What is a Smart Card?
A smart card is a physical card that has an embedded integrated chip that acts as a security token. Smart cards are typically the same size as a driver’s license or credit card and can be made out of metal or plastic. Hardware security keys can also act as a smart card with simplified deployment.
How does smart card authentication work?
Smart card authentication requires two things: the smart card itself and a pin entered by the user. With smart cards there are two different ways to authenticate yourself into a system, there is either contact or contactless smart card readers. With contact cards, the embedded chip is inserted into the reader and makes physical contact for the transmission of data. With contactless cards the smart card is held up close to the reader, it doesn’t need to be touching, and communicates it’s credentials through NFC.
You may also hear smart cards referred to as CAC cards (common access cards) or PIV cards (personal identity verification). CAC cards are used by military or active service personnel, the Department of Defense, or select contractors for standard identification entries into buildings and systems. PIV smart cards are the US government’s standard for smart card authentication.
Why should I use a Smart Card over other forms of multi-factor authentication?
Smart cards have a lot of benefits, although it’s always good to weigh the pros and cons of each option before making a decision on what might be best for you! Smart cards are considered a very high form of security due to the secrets being physically on the card. Without the physical card and the knowledge of the pin attached to that card it makes it very difficult to hack in. In addition, duplicating or cloning a smart card, due to the nature of the chip and the content of the card. Smart cards can also be used as a form of data storage. The chips make it so you can add or update information and keep it on the card.
Are there any cons to using a smart card?
Easy to lose
Due to the card being a physical thing people must remember and keep track of, this does mean the cards could be easily lost or stolen.
The initial investment in smart cards could be costly to an organization. Besides purchasing the cards, the infrastructure must be set up to support them, and obtain card readers.
IT administrators must install smart carders for every device an employee might need to access. This might make it hard for remote companies or jobs to access their systems.
- Yubico secures remote government workers
- Yubico simplifies smart card deployment in the enterprise
- PIV Compatible Smart Cards