Regional sites:    Specialized sites:
.NET Card   In Production
 
HIGHLIGHTS: 1) No middleware to install 2) First commercial implementation of a .NET Framework for Smart Cards 3) PKI & OTP on a single device 4) Converged Badge & Token form factors  
 

Gemalto .NET puts state of the art technology to the service of organizations committed to take their IT Security and Identity & Access infrastructure to the next level. Two-factor authentication (2FA) solutions help secure your company's digital assets from end to end.  Gemalto .NET comes equipped with support  for 2 different 2FA technologies: One Time Passwords (OTP) and Digital Certificates (PKI). Choose the one that suits you best, or combine both at once for different uses.

With Gemalto .NET you will benefit from unparalleled level of integration with Microsoft's platforms and solutions: Support for the Gemalto .NET Smart Cards and Tokens is built into Windows Vista and Windows Server 2008, and available as a Windows Update for Windows XP and Server 2003. Gemalto .NET is also fully compatible with Forefront Edge, Microsoft's  Identity Lifecycle Manager, Active Directory Domain Services and Certificate Services. With Gemalto .NET implementation of Two Factor Authentication, Encryption and Digital Signature services becomes easier than ever.

Features and Benefits
  • Unparalleled Integration with Microsoft Identity and Access Ecosystem
  • Support for Certificate Based and One Time Password based strong authentication
  • Compliance with the Microsoft Minidriver specifications version 7
  • Support for Windows, Linux & Mac Operating Systems
  • Wide range of .NET based devices and form factors
  • 1st ever .NET Framework implementation for smart cards
  