Disable Net iD SSO for a specific application
The SSO feature of Net iD is highly appreciated. But in some scanarios you want a specific applications
In a web scenario with mutual TLS/SSL you can use the Net iD Plugin to logout from the card before the negotiation starts.
Test it here: check_for_smartcard_clearpin.html
Note: Make sure that your Logout-operation does not interfere with other running applications
Traditional clients (exe)
One method is of cause to build you own PIN-dialog and enforce that so the user has to enter PIN no matter if the PIN is cached by Net iD SSO.
You could also call the Net iD Plugin (COM-object) to do Logout just in the web scenario described above.
By maybe the best method is to change the configuration of Net iD to exclude the binary itself from the SSO system
Net iD 5.x
Net iD 6.x
Net iD SSO active, no PIN required
Net iD SSO active, PIN required even if the PIN is cached