According to Thursby Software Systems, its free, Version 2.0 update to PKard Reader is the first such mobile app to provide support for Dual Persona CAC, a common occurrence with defense personnel. The update also offers refinements for wide-scale deployments and it complies with the latest Security Technical Implementation Guide standards, the company said. The update is available free through the Apple iTunes Store.
Dual Personas occur when someone is employed by more than one defense organization; for example, as a soldier in the National Guard and as a civilian contractor. These personals are required to take extra steps for certification and identity validation on the Common Access Card mobile device. Dual Persona support was first added to Thursby's Mac solution, PKard for Mac v1.3, which was rolled out in the spring.
Other features of the update include improvements for organizational policy management in the enterprise and certificate revocation checking. The update notes say that "CRL data is not loaded unless a WiFi connection is available; Users will be prompted to accept a certificate."
In addition, the company said PKard Reader 2.0 provides options for Zero Data At Rest, a situation where mobile devices, removable storage devices, network servers and other systems, can have sensitive data "at rest" in memory and awaiting a read or retrieval. To eliminate vulnerabilities, this data often requires special encryption solutions.
Thursby said the development of PKard Reader and its Mac CAC software leveraged the company's PKard Toolkit 2.0 SDK.
Not simply an SDK to access the “chip” on a CAC/PIV card, but an entire public key development environment including a special Mac OS X emulator to simplify the basic programming of the mobile app using the latest Apple programming tools as well as the debugging of those applications. The toolkit provides a device independent and comprehensive API including PC/SC, PKCS11 and OpenSSL support. It also includes fully integrated solutions such as HTTPS delivered through Apple standard APIs making secured network programming seem trivial. The toolkit provides for a validated FIPS 140-2 framework for secure policy management based on cryptographically signed policy data. Provided as a royalty-free license to use on any mobile device that has a valid PKard license.