Common Access Card Readers (CACR) are devices used by military personnel, civilian Defense Department employees and contractors alike to login securely into secure systems with their PIV credentials. They’re commonly employed at both military bases as well as civilian environments.
The University Libraries at Kansas have purchased four CAC readers that may be borrowed for up to four hours at Watson and Anschutz library service desks. Furthermore, these CAC readers may also be used on computers at KU provided they possess DoD certificates.
What is a CAC reader?
The Common Access Card (CAC) is a secure smart card used by members of the military and Department of Defense civilian employees. It contains a microprocessor which stores information about its owner, such as PKI certificates needed to digitally sign documents or securely connect networks; furthermore it’s programmed with their EDIPI number which helps verify identity in government systems. Once activated it can be inserted into various types of readers such as computers or point-of-sale terminals where electrical contacts retrieve its stored information before communicating with other computers or network systems systems.
CAC readers provide two-factor authentication by using something the user knows (their PIN) and something they have (their card). This makes them invaluable tools for military service members who must authenticate on different platforms; however, there remain challenges associated with their use.
Kayvan Alikhani, Senior Director of Technology at security solutions provider RSA, noted one challenge to using CAC readers is their physical form factor. Their size and shape may make it hard for some mobile devices such as smartphones and tablets to accommodate them; additionally, having to manually enter PIN codes could prove inconvenient when users are on the move and must frequently switch systems.
An additional challenge stems from a lack of CAC compatible apps. This limits users’ ability to work from home or their mobile device and can impact productivity; however, advances in both hardware and software have enabled him to develop mobile-friendly CAC readers.
Xerox’s CAC Enablement Kit works seamlessly with most single function printers and scanners, as well as most desktop devices that feature USB ports. Available through its GSA-approved reseller and with free shipping available directly from Xerox itself, this is an affordable alternative for those who require CAC reader but cannot afford dedicated devices.
How to use a CAC reader
The Common Access Card, or CAC, is a smart card used by active duty uniformed service personnel, Selective Service members, Defense Department civilian employees and eligible contractors to gain identification, security clearance and secure access to Defense Information Systems and facilities. The CAC also carries user’s authentication certificate which they use to log into Defense information Systems and facilities. Designed to resist counterfeiting, tampering, exploitation and has an anti-counterfeit PIN which can only be reset at Real-Time Automated Personnel Identification Systems (RAPIDS).
PIN stands for Personal Identification Number. Users create it when receiving their card at a Defense Enrollment Eligibility Reporting System (DEERS) office and cannot alter or replace it without first having their PIN reset by an RAPIDS facility. Furthermore, all CACs are stored and backed-up at an RAPIDS site – an invaluable measure against theft which poses both an operational and security threat if lost or stolen CACs are found.
To use a CAC reader, place your card with its photo facing upward into the reader and enter your PIN when prompted. After entering an acceptable PIN, a message will indicate that you have successfully logged in and that the reader has been cleared for use. If you own multiple cards, simply select which one from a list before using. When finished using it, return it back to DEERS office in order to have its PIN reset.
If your CAC reader is misbehaving, try uninstalling and reinstalling it as well as making sure that the latest version of ActivClient is installed on your computer. If this doesn’t solve your issues, contact your local IT support.
If you’re having difficulties logging in with AppScan Enterprise with your CAC user ID, changing to administrator permissions may help. To do so, log out and log back in as an administrator before trying again; or run this SQL Server query: select * from UserInfo This query will show who your CAC admin user is as well as their IDs and permissions.
What to look for in a CAC reader
A CAC reader is a device used to authenticate military personnel by scanning their Common Access Card (CAC) or Personal Identity Verification Card (PIV), used as ID by active duty military, Selective Service System members, Department of Defense civilian employees and eligible Coast Guard employees; also used as security credentials to gain entry to defense computer networks and systems. Readers help ensure only authorized individuals use MFP features like printers or scanners as well as sign documents or encrypt emails.
There are various CAC readers available on the market, ranging from straightforward USB plug-in models to more sophisticated PC-linked ones that require installation of drivers and middleware. Which type is right for your specific needs and budget will ultimately depend on a number of factors – for instance USB readers may be the least costly choice as they work on any device with standard USB ports – perfect for plugging into any laptop or desktop and easy to use; but they do not permit simultaneous keyboard and mouse use.
Another option for CAC readers is keyboard-based CAC readers that work on any computer equipped with a keyboard. These readers tend to be less expensive and easier to carry around, making them suitable for telecommuters or work from home professionals who often work from home or telecommute from different locations. Some readers even include cables that allow the user to easily connect their card directly into a smartphone or tablet using a USB port – providing another level of connectivity!
Both types of CAC readers are compatible with most modern computer operating systems, including Windows, Mac and Linux. Unfortunately, many users report having trouble getting their new device to recognize their card correctly – possibly due to delaminated gold contacts on its Integrated Circuit Card (ICC), which must be cleaned using solvents or rubber pencil erasers regularly for proper functioning.
KrebsOnSecurity recently received feedback from someone named Mark, a government contractor whose civilian employees received PIV cards. As his home did not include a CAC reader, Mark purchased one on Amazon that claims support federal smart cards for $15 – this story is not uncommon as numerous reviews for such readers on Amazon product pages reveal people self-identifying as federal employees having difficulty installing necessary drivers to use them properly.
Government employees that need to login to a computer will find the Common Access Card reader an efficient and more secure method for doing so. This device connects via USB port on PCs and uses standard protocols to authenticate users before granting them access to programs or websites. While not foolproof, this method helps reduce risks related to unauthorised individuals accessing sensitive documents or information.
Smart Cards in the US are next generation ID cards equipped with an embedded chip to authenticate users when accessing secured systems, typically used by military and government agencies but now becoming more prevalent across banking, healthcare and more recently sports venues as two-factor authentication solutions. A CAC reader enables these cards to be inserted before entering security certificates or PIN numbers to ensure only authorized individuals gain entry.
The iOGEAR GSR212 USB common access card reader was designed to work across various operating systems. It’s user-friendly, with an included guide for setting up its software on any system – Windows, Mac OSX, Ubuntu and Fedora Core 9+ compatibility all make for ideal conditions! Standard protocols used on government servers validate user identification cards against data stored there before granting or denying access to MFP features.
Lexmark CAC solution for MFPs may also be an option. This kit comes complete with a USB reader, installation support and software to secure the eTask MFP and ensure only authorized users can utilize its features. Furthermore, its authentication protocol matches up with that used by laptop and PC CAC readers, making its use much simpler.
There is an assortment of CAC readers available on the market, ranging from portable units that can easily be transported to desk-based units for office use. Some even come built into keyboards so users can keep their cards safe at all times. When purchasing one of these readers, be sure to consider all options and read verified reviews carefully – there is something suitable out there for every scenario; don’t settle for something which doesn’t meet your requirements!