IdenTrust Inc. Logo
Home | My Account | Contact Us  

  
BEFORE YOU BUY CERTIFICATE CENTER AFTER YOU BUY TRUSTID ACES ECA
IDENTRUST'S DOD ECA PROGRAM

Certificates > ECA

DoDI 8520.2 Mandates the use of DoD PKI identity certificates when accessing DoD information systems. The DoD established the External Certification Authority (ECA) program to support the issuance of DoD-approved certificates to industry partners and other external entities and organizations. ECA certificates enable contractors to securely communicate with the DoD and authenticate themselves to DoD Information Systems. IdenTrust is one of three approved ECA vendors, having received our Approval to Operate (ATO) in November of 2007 after a rigorous certification program.

What are ECA Certificates?
ECA Certificates are individually issued digital identity credentials. The DoD relies upon these credentials to ensure the identity of the user in online environments or when a certificate holder tries accessing DoD Information Systems. ECA Certificates are stored either on hardware devices (smart cards or USB devices) or software versions (stored on your computerís hard drive). You will use your certificate to:
Establish your identity when trying to access a protected site
Legally "sign" a document, form or application
Encrypt messages (email) or documents to ensure confidentiality

Much like a driverís license or a passport, they are unique to each individual, and cannot be shared. It is against DoD Regulations to share a username and password or allow someone to access another's ECA certificate for any reason. Violation of this policy will result in the immediate revocation of the original ownerís certificate.

Obtaining ECA Certificates from IdenTrust
In most cases, IdenTrust already has custom built ECA web pages based on pre-established relationships with the application owners, so we know the correct ECA certificate for a particular application. If you are seeking an ECA certificate for one of the following applications, simply click one of the application links below:
AKO (Army Knowledge Online)
TAMMS-A (The Army Maintenance Management System - Aviation)
SPOT (Synchronized Predeployment and Operational Tracker)
ETA (Surface Deployment and Distribution Command Electronic Transportation Acquisition Program)
JPAS (Joint Personnel Adjudication System)
DOD EMALL
WARP (Worldwide Ammunition Repository System)
SPIDERS (Support Planning Integrated Data Enterprise Readiness System)
SECURING SBUC DATA (Email Encryption for Sensitive But Unclassified Data)

If the application you will be using your certificate on is not listed here, scroll down this page to the "Non-Program Specific" chart for your options. Let us know what the application is so we can help others. Just send us a quick email: ECAsales@identrust.com.

Before You Buy
It is important to know what type ECA certificate your DoD application requires. If your program or application is not listed above, check with your program office and/or application owner to determine the type of ECA certificate required. Knowing which type of certificate is required by the application is important since the certificates are not interchangeable.

If you require access to multiple DOD applications, select the higher assurance level certificate. Applications are generally "downwards" compatible. As an example, a hardware based certificate (Medium Token or Medium Hardware) would be able to access sites that only require a software based certificate (Medium Assurance).

In order of assurance (lowest to highest), the three types of ECA certificates are:
ECA Medium Assurance: A "Medium Assurance" certificate is a browser based software certificate loaded on to a userís hard-drive. It is not portable from computer to computer. This certificate meets the minimum security requirement for ECA. Medium Assurance level certificates are available outside the United States.
ECA Medium Token Assurance: A "Medium Token Assurance" certificate is a hardware based certificate, and is stored on a FIPS 140-2 Level 2 or higher cryptographic device (either a Smart Card or a USB device). This is a portable certificate and can be used on any computer where the utilities drivers have been installed. A Medium Token Assurance certificate is a higher assurance level certificate than a software based certificate and is also available outside the United States.
ECA Medium Hardware Assurance: Another hardware based option, this is the highest security certificate available, and is similar to the DoD CAC card. This certificate requires a face to face meeting with an IdenTrust trusted agent (available in Metro DC, Ft. Lauderdale, FL, Huntsville, AL, San Antonio & South Texas Area, Salt Lake City, UT and San Francisco, CA) or a pre-established Trusted Agent within your company. This certificate type is not available outside the United States. A Medium Hardware Assurance certificate is stored on a FIPS 140-2 level 2 cryptographic device; either on a Smartcard or a USB device.

