CAC reader for iPad

Just to round out the discussion, there are now 4 companies providing CAC readers for mobile devices.

Our own, PKard, www.thursby.com

Tactivo, www.precisebiometrics.com

iAuthenticate, http://www.identive-group.com

baiMobile, www.biometricassociates.com

There is some overlap in most of these offerings. Make sure that you really undertstand what you want to do with the reader, not all CAC-enabled software will work with all of the readers. Some software you may have to purchase (license) if it isn't bundled with the hardware. Some of the pricing in this discussion may be dated so make sure that you go to the vendor's web site to confirm.

Jim mentioned back in February that DTS (Defense Travel System) should be supported shortly. The latest PKard software has already been updated for this and we are hoping the new system will get turned on later this month.

-- Bill T.
<I may receive some form of compensation, financial or otherwise, from my recommendation or link.>

Florida J wrote:
Apple it is very important that you are RESPONSIVE to what Chief Danberry is communicating and are able to help facilitate a solution. If you can enable DOD common access card functionality through iPad you will sell "a ton" of these to DOD private users like myself and probably make significant in-roads with the DOD.

I seriously doubt that Apple would ever permit a third-party smart card reader into its MFi program, a prerequisite in order to connect via Bluetooth or the 30-pin connector (WiFi would never pass industry or gov't scrutiny). For one, there are no publicly available interfaces in the Cocoa Touch framework to accommodate low-level reader I/O. Two, since iPhads do not support drivers, there would have to be a standard protocol, like AirPrint, but for readers, and there is no such effort to my knowledge. You have to imagine that a host of applications, esp. Mobile Safari, would want to interact with such a reader, so Apple would have to bake in transactional support and a heavy layer of security.

A pure guess is that Apple is entertaining the notion of creating their own reader for a future iPhad. Due to power and space issues, expect it to be contactless with a 2-3 cm range. An external reader is possible, but may require supplemental power due to the 3V dock port limitation. Most chips still require 5V but are trending toward 3V, and until this is something that Apple can bank on, don't expect it anytime soon. These are just my opinions, so please take them with a grain of salt.

J -

You can expect some iPad/iPhone CAC solutions this year. There are some challenges but it is definitely doable.

When you say CAC functionality through the iPad, what are your exact requirements? A secure CAC enabled web browser for access to sites such as AKO or the Air Force portal? A stand-alone secure mail app running on the iPhone? A programming interface for custom programs?

Your real-world feedback would definitely be helpful.

Thanks,

Bill Thursby

I would like to access Air Force Portal through a browser. To do this I need to use my CAC to log in. I could probably plug the reader into the camera interface USB port. If I had access to the AF Portal I can access webmail for my official emails.

Bill-

This is the problem as I see it. This is both a hardware and a software issue, and not easily resolved.

First- hardware: a common access card reader requires power to read the data on the card chip. All card readers require power from the USB port, and the iPad does not seem to push enough power out to make the reader work properly. Thus, a reader will have to be built with an internal power source, or rebuilt so that it requires less energy. The second option is more feasible for the end user, because adding internal power, or an external cable will make it too bulky for portability.

Second- Software: For a CAC reader to work, the software must read the encrypted signature key off of the card and prompt for a password, thus unlocking the card and the Key. This key must then be made available to whatever web browser or application is being used that requires the key when prompted by the website. This would best be done in it's own app, where the app has a built in key reader and browser.

As the government is and has been moving towards mobile devices, security is at an utmost importance. Apple needs to start thinking about this if they want to stay in the running. Apple developers are starting to push for more cloud based computing, but as we recently saw with the attacks on Sony's mainframe and several attacks on the U.S. government systems,there needs to be better security on the network. Thus far, there is next to no security on the iPad. ????

"I provide FREE assistance to people with CAC problems. I do not get compensation, financial otherwise when I'm recommending people to visit my website to find answers to thier questions. Evidently, I was advertising when I gave the link to my Apple support page.

Since you have link to donate to you on your page...

From the Apple support forums Terms of Use.

"No advertising. Do not use the Site to sell or market your products to others and do not post a URL unless it directly answers a user’s question. If any portion of your Submission, including any posted URL, results in any accrual of compensation or benefit to you, you must note this in your post by stating, “I may receive some form of compensation, financial or otherwise, from my recommendation or link.”