Go to Top

sc/interface

Icon-scinterfacesc/interface integrates credentials stored on smart cards and other security tokens into IT environments. sc/interface supports more than 90 smart cards, security tokens and profiles across all major operating systems. Many useful features, including fingerprint recognition and Microsoft Virtual Smart Card support, are available.

In a nutshell

The rising demand for electronic identity verification requires much more than simple user names and passwords. Two-factor authentication – especially based on a smart card (or another smart token) and a PIN – is therefore a must. As a very mature solution, smart cards have been widely deployed for years on bank cards and more recently on electronic ID cards.

With many different smart card options, the hardware typically is not an issue. In fact, successful projects depend much more on the middleware (smart credential middleware) used. Smart credential middleware is software connecting a smart token (including the credentials stored on it) to an application. In the current heterogeneous IT world, smart credential middleware should not depend on specific operating systems or devices. Instead, it should be platform independent and support a broad number of applications across differing devices. In addition, strong security demands smart credential middleware that utilizes standards based protocols and advanced cryptographic methods.

sc/interface is powerful smart credential middleware which connects applications (Outlook, Edge, Safari, Firefox, etc.) to the desired smart card or token. It supports all relevant cryptographic interfaces for every major operating system: Microsoft CSP and Minidriver (for Windows), PKCS#11 (for Linux derivatives, Windows, and macOS), and Apple Crypto Token Driver (for macOS). With hard­ware support for over 90 card/token types and profiles (including Microsoft Virtual Smart Card), sc/interface removes dependence on any single card vendor and provides unrivaled interoperability.

Supporting RSA and Elliptic Curve Cryptography (ECC), sc/interface meets the most demanding encryption standards recommended by security agencies worldwide. ECC support is especially important, as the security of some cards using RSA has recently been questioned. Other features, like platform independence, modular architecture, implementation of all major security standards (including PACE), support of Microsoft Virtual Smart Card (MS VSC), IBM Tivoli certification and optional full biometry support as well as optional PIN caching (across applications), make sc/interface one of the most innovative solutions of its kind on the worldwide market.

Frequently asked questions

What Is A Smart Credential Middleware?

Operating system login, VPN access, encryption, digital signatures, and similar use cases need appropriate protection. Many enterprises still use passwords for this purpose, which is neither secure nor convenient. As a replacement for passwords, more and more enterprises currently deploy two-factor authentication based on smart cards (or smart tokens) and PINs (or biometric credentials). A smart card stores a secret key (credential) that replaces the password and can additionally be used for encryption and digital signatures.

In order to use a smart card on a PC, smart credential middleware is necessary. Smart credential middleware is a software component that connects a smart card (or a smart token) with one or several applications. The core of it is a driver that offers a high-level crypto interface to applications and that communicates with the smart card via a (proprietary) low-level interface. In addition, many smart credential middlewares comprise a management tool for formatting, personalization and similar tasks.

As many users use the same card on different devices, several operating systems need to be supported. In addition, there are dozens of smart card types with proprietary card interfaces and different crypto interfaces.

Which Crypto Interfaces are supported?

The most common crypto interface is PKCS#11. It is supported, among others, by Firefox, IBM Notes, Adobe Reader and many Linux applications. Microsoft has created their own crypto interfaces: Cryptography API Next Generation (CNG) and its fore-runner Microsoft Cryptographic API (MS CAPI). CNG includes the concept of Smart Card Minidriver. A Minidriver is a module that allows organizations to easily deploy smart cards by automatically downloading necessary connectors from Microsoft. Finally, MacOS provides the CryptoTokenKit (CTK) framework for macOS, including the concept of Crypto Token Drivers. sc/interface supports PKCS#11, MS-CAPI and CNG (it includes a Smart Card Minidriver), and provides a Crypto Token Driver.

What applications can I realize with sc/interface?

Among other things, sc/interface supports the following applications:

  • disk encryption
  • eID
  • WWW login
  • system login
  • VPN login
  • secure WiFi
  • SSO
  • secure e-mail
  • document encryption and signature

What Cards are Supported?

