atsec Information Security Completes Four GSA FIPS 201 Evaluations for Codebench
Products Join the FIPS 201 Evaluation Program Approved Products ListAustin, TX - February 08, 2010 - atsec information security, an accredited laboratory for the GSA FIPS 201 Evaluation Program which runs a product approval program for PIV-related products destined for the U.S. Government market, is proud to announce the successful GSA FIPS 201 evaluation of four Codebench products. Codebench is the first company with solutions evaluated for GSA product categories "Caching Status Proxy," "PIV Authentication System," and "CHUID Authentication System."
Codebench"s PIVCheck Plus Desktop Edition with PIVCheck Certificate Manager, PIVCheck Plus Mobile Edition with PIVCheck Certificate Manager and PIVCheck Desktop Edition (both the SCVP Client and PIV Authentication System) were tested and evaluated in atsec's Austin, TX lab.
As a result of its evaluation, atsec has determined that Codebench's products meet FIPS 201 requirements on behalf of GSA, who ultimately grants the approval. These products are now listed on the FIPS 201 Evaluation program Approved Product List, which only lists those products and services that are in compliance with the current version of the Standard and its supporting NIST Special Publication 800-116, which provides recommendations for the Use of PIV Credentials in Physical Access Control Systems (PACS).
"Codebench is currently the only company that has approved products in the "Caching Status Proxy," "PIV Authentication System," and "CHUID Authentication System" categories," said Geri Castaldo, chief executive officer of Codebench. "By completing the evaluation process with atsec information security, Codebench has demonstrated its commitment to ensuring its solutions meet government regulations and support NIST Special Publication 800-116 and HSPD-12."
"atsec succeeded to complete successfully three first-in-category evaluations for Codebench products," Apostol Vassilev, Laboratory Manager for atsec's CST lab. "In doing so, we are proud to join our client in a position of leadership in providing secure products with the appropriate level of tested assurance for these product categories as mandated by the GSA PIV Project Management Office."
The product entries are included on the GSA FIPS 201 Evaluation Program Approved Product List at http://fips201ep.cio.gov/apl.php.as:
Codebench, Inc.
PIVCheck Plus Desktop Edition with PIVCheck Certificate Manager
Category: Caching Status Proxy
Part #: PVCP-D/S-B1
SW version: 1.2
(GSA APL item # 464)
Codebench, Inc.
PIVCheck Plus Mobile Edition with PIVCheck Certificate Manager
Category: Caching Status Proxy
Part #: PVCP-M/S-B1
SW version: 1.2
(GSA APL item # 473)
The caching status proxy is a product (hardware and/or software) that polls the status of all registered PIV Cards periodically, and cache the status responses from their issuer(s). Caching status proxies are useful in scenarios that require extremely quick query-responses for certificate revocation status information or when physical access control systems need to cache certificate revocation information so as to be able to make an access control decision when on-line certificate validation is not possible.
Codebench, Inc.
PIVCheck Desktop Edition
Category: PIV Authentication System
Part #: PVC-D/S
SW version: 1.2
(GSA APL item # 466)
The PIV Authentication System product category provides the capability to perform a cryptographic challenge/response with the PIV Authentication Key stored on a PIV Card and makes an authorization decision based on the FASC-N stored on the PIV Card.
Codebench, Inc.
PIVCheck Desktop Edition
Category: CHUID Authentication System
Part #: PVC-D/S
SW version: 1.2
(GSA APL item # 468)
The CHUID Authentication System product category provides the capability to access and determine authenticity of the CHUID stored on a PIV Card and makes an authorization decision based on the CHUID elements stored on the PIV Card.
FIPS 201 (with its supporting documents) is the mandatory standard that addresses the Homeland Security Presidential Directive 12 mandate (HSPD-12). HSPD-12 mandates a government-wide standard for secure and reliable forms of identification issued by the Federal Government to its employees and contractors.
# # #
About Codebench
Codebench is a software development firm focused exclusively on physical security applications. A leading developer of software integration solutions, Codebench is a certified Women’s Business Enterprise located in Coconut Creek, Fla., and serves the Fortune 500, academic and government markets. For more information, visit www.pivcheck.com or call (561) 883-3218.
About atsec information security
atsec information security is an independent, standards-based information technology security services company that combines a business-oriented approach to information security with in-depth technical knowledge and global experience. atsec was founded in Munich, Germany in 2000 and has extensive international operations with offices in the U.S., Germany, Sweden, and China.
atsec offers secure code review, ISO/IEC 27001 ISMS consulting, and penetration testing and scanning services as well as being a QSA and ASV.
atsec also offers evaluation and testing services leading to formal certification for IT security including evaluation under Common Criteria schemes in the U.S., Germany, and Sweden; cryptographic module and algorithm testing under the Cryptographic Module Validation Program of the National Institute of Standards and Technology (NIST) in the U.S. and Communications Security Establishment Canada (CSEC) in Canada.
atsec works with such leading global companies as IBM, Apple, Microsoft, Hewlett-Packard, Oracle, Cray, BMW, SGI, Vodafone, RWE, and Wincor-Nixdorf.
Codebench Integrates PIVCheck Software with Brivo security management system
Partnership provides first HSPD-12–compliant online access control solutionCOCONUT CREEK, Fla. - February 2, 2010 - Codebench, Inc., the leading provider of TWIC / HSPD-12 / FIPS-201 authentication software, announced today that it has formed a technology partnership with Brivo Systems LLC to provide clients with the industry’s first HSPD-12–compliant Web-connected access control system.
Codebench’s PIVCheck software suite, an end-to-end card validation, authentication, and registration solution for HSPD-12 compliance, now seamlessly integrates with Brivo Systems’ standalone access control systems, OnSite SE™ and XE™.
Pairing the PIVCheck solution with Brivo’s access control appliances will save customers time in the card registration process and provide the capability to validate card-holder credentials on a real-time and on-going basis as required by FIPS-201. This integration supports homeland security initiatives through better screening and management of individuals seeking physical access to Federally-controlled government facilities.
In addition to this important integration, Brivo Systems will serve as a reseller of Codebench’s PIVCheck software suite.
