The smartcard is a unique card assigned to a specific user so they can access the systems they need to fulfil their role. It is allocated by a Registration Authority Manager and each card contains an electronic security certificate (the private key) which is unique to the user.
A physical smartcard is a piece of plastic with a smartcard chip built in. Similar to a credit card, it has its own secure enclave.
The user inserts the card into a smartcard reader when they want to access a system and enters their secret PIN to unlock the smartcard. The smartcard reader then uses software on the PC in order to confirm the smartcard is valid and the user has the authority to access the system.
The virtual smartcard is a digital form of the card and can be stored on a smartphone, in the cloud or on another physical device such as a secure USB key.
Virtual smartcards work in basically the same way as physical smartcards but the secure enclave can reside in other (non-physical smartcard) settings, such as the secure enclave of a mobile phone, a cloud based hardware security module (HSM), or a modern Trusted Platform Module (TPM).
We have provided some frequently asked questions about smartcard secure access and authentication.
Read our frequently asked questions