The IdenTrust Difference
IdenTrust works very hard with DoD Program Offices to make it as simple as possible for users to obtain the correct ECA certificate. IdenTrust builds custom ECA websites based on pre-established relationships with the application owners, so we know exactly what type of ECA certificate the application requires.

IdenTrust also enables individual end users to order both the required hardware (ex. token or smartcard) together with all required middleware and the appropriate certificate in a single process. This eliminates the need for your company to maintain and track hardware inventory and eliminates the additional cost of shipping tokens to users before they can download certificates.

IdenTrust provides world class technical support at no additional cost.

Please be sure you order the correct type of certificate for your application. If you are unsure of the type of certificate required, please contact ECAsales@identrust.com or call 866.299.3335 for assistance.

Non-Program Specific ECA Certificate Pricing
Important: DoD policy requires that you retrieve your certificate within 30 days from the date your forms are signed. If you are not able to complete this process and retrieve your certificate before that time elapses, your application will be cancelled and you will need to start this process again from the beginning. Please ensure that you will be able to complete all steps within 30 days before starting your application.

Certificate Type Features
Medium Assurance
Stored in the browser
- Assurance Level: Medium, identity verified by a notary
- Software-based digital certificate stored within the Internet browser
- Keys generated and held in FIPS 140-1/2 level 1 or higher validated software (i.e. Internet Explorer)
- Validity: 1, 2 or 3 year certificates
- US Citizens or legal US Residents residing within the United States
1-year Certificate 2-year Certificate 3-year Certificate
$109.00 Buy Button $188.00 Buy Button $233.00 Buy Button
$109.00 Renewal Button $188.00 Renewal Button $233.00 Renewal Button
Medium Assurance Foreign Country
Stored in the browser
Foreign Country

- Assurance Level: Medium, identity verified by Authorized DoD Employee (ADE)
- Software-based digital certificate stored within the Internet browser
- Keys generated and held in FIPS 140-1/2 level 1 or higher validated software (i.e. Internet Explorer)
- Validity: 1, 2 or 3 year certificates
- Non-US Citizen residing in your country (click here for list of countries supported)
1-year Certificate 2-year Certificate 3-year Certificate
$119.00 Buy Button $243.00 Buy Button
$119.00 Renewal Button $243.00 Renewal Button
Medium Token Assurance
Smart Card and UBS Token
- Assurance Level: Medium Token, identity verified by a notary
- Keys generated and held in FIPS 140-2 Level 2 or higher validated USB Token
- Validity: 1, 2 or 3 year certificates
1-year Certificate 2-year Certificate 3-year Certificate
$139.00 + Hardware Buy Button $242.00 + Hardware Buy Button $281.00 + Hardware Buy Button
$139.00 Renewal Button $242.00 Renewal Button $281.00 Renewal Button
Medium Token Assurance
Smart Card and UBS Token
Foreign Country

- Assurance Level: Medium Token, identity verified by a notary
- Keys generated and held in FIPS 140-2 Level 2 or higher validated USB Token
- Validity: 1, 2 or 3 year certificates
- Non-US Citizen residing in your Country (click here for list of Countries supported and Shipping Costs)
1-year Certificate 2-year Certificate 3-year Certificate
$149.00 + Hardware Buy Button $291.00 + Hardware Buy Button
$149.00 Renewal Button $291.00 Renewal Button
Medium Hardware Assurance
Smart Card and UBS Token
- Assurance Level: Medium Hardware, identity verified by an IdenTrust Agent or Trusted Correspondent AND requires additional forms of identification
- Hardware-based digital certificate stored within a smart card or USB token
- Keys generated and held in FIPS 140-2 level 2 or higher validated smart card
- Keys generated and held in FIPS 140-2 level 2 or higher validated USB token
- Validity: 1 or 3 year certificates
1-year Certificate 3-year Certificate
$179.00 + Hardware Buy Button $365.00 + Hardware Buy Button
$179.00 Renewal Button $365.00 Renewal Button
Medium Assurance SSL
Stored in the browser
- Assurance Level: Medium, identity verified by a notary
- Software-based digital certificate stored within the web server
- Keys generated and held in FIPS 140-1/2 level 1 or higher validated software
- Validity: 1, 2 or 3 year certificates
1-year Certificate 2-year Certificate 3-year Certificate
$425.00 Buy Button $680.00 Buy Button $893.00 Buy Button
$425.00 Renewal Button $680.00 Renewal Button $893.00 Renewal Button
Vouchers
    Vouchers