"Codebench has demonstrated a sophisticated understanding of customer requirements in the government market and has built innovative products to meet those needs," said John Szczygiel, Executive Vice President at Brivo. "We are pleased to partner with Codebench to provide this capability for our array of government and private sector clients who must meet Federal regulations for personnel identity verification."
"Our technology partnership with Brivo Systems is unique because it’s the first with a Web-connected access control system solutions provider," said Geri B. Castaldo, CEO of Codebench. "By working together, we’re able to ensure that clients can access the PIVCheck software suite without disrupting or voiding the warranty on their Brivo Systems solution. For Codebench, this also enables us to further our penetration into the federal government, utility, airport and property management markets."
The PIVCheck software suite provides a seamless transition to HSPD-12 or FIPS-201 compliance by leveraging a facility’s physical access control system for card validation, authentication, and registration. The software uses strong, three-factor identification to determine the cardholder’s unique identifying data and biometric information, and verifies the validity of the card by checking with the appropriate X.509 certification authority or other entity, such as the TSA hot list.
About Codebench
Codebench is a software development firm focused exclusively on physical security applications. A leading developer of software integration solutions, Codebench is a certified Women’s Business Enterprise located in Coconut Creek, Fla., and serves the Fortune 500, academic and government markets. For more information, visit www.pivcheck.com or call (561) 883-3218.
About Brivo Systems
Brivo Systems LLC provides an online, open-system security management technology platform that empowers organizations to protect and remotely monitor buildings and perimeter entry points using the latest in Internet and wireless technologies. With Brivo’s security management system, customers significantly expand their physical access control system by customizing functionality to exactly fit their needs and more effectively mitigate and manage security risk. The company’s hardware products and software services enable businesses to control physical access to offices, warehouses, remote/unmanned buildings, as well as sensitive areas such as computer rooms, where real-time control and accountability of entry are critical. 2009 marked 10 years of Brivo making security simple for thousands of end users around the world. For more information, visit http://www.brivo.com.
Brivo is a wholly owned subsidiary of The Duchossois Group, a privately held holding company, headquartered in Elmhurst, Illinois, which owns AMX, The Chamberlain Group and Milestone AV Technologies. Duchossois also holds strategic interests in Churchill Downs, Inc. (NASDAQ:CHDN), and a number of other diversified businesses.
Codebench Achieves Listing on GSA Approved Products List
COCONUT CREEK, Florida - November 5, 2009 - Codebench, Inc., the leading provider of TWIC / HSPD-12 / FIPS-201 authentication software, announced today that its Server-based Certificate Verification Protocol (SCVP) client is now listed on the General Services Administration (GSA) Approved Product List (APL). Codebench´s PIVCheck Desktop Edition, which features the company´s SCVP client, is the first such product to be listed in the newly created SCVP category, which denotes products that comply with the Federal Information Processing Standard (FIPS 201).
The use of SCVP as part of a FIPS 201-compliant physical access control solution significantly improves the credential validation process by simplifying the certificate path discovery between the client and multiple certificate validation authorities. This is especially important in a situation where Personal Identity Verification (PIV) cards from multiple agencies need to be validated at a variety of different facilities.
"SCVP is going to be a fundamental building block of FIPS 201-compliant physical access control systems, and we´re proud to have assisted the GSA in recognizing its importance to FIPS 201 compliance," said Bob Fontana, President of Codebench.
Codebench´s PIVCheck software suite is an end-to-end card validation and PACS registration solution for HSPD-12 compliance. Its desktop and mobile clients verify PIV, TWIC, NG CAC, and CAC, matching the cardholder´s stored biometric against a live sample, and validating the card´s digital certificates using an OCSP or SCVP Responder or, for TWIC, the TSA Hotlist. For all FIPS 201 credentials, the CHUID signature is verified and the card is authenticated using PKI or CAK authentication protocol.
The GSA Approved Product List can be found at http://fips201ep.cio.gov/apl.php.
Codebench Receives Top Honors in GSN´s 2009 Homeland Security Awards
Wins Best Integrated System for HSPD-12 / FIPS 201 Compliance Category
COCONUT CREEK, Fla. - (November 3, 2009) Codebench, Inc., the leading provider of TWIC / HSPD-12 / FIPS-201 authentication software, announced today that its PIVCheck software suite was recognized as the top HSPD-12 / FIPS 201 solution by the judges in the Government Security News 2009 Homeland Security Awards.
Codebench won in the Best Integrated System for HSPD-12/ FIPS 201 Compliance award category, beating out three other finalists. Competitors in this category included AlertEnterprise, Lenel Systems International, and Hirsch Electronics.
"Codebench is absolutely thrilled to have received this recognition from GSN and it speaks volumes to the talent and dedication of our software engineering team run by Bob Fontana," said Geri Castaldo, CEO of Codebench. "We also want to thank Datastrip, our mobile reader manufacturer partner, and the many access control system partners that have supported us over the years."
Government Security News debuted the Homeland Security Awards this year to recognize the outstanding achievements of security vendors and government agencies at the federal, state and municipal levels. The publication handed out awards in 35 separate homeland security categories at an awards dinner in Manhattan on Oct. 27th attended by 300 government officials and industry executives.
Award categories for vendors included Best Intrusion Detection / Prevention System, Best Authentication / Identification Product, Best Mass Notification System, and others. Government agencies were recognized in categories that included Most Effective Border Security Program, Most Effective Seaport Security Program, and Most Effective State Government Security Program.
"The competition was stiff, and our panel of independent judges had to make some very tough choices, but we think we´ve identified the ´best of the best´ for 2009," said Jacob Goodwin, the editor-in-chief of GSN: Government Security News, who oversaw the evaluation process.
Codebenchs PIVCheck software suite, an end-to-end card validation, authentication and registration solution for HSPD-12 compliance provides strong, three-factor authentication, managing the acquisition of cardholder data from a smart card and performing off-card biometric matching. It has recently been deployed by the Port of Houston Authority, Port of Wilmington, Delaware and is currently in use by several government agencies.
