NHS Smartcard Connect

NHS Smartcard Connect is the authentication client using CIS2 Authentication. It allows existing smartcards to authenticate directly over the internet, and HSCN.

Smartcard Connect is installed as part of a package that includes the latest version of NHS Credential Management. It includes all the previous functionality of older versions of NHS Credential Management.

NHS Credential Management with Smartcard Connect is no longer installed alongside the legacy NHS Identity Agent.

Smartcard Connect user changes

Smartcard Connect authentication is different to what you may be used to with Identity Agent.

Inputting your smartcard into the reader does not generate a pop-up box - you will instead need to enter your PIN when you access a system.

Removing your smartcard from the reader does not log you out - you'll need to manually log out of an application when you're finished.

You'll need to enter your PIN each time you open a new application.

Compatibility

Please note: Smartcard Connect should not be installed on a machine until all Spine applications used on that machine support CIS2 Authentication.

Check the current status of the supplier systems in use in your organisation.

Operating systems and browsers

The NHS England Warranted Environment Specification (WES) lists all supported software configurations.

Environments

This version of NHS Credential Management with Smartcard Connect supports CMS (Card Management Services) operations in other environments such as Citrix/VDI/Terminal Services.

Download Smartcard Connect v4.1.

Please note the software package you'll download retains the name Credential Management.

1. Download the Installer: 

• Go to the download section. 

• Download the installer file. 

2. Run the installer: 

• Navigate to the location where the installer file was downloaded. 

• Double-click the installer file to start the installation process. 

3. Follow the on-screen instructions: 

• The installer will open a setup wizard. 

• Follow the prompts, which typically include agreeing to the terms and conditions, choosing the installation directory and, if applicable, selecting additional features or components to install. 

4. Complete the installation

• Once you've made your selections, click the Install button to begin the installation. 

• Wait for the installation process to complete. This may take a few minutes depending on the application size and your system's performance. 

5. Launch the application

• After the installation is complete, you can find NHS Credential Management and Smartcard Connect under NHS in the Start Menu. 

• Click on the application icon to open and start using it. 

Silent installation 

The NHS Credential Management with Smartcard Connect supports silent installation using standard deployment tools that recognise .msi packages. Alternatively, you can use the following command line for script-based installation: 

%SystemRoot%\System32\msiexec.exe /i "NHS.Credential.Management.4.1.2.0.signed.msi" /qn

Software will be installed in the following locations: 

• C:\Program Files (x86)\NHS\NHS Credential Management 

• C:\Program Files (x86)\NHS\NHS Port Service 

• C:\Program Files (x86)\NHS\NHS Smartcard Connect

• C:\Program Files (x86)\NHS\NHS Smartcard Diagnostics

NHS Port Service 

As part of the installation, the NHS Port Service will be installed on a machine and will automatically start. 

This service is required for NHS Credential Management to function correctly and should not be stopped or barred from executing. 

It is strongly recommended that you uninstall any previous versions of NHS Credential Management and the legacy NHS Identity Agent before beginning any new installation. No other programs are removed as part of this process.

Note: earlier releases of NHS Credential Management (during 2020) had a different name: NHS Identity Hub.

These steps apply to any version of the NHS Identity Agent and NHS Credential Management.

Uninstall via Control Panel

1. Open the Control Panel

• Press the Windows key + S and type Control Panel. 

• Select Control Panel from the search results. 

2. Navigate to Programs and Features

• In the Control Panel, click on Programs. 

• Click on Programs and Features. 

3. Find the application to uninstall

• Scroll through the list of installed programs to find the application you want to uninstall. 

4. Uninstall the application

• Select the application from the list. 

• Click on Uninstall at the top of the list. 

• Follow the prompts to complete the uninstallation process. 

Uninstall via Settings

1. Open Settings

• Press the Windows key + I to open Settings. 

• Go to Apps > Apps & features. 

2. Find the application to uninstall

• Scroll through the list of installed applications to find the one you want to uninstall. 

• Alternatively, you can use the search bar to quickly locate the application. 

3. Uninstall the application

• Click on the application. 

• Click on Uninstall and follow the prompts to complete the uninstallation process. 

Uninstall using Command Prompt

1. Open Command Prompt as administrator

• Press Windows key + X and select Command Prompt (Admin). 

2. Use WMIC to uninstall

• Type the following command to list all installed applications: 

Cmd - wmic product get name

• Find the name of the application you want to uninstall. 

• Type the following command to uninstall the application: 

cmd 

wmic product where "name='Your Application Name'" call uninstall 

(Replace Your Application Name with the actual name of the application.)

Launch 

Once NHS Credential Management, NHS Smartcard Diagnostics and Smartcard Connect have been installed, an icon will be placed in the Programs list under the NHS area of the start menu.

NHS Credential Management and NHS Smartcard Connect do not automatically start after installation but will automatically start on a subsequent user login or machine restart.

Included in the package is the NHS Smartcard Diagnostics tool, which will need to be launched from the start menu each time it's required.

Close 

An icon will be visible in the system tray when the applications are running. The programs can be closed by right clicking the chosen icon and selecting Close. Right click and select Status to show the currently installed version.

Log paths 

NHS Credential Management:

C:\Users\{username}\AppData\Local\NHS\NHS Credential Management

NHS Port Service:

C:\ProgramData\NHS\NHS Port Service

NHS Smartcard Connect:

C:\Users\{username}\AppData\Local\NHS\NHS Smartcard Connect

NHS Smartcard Diagnostics:

C:\Users\{username}\AppData\Local\NHS\NHS Smartcard Diagnostics

Read full guidance and instructions on how to set up and troubleshoot Smartcard Connect. Read on for registry settings specific to Smartcard Connect.

Printing smartcards

For printing all smartcard versions with Smartcard Connect v4.1, you will need to make sure you have the latest printer smartcard reader driver.

Registry settings

The Smartcard Connect client reads settings from three separate areas of the registry. The locations have different purposes, and this is reflected in the order in which they are prioritised. The priority order is controlled by Windows. 

1. Set by Group Policy

These settings will be applied by group policy. System administrators can create their own template(s) from the registry setting information provided in this document for policy rollout if required. These settings will always take precedence. 

2. All Users (Local Machine)

These settings are machine-wide and will apply to any user who logs in to the system. The settings will remain machine specific, meaning that a user will always adopt these in preference to user settings. 

3. Current User

These settings apply only to the current logged in user and will persist with the user profile. If the user has a roaming profile, then the settings will travel with the user between machines. 

The Smartcard Connect process runs as a 32-bit process regardless of whether the operating system is 32-bit or 64-bit.

64-bit operating system

Authentication and common settings 

Registry keys