- IdenTrust issued vouchers allow the purchase of a single digital certificate per each voucher number.
Buy Button

Hardware (Smart Cards or USB Tokens) may be purchased with Certificates as part of the purchase process. Purchase of hardware includes a one-time license for middleware and drivers necessary for the hardware to function.

Hardware pricing, depending on need:
Smart card $40
Smart card & Card Reader $60
USB token $48
USB token & Extension Cable $52

Purchasing 10+ Certificates?
If more than 10 employees in your company need a certificate, IdenTrust offers a program to bulk load the registration of all your employees at the same time and have someone in your organization perform the in-person Identity and Authentication, thereby saving your company time and money as bulk load registrations have discounted pricing. Contact ECA Sales about the Trusted Correspondent Program.

For volume discount pricing, please contact: ECAsales@identrust.com or call 866.299.3335.

Foreign Country ECA Certificates:
US Citizens may apply for an ECA digital certificates at the Medium Assurance and Medium Token assurance levels while in most countries with a US Consulate. Upon completion of the online application, identity forms must be signed in the presence of a United States Consular Officer who is authorized to provide notarial services. For a list of supported countries and associated shipping costs, please click here.

Citizens of Australia, Canada, New Zealand or the United Kingdom, while in any of these four countries, may apply for ECA digital certificates at the Medium Assurance and Medium Token assurance levels by completing the online application and retrieving the identity forms. Identity forms must be signed in the presence of a United States Consular Officer who is authorized to provide notarial services. For a list of supported countries and associated shipping costs, please click here.

Citizens of other countries require that identity forms are signed in the presence of an Authorized Individual, approved by the Department of Defense. If you do not already have a DoD-approved Individual, one will need to be established before you apply. Please contact the IdenTrust Help Desk for instructions in setting up an Authorized Individual by calling 801.924.8141 or by email at helpdesk@identrust.com.


SALES CONTACT
866.299.3335
ECAsales@IdenTrust.com

CUSTOMER SUPPORT
Helpdesk@IdenTrust.com
888.882.1104 (within the US)
801.924.8141 (outside the US)
M-F, 6am-6pm MST

DODI Video

ECA CERTIFICATE PRICING

HOW TO BUY
ECA Medium Assurance
ECA Medium Assurance Foreign Country
ECA Medium Token Assurance Foreign Country
ECA Medium Token
ECA Medium Hardware Assurance
ECA Medium Assurance SSL
ECA Foreign Countries Supported

LIST OF GOVT AGENCIES

AFTER YOU BUY
ECA Application Enablement FAQ
Request Key Recovery
Revoke Certificate
Root Certificate Downloads

RELATED CONTENT
BUY ECA
Instructions for Applicant
Locations for IdenTrust I&A
ECA I & A
ECA Forms and Policies
ECA FAQs
Security of Unclassified DoD Information on Non-DoD Information Systems

OTHER
ECA Digital Certificates
ECA Trusted Correspondent Program
How To Become a Trusted Correspondent
 © 2014 IdenTrust, Inc. All Rights Reserved    Home | Contact Us | Legal Policies Follow us: Follow IdenTrust on Twitter IdenTrust part of HID Global