CODEBENCH INTEGRATES PIVCHECK® SOFTWARE WITH MORPHOTRAK FIXED READERS
Relationship Expands Reach In The Government And Law Enforcement Markets
COCONUT CREEK, Florida. - October 8, 2009 - Codebench, Inc., the leading provider of TWIC / HSPD-12 / FIPS-201 authentication software, announced today that it has formed a technology partnership with MorphoTrak (Safran group), specialists in large fingerprint identification systems and biometric technology readers.
Codebench's PIVCheck software suite, an end-to-end card validation, authentication and registration solution for HSPD-12 compliance, now supports the MA520 PIV fixed reader and the MSO 1350e, a USB combination smart card reader and fingerprint sensor, both from MorphoTrak. Together, Codebench and MorphoTrak are able to offer seaports, government and law enforcement agencies a complete fixed reader-based credentialing solution with seamless integration between the reader and the credentialing software.
"The strength of PIVCheck and Codebench is their ability to accurately verify certificates against certificate authorities," said Consuelo Bangs, senior program manager for MorphoTrak. "That's an area that very few companies specialize in and Codebench has done an excellent job of creating a process and system that easily integrates with MorphoTrak's solutions."
Both companies expect the relationship will enable them to leverage their offerings to the PIV market through the GSA FIPS 201 approved products list and through the Initial Capabilities Evaluation list by the Transportation Security Administration, on which MorphoTrak's readers are registered. Ports with grant money for pilot projects often look to the ICE list to identify pre-qualified and tested solutions before deploying a system at their facility, while Federal Agencies refer to the GSA FIPS 201 approved products for qualified, tested products for deployment.
"The fixed reader market is four times the size of the mobile device market and this relationship with MorphoTrak enables Codebench to extend its reach in the credentialing market," said Geri B. Castaldo, CEO of Codebench. "On the front end, our desktop credential validation and registration software leverages the accuracy and ease of use of MorphoTrak's latest optical sensor technology, while on the back-end, our PACS Service sends real-time biometric and certificate status information to the MorphoTrak MA520. Our joint solution provides complete SP 800-116 coverage for the end-user."
PIVCheck provides strong, three-factor authentication, managing the acquisition of cardholder data from a smart card and performing off-card biometric matching. The software uses an asymmetric key authentication scheme to identify forged or cloned cards. Digital certificates may be verified by querying the issuer's validation authority or an OCSP/SCVP responder. TWIC FASC-Ns are also verified against a live or cached TSA hot list.
About Codebench
Codebench is a software development firm focused exclusively on physical security applications. A leading developer of software integration solutions, Codebench is a certified Women's Business Enterprise located in Coconut Creek, Fla., and serves the Fortune 500, academic and government markets. For more information, visit www.pivcheck.com or call (561) 883-3218.
About MorphoTrak
MorphoTrak, a subsidiary of Safran group, provides biometric and identity management solutions to the U.S. and Canadian markets. Formed in April 2009 from the merger of Sagem Morpho Inc. and Motorola's biometric division, Printrak, MorphoTrak's markets include law enforcement, border control, civil identification, facility/IT security and access control. MorphoTrak and its global parent - Sagem Sécurité -- are leading innovators in large fingerprint identification systems, facial and iris recognition, as well as identification technologies such as smart cards, secure travel documents, e-passports, and drivers' licenses. MorphoTrak employs over 450 persons, with headquarters near Washington D.C., major corporate facilities in Anaheim, CA and Tacoma, WA, and regional facilities throughout the U.S. Please visit www.MorphoTrak.com or call (800) 601-6790.
Press Contacts:
Eclipse Media Group for Codebench, Inc.
Chelsie Woods
207-510-0029
cwoods@eclipsemediagroup.net
MorphoTrak
Eve Fillon
703-797-2666
eve.fillon@morphotrak.com
DATASTRIP MOBILE READERS WITH CODEBENCH PIVCHECK® PLUS SOFTWARE TIGHTEN PORT OF WILMINGTON SECURITY
WILMINGTON, Delaware. - June 24, 2009 - The Port of Wilmington took a major security step to comply with the Transportation Worker Identification Credential (TWIC) program. Port security officials are using Datastrip's DSV2+TURBO® rugged card readers to enroll and positively identify the port's authorized workers. Codebench's PIVCheck Plus software drives Datastrip's mobile readers.
"We investigated several systems and felt that the Datastrip and Codebench solution is most compatible with our existing physical access control system," said Patrick Hemphill, manager of port security at the Port of Wilmington. "This allowed us to successfully integrate information from our database with the handheld readers to comply with the TWIC standards."
Port security officials have been using three Datastrip DSV2+TURBO devices with Codebench's PIVCheck Plus software at the main gate to enroll TWIC cards. In addition, Codebench's PIVCheck Plus software has been installed on one of the port's desktop computers so that TWIC cards can be registered on-site. Port officials have future plans for mobile security patrols to use the DSV2+TURBO® units to spot check workers.
="With the handheld Datastrip-Codebench solution, port officials can enroll TWIC cardholders from virtually anywhere in the port and transmit that data to the ProWatch physical access control system," said Eric Schaeffer of Advantech Inc., the port's integrator. "The quick speed of enrollment has provided an invaluable time savings that port officials can put toward other important projects."
The field-proven DSV2+TURBO meets government standards, attesting to its rugged durability. The unit is weather-resistant to the elements, as well as drop-resistant to withstand freefalls. When integrated with Codebench's PIVCheck Plus software, the DSV2+TURBO provides a critical link between the TWIC card and a port's PACS, allowing users to quickly validate and manage credentials.
About Datastrip
Datastrip is a world leader in field-proven mobile identity verification. Together with market-leading biometric and information technology vendors, Datastrip specializes in providing secure portable information and ID solutions that provide on-the-spot verification of credentials from any individual. The Datastrip product line supports facial, iris and fingerprint biometric matching, as well as contact-based and contactless ID cards such as national ID cards and passports. For more information, visit http://www.datastrip.com or call (800) 548-2517.
