There are a few companies around who make smartcard authentication, access control technologies their livelihood some have also branched out into other similar technology areas to complement their smartcard range. Three of the larger vendors are LM Gemplus, Giesecke & Devrient, and Keycorp -- all three submitted cards, software, and readers for this review.
LM Gemplus sent us its GemSafe cards and a USB reader (which is also available as a serial interface device) along with its GemSafe software v4.2.0. After taking some time to install -- no wonder seeing as the Gemplus smartcard reader tools takes up 119MB and the GemSafe Libraries and further 116MB -- the application software the system was rebooted. The GemSafe Toolbox is a very impressive tool with quite a lot of functionality and an up-to-date look and feel.
There is also another utility called SmartDiag, which further assists administrators. Overall GemSafe is a very neat and refined smartcard system.
Giesecke & Devrient was kind enough to send us one of its pre-sales engineers to go through some of its products with us. We had a brief look at several products relating to smartcards and authentication, among these were the TODOS system which is a token-type device with a smartcard slot built into it that enables card information to be read onto the small integrated LCD screen -- there are many varying applications for this from financial transactions to password supply.
There was also USB and PCMCIA smartcard reader/writers and associated applications (Safesign) as well as a USB plug device (similar to a very small USB memory key) which has a smartcard chip embedded into it. This is ideal for secure software/system locking as well as very portable authentication and portable configuration settings for applications such as remote office VPN connections and authentication and so on. Included with SafeSign there is a neat token management utility which lets the administrators see at a glance what is on each card.
Keycorp's system was very neat. The application software included was called SCB single sign-on and SCB Secure Logon, and the names are self explanatory.
Installation and configuration was a breeze. We setup a card and had a brief look at the single sign-on component. A SSO wizard is provided which allows the user to record logins for either Windows type or HTML forms.
Recording is a little more complex, however, than some other SSO technologies we have seen but it is certainly not hard by any stretch of the imagination.
An example of the added functionality and versatility of smartcards is their ability to be incorporated with other card technologies such as magnetic swipe for use as physical access devices or even bank cards, they can also be printed with photos and other identification information.
|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
You should have included in your testing the CAT (Cellular Authentication Token) by Mega AS Ltd (www.megaas.co.nz).
The is the best Authentication (cost/performance) available today.