Thales/Gemalto IDPrime MD 3940

vSEC:CMS is fully functional with Thales/Gemalto IDPrime MD 3940 and streamlines all aspects of securely managing these credentials by connecting to enterprise directories, certificate authorities, smart card printers, physical access control systems, email servers, log servers, PIN mailers... full list in bottom of this page.

vSEC:CMS Overview

  • Fast implementation that takes minutes, rather than weeks or months
  • Intuitive user interface that improves operational efficiency
  • No hidden costs and low total cost of ownership
  • Consistently high security level without exception
  • Large scale capabilities, available from day one

versasec media

vSEC:CMS Connectors (see figure above)

  1. 1. Smart card printer for batch operations
  2. 2. User directory for looking up users
  3. 3. File and database servers
  4. 4. Secure transport of PIN codes
  5. 5. Event & log management
  6. 6. User photo capture
  7. 7. Certificate/PKI services
  8. 8. Physical access control systems
  1. 9. Hardware security module
  2. 10. Secondary/out-of-band communication
  3. 11. Key archival & key recovery
  4. 12. Credential provider -login screen interface
  5. 13. Remote security device management
  6. 14. User self-service application
  7. 15. Physical & virtual smart cards/tokens
  8. 16. Administrative operator console

This section shows what user directories, certificate authorities (CAs), Hardware Security Modules (HSMs) and other internal and external software and hardware that vSEC:CMS can work with to provide the ideal identity and access management system for our customers.

Technical Specifications

Operating SystemsWindows 7
 Windows 8
 Windows 10
 Windows Server 2008/R2
 Windows Server 2012/R2
 Windows Server 2016
Smart Card ReadersAll smart card readers compliant with PC/SC and certified by the Microsoft WHQL
Security FeaturesSecure key storage
 Secure backup and synchronization of databases
 Disaster recovery for stolen/lost tokens
 Encrypted audit log
 Granular access control
 Approval work flows
 Connects logical and physical access control
 Key archival and key restore processes
 Support for fingerprint template management
 Smart card stock/inventory management
PerformanceThe system is tested and is functional with 300,000 registered user smart cards and 100 parallel operators interacting with the system
User DirectoryLDAP V2/V3
 IBM LDAP
 OpenLDAP
 Microsoft Active Directory
 Microsoft SQL Server Using LDAP to SQL gateway
 Flexible Directory-PKI connector using alternative IDs
Certification AuthorityMicrosoft Certificate Authority from 2008 R2 and above
 Primekey EJBCA 4.0.12 Community and 6.3.2.3 Enterprise
 Entrust version 8.1
 Symantec version 8.15
 Symantec MPKI 7.5 (for Kuwait Government PKI, PACI)
 Nexus Certificate Manager version 7.9
 Verizon UniCERT version 5.3.8
 GlobalSign
 Digicert
 IDnomic (formely known as OpenTrust) PKI version 4.8.1
DatabaseCard Repository
 SQL Support (Native Client: 9.0, 10.0 and 11.0)
 Backup / Restore
 Multi-forest & Multi-domain
HSMGemalto Safenet Luna
 Gemalto Safenet ProtectServer
 Utimaco SafeGuard CryptoServer
 Thales nShield
 Engage Black Vault
Card PrinterEvolis Primacy
 HID Fargo HDP5000
 DataCard SR300
 Magicard Prima 4
 Matica 8300
 Advanced Batch Mode
 Card Layout Definition
Two-Factor Authentication Service (SMS)Telesign
 Clickatell
 Certificall
 Tyntec
 Dolphin
PACS and Other ConnectorsMail Server (SMTP)
 Photo Camera, webcam or Scanner
 Data Export (SQL & CSV) to synchronize with other systems: Time attendance, HR, Printing etc.
 Physical Access (PAMS)
LoggingOption to log events to the Windows Event Log
Other CMSUpgrade path from vSEC:CMS K-Series and T-Series
 Migration path from competing CMS products (inquire for more details)