DATASTRIP AND CODEBENCH CARD READER SOLUTION ENROLLS TWIC CARDHOLDERS AT PORT OF HOUSTON AUTHORITY
HOUSTON, Texas - June 17, 2009 - The Port of Houston Authority (PHA) successfully implemented the Transportation Worker Identification Credential (TWIC) program by harnessing a handheld card reader technology solution from Datastrip and Codebench Inc. Using Datastrip's DSV2+TURBO® with Codebench's PIVCheck Plus software, PHA has enrolled close to 7,000 TWIC cardholders in the Houston area to date.
To comply with federal TWIC guidelines, all longshoremen, truckers, steamship line personnel, stevedores and vendors requiring access to PHA restricted areas must carry a TWIC card. To meet the April 15 compliance deadline, PHA initiated an aggressive outreach program through which authorities visited trucking companies to remotely enroll drivers using Datastrip's mobile readers.
Once back at the port, the data was transmitted from the handheld devices to the port's existing AMAG Symmetry physical access control system (PACS). The PIVCheck Certificate Manager software checks cardholder data against the TSA hotlist twice daily and notifies PHA if a cardholder appears on the list. The U.S. Coast Guard will use the Datastrip card readers and PIVCheck software to confirm the identity of TWIC cardholders during regular inspections as well as random spot checks.
Additionally, Codebench's PIVCheck Plus software has been installed in four of the port's desktop computers so that TWIC cards can be registered on-site.
"The Port of Houston Authority's top priority is to maintain a secure port that ensures individuals who pose a threat do not gain access to secure areas of the nation's maritime transportation system," said Bill Crews, port security and emergency operations manager at PHA. "The Datastrip-Codebench TWIC solution allowed us to enroll thousands of transportation workers into our existing access control system in a timely manner in order to take full advantage of the increased security layer offered by the TWIC process."
The field-proven DSV2+TURBO meets government standards, attesting to its rugged durability. The unit is weather-resistant to the elements, as well as drop-resistant to withstand freefalls. When integrated with Codebench's PIVCheck Plus software, the DSV2+TURBO provides a critical link between the TWIC card and a port's PACS, allowing users to quickly validate and manage credentials.
CODEBENCH ADDS TO HSPD-12 OFFERINGS
PIVCheck Passage Designed to open Gates at Ports, Military Facilities
COCONUT CREEK, Florida - February 12, 2009 - Codebench Inc. announced the addition of PIVCheck® Passage to its suite of HSPD-12 compliance, automated physical access control system registration, and certificate management products.
PIVCheck Passage is now available as an additional module to the following:
* PIVCheck – contact card validation (desktop and mobile)
* PIVCheck Plus – contact card validation and automated PACS registration (desktop and mobile)
* TWICCheck – contactless TWIC card validation (mobile only)
PIVCheck Mobile enables compliance officers to verify cardholder identities and check revocation status using a wireless verification unit. PIVCheck Passage then gives the compliance officer the option to wirelessly open a door or gate using the cardholders’ Wiegand access card ID.
The card ID is transmitted to the access control panel where it is validated and logged as an access event just as if the card had been presented to a directly attached reader. PIVCheck Passage supports most legacy Wiegand formats such as HID’s Corporate 1000 as well as the 48-, 64-, 75-, and 200-bit FASC-N based formats.
This combination of a mobile PIV/TWIC authentication appliance with wireless PACS link provides agencies with the ability to converge PIV/TWIC validation requirements with legacy access systems over dispersed operating areas.
CODEBENCH'S PIVCHECK® NOW SUPPORTS THE VENUS FINGERPRINT SENSOR
Codebench completes the integration of Lumidigm’s Venus Sensor into its Software Suite for TWIC Compliance
ALBUQUERQUE, New Mexico and COCONUT CREEK, Florida. - November 18, 2008 - Lumidigm, the provider of Multi-Spectral Imaging (MSI) based fingerprint sensors, and Codebench, the leading provider of TWIC / HSPD-12 / FIPS-201 authentication software, today announced the support for the Venus sensor in their PIVCheck and PIVCheck Plus software applications.
Lumidigm’s Venus Series fingerprint sensors return superior images on virtually anyone, anytime, in any environment. Lumidigm’s patented Multi-Spectral Imaging (MSI) technology provides clean, clear results regardless of how wet or dry a person’s finger is or what pressure is applied. Fingerprint images are captured-even when the individual has little or no surface fingerprint - by using multiple wavelengths of light to look deep below the skin surface at the identical internal fingerprint. These high-quality multispectral images reduce or eliminate enrollment problems and false rejections. The result is increased user satisfaction and reduced costs. "In the difficult and changing physical environments where PIVCheck is used, the robust performance and ease of use of the Venus sensor ensures a rapid and accurate authentication," said Geri Castaldo, CEO of Codebench.
PIVCheck provides strong, three-factor authentication, managing the acquisition of cardholder data from a smart card and performing on-card biometric matching. Digital certificates are verified using the issuer’s validation authority, OCSP responder or repeater. All cards are validated using FIPS-201 challenge-response in order to identify forged or cloned cards. PIVCheck validates all PIV, TWIC, NG CAC, legacy CAC and FRAC cards. TWIC card FASC-Ns are also verified against a live or cached TSA Hot List. "In rounding out Lumidigm’s TWIC and PIV Portfolios, Codebench was an obvious choice for Lumidigm," said Matt Shannon, Lumidigm’s Vice President of Public Sector Sales. "PIVCheck was already selected by 2 of our other prominent partners, Datastrip and Innometriks. Working with Codebench ensured a continuity no other team member could provide." Codebench’s PIVCheck will be demonstrated in the Datastrip Booth (#743) at the Maritime Security Expo in Long Beach, California today and tomorrow, November 18-19, 2008.
About Lumidigm
Lumidigm, Inc. deploys biometric systems that work quickly and effectively on all people in all environmental conditions. Headquartered in Albuquerque, New Mexico, Lumidigm sensors are distributed worldwide. Lumidigm’s initial venture capital investors are DFJ New England, Epic Ventures, and International Venture Fund. Other investors include Draper Fisher Jurvetson, Intel Capital, Methode Electronics, Motorola Ventures, New Mexico Co-Investment Partners managed by Fort Washington Capital, Solstice Capital, and Sun Mountain Capital.
