How smart card login works

When you choose login with smart cards, security is built in three steps. That is why a smart card-based security solution is the strongest alternative for secure and easy login.

  • Smart card-based certificate 
  • Two-factor authentication 
  • Encrypted tunnel

You always have your smart card-based certificate with you 

Security with smart cards is based on the PKI security standard and uses certificates to identify all users when they log in.

Certificates can be stored as files directly on the user’s computer, as file-based certificates. The problem is that the certificate then remains at the workstation and is available through the network when the user leaves, which carries a risk for, e.g., spoofing and theft. By instead storing certificates on a smart card, the user can easily take their certificate with them when they leave their workstation. The certificate becomes less accessible and security is improved.

iStock_000027073467XLarge

Two-factor authentication is stronger

hartsert_470x220

To log in and authenticate themselves in the IT environment, the user needs to be able to present information that is stored in the certificate on their personal smart card, and enter their personal PIN code. The combination of something the user has and something the user knows provides two-factor authentication.

Traditional password management is based only on the user providing the correct password, that is, single-factor authentication, which makes this method much weaker.

Encrypted tunnel reduces the risk of interception

Once authentication has been verified, an encrypted tunnel is established between the client and the server. All communication is sent through the tunnel, which makes it completely protected from unauthorized persons, who cannot “listen in” on the connection. This also minimizes the risk of information phishing and man-in-the-middle intrusion.

Contact me for a demo of IT security with smart cards