Smart Cards, 10 Years Later – Part 2

11 years ago

In my last blog, I left off talking about the different forms of authentication and the abundance of solutions available to enable multi-factor authentication (based on the directive to increase security for user authentication into laptops).

As mentioned in Part 1, in order to support communication to smart cards at pre-boot, WinMagic was responsible to engineer the driver support into SecureDoc (for each device). Without these drivers, the cards simply won’t work in a pre-operating system environment. This was not an easy feat, but over the years our PKI engineers have been consistently providing support for the most used tokens:

Without a doubt, WinMagic has spent a substantial amount of time (and resources) developing support for various 2 and 3 factor authentication solutions. Our goals are always customer focused; furthermore, ensuring they can use the latest and greatest technologies in line with SecureDoc’s full disk encryption. I remember it always being a challenge determining which tokens should be considered first, and which could wait for next releases. The good news is: SecureDoc is developed based on PKCS#11 standards, which provides development benefits to support PKI tokens.

So, where are we now after 10 years? Have businesses moved away from traditional usernames and passwords and onto more secure 2 or 3 factor authentications? Well, I can comfortably say a number of large organizations (from all sectors) made the switch and require users to authenticate using smart cards. There’s no question this technology works and is being mandated around the world. Even smart card projects I worked on years ago are still going strong, and in several cases are starting to migrate to newer card technologies.

However, to say the direction clearly moved away from 1 factor authentication would be incorrect. The majority of companies still use single factor authentication (via Active Directory). This article isn’t about what is right or wrong, but whether or not smart card technology has been adapted. My opinion is the trend didn’t align with the actual direction over the decade. Of course I have many theories around my opinion, but will have to save them for another time.

To conclude, not all technologies can easily be adopted; even if they are great solutions! It will be interesting to see how technology changes over the next 10 years, and whether or not the traditional username and password will still hold strong as the most used authentication method into computers.

To access Part I of this article, click here

Rob deCarle

I am part of the Global Professional Services team at WinMagic. The opinions expressed on this blog are mine. While I blog on behalf of the company, not all positions reflect the ‘official’ position of the company and therefore should not be treated as such.

Smart Cards, 10 Years Later – Part 1

Windows 8 is here! Now what?

MFA and Zero-Trust Misconceptions Prevent Effective Solutions

The WinMagic team believes we can revolutionize the cybersecurity of the world. Our latest authentication solution, MagicEndpoint, is ready to…

May 16, 2023

Thi Nguyen-Huu

Device-Level Signals: Framework of Zero Trust Security

The U.S. government is tightening the reins, requiring agencies to comply with Zero Trust architecture (ZTA) by the end of…

April 13, 2023

Garry McCracken

Passkey vs. MagicEndpoint

There are three types of people in the corporate world: Those who think their laptop is just an average computing…

March 27, 2023

WinMagic

A more secure “client” for passwordless authentication

In this article, I’ll introduce a new passwordless authentication thought process: an entirely new “entity” that advanced passwordless solutions should…

March 8, 2023

Thi Nguyen-Huu

What passwordless means for the healthcare sector

This month, we had an enlightening conversation with healthcare specialist, Joy Poletti, who’s worked as the VP of access and…

January 10, 2023

Ryder Gaston