PrivacyPUK allows Pre-Personalization of PKI Cards and USB Tokens in one simple step. PrivacyPUK generates PIN and PUKs (PIN Unblock Codes), stores them onto the card and prints a PIN-Mailer that can be handed over to the end-user of the card. The PUKs are encrypted and stored in a database. The help desk personnel can easily access the PUKs whenever needed.
PrivacyPUK provides the following functions:
The Pre-Personalization of PKI Cards and USB Tokens process generates PIN and PUKs, based on the security policy of the organization. These values are being written onto the card. A configurable PIN-Mailer is printed at the same time. This PIN-Mailer should contain at least the new card PIN. The PUK values are also stored in the PrivacyPUK database.
All the critical parameters are configurable. These are e.g. length and complexity of PIN and PUK values, the number of PUKs and the PIN error counter. This counter defines how many wrong PIN entries are accepted before the card is blocked. The PIN Mailer is also configurable. With a template – generated with MS Word – the fixed and variable content of the printout can be easily customized.
Retrieve and manage PUKs
The PUKs must be used in the predefined sequence. The helpdesk can easily lookup the next PUK, if a user has blocked his or her card.
Key and access management for the PUK database
PrivacyPUK boosts comprehensive security features. The access to the database can be secured with a key. The PUKs can be encrypted before stored in the database. To control access and encryption, a set of keys can be defined by the administrator. The keys are stored onto a chip card or are entered manually on demand.
PrivacyPUK is a Windows application (Windows 7 and 8). Two card readers or USB-Tokens are required. One for the license or key card and the other for the card/token to be personalized.
PrivacyPUK supports tokens/cards from Atos (CardOS 4.4 and 5) and Gemalto/SafeNet (330, 400, iKey2032, 4000 and 4100).