Gemalto offers Gemalto SCSED PKI Token as a combined product of a Smart Card reader and Smart Card, enabling higher Data Security promised by Smart Cards.
SCSED PKI Token:
The IDBridge K30 is a compact, USB device that offers multi-application dynamic smart card functionality. It can be used with any USB connection for Identity and Access Management applications such as network authentication, digital signatures and other services based on Public Key Infrastructure (PKI).
With Gemalto .NET technology, you benefit from unparalleled level of integration with Microsoft’s platforms and solutions: Native support by all Windows OS from XP to Eight and their associated Server versions. .NET PKI Tokens are also fully compatible with Forefront Edge, Microsoft’s FIM – ILM CMS, Active Directory Domain Services and Certificate Services. With Gemalto SCSED PKI TOKEN implementation of Encryption and Digital Signature services become easier than ever.
The Gemalto’s solution provides better security as the tamper-proof microprocessor chip is protected by a smartcard module packaging. Once the module packaging is opened or tampered, the chip is quite unlikely to be functional anymore. All the connections on the chip are encapsulated inside the module and will not be exposed for attacks. When security of information is important/critical (defense, etc), this becomes very important.
USB IDBridge K30 features strong authentication based on two factors: the token itself and a PIN, providing an extra level of security for the most sensitive applications. The PIN ensures the holder of the device is its legitimate owner. The IDBridge K30 offers all the power of a multi-application smart card in a USB form factor, making it an ideal solution for organizations that require a combination of security, portability, robustness and convenience.
Why Smart Card Based PKI Token is better:-
Some of the other choices of solutions are using a chip on PCB board instead of smartcard. On an open chip (or naked chip), the contacts of the chip can be easily identified, where hacker know exactly where to tap the information to decrypt or manipulate.
- FIPS 140-2 Level 3 Certified, Common Criteria CC EAL5 + (CHIP).
- Memory Available – Min. 64K memory for storing multiple digital signature Certificates.
- Crypto Algorithm Supported – On board Crypto Algorithm for support of RSA up to 2048 bits, DES, 3DES, Hashing Algorithm support for SHA1, SHA2.
- No. of Key Pairs supported – Up to 15 x 2048 bit certificates and key pair’s storage.
- CSP – Smart card support through Microsoft Base Smart Card Cryptographic Service Provider ( No proprietary CSP used)
- Token RESET /UNBLOCK – Reset Token & Unblock Token (Applicable for Enterprise use case of PKI Tokens, help to prevent loss of DSC once the token password is blocked).
- SSO – Single Sign on is supported in the user tool, enable Timeout parameter setting for Integrated Applications.
- Personalization: – Token Initialization on First Usage of PKI Token – Enable to Add user details like User Name, Department Name and Organization Name inside the PKI Token. (No Physical Writing / Sticker required for Token Identification).
- Desktop OS Supported – Windows, Linux, MacOS, and Boss.
- Mobile Device OS Supported – Android , iOS.
- Browser Supported– IE, Mozilla, and Chrome.
- Security : Top level response time for authentication and signature:-
- Optimized Garbage Collector mechanism.
- 32 bit RISC processor with crypto processor.
- Third Party Integration Ecosystem – Pre Integrated with Microsoft applications like Windows Logon, Email Singing & Encryption, VPN Access (2FA), Office Applications, Pre Boot Authentication, SSO, Bit Locker (Driver Encryption).
- Logo Customization: – Customer / Partner Logo Customization supported on Gemalto PKI Token and User Tool.
- SDK – Software Development Kit available to support easier integration of PKI Token into web services-based applications and solution.
- Different Form Factors – Available in various form Factors like Smart Card , USB Token , OTP + PKI , Biometric MOC + PKI , SD Card + PKI , PKI + Attendance , PKI + EMV ( Banking Cards)
- Other Technologies supported along with PKI – Biometric Authentication ( Match On card ) ,OTP ( One Time Password ) , Contactless Chip ( Attendance / Physical Access ) , EMV , SIM , Secured Storage , ePurse Applications etc.