to support this enhanced messaging along with the extra fields of the FASC-N. (August 2008) Steve Rogers was a Contributing Author to this white paper.Read or Download
Assurance Levels Overview and Recommendations
The Smart Card Alliance Identity Council developed this position paper to provide the Alliance interpretation and position on the OMB-defined levels of assurance. (March 2010) Steve Rogers was a Contributing Author to this white paper.Read or Download
FIPS 201 and Physical Access Control: An Overview of the Impact of FIPS 201 on Federal Physical Access Control Systems
This Physical Access Council white paper provides a roadmap to the key specifications that agencies need to consider in implementing FIPS 201-compliant physical access control systems and provides an overview of the key open questions where work is still being done on standards definition and implementation guidance. (September 2005) Steve Rogers was a Contributing Author to this white paper. Read or Download
FIPS 201 PIV II Card Use with Physical Access Control Systems: Recommendations to Optimize Transaction Time and User Experience
The Smart Card Alliance Physical Access Council developed this white paper to discuss factors that impact PIV II card transaction performance in PACS applications and provide recommendations on data encoding, user training and installation that can improve the user experience and reduce PIV II card PACS transaction time. (May 2007) Steve Rogers was a Contributing Author to this white paper. Read or Download
Identifiers and Authentication - Smart Credential Choices to Protect Digital Identity
The Smart Card Alliance developed this position paper to describe the issues with unique identifiers and discuss how smart cards can be used as authenticators when using unique identifiers. (September 2009) Steve Rogers was a Contributing Author to this white paper. Read or Download
Privacy, Identity, and the Use of RFID and RF-Enabled Smart Card Technology - A Smart Card Alliance Brief for State and Local Governments
State policy makers are looking carefully at the use of RFID technology in identity cards and the implications that holds for protecting privacy and personal information in identity applications and systems. This brief was developed by the Smart Card Alliance Identity Council to examine best practices for privacy-secure identity systems from the point of view of card technologies. (February 2009) Steve Rogers was a Contributing Author to this white paper. Read or Download
The REAL ID Act: Why Real ID Cards Should Be Based on Smart Card Technology
The Smart Card Alliance Identity Council developed this position paper to provide support for the use of smart card technology to implement state driver's licenses issued to comply with the REAL ID Act of 2005. (July 2006) Steve Rogers was a Contributing Author to this white paper. Read or Download
Recommendation on the Credential Numbering Scheme for the FIPS 201 PIV Card Global Unique Identifier.
This white paper was developed by the Smart Card Alliance Physical Access Council to recommend a credential numbering schema for the FIPS 201 PIV card GUID that will work for federal as well as non-federal issuers. (March 2009) Steve Rogers was a Contributing Author to this white paper. Read or Download
Smart Card Alliance Response to DHS REAL ID NPRM Federal Register Notice
The Smart Card Alliance Identity Council developed and submitted this response to the Department of Homeland Security Federal Register notice, "Minimum Standards for Driver's Licenses and Identification Cards Acceptable by Federal Agencies for Official Purposes," Docket No. DHS-2006-0030. The response was submitted to the Department of Homeland Security on May 7, 2007. > Steve Rogers was a Contributing Author to this white paper. Read or Download
Smart Card Alliance Response to WHTI Passport Card Federal Register Notice
The Identity Council developed and submitted a response to the Department of State Federal Register notice, "Card Format Passport; Changes to Passport Fee Schedule," Docket ID DOS-2006-0329. This notice announced the DHS and Department of State plan to use "vicinity read" RFID technology compliant with ISO/IEC 18000-6 Part C instead of contactless smart card technology for the proposed passport card. (November 2006) Steve Rogers was a Contributing Author to this white paper. Read or Download
Smart Card Technology: The Right Choice for REAL ID
The Department of Homeland Security (DHS) issued its final rule regarding minimum technology requirements for REAL ID drivers licenses on January 11, 2008. The Smart Card Alliance Identity Council developed this brief to describe the benefits to states for incorporating smart card technology into their REAL ID plans. (January 2008) Steve Rogers was a Contributing Author to this white paper. Read or Download
Transportation Worker Identification Credential (TWIC) Profile
This profile describes the TSA TWIC program. (2005) Steve Rogers was a Contributing Author to this white paper. Read or Download
Authentication Mechanisms for Physical Access Control Systems.
This white paper was developed by the Smart Card Alliance Physical Access Council to describe PIV card authentication mechanisms defined in NIST SP 800-116 and to describe additional authentication mechanisms that were not covered in SP 800-116, but that are important for organizations implementing PACS to increase security. These additional mechanisms can be essential to address the threats and risks that an organization anticipates. (October 2009) Steve Rogers was a Contributing Author to this white paper. Read or Download
Identity and Smart Card Technology and Application Glossary
The Smart Card Alliance Identity Council developed this glossary to define commonly used terms related to identity and smart card technology and applications. (April 2007) Steve Rogers was a Contributing Author to this white paper. Read or Download
