Something as unexotic as smart cards and card readers can knock over the most well-planned and thoughtful PKI-project. They can even completely render that wonderful user experience when you lose the passwords and the management of them.
Initially I want to mention that I don’t know much about things like PKI, Microsoft CA, certificates and so on. As Hardware manager at SecMaker, I know more about peripherals such as card readers and smart cards. Unfortunately our customers often only see the card readers as a card reader and a smart card as a smart card. Unluckily that is a bit like comparing ginger ale with champagne. Sure, both skim but that’s the end of similarity.
In terms of both card readers and smart cards, the login times may differ significally. It is important to ensure that you have the correct driver to the specific card reader. When it comes to the smart cards it is directly critical if it should work at all. A nice print or a successful entry is not the same as getting a login, single sign on or session roaming with for example Citrix, that works.
It’s not every day, thankfully, that I get contacted by municipalities that have to replace all their smart cards because they’ve bought the wrong cards and find out that the chip doesn’t work with the software to login. But it happens. No, it’s not possible to put SITHS (smart card that identifies employees in health and social care in Sweden) certificates on an optional smart card, and yes it is still possible to order new SITHS cards regardless of what you have heard from different actors on the market.
To sum up I would like to ask those who are planning to introduce smart cards in the organization to specify the hardware as early as in the planning stage. Be specific and make demands on the suppliers you meet. Document your expectations on the delivered solution and get assurances from the supplier.
The right choice makes both the user and the IT department’s life considerably easier.
Don’t hesitate to contact me or my colleagues if you would like to know more or if you have any questions.