Contact: Janine Kennedy, Lumidigm, 505.272.7082
SOFTWARE HOUSE® SIGNS DISTRIBUTION AGREEMENT FOR CODEBENCH PIVCHECK PRODUCT SUITE
COCONUT CREEK, Florida. (November 3, 2008) — Codebench, Inc. announced today that Software House has signed a distribution agreement to sell its PIVCheck Product Suite, a cardholder validation solution for HSPD-12 compliance with automated registration and certificate management.
PIVCheck Plus has been integrated with Software House C·CURE® 800/8000 and C·CURE 9000, providing strong, three-factor authentication and performing biometric matching. Managing the acquisition of cardholder data from a PIV, TWIC, CAC, or FRAC card, PIVCheck Plus performs seamless, automated registration into the C·CURE system, and does not require a third-party identity or credential management system.
PIVCheck uses FIPS-201 challenge-response in order to identify forged or cloned cards. Digital certificates may be verified using the issuer’s validation authority, OCSP responder or repeater. TWIC card FASC-Ns are also verified against a live or cached TSA Hot List.
Using PIVCheck Plus to update a C·CURE cardholder record with information harvested from a TWIC, PIV, CAC or FRAC credential, end-users may continue to utilize their already issued badges for access, while their PIV, TWIC, CAC or FRAC certificates are constantly re-validated by PIVCheck’s Certificate Manager software. If Certificate Manager finds a revoked certificate, the cardholder’s badges can be automatically suspended. This important feature leverages the already existing access control infrastructure and supports it with certificate management. “PIVCheck’s integration with Software House C·CURE systems will help end-users quickly and efficiently comply with HSPD-12 and the TWIC program,” said Geri Castaldo, CEO of Codebench.
“Our PIVCheck product suite gives facility operators the flexibility to continue using their current C·CURE system, access cards and readers, or to migrate to PIV-enabled cards and readers over time.” “Our customers, particularly those in the government space, will benefit from our integration with PIVCheck Plus. We’ve consistently tried to offer solutions that allow our customers to move forward at their own pace, and this integration certainly supports that” said Peter Boriskin, Vice President of Product Management for Tyco International’s access control and video systems.
PIVCheck is available in both mobile and desktop versions. In developing PIVCheck Mobile, Codebench partnered with Datastrip Inc., a world-leading provider of fieldproven mobile identification and verification technology. Datastrip’s DSV2+TURBO® handheld biometric terminal operates with commercial off-the-shelf FIPS 201 PIV-II and ANSI INCITS 378-compliant fingerprint capture devices. The Codebench/Datastrip
mobile solution recently successfully completed all of the Transportation Security Administration’s Initial Capabilities Evaluation scenarios for the TWIC pilot program.
About Tyco International’s Software House® access control and security management solutions
Tyco International’s Software House solutions include the innovative C·CURE® 9000 security and event management system and the flagship C·CURE 800/8000 access control solution. Combined with a suite of powerful door controllers and the industry’s first true multi-technology reader, Software House solutions are among the most powerful in the industry. Add an unsurpassed integration platform that allows customers to integrate seamlessly with critical business applications, including American Dynamics Intellex® digital video management systems and VideoEdge® network video management
systems, and it’s easy to see why Software House solutions are the hands-down choice for security-critical applications. In fact, nearly half of the companies listed on the Fortune 500 use Software House branded solutions to help solve their most complex business operation challenges.
For more information on Software House access control and security management technologies, visit www.swhouse.com.
DATASTRIP HANDHELD BIOMETRIC READER SUCCESSFULLY COMPLETES TSA’s EVALUATION FOR TWIC PROGRAM
U.S. Coast Guard contracts for units with TWICCheck software from Codebench
EXTON, Pennsylvana, October 8, 2008 – Datastrip’s DSV2+TURBO® handheld biometric reader operating with Codebench’s TWICCheck software successfully completed all of the Transportation Security Administration’s Initial Capability Evaluation scenarios for the Transportation Worker Identification Credential pilot program. The confirmation means that port operators and security integrators can employ this equipment as the basis for a TWIC-compliant solution for identity verification as published on the Initial Capability Evaluation (ICE) list.
The certification is the second big win for the Datastrip reader in less than a month. Datastrip’s DSV2+TURBO® reader was selected by the U.S. Coast Guard for TWIC identity verification. The award is part of an estimated $2.3 million contract with integrator SAIC (Science Applications International Corporation). Datastrip will provide up to 300 TWICCheck-equipped terminals under this agreement.
Datastrip and Codebench have teamed to maximize the value of the new security-rich credentials and enable their use in existing security infrastructures. In addition to reading the TWIC card, this solution can tie the TWIC card directly into any physical access control system (PACS). Also, when equipped with Codebench’s PIVCheck software, the unit provides the same flexibility and PACS connectivity to government operations working with PIV credentials.
"The solution goes well beyond the initial requirements of the ICE testing. It extends the value of the TWIC credential into any existing PACS infrastructure. This means ports, government entities and operators can tie TWIC cards, as well as PIV and next-generation CAC credentials, to their existing PACS system," said Joe Delaney, Datastrip’s vice president of sales and marketing.
About Datastrip
Datastrip is a world leader in field-proven mobile identity verification. Together with market-leading biometric and information technology vendors, Datastrip specializes in providing secure portable information and ID solutions that provide on-the-spot verification of credentials from any individual. The Datastrip product line supports biometric fingerprint, face and iris matching, as well as contact-based and contactless ID cards such as national ID cards and passports. For more information, visit www.datastrip.com or call (800) 548-2517.
PIVCHECK RECEIVES LENEL FACTORY CERTIFICATION
Codebench, Lenel solutions helps companies comply with HSPD-12, TWIC
PITTSFORD, New York, August 28, 2008 - Codebench, a member of the Lenel OpenAccess Alliance Program (OAAP), has received Lenel factory certification for its PIVCheck Product Suite, a cardholder validation solution for HSPD-12 compliance with automated OnGuard registration and certificate management.
Certified with OnGuard 2006 (5.12.110) and OnGuard 2008 (6.0.148), PIVCheck Plus provides strong, three-factor authentication and performs on-card biometric matching. Managing the acquisition of cardholder data from a PIV, TWIC, NG CAC, or FRAC card, PIVCheck Plus performs seamless, automated registration into OnGuard, and does not require a third-party identity or credential management system.
