CAC (Common Access Card)
What is CAC (Common Access Card)?
CAC (Common Access Card)The smart-card identity credential issued by the US Department of Defense to military, civilian and contractor personnel for physical and logical access.
The Common Access Card (CAC) is the standard identification card of the US Department of Defense, issued to active-duty military, Reservists, eligible civilians and contractors. It is a NIST SP 800-73 PIV-compliant smart card that also follows the DoD's own profile and contains PKI certificates for identity, digital signature and email encryption issued by the DoD PKI. CAC holders use the card with a contact reader and PIN to log on to DoD networks, sign e-mails, access SIPR / NIPR services, and as a physical badge for installations. Like PIV, CAC pairs the card with a PIN, providing two-factor authentication: something you have and something you know.
● Examples
- 01
A soldier using a CAC and PIN at a NIPRNet workstation to access DoD email.
- 02
Signing an official document with the CAC digital signature certificate in Adobe Reader.
● Frequently asked questions
What is CAC (Common Access Card)?
The smart-card identity credential issued by the US Department of Defense to military, civilian and contractor personnel for physical and logical access. It belongs to the Cryptography category of cybersecurity.
What does CAC (Common Access Card) mean?
The smart-card identity credential issued by the US Department of Defense to military, civilian and contractor personnel for physical and logical access.
How does CAC (Common Access Card) work?
The Common Access Card (CAC) is the standard identification card of the US Department of Defense, issued to active-duty military, Reservists, eligible civilians and contractors. It is a NIST SP 800-73 PIV-compliant smart card that also follows the DoD's own profile and contains PKI certificates for identity, digital signature and email encryption issued by the DoD PKI. CAC holders use the card with a contact reader and PIN to log on to DoD networks, sign e-mails, access SIPR / NIPR services, and as a physical badge for installations. Like PIV, CAC pairs the card with a PIN, providing two-factor authentication: something you have and something you know.
How do you defend against CAC (Common Access Card)?
Defences for CAC (Common Access Card) typically combine technical controls and operational practices, as detailed in the full definition above.
What are other names for CAC (Common Access Card)?
Common alternative names include: Common Access Card, DoD CAC.
● Related terms
- cryptography№ 827
PIV Card
A US federal smart card that carries identity credentials and PKI keys as defined by FIPS 201 and NIST SP 800-73, used by federal employees and contractors.
- cryptography№ 1054
Smart Card
A credit-card-sized device with an embedded secure microcontroller that stores credentials and performs cryptographic operations, defined by ISO/IEC 7816 for contact cards.
- cryptography№ 413
FIDO Security Key
A hardware authenticator that uses the FIDO U2F or FIDO2/WebAuthn standards to perform phishing-resistant, public-key-based authentication to web and enterprise services.
- identity-access№ 708
Multi-Factor Authentication (MFA)
An authentication method that requires two or more independent factors — typically from different categories — before granting access.
- network-security№ 878
Public Key Infrastructure (PKI)
The combined system of policies, software, hardware and trusted authorities used to issue, distribute, validate and revoke digital certificates that bind identities to public keys.
- network-security№ 1253
X.509 Certificate
A standard structure for a digital certificate that binds a public key to an identity through a signature from a trusted certificate authority.