Home
digital identity management system

SpaidID: comprehensive digital identity management system

The SepidID is a digital identity management system that manages various activities of the smart card life cycle. These activities include all processes from handing over the card by the card provider to using the card by the card owner. The SepidID card management system is a set of tools that are used to manage all processes performed in the life cycle of a physical or virtual card, including issuance and activation, delivery, renewal, cancellation, etc.

The smart card management software system (CMS or SCMS) of the SepidID manages card issuance requests, which includes receiving information and refining information received from users, and managing their allocation. In addition, card storage processes and card key management can be done in the SepidID. Other services include post-issuance services, information security services with cards, value-added services with mobile phones, and services on the network.

Introducing SepidID digital identity management software

The SepidID smart card management and issuance software is a comprehensive management solution that supports all aspects of card issuance and communication with businesses. This system is suitable for banks, financial organizations, large vendors, and large organizations that need a high level of flexibility for fast and cost-effective implementation of products, services, and the issuance of various licenses.

The SepidID digital identity management system provides comprehensive and flexible solutions for managing the life cycle of smart cards (Smart Card Management System). It has been designed and implemented relying on the knowledge and experience of Sepid System Sharif knowledge-based company and also the review of successful examples of smart card projects in the country and abroad. With a comprehensive view and considering the entire smart card ecosystem, this system offers a solution that covers most of the needs of card management and related issues.

Smart card automation at a glance

Nowadays, by providing a safe platform for storing information, smart cards have many applications in various fields, such as identification, authentication, access control, insurance and health, transportation, banking, cryptography, digital signature, etc. The number of these applications is increasing every day. In fact, in all these applications, the card is used as a safe and reliable platform to store sensitive information and perform basic processing on them, according to their relevant application. The administrator of the SepidID system can issue cards for the target users, which based on the various scenarios of the system, provide services in different areas such as access, welfare services, online and offline payment, etc. In fact, with the help of a "card management system", any business that has some users can provide added value beyond the main value of the business to its audience.

SepidID smart card system ecosystem

The nature of the smart card and its applications is such that many diverse players are usually involved in its life cycle which creates a complex ecosystem for smart card-based systems. The figure below shows the typical smart card ecosystem and its complexity. This complexity is due to the variety of roles and the multiple interactions between them. The architecture of the SepidID smart card management system can be divided into two general areas, issuing and controlling the card. The entire architecture is based on a "card lifecycle management framework" that manages the status of the card at different stages of its life. Two main components, i.e. the "issuance management" and "card control and exploitation management" components, are placed on the mentioned framework.

Card production area

Chip manufacturers
Operating system and software developers
Card suppliers
Card distributors
Standardization references
Certifying authorities
Manufacturers of accessories

Card issuing area

Card applicants
Issuing authorities
Registration centers
Service organizations (inquiries, etc.)
Software developers
Providers of card applications
Systems integrators
Standardization references
Certifying authorities
Regulatory authorities
Issuance units
Card distributors
Advisory departments

Operation area

Card holders
Control authorities
Service organizations
External operating organizations
Post-issuance service centers
Providers of card control terminals
Various infrastructure providers
Advisory departments

Scope of smart card automation

The entire smart card ecosystem includes all actors in the three areas of production, issuance, and control. This system covers the role of the rest of those involved in the post-production phase (from supply to card operation) and implements and manages the relevant processes by carefully analyzing the different operating environments related to the card.

Naturally, managing the life cycle of the card in such a complex ecosystem is traditionally not possible and requires a comprehensive system that manages the activities and processes derived from them by considering the role of all involved in the mentioned ecosystem and the interactions between them. Ignoring the role of each part in the ecosystem will disrupt the functions and operations. In this way, to provide sustainable services and prevent disaster and irreparable organizational losses, a smart card management system is inevitable wherever smart card-based services are to be provided. The obvious challenge in most of the country's smart card projects is the lack of attention of relevant authorities and organizations to all aspects of card-based systems and pure focus on card issuance. This issue has caused that despite the issuance of various types of smart cards such as the national identity smart card in the country and the potential capacity to use them for the development of electronic services, we still do not see the basic action in the field of using the card.

