SecurID® Discussions

Browse the SecurID discussion board to get product help and collaborate with other SecurID users.

RSA Smart Card Middleware 3.5 Exportable to Mexico?

Is RSA Smart Card Middleware 3.5 Exportable to Mexico?

Does the Middleware software and/or the RSA800 token have an ECCN?

2 Replies
Apprised Contributor Apprised Contributor
Apprised Contributor

I don't know about export controls, but would suggest 2 things;

1. The middleware is somewhat rough, lacking.  It was designed to work with applications.  I have always found that installing the RSA Authentication Client, RAC, ver. 3.6 is the latest, allows you to do everything that the Middles does, but also gives you the RSA Control Center interface, which lets you view and test.  so you can see if Certificates are loaded on the Smart card part of the SID-800.  I also think you are sure of having the latest version when using the RAC instead of the middleware

2. If RAC software is allowed in Mexico, it is safe to say that middleware is also allowed, so maybe if you can download this software from the RSA web site, then there is no ECCN required.

I searched Link and found RAC 3.6 Admin Guide, and when I went to there is that ever present Chat Pop-up, so you could ask there.

Employee (Retired) Employee (Retired)
Employee (Retired)

RSA, The Security Division of EMC certifies that the RSA SecurID product is classified under Export Commodity Classification Number (ECCN) 5D992 "Authentication Software/Hardware," per CCATS G009989 for SD200, SD520, SD600, SID700, and SID900 and CCATS G038836 for the SID800. The HTS code is 8543 70 9009.

The exportation of items classified by the Bureau of Industry and Security (BIS) as 5D992 to foreign subsidiaries of US companies is permitted under license exception NLR (No License Required). This license exception does not apply to the nations under US embargo: Cuba, Iran, North Korea, Sudan and Syria.


There may be import licensing requirements in various countries such as China, but customers will have to consult with their local brokerage representatives to better understand the requirements as these may change over time. There are also import licensing exceptions if the server is maintained outside of the country as opposed to within the country of import (from article 000027558 Countries to which RSA SecurID hardware tokens can be shipped​).


Also refer to article 000025573 which explains that RSA SecurID token authenticators can be legally shipped overseas.