PIVCheck uses FIPS-201 challenge-response in order to identify forged or cloned cards. Digital certificates may be verified using the issuer’s validation authority, OCSP responder or repeater. TWIC card FASC-Ns are also verified against a live or cached TSA Hot List.
PIVCheck’s Certificate Manager, a PC-based application that re-validates imported cardholder certificates on a periodic basis, can be configured to suspend any badge associated with a revoked certificate. Certificate Manager operates in either active or passive mode. Active mode automatically suspends the badge, while passive mode provides notification to site security management.
Using PIVCheck Plus to update an OnGuard cardholder record with information harvested from a TWIC, PIV, NG CAC or FRAC credential, end-users may continue to utilize their already issued badges for access, while their PIV, TWIC, NG CAC or FRAC certificates are constantly re-checked for revocation. If PIVCheck’s Certificate Manager finds a revoked certificate, the cardholder’s badges can be automatically suspended. This important feature leverages the already existing access control infrastructure and supports it with certificate management.
"PIVCheck’s integration with Lenel’s OnGuard will help end users quickly and efficiently comply with HSPD-12 and the TWIC program," said Geri Castaldo, CEO of Codebench. "Our PIVCheck product suite gives OnGuard facility operators the flexibility to continue using their current access cards and readers, or to migrate to PIV-enabled cards and readers over time."
"Codebench has completed required factory testing at Lenel to validate the functionality of its interface to OnGuard. We look forward to their continued involvement in the Lenel OpenAccess Alliance Program," said Raffaele Ceravolo, director of strategic alliances for Lenel.
PIVCheck is available in mobile and desktop versions. In developing PIVCheck Mobile, Codebench partnered with Datastrip Inc., a world-leading provider of field-proven mobile identification and verification technology. Datastrip’s DSV2+TURBO® handheld biometric terminal operates with commercial off-the-shelf FIPS 201 PIV-II and ANSI INCITS 378- compliant fingerprint capture devices.
AMAG TECHNOLOGY, CODEBENCH AND DATASTRIP PROVIDE THE HIGHEST LEVEL GOVERNMENT APPROVED SECURITY AUTHENTICATION APPLICATION
TORRANCE, California, July 31, 2008 - AMAG Technology, Codebench and Datastrip have partnered together to develop a deeply integrated, government approved authentication application. As a result of Homeland Security Presidential Directive (HSPD) 12, employees and contractors of government agencies, port/harbors and other critical infrastructure entities must meet the Federal Information Processing Standard (FIPS) 201 or Transportation Workers Identification Credential (TWIC) requirements for presenting positive identification documents before gaining access into these facilities. Individuals must use a Personal Identity Verification (PIV) or TWIC card to identify themselves before they are registered into an agency’s physical access control system.
Codebench’s PIVCheck Plus is a cardholder verification and access control registration software product. When used with Datastrip’s biometric mobile terminal, the DSV2+Turbo©, the integration package may register new cardholders, can update existing cardholder records with PIV or TWIC data, or spot check the identities of individuals. A four-factor authentication is performed including matching a PIN, viewing the photo of the cardholder, matching the fingerprint and checking the card’s digital certificates. The cardholder information is automatically entered into AMAG’s Symmetry Security Management System.
“Applications requiring the tightest level of security will find this an invaluable security mechanism to protect not only their employees, but possibly our nation’s borders, critical infrastructure and government facilities,” said AMAG Technology President, Bob Sawyer.
To enroll in the system, individuals present their FIPS 201-compliant card to the handheld contact smart card reader. By entering their PIN on a virtual scrambled keypad, their stored biometric template held within the card is made available. The DSV2+Turbo© contains an integrated fingerprint reader thus allowing the individual to have his/her live fingerprint sample compared against a stored fingerprint image on the card. The scrambled keypad protects the individual from having onlookers record the PIN, and provides an advanced level of security.
Depending on the type of card, the person’s PIV Authentication Key or Card Authentication Key digital certificate is validated against the appropriate certificate authority to confirm that the individual’s digital certificates are still valid per the issuer.
Additionally, the PIV or TWIC information can be linked to the cardholder’s common access card (e.g., proximity card) allowing the site to continue to use their existing Symmetry access control infrastructure without the need to change readers.
The PIVCheck Certificate Manager keeps the site in regulatory compliance by scheduling an automatic reconnection to the Certificate Revocation List to determine if any certificates have been revoked. The Symmetry SMS is notified if any of the cardholder’s common access control cards should be inactivated.
The application can also be used to spot check users of valid FIPS 201 PIV II-compliant cards at check points or on patrol. The same four-factor authentication used during registration can be used during these spot challenges, thus providing the highest levels of identity assurance.
“The integration between our PIVCheck product suite and AMAG’s Symmetry SMS allows end-users to quickly and easily comply with HSPD-12 regulations, while leveraging their existing security infrastructure,” stated Geri Castaldo, CEO of Codebench.
“As a result of this partnership, users of AMAG’s Symmetry Management System will enhance the return on their investment while becoming compliant with FIPS 201 and TWIC regulations,” said Neil Fallon, Director of Commercial Sales for Datastrip. “Registering, challenging or providing physical access portals for a vastly dispersed cardholder population can be accomplished virtually anywhere using the biometric mobile terminals installed with PIVCheck software.”
PIVCheck runs on the DSV2+Turbo© as well as desktop work stations. The desktop version utilizes a fingerprint scanner and smartcard reader.
This application is suited for a variety of programs utilizing identity documents based on FIPS 201 such as PIV, TWIC, NG CAC, FRAC, ACIS and more.
For more information about AMAG Technology’s Symmetry Product Portfolio, visit www.amag.com. For more information about Codebench’s PIVCheck product suite, visit www.pivcheck.com or www.codebench.com. For more information about Datastrip’s DSVII+ Turbo handheld reader, visit www.datastrip.com.
