Smart Cards and Tokens
2FA ONE provides broad support for smart card technology in card and token form factors. 2FA delivers all the necessary components to successfully deploy, manage, and use smart card technology with PKI, including: smart card devices, smart card readers, smart card management, PKI certificate management, and professional services. Smart card technology is generally available in two form factors – credit card sized and USB token. In the majority of cases 2FA ONE supports existing smart card implementations, but is most commonly deployed in environments where smart cards are being introduced for the first time.
How smart card technology works with 2FA ONE.
2FA ONE supports smart card middleware from a number of third-party vendors and is optimized for use with Microsoft’s Minidriver specification. Supported smart card technology vendors include: 2FA, G&D, Gemalto, HID, Oberthur, and others. Smart card technology can be manufactured with or without compatible physical access technology from HID Global and other manufacturers. Please check the 2FA ONE Client Administrator’s Guide or contact 2FA for the current hardware compatibility list.
2FA is one of the few vendors in the world to provide broad-based authentication support with a fully-functioning smart card management system. Out-of-the-box, 2FA ONE is ready to manage both the creation and life-cycle management of smart cards devices and PKI certificates.
2FA also provides the unique capability of contactless smart card technology with PKI. With contactless smart card technology, users and security personnel both win! Users get the convenience of an RFID card and security personnel get the security of smart card technology.
How smart card technology works with 2FA ONE.
Smart card technology contains a cryptographic module to facilitate the generation and security of PKI keys that are used to authenticate to operating systems and applications, sign documents, or encrypt data, such as files or emails. 2FA ONE manages the lifecycle of smart card devices, the creation of PKI certificates on the device, and the selection of PINs by users. Smart card technology is commonly used in the US Government and is considered one of the stronger forms of authentication. The common workflow for users utilizing smart card technology requires the user to insert a card or cryptographic USB token into a reader, then enter the associated PIN, and once validated, a key exchange occurs between the operating system or an application to validate the certificate and associated keys. Once validated the user is permitted access to the operating system or application. With contactless smart card technology the user only needs to place the card on a 13.56 MHz reader and enter the associated PIN. For security purposes the card must remain on the reader during validation. Once validated the device can be removed.