Leo secure smart card reader providing PKI authentication with secure PIN management

Similar documents
ACR101I SIMicro (CCID)

APG8201 PINhandy 1. Technical Specifications. Subject to change without prior notice

ACR3801. FIPS 201 Certified. PC-linked Smart Card Reader. Technical Specifications.

ACR39T-A1. (USB Type A) Smart Card Reader. Technical Specifications V1.06. Subject to change without prior notice.

ACR83 PINeasy. Technical Specifications. Subject to change without prior notice

ACR1281U npa Dual Interface Reader Technical Specifications

ACR38U-I1. Smart Card Reader. Technical Specifications V1.11. Subject to change without prior notice.

ACR38U-A4. Smart Card Reader. Technical Specifications V2.03. Subject to change without prior notice.

ACR38T-D1. Smart Card Reader. Technical Specifications. Subject to change without prior notice

ACR38U-BMC. Smart Card Reader. Technical Specifications. Subject to change without prior notice

ACR38U PocketMate. Smart Card Reader. Technical Specifications. Subject to change without prior notice

ACR1252U. NFC Forum Certified Reader. Technical Specifications V1.03. Subject to change without prior notice.

APG8201 PINHandy

eh880 Secure Smart Card Terminal

ACR100F SIMFlash (CCID)

ACR128U Dual- Interface Reader

PCMS. PC-linked Reader with Mass Storage.

ACR100H SIMFlash (HID)

ACR89 Handheld Smart Card Reader Technical Specifications. Datenblatt / Specifications

ACR38 Smart Card Reader

ACR880 GPRS Portable Smart Card Terminal

ACR1255U-J1 Secure Bluetooth NFC Reader

FUJITSU Security Solutions Protection of Valuable Data

Datenblatt / Specifications. ACR880 GPRS Portable Smart Card Terminal. idvation GmbH

ACR1251U-A1 USB NFC Reader with SAM Slot

ACR39 Series

Product Documentation

ACR1256U. User Manual V Document Name: ACR1256U- User Manual.doc. Prepared by: Reviewed by: Approved by:

Technical Information Memobase Plus CYZ71D

Technical Information Memobase Plus CYZ71D

ACR1255 NFC Bluetooth Smart Card Reader

Prox DU & Prox SU. Dual interface USB smart card reader. Computer Installation Guide. Computer Installation Guide.

Technical Specifications

GV-Joystick. User's Manual

ACR880 GPRS Portable Smart Card Terminal

USB 3.0 to Fiber Optic Converter - Open SFP

Technical Documentation

APG8202 PINhandy 2 OTP Generator

br301 DATA SHEET V1.1 Feitian technologies Co., Ltd. Website:

User Manual. Printer P-52RUE

TESLA P4 GPU ACCELERATOR

ACM1252U-Y3. USB NFC Reader Module with Detachable Antenna Board

Application Notes ANCT18-9Oct013ks(TrueCrypt)

CREDENTSYS CARD FAMILY

SUN RAY 3 PLUS CLIENT

ACR122S NFC Reader. Datenblatt / Specifications. Technical Specifications

Technical Documentation

Interface. Circuit. CryptoMate

APG8205 OTP Generator

USB 3.0 DISPLAY ADAPTER USER MANUAL

QUICKSTART Smart EnOcean Gateway DC-GW/EO-IP

Ascom d43 DECT Handset

User Reference Guide. TACTIVO mini. for Android

USB Raven Port USB 3.1, 200m Multimode Fiber Point-to-Point Extender System User Guide

USB 2.0 CAT5E/6/7 EXTENDER

CD Console. Gemini 15 / 17 / 19. SUN Microsystems. Benefits

ACR39U-NF PocketMate II

GV-Joystick V2. User's Manual

TESLA P40 GPU ACCELERATOR

TELTONIKA ModemUSB/G10 User Manual v0.1

USB 3 Extenders. 4-Port Point-to-Point Extender System User Guide

on-line LOCAL AREA NETWORKS (LAN) SERVERS DATA CENTERS internet centers (isp/asp/pop) industrial plcs industrial applications

ACR100I SIMFlash II (CCID)

USB Link Adapter. User s Manual

BioEnable Iris Recognition Solutions

DKG-210 UNIVERSAL INTERNET GATEWAY UNIT

WildCam Black IR X42. Game and Surveillance Camera.