About AMAG Technology
AMAG Technology’s Symmetry Security Management Solutions can be found in a wide spectrum of markets: government, commercial, education, transportation, healthcare, retail and banking. Based out of Torrance, California with sales and support located throughout the US, AMAG sells its products through its valued resellers throughout North America. AMAG Technology is part of G4Tec, a leading manufacturer of scalable, integrated security management systems headquartered in Tewkesbury, Gloucestershire, England. AMAG Technology has been at the leading edge of access control technology for over 30 years. Symmetry™ - Security Beyond Integration.
CODEBENCH RELEASES PIVCHECK CARDHOLDER VALIDATION SOLUTION FOR HSPD-12 COMPLIANCE
COCONUT CREEK, Florida, May 13, 2008 – Codebench, Inc. today released its PIVCheck cardholder validation solution for HSPD-12 compliance with automated physical access control system (PACS) enrollment and certificate management.
Available in mobile and desktop versions, PIVCheck enables FIPS 201-compliant validation of PIV, TWIC or NG CAC cards in real time. Using a simple graphic driven user interface, PIVCheck was designed for ease of use and implementation.
In developing PIVCheck Mobile, Codebench partnered with Datastrip, Inc., a world-leading provider of field-proven mobile identification and verification technology. The Datastrip DSVII+TURBO® mobile biometric terminal operates with COTS FIPS 201 PIV-II and ANSI INCITS 378-compliant fingerprint capture devices.
The PIVCheck Product Suite consists of:
PIVCheck Mobile Edition™ is a handheld hardware and software solution with Ethernet, WiFi, and GSM connectivity that checks a cardholder’s PIN, fingerprint biometric and digital certificates. Digital certificates can be verified using an OCSP Responder, Certificate Authority, or TSA Hot List. Utilizing a simple graphical user interface and a centralized configuration manager for large-scale deployments, PIVCheck Mobile is intuitive and easy to use.
PIVCheck Desktop Edition™ is a software solution that is deployed on a PC or laptop and uses USB-based compatible fingerprint and smart card readers. PIVCheck Desktop has the same look, feel and functionality as PIVCheck Mobile.
PIVCheck Audit Trail™ enables mobile biometric terminals running PIVCheck Mobile or PCs running PIVCheck Desktop to upload their activity logs to a central database for consolidated activity reporting. Exporting cardholder transaction audit trails to a CSV file, PIVCheck Audit Trail supports MS SQL server, or any ODBC- or ADO- compliant database.
PIVCheck Plus Mobile Edition™ and PIVCheck Plus Desktop Edition™ feature all the functionality of PIVCheck with the additional capability of automated enrollment of FASC-N, photo, and printed information into compatible Physical Access Control Systems (PACS). PIVCheck Plus can update a cardholder record if it already exists in the PACS, or insert a new record if one does not yet exist. If there is no network connectivity, cardholder records may be encrypted and cached on the Datastrip mobile biometric terminal for re-validation and batch import at a later time. PIVCheck Plus includes plug-ins for AMAG Symmetry® 6.0, Honeywell Pro-Watch® 3.7, Lenel OnGuard® 5.10 and up, and Software House C•CURE® 800. A direct database enrollment plug-in is also available. PIVCheck Audit Trail is included in PIVCheck Plus.
PIVCheck Certificate Manager™ is a PC-based application that re-validates imported cardholder certificates on a user-defined periodic basis. Certificate Manager can be configured to suspend a PACS badge associated with a revoked certificate.
The release of the PIVCheck product suite changes the paradigm that PIV and TWIC compliance has to be complicated and costly. PIVCheck Plus gives facility operators the flexibility to migrate to PIV-enabled readers over time, or to not migrate at all. Using PIVCheck Plus to tie a TWIC or PIV credential to a PACS badge, end-users may continue to utilize their PACS badges for access, while their PIV or TWIC certificates are checked for revocation. If PIVCheck Certificate Manager finds a revoked certificate, the cardholder's PACS badge can be automatically suspended. This important feature leverages the already existing PACS infrastructure and supports it with certificate management.
PIVCheck Plus does not require a connection to, or the cost of, an identity management system to be able to import the card data into a PACS. Because PIV and TWIC cards themselves contain all the data needed for enrollment, once those cards are validated and authenticated, importing the information is as simple as clicking "ok".
For detailed information about Codebench PIVCheck, visit www.pivcheck.com.
CODEBENCH, INC. CERTIFIED AS MINORITY BUSINESS ENTERPRISE BY THE STATE OF FLORIDA
COCONUT CREEK, Florida, June 5, 2006 –Codebench, Inc. has received the Florida Statewide and Inter-Local Certification as a Minority Business Enterprise (MBE) by the Florida Department of Management Services Office of Supplier Diversity.
This MBE certification is separate from and in addition to Codebench’s certification as a Women’s Business Enterprise (WBE) through the Women’s Business Enterprise National Council.
Geri Castaldo, CEO of Codebench, Inc. stated, “We are excited to have been granted Minority Business Enterprise certification by our home state of Florida. We very much look forward to working with the State and its prime contractors on their security software development initiatives, while enabling them to meet their supplier diversity goals.”
Codebench, Inc. is a software development firm focused on security applications. A leading developer of software integration solutions, Codebench is a Women’s Business Enterprise (WBE) located in Coconut Creek, Florida. Codebench serves the Fortune 500, academic and government markets.
CODEBENCH, INC. ANNOUNCES ENHANCEMENTS TO ITS SQL2XL REPORTING TOOL FOR GE SECURITY’S PICTURE PERFECT
COCONUT CREEK, Florida, June 5, 2006 –Codebench, Inc. today released SQL2XL 2.1 for GE Security’s Picture Perfect 2.0 and 4.0. This new version of Codebench’s popular reporting tool now features the ability to schedule reports in advance, and have them emailed to a distribution list!
Codebench’s SQL2XL reporting tool moves data from Picture Perfect SQL reports into Microsoft Excel® at lightening speed with a single mouse click from a web browser. Simply select the report from the pull down list, fill in any required variables and click Execute. The report is displayed on the screen and users can page through the results or click the Excel button. The web browser will prompt the user to save the report on the local PC. Deliver the power of ANSI SQL and the ease of Microsoft Excel® to your desktop in seconds.
With the new scheduling and emailing features, users can run reports on a monthly, weekly, daily, or hourly schedule.
Bob Fontana, President of Codebench, Inc. stated, “SQL2XL was initially developed to allow users to manipulate reporting data and put it in the format they needed. Now with these new scheduling and emailing features, Picture Perfect reporting has never been easier.”
Codebench, Inc. is a software development firm focused on security applications. A leading developer of software integration solutions, Codebench is a Women’s Business Enterprise (WBE) located in Coconut Creek, Florida. Codebench serves the Fortune 500, academic and government markets.
PSA SECURITY NETWORK WELCOMES CODEBENCH AS A NEW APPROVED VENDOR.
WESTMINSTER, Colorado, March 21, 2006, PSA Security Network® has added Codebench, Inc. as a PSA-Approved vendor, making their suite of middleware development services for access control and security systems available to PSA® member companies.
PSA members will be able to take advantage of special pricing on Codebench’s software development and support services. Among the services Codebench offers are applications that integrate security systems with business systems, system feature enhancements and plug-ins that fill the gap between requirements and off-the-shelf capabilities, and system, badge, and data conversions. The company’s enterprise-wide development experience includes several manufacturers such as GE, Software House, Lenel and AMAG.
"The convergence of security and IT is a topic of major concern for PSA members,” said Bill Bozeman, CPP, president and chief executive officer of PSA. “This agreement with a top-quality middleware provider like Codebench opens up new possibilities in this arena for our more than 125 leading security integrator members. Codebench will also provide our members an opportunity to partner with a certified Women’s Business Enterprise (WBE) which can assist them in meeting their clients’ supplier diversity requirements."
The relationship with Coconut Creek, Fla.-based Codebench is a unique one for PSA, which normally provides products. Because Codebench offers customized solutions that are made to order, members will deal directly with the company, rather than buying the services through PSA.
"PSA Security Network offers Codebench access to some of the finest systems integrators in the security industry,” said Geri Castaldo, CEO of Codebench. “The rigorous process they use for determining membership means that Codebench will be availableto the best and brightest in the security industry."
In order to become a PSA-approved vendor, manufacturers must meet several criteria. They must be an established company with a proven, tested product along with quality customer service and technical support.
For more information on Codebench, call 561-883-3218 or visit www.codebench.com.
For further information on PSA Security Network, call 800-525-9422 or visit www.psasecurity.com.
PSA Security Network® (www.psasecurity.com) is the world's largest electronic security cooperative with members responsible for over $1.4 billion in annual security and life safety installations. These leading systems integrators specialize in the design, installation, integration and maintenance of access control, video surveillance, intrusion detection, fire, and life safety systems.
Codebench, Inc. is a software development firm focused on the security industry. A leading developer of software integration solutions, Codebench is a Woman's Business Enterprise (WBE) located in Coconut Creek, Florida. Codebench serves the Fortune 500, academic and government markets.
CODEBENCH, INC. SIGNS DISTRIBUTION AGREEMENT WITH HUB INFO TECH CO. LTD. OF SEOUL, SOUTH KOREA.
SEOUL, South Korea, August 1, 2005, Boca Raton, FL, Codebench, Inc. has signed an exclusive representation agreement with Hub Info Tech Co. Ltd. (Hub IT) of Seoul, South Korea to distribute Codebench’s products and market Codebench's services throughout the Asia/Pacific region. Hub IT will market Codebench's middleware solutions for access control, digital video, and alarm automation systems. These versatile, open-ended integration solutions connect business systems with security systems as well asCodebench's functional plug-ins such as Codebench SQL2XL™, Codebench MicroScope™ and TempIssue®". These products help to enhance the functionality and effectiveness of GE Security's Picture PerfectTM.
“We are very pleased to offer such productivity-enhancing products such as SQL2XL and MicroScope as well their suite of middleware solutions to our clients,” said K.S. Kim, President of Hub IT. “These innovative solutions from Codebench will allow usto increase the value we provide to our customers and deepen our relationship with them.”
Geri Castaldo, CEO of Codebench, Inc. stated, “We are very fortunate to partner with Hub IT which will open doors for us in Asia. Their knowledge and experience in the security arena in the Far East is well known among commercial and government entities in that region.”
Hub IT is a leading systems integrator located in Seoul, South Korea which serves the security market in Korea, Japan, China, Taiwan, Indonesia and Thailand.
Codebench, Inc. is a software development firm focused on the security industry. A leading developer of software integration solutions, Codebench is a Woman's Business Enterprise (WBE) located in Boca Raton, Florida. Codebench serves the Fortune 500, academic and government markets.
CODEBENCH JOINS OPC FOUNDATION.
BOCA RATON , Florida, June 10, 2005. Codebench, Inc has become a member of the OPC Foundation. The OPC Foundation is dedicated to ensuring interoperability in automation by creating and maintaining open specifications that standardize the communication of acquired process data, alarm and event records, historical data, and batch data to multi-vendor enterprise systems and between production devices. Production devices include sensors, instruments, PLCs, RTUs, DCSs, HMIs, historians, trending subsystems, alarm subsystems, and more as used in the process industry, manufacturing, and in acquiring and transporting oil, gas, and minerals. Codebench president Bob Fontana remarked, "As a participating member, we look forward to working with the Foundation to help bring component-based interoperability to the access control industry."
"When we saw that OPC was closing in on platform independence through the use of XML and SOAP, we knew it was time to get involved.", Fontana said.
GERI CASTALDO HEADS UP CODEBENCH EXECUTIVE BOARD.
BOCA RATON , Florida, November 15, 2004. Geri B. Castaldo has joined Codebench, Inc. as Chief Executive Officer. Ms. Castaldo has worked in the security industry for the past 16 years as Director, Human Resources at Siemens Building Technologies, Security Systems Division; Vice President, Human Resources at Security Technologies Group; and Director, Human Resources at CASI-RUSCO (now GE Security). She received her B.A. in Communications from Hunter College, City University of New York. Codebench, a GE Security Development Partner, is a leading developer of custom software solutions for the electronic security industry. As a woman-owned small business located in Boca Raton, Florida, Codebench serves the Fortune 500 and government markets.