Connecting the digital identity management system to peripheral systems

According to the intended use of the smart card, the smart card management software system may be connected to the following systems:

Access control devices
Biometric authentication systems (such as fingerprint scanners, face recognition, etc.)
Contact card readers
RFID devices
Card printer
Management system of network resources and users (such as Active Directory)
Digital Certificate Authority (CA)
Hardware Security Module (HSM)

The possibility of issuing cards in a decentralized manner

Considering that the strategy of the client's organization may be based on decentralized issuance, a framework for identifying and authenticating the issuing units is provided in the system architecture. This framework implements the mechanism of registration, identification, authentication, and access control of issuing units.

Support for all types of smart cards in SepidID

Java Card contact smart cards
contactless smart cards
Bank smart cards
Domestic and international cards
Credit cards
Loyalty cards
fuel card

National identity card
Debit cards
Corporate and business cards
Chip and contactless cards
Virtual cards for Internet payments
Customized cards with exclusive labels
Prepaid cards and gift cards

Applications of the SepidID smart card cycle system

Management of national smart card issuance

Issuance and personalization of bank cards

Fuel smart card management

Health smart card management

Urban service card system

Login to the systems (Smart Card Logon)

Digital signature in SepidID digital identity management system

One of the main steps in the process of preparing card information is applying the digital signature of the card issuing authority on this information. According to its security policies, the client's organization may require the implementation of integrity services and authentication of the issuing authority on its cards. These services can be obtained by applying a digital signature on the information contained in the card. Therefore, a component has been designed to manage and apply this signature to the information in the SepidID system. This component interacts with the organization's public key infrastructure and its signature key is certified by CA.

The interaction of SepidID SCMS system with client systems

This system can interact with information, service, and infrastructure systems inside or outside the operating organization. For example, if the organization already has a public key infrastructure, the SCMS system can connect and interact with it. Integrating this system with internal/external information and service systems also makes it possible to use their information and services in the organization's smart card system and create an optimal information technology structure.

Services after issuing a smart card

Notification of lost/stolen card
Temporary deactivation of the card
Card reactivation
Change/unlock PIN
Blocking card services selectively
Reopening blocked card services
Card cancellation (permanent invalidation of secrets and credits on the card)
Returning the card (taking back the card from its owner)
Removing the card from the system
Recovery of card keys and certificates

The features of SepidID smart management system

The main features and capabilities of the system are:

Integration: in the SepidID system, all operations are performed in a single automation system and an integrated manner, and simple and quick reporting and control are possible.
Being on the web: The SepidID system is centralized and on the web, and there is no need to install separate software in each department.
Completeness: the system has all the necessary facilities for hardware management, authentication, and user information.
Simple user environment and user-friendly interface
High system security and exception management to prevent fraud and unauthorized access

Due to the modular and flexible design of the system, these services can be customized in the system.

The advantages of SepidID smart automation system

Modular design and the ability to adapt and provide modules according to customer needs
Full management of the card's life cycle in the areas of supply, issuance and operation
- Card supply and treasury management
- Key management and card security
- Management of registration processes and receiving applicants' information
- Pre-personalization management
- Management of personalization and card issuance
- Management of services and card control and exploitation processes
- Post-issuance service management
Connecting and interacting with standard public key infrastructure
Support for different cards
Using various media for key management (file, token, HSM)
Support for the internal chip key diversification function (KDF) and the possibility of defining new functions
Providing a framework for managing client-side hardware

Supporting and manage multiple card applications (with the possibility of removing or adding new applications)
Providing different applications for the card, including identification and authentication (PIV), PKI, matching biometrics on the card (MOC), generation of one-time password (OTP)
Signing code for card applications
Management of multiple registration centers
Management of multiple issuing and personalization centers
Online registration of applications
Management of terminals and card control stations
SAM issuance and management facilities
User management facilities and defining various roles to access various system facilities

Types of reports in SepidID CMS

The SpaidID smart card management software provides various reports to the system user. Some of these reports are given below:

The number and status of requests in the queue
Number of available cards
Average card consumption
Number of cards required
Number and status of registration branches
Number and status of issuing branches
Number and status of service centers
Number and status of control terminals

Other Software Products

SepidStar Access control system

Sepidbox safe deposit box management

Sepidyar Time attendance management