  • AET: AET profile
  • ATOS CardOS: M4.01A / V4.2 / V4.2B / V4.2C / V4.3 / V4.3B / V4.4 / V5.0 / V5.3
  • AustriaCard JCOP: 21 V2.2 / 21 V2.3.1 / 31 V2.2 / 31 V2.3.1 / 31/72 V2.3.1 / 31 / 72 V2.3.1 contactless / 41 V2.2.1 / 41 V2.3.1 / 41 V2.4
  • Bundesdruckerei: GoID card V1 / V2
  • D-Trust: D-Trust Card 3.1 / 3.4 (Siegel card)
  • E.ON: Card V1 / V2
  • ePasslet-Suite 1.1/1.2 on JCOP V2.4.1R3 and on JCOP V2.4.1R3 with PACE Profile
  • ePasslet-Suite 2.0 on JCOP V2.4.2R3 with PACE Profile
  • ePasslet Suite 2.1 on JCOP V2.4.2R3 with PACE Profile
  • ePasslet Suite 3.0 on JCOP V3.0 and on G&D Sm@rtCafé Expert 7.0 and on Infineon SLJ52 (Dolphin) with PACE Profile
  • Gemalto: TOP IM GX4, Classic V3
  • G&D: Sm@rtCafé Expert 3.1 / 3.2 / 4.0 / 5.0 / 6.0 /  7.0
  • G&D: STARCOS 3.0 / 3.1 / 3.2 / 3.4 / 3.4 (Swiss Health Card eGK) / 3.4 (Swiss Health Card VKplus G2) / 3.5 / 3.52
  • G&D: StarSign CUT S Token (SCE 7.0)
  • HID: Crescendo C700
  • HID: iCLASS Px G8H
  • Infineon: JCLX80 jTOP / SLJ52 (Dolphin) / SLJ52 (Trusted Logic)
  • Microsoft: Virtual Smart Card
  • NXP: JCOP V 2.1 / V2.2 / V2.2.1 IDptoken 200 / V2.3.1 / V2.4 / V2.4.1 / V2.4.2 R1+R2+R3 / V2.4.2 R3 SCP 03 / 3.0
  • Siemens: CardOS M4.01a / V4.3B / V4.4
  • SwissSign: suisseID (CardOS M4.3B / M4.4)
  • TCOS: Signature Card 1.0 / 2.0
  • TU Dortmund: UniCard (SECCOS)
  • Volkswagen: PKI Card (CardOS M4.3B /4.4)

What Tokens are Supported?

Among others, sc/interface supports the following tokens:

  • Certgate microSD (NXP JCOP)
  • G&D Sm@rtCafé Expert 3.2 USB token
  • NXP JCOP: V2.2.1 IDptoken 200
  • SwissSign SwissID (CardOS M4.3B)
  • Swissbit
  • IDENTIV @MAXX (SCT3512)

Does sc/interface support Microsoft Virtual Smart Card (VSC)?

Virtual Smart Card (VSC) is a technology introduced by Microsoft that enables the use of the Trusted Platform Module (TPM) for key storage via a smart-card-type interface. sc/interface supports this technology. This means that with sc/interface not only cards and tokens can be used for storing keys, but also a Trusted Platform Module (TPM).

Who uses sc/interface?

sc/interface is used (among others) by the following customers:

  • Government of Nigeria: Nigerian identity authority NIMC issues electronic identity cards to the 160 million inhabitants of the country. sc/interface is used to connect this card to its applications.
  • SwissSign: SwissSign, a leading provider of innovative identity solutions and subsidiary of Swiss Post uses cryptovision’s smart card middleware sc/interface for their product SuisseID.
  • Husky Energy: The Canadian energy supplier Husky Energy uses
    sc/interface for securing laptops.
  • Minimax: The German fire protection supplier Minimax uses
    sc/interface for smart card authentication.

