Ambimat GroupAmbimatAmbiSecureeSIM InitiativeEngineering BlogAhmedabad · India · Est. 1981
ASAmbiSecureHardware-rooted security
Contact
Product · PIV on ID-1

AmbiSecure PIV Smart Card.

PIV-compatible JavaCard applet on a contact + contactless ISO/IEC 7810 ID-1 smart card. Drop-in replacement for legacy PKI tokens with a Windows / macOS smart-card login surface, PKCS#11 middleware, minidriver, and four certificate slots usable for authentication, digital signature, key management, and card authentication.

PIV (FIPS 201 functional) ISO/IEC 7810 ID-1 7816 contact + 14443 contactless RSA 2048 / 3072 / ECC P-256 / P-384 PKCS#11 + minidriver CC EAL5+ silicon
What it does

Four certificate slots, two interfaces, one card.

FIPS 201 functional surface

Four PIV certificate containers — authentication (9A), digital signature (9C), key management (9D), card authentication (9E). RSA 2048 / 3072 and ECC P-256 / P-384 supported per slot. Compatible with NIST SP 800-73 APDU semantics.

Contact & contactless

ISO/IEC 7816 (contact pad) plus ISO/IEC 14443 Type A / B (NFC). Same applet, two transports — tap for door / login readers, insert for high-throughput personalisation lines.

Windows + macOS smart-card logon

Drop-in for AD smart-card login, macOS smart-card pairing, Windows Hello for Business hybrid flows, and certificate-based VPN / 802.1X authentication. No bespoke middleware on managed endpoints.

PKCS#11 + minidriver

Cross-platform PKCS#11 module (Mozilla, Acrobat, OpenSC-compatible) and Windows minidriver (BaseCSP). Works with PuTTY-CAC for SSH agent forwarding, OpenVPN, and S/MIME signing in Outlook.

Specifications

Where this card fits.

Form factor

ISO/IEC 7810 ID-1 (85.60 x 53.98 mm), contact pad + contactless antenna. Standard credit-card thickness, wallet-friendly. Card body is durable plastic; survives normal wallet conditions and brief immersion.

Secure element

CC EAL5+ certified secure element from a partner silicon vendor. No extractable per-device master key, no remote backdoor channel, no AmbiSecure escrow of issuer credentials.

Personalisation

SCP03 loading under your issuer keys, HSM-backed custody, batch APDU personalisation. AID, branding, and post-issuance update policy controlled by the issuer. Anonymised case study available.

Audience

Workforce identity programmes, contractor / vendor smart cards, government PIV-I / PIV-C deployments, regulated industries (finance, healthcare, defence) needing hardware-backed certificate stores.

Related

PIV in a nano-card / MFF2 secure element

Same applet, 4FF nano-card form factor — for embedded identity programmes.

View product →

PIV Bio Card

Add on-card fingerprint match — three-factor on a single ID-1 surface.

View product →

PIV USB Key

Same applet in a keychain USB-A / USB-C form factor.

View product →

JavaCard development

How AmbiSecure loads applets onto chips you source yourselves.

View service →

Government identity

PIV + eID deployment shapes for national and contractor programmes.

View solution →

JavaCard technology

GlobalPlatform 2.3.1, SCP03, JavaCard 3.x — the standards layer.

View technology →

Pilot batch or production scope?

Talk to the engineers who load the applet, not a BDR.

Start a conversation