USB-C to Ethernet Adapter with 3-Port USB 3.0 Hub and Power Delivery

M-bus web server. Meters and Energy Cost Allocation WTV676-HB6035

ACR39U-U1. (USB Type A) Smart Card Reader. Technical Specifications V1.05. Subject to change without prior notice.

M010 M010 DATASHEET PAYMENTS HERE, THERE, ANYWHERE. INDEPENDENTS AND MULTIPLE RETAIL STORES. CREATE A SEAMLESS RETAIL EXPERIENCE

PCI Express Powered USB Card

Technical Information Liquiline To Go CYM290 and Liquiline To Go Ex CYM291

1U Rack-Mount Console with 19" LCD, DVI or VGA

The information contained in this document is subject to change without notice. This document contains proprietary information that is protected by

Installation Guide. QBox-V6. Standalone/Spare V6 SDI QBox. Standalone/Spare V6 SDI QBox. Part No. A


1. Product Overview 2. Product Features 3. Comparison Chart 4. Product Applications 5. Order Information 6. Q & A

ControlNet-to-DeviceNet Linking Device

iscan USB User Manual

PTZ Control VMC Joystick

Ethernet. RJ45 Copper Ports

TIME SERVER NETSILON. Quick start.

LD5400T Thunderbolt 3 Dock with K-Fob Smart Lock

INGENICO 9500 PCI PED 1.3

Light Industrial Unmanaged Ethernet Switches. Unmanaged. Technical Details

Unicorn 15 / 17 / 19 Single rail 15 / 17 / 19" LCD console with modular KVM switch

ZS 110. UPS 1, 2, 3, 6, 10kVA single/single phase. online LOCAL AREA NETWORKS (LAN) SERVERS DATA CENTERS

Chrome DIN Rail Power Supply 5V 7.5W 1 Phase (Class II & NEC Class 2) / DRC-5V10W1AZ

HP LaserJet Pro 400 M401dn Mfg. Part: CF278A#BGJ CDW Part: UNSPSC:

Technical Data Sheet OPUS A3 STANDARD Basic

USB-C to Gigabit Ethernet Adapter - USB 3.0

MDR-1 Mobile Document Reader

USB 3.1 PCI Express 2-Port 10 Gbps Usb 3.1 Gen 2 Type-C + Type-A

ACR120 Contactless Reader/Writer

Software and Hardware Data-sheet

Release Notes MimioStudio Software

Version 1.0 March 2014 OLC 10.1

ACR38T-D1. Smart Card Reader. Technical Specifications V1.07. Subject to change without prior notice.

USB 2.0 RG2324/ Port USB 2.0 Fiber Optic Extender System. User Guide

Transcription:

Leo secure smart card reader providing PKI authentication with secure PIN management Ingenico Healthcare/e-ID «River Seine» - 25, quai Gallieni 92158 Suresnes cedex - France Tél. 33(0)1 46 25 80 80 - Fax 33 (0)1 46 25 80 30 http://healthcare-eid.ingenico.com/

Table of contents 1. Glossary 3 2. Introduction 4 2.1. A secure professional reader 4 2.2. Compatibility with middlewares 5 3. Product description 6 3.1. Product features 6 3.2. USB interface 9 3.3. Smart card interface 9 3.4. Display Interface 9 3.5. Keypad interface 10 3.6. Secure PIN Entry feature 10 4. Operating systems supported 11 4.1. Windows 11 4.2. Linux 11 4.3. MacOS 11 5. Windows platform: installation 12 6. Packaging 13 7. Certifications and standards 14 7.1. Environmental 14 7.2. Reliability 14 7.3. Certifications 14 Leo secure smart card reader 2/14

1. Glossary Acronym USB LCD RoHS WEEE EMV PKI PC PIN CCID WHQL ETSI DEEE EMC Definition Universal Serial Bus Liquid Crystal Display Reduction of Hazardous Substances Waste from Electric and Electronic Equipment Europay Mastercard Visa Public Key Infrastructure Personal Computer Personal Identification Number Chip/Smart Card Interface Devices Windows Hardware Quality Labs European Telecommunications Standards Institute Déchets d'equipements Electriques et Electroniques Electro Magnetic Compatibility Leo secure smart card reader 3/14