 

The Technical Part

Supported Systems

Microsoft:

  • Windows 7 SP1, 8.1, 10
  • Windows Server 2008 SP2
    / R2 SP1, 2012 R2, 2016

Linux:

  • RHEL 6, 7
  • Ubuntu 16.04 LTS / 18.04 LTS
  • SLES 15

macOS:

  • El Capitan (10.11.1)
  • Sierra (10.12)
  • High Sierra (10.13)

PDF-Download-grayred-smallDownload sc/interface
Product Brief

PDF-Download-grayred-smallDownload sc/interface
PIV EDITION Product Brief

PDF-Download-grayred-smallDownload
sc/interface Technical Data Sheet

  • sc/interface contains the following modules

    • sc/interface manager: Provides a complete range of card/token management functions (e.g., initialization, profiling, PIN management, key generation, fingerprint enrollment).
    • sc/interface utility: Provides card/token management functions typically needed by users (e.g., PIN change, fingerprint enrollment).
    • Register Tool: Registers digital certificates stored on the card or token on the Windows operation system.
    • CSP Module: Provides a Cryptographic Service Provider (CSP) to connect to the Microsoft Crypto API on Windows systems.
    • Smart Card Minidriver: Connects to the Cryptographic API Next Generation on Windows systems.
    • PKCS#11 Module: Connects to a PKCS#11 interface, e.g., for use with Linux derivatives, macOS, and many application programs. All major card management systems use PKCS#11 for card initialization and personalization.
    • Crypto Token Driver: Connects to the CTK framework of macOS.
  • sc/interface
    sc/interface is advanced smart credential middleware ideal for customers demanding a high security level without compromising flexibility. The flexibility sc/interface delivers allows for a single token to become a multipurpose device. sc/interface makes it easy to consolidate physical access with payment applications, secure website access, and digital form signing.

    eIDAS compliance
    sc/interface supports „Siegel“ tokens and signature cards compliant with the European digital signature regulation, eIDAS.

    Platforms
    sc/interface is available for Microsoft Windows, Linux, and macOS. A user can use the same smart card on different platforms.

    Smart Card Types
    sc/interface supports more than 90 card/token types and profiles, including the latest Java Card generations and cards supplied by Atos, Infineon, NXP, Gemalto, G&D, Siemens, and Austria Card. All common smart card form factors are supported.

    Plug-ins
    The functionality of sc/interface can be extended with a plug-in that informs the user about soon-to-expire certificates and with another plug-in that automatically imports root certificates stored on the smart card.

    Convenience Kit
    Via add-ons (available in a convenience kit), sc/interface supports match-on-Card fingerprint authentication (sc/interface biometric) as well as secure PIN caching (sc/interface cache).

    Microsoft Virtual Smart Card
    sc/interface supports Microsoft Virtual Smart Card (MS VSC), including initialization and personalization processes. Thus, sc/interface enables the use of existing infrastructure in the case of a (partial) migration to MS VSC.

    Crypto Interfaces
    sc/interface interoperates with virtually every application program on the market (e.g. Edge, Firefox, Outlook), supporting all major crypto interfaces: PKCS#11, CSP, Minidriver, and CTK.

    eID Documents
    Government eID projects with millions of cards issued require coverage of all common platforms for broad user acceptance. sc/interface covers all major operating systems and supports modern security protocol standards like PACE.

    • Microsoft Virtual Smart Card (MS VSC) support, including initialization and personalization processes
    • Virtual Desktop Infrastructure support
    • Apple Crypto Token Driver
    • Password Authenticated Connection Establishment (PACE)
    • eIDAS-compliant „Siegel“ tokens
    • Biometry (biometry edition)
    • PIV support (PIV edition)
    • Advanced signature profile
    • Elliptic Curve Cryptography (ECC)
    • Localization support via language files
    • User-friendly and convenient
  • compare

Success story

SwissSign, a leading provider of innovative identity solutions and subsidiary of Swiss Post uses cryptovision’s smart credential middleware sc/interface for their product SuisseID. SuisseID is a smart card, which stores certificates and private keys of its owner. SuisseID is accompanied by signature software (SwissSigner) and a solution for secure communication (IncaMail). The easy handling is granted by sc/interface, which is bundled with SuisseID software. Thanks to sc/interface the SwissSign signature cards and tokens can be used on Windows, macOS and Linux computers. No matter if the user accesses protected websites, signs PDF documents digitally or performs other cryptographic operations, sc/interface always works transparently in the background and thus rises customer satisfaction.

Related Products

  • CAmelot: Fully modular PKI solution
  • ePasslet Suite: Modular Java Card Applet Suite for eID Documents
  • SCalibur: Distributed Smart Card/Token Middleware