Smart cards have been a part of the information security market for several decades already and are used by companies for the identification of employees. The evolution of smart cards has led to the emergence of virtual, mobile ones, which are getting more popular in Europe. Can these cards replace traditional physical ones? What do customers choose and what functionalities are important to them?
In this interview, Julien Larsonneur , Senior Sales Manager of Feitian Technologies in France, shares his great knowledge about the smart cards’ present status and future prospects.
Nowadays, what do companies prefer buying: FIDO2 tokens or traditional smart cards?
Fido 2 is raising more and more interest, it’s a new protocol that can be integrated within multiple form factors, such as USB dongles and Smart Cards with their card readers. What we notice on the field is the persistence of the previous habits of the entities towards their MFA solutions and processes. They would keep using smart cards or dongles based on the previous equipment that has already been amortized. Based on this fact, they tend to add the Fido 2 protocol option on their future supplies.
What do you think of smart cards as multiple kind of credentials?
This is the main trend, not only on smart cards, but on tokens too. End users are asking to have an “All in one” smart card or dongle, that can embrace their existing infrastructure, which can be PKI and/or OTP and/or Fido coupled with physical access control, wallet and more. The technology is here, its cost cannot be defined as niche anymore, and its usage has never been more justified than today. This solution resolves the security and convenience needs, at work facilities and from home.
Can virtual (mobile) smart cards replace traditional ones?
I tend to say no, not completely. I see these 2 options as complementary. We are used to the smart card, it is a complete part of our daily life. The real important smart cards are quite few, I would say, IDs, health cards, payment cards, work badge, and these should remain as an external physical factor. Less important cards are justified to become virtual. Smart phones are not only submitted to loss, but network failures, battery drainages and physical breakages.
Why do companies choose hybrid smart cards with biometric capabilities like BioPass?
They choose it for its ratio of security/convenience. With biometry, you can be confident that the right end user is actually logging in online, accessing the facilities etc. Every end user is bound to its personal key, and could not be used by another person. The fact that you don’t have to enter any PIN code to a third party device is a more secure scenario by design, knowing that the fingerprint templates are never extracted from the card. Due to the circumstances, the hygiene factor has never been that high. Keeping your hands on your own device reduces the potential transmission of any pathogen agent.
What to learn more about the role of smart cards for modern enterprises? Check the recording of the roundtable «Evolution of Trust: Get ready for PKI 2.0» and stay tuned with the hottest trends.