2. Introduction 2.1. A secure professional reader Leo is a secure card reader aimed at government offices and companies with a Public Key Infrastructure (PKI) looking for a secure desktop card reader to implement user authentication and electronic signature with secure PIN management. Leo complies with PC/SC v2 part 10 standards which enable the PC to communicate with the smart card, ignoring the reader s specificities. Then it provides additional security functions thanks to its Secure PIN Entry mechanism. This feature enables the user to locally enter his/her PIN code on the reader keyboard: this code is directly presented to the chip card, without going through the PC. As no data is transferred to the PC during the PIN entry, there are no risks of compromising these sensitive data, even if the PC runs rogue softwares like Trojan horses, Keyloggers or other Spyware. Connected to the PC via a USB port, Leo provides the full flexibility needed by security applications for smart cards (the IAS-ECC standard, for example). Leo contains no sensitive data or secrets; therefore security cannot be compromised in case of loss or theft. Leo secure smart card reader 4/14

2.2. Compatibility with middlewares The use of secure identity documents such as electronic national identity cards, health cards or government agent cards frequently requires computer software solutions like middleware and hardware devices like smart card readers. These should work together to provide best ergonomics for the end user with a high security level. Thanks to cross referencing efforts between Ingenico Healthcare/e-ID and market players, Leo secure reader is easy to integrate into work environments and market middlewares. Thus it enables any customer aiming at building a project to speed up its integration by using Leo readers and cross-referenced software solution for authentication and electronic signature compliant with industry standards. Leo secure smart card reader 5/14

3. Product description 3.1. Product features Leo Supported smart cards Display Keyboard Power supply Size Leo Compliant with ISO 7816-1 to -4 (microprocessor smart cards) 2 lines of 16 characters 5 x 7 matrix / character 13 rubber keys Powered by USB port L 110 mm W 77mm H 61mm Weight 305g with USB cable (2 m) Standards / Certifications EMV L1 CE RoHS WEEE Common Criteria EAL 3+ PC connection USB 2.0 full-speed (& USB 1.1) Software environments Support PKI CCID Microsoft Windows 2000, XP, Vista, Seven, 8 (WHQL certified drivers) Mac OS 10.4, 10.5, 10.6 and 10.7 Linux (Ubuntu - Debian) PC/SC v2 application with Secure PIN Entry Leo secure smart card reader 6/14

The design of the Leo secure reader provides enhanced ergonomics facilitating countertop or desktop use. The keyboard is ideally tilted (20 degrees) to ease the PIN typing on large keypad. The dimensions and the angle of the display screen have been especially designed to provide excellent visibility. Two LEDs are positioned on the lens to show that the reader is functioning properly and indicate the secure management of the PIN when Secure PIN Entry feature is enabled. Thanks to its hemispherical rubber pads, the reader does not slip on table and has maximum stability. 10 degrees Security label 2 LEDs 20 degrees The design of Leo reader takes into account all requirements regarding international security standards (Common Criteria). Security labels are positioned on each side of the smart card reader to ensure its integrity. NB The reader is certified with an evaluation assurance level (EAL) 3+. A hanging system compliant with a standard lock (not included) is also available to attach the reader to the desktop securely. Hanging system Leo secure smart card reader 7/14

The card slot allows for easy use and includes a dust protection mechanism. Protection against dust In addition, Leo includes a protective mechanism of the smart card: it complies with the EMV standard on tests related to smart card disabling (powered off) when the USB cable is pulled out from computer (with or without APDU commands sent to the card). EMV standard requires that the reader is able to complete the deactivation sequence in less than 1 millisecond: the Leo smart card reader disables the card in a few tens of microseconds. Leo secure smart card reader 8/14

3.2. USB interface Parameter DC characteristics USB speed Device class Value/Description Powered by USB port USB 2.0 Full Speed Device (12Mbit/s) CCID 3.3. Smart card interface Parameter Value/Description Smart card operating frequency 4MHz Maximum supported card baud rate Up to 230Kbps Cards supported Class A Class B and Class C Protocol Supported T=0, T=1 3.4. Display Interface Parameter Value/Description Technology HTN reflective polarizer Number of lines of the Display 2 Number of characters per line of the display 16 Character 5x7 dot matrix The power LED ( ) is ON when the reader is attached to the correct CCID driver. The lock LED ( ) is ON when reader requests the user to enter his PIN code (Secure PIN Entry). The supported languages are English, French, German, Dutch, Spanish, Italian and Portuguese. For the very first power ON of the reader, the default language is English. As soon as a Secure PIN request is done by the host, the reader switches to the language specified by the host. If the value is not recognized by the reader, the reader keeps the default language. Leo secure smart card reader 9/14

3.5. Keypad interface Parameter Value/Description Number of rows 4 Number of columns 4 Default configuration 13 Keys 0-9 C CL OK Technology Rubber 3.6. Secure PIN Entry feature Leo complies with PC/SC v2 part 10 standards (Secure PIN Entry). Leo features a secure PIN entry management that enables the user to locally enter his/her PIN code on the reader keyboard: this code is presented directly to the chip card, without going through the PC. This mode is indicated by the lighting of a padlock image on the reader lens. As no data is transferred to the PC during the PIN entry, there is no risk of compromising this sensitive data, even if the PC is running rogue softwares like Trojan horses, Keyloggers or other Spyware. Leo secure smart card reader 10/14

4. Operating systems supported 4.1. Windows Windows 2000 Windows XP 32 bits and 64 bits Windows Vista 32 bits and 64 bits Windows 7 32 bits and 64 bits Windows 8 32 bits and 64 bits Windows embeds a default CCID driver but does not support SPE. Therefore, in order to fully use Leo smart card reader, specific driver must be installed on the OS. An installer is available to help the user to install the driver. This specific CCID driver is available on Windows Update for downloading. 4.2. Linux All distribution compliant with libccid 1.4.2 and newer version: Ubuntu (LTS) 09.10, 10.04 et 10.10 OpenSuse 12, 13 et 14 Fedora 14 Debian CCID driver source codes are available at : http://pcsclite.alioth.debian.org/ccid.html Source codes can be downloaded from this repository http://svn.debian.org/wsvn/pcsclite/trunk/drivers/ccid/ 4.3. MacOS 10.4: Tiger 10.5: Snow Leopard 10.6: Leopard 10.7 : Lion An installation package is available for Mac OS X 10.4 Tiger, 10.5 Leopard, 10.6 Snow Leopard and 10.7 Lion. Leo secure smart card reader 11/14

5. Windows platform: installation Microsoft certified installer for Windows 2000, Windows XP and Windows Vista / Seven / 8 (32bit and 64 bit). Start executing the installation file by clicking Run DRIVER_LEO.exe. Click on Next button to continue the installation. Click on I accept the terms of this contract to begin installation. Click on Finish button to exit the installer. Connect your smart card reader into the USB port. The reader is ready to use. Leo secure smart card reader 12/14

6. Packaging Leo smart card reader is delivered as standard in a single white box wrapped in a plastic bag protected by a bubble one. A quick start guide (smart card format) is delivered describing the main installation steps. Leo secure smart card reader 13/14

7. Certifications and standards The Leo is designed for office use as defined in the ETSI standard. 7.1. Environmental Storage temperature Operating temperature -25 C to +55 C; 10% to 95% RH +5 C to +40 C; 5% to 85% RH non condensing IEC 60068-2-1 (cold) IEC 60068-2-2 (dry heat) IEC 60068-2-78 (damp heat) 7.2. Reliability MTBF The theoretical reliability prediction (MTBF) of the product is calculated using the IEC62380 standard, 2004 version. According to this standard and to reported assumptions such as mission profile related, the calculated MTBF of Leo is around 900 805 hours ( = 1 110 FIT). Card connector The card connector is guaranteed for 100 000 insertion/extraction cycles. USB connector The USB connector is guaranteed for 5 000 insertion/extraction cycles. Keypad Each key of the keypad is guaranteed for 200 000 actuation cycles. 7.3. Certifications Leo smart card reader has reached following certifications: EMV L1 USB Winqual (Microsoft driver certification) The device id CE certified and conforms to the essential requirements of the EMC directive 2004/108/EC, based on the following specifications applied: NF EN 55022:2006, A1 NF EN 55024 (1998), A1 (2001), A2 (2003) The device is RoHS compliant (directive 2002/95/EC). Leo secure smart card reader 14/14

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback