Publications–Cybersecurity
This brief was developed by the Smart Card Alliance Access Control Council to provide an easy-to-use comparison of Personal Identity Verification (PIV), PIV-Interoperable (PIV-I) and Commercial Identity Verification (CIV) credentials.
The Smart Card Alliance Identity Council developed this position paper to provide the Alliance interpretation and position on the OMB-defined levels of assurance.
The Smart Card Alliance Payments Council developed this white paper to educate payment industry stakeholders about the impact of and need to further address card-not-present fraud in conjunction with migration to EMV in the U.S. The paper summarizes recent trends in e-commerce and various types of fraud. The paper then briefly defines authentication, lists the building blocks commonly used to design authentication processes, and discusses both merchant and issuer considerations. The paper concludes with a brief discussion of historical approaches to combatting CNP fraud.
- The Commercial Identity Verification (CIV) Credential–Leveraging FIPS 201 and the PIV Specifications
This white paper was developed by the Smart Card Alliance Physical Access Council to provide guidance on how enterprises can take advantage of FIPS 201 and the PIV credential specifications to implement a standards-based commercial identity credentialing program. The white paper defines the Commercial Identity Verification (CIV) credential as a credential that uses the same technology and data model as the PIV-I credential.
This case study describes how Horizon Blue Cross Blue Shield of New Jersey found a more secure, usable and affordable alternative to traditional ID cards.
The Smart Card Alliance developed this position paper to describe the issues with unique identifiers and discuss how smart cards can be used as authenticators when using unique identifiers.
This brief was developed by the Smart Card Alliance Identity Council to present the vision of the secure use of mobile devices for identity applications and to describe different use cases for current and NFC-enabled mobile devices.
This white paper was developed by the Secure Technology Alliance Mobile Council to provide an overview of mobile ID authentication, to highlight use cases that rely on secure user credentials stored on a mobile device, and to provide some perspectives on how emerging technologies and standards are addressing the growing need for mobile ID authentication. Use cases highlighted include access control, payments, government-to-consumer services, and corporate applications.
This white paper was developed by the Smart Card Alliance Identity Council to document the benefits of using PIV-interoperable credentials for enterprises and to provide implementation case studies of enterprises that are issuing or planning to issue PIV-I credentials.
This white paper was developed by the Smart Card Alliance Physical Access Council and Identity Council to describe the benefits of FIPS 201, PIV standards and PIV-I framework for state and local governments to enable interoperability and trust across different government issuers for a wide variety of identity credentialing programs. The white paper discusses policy, process and technology considerations related to the implementation of state and local government identity credentialing initiatives. The white paper summarizes important aspects of the current state of policy, process and technology and identifies opportunities to support additional work to further improve each through the use of the PIV-I framework and the PIV standard.
The Smart Card Alliance Identity Council developed this white paper to describe the role of smart card technology in implementations of the FIDO protocols.
The Smart Card Alliance Identity Council developed this white paper to describe the benefits of combining smart card technology and strong credentials within the National Strategy for Trusted Identities in Cyberspace (NSTIC).
This white paper presents key encryption as a viable approach to safeguarding sensitive data in the public and private sectors, explores the use of Hardware Security Modules (HSM) and delves into effective key lifecycle management.
This white paper was developed by the Smart Card Alliance Access Control Council to discuss the benefits of using smart card technology for strong authentication for logical access.
The Smart Card Alliance Payments Council developed this white paper to describe the role of EMV, encryption and tokenization for securing the payments infrastructure and preventing payment fraud. This white paper provides an overview of the three technologies and describes how each addresses payments security. The white paper concludes with a discussion of how payments industry implementation of the three technologies together secures the payments infrastructure and prevents payment fraud.
The Smart Card Alliance Payments Council recently published a white paper, The True Cost of Data Breaches in the Payments Industry, to provide an educational resource for payments industry stakeholders on the potential tangible and intangible costs that could be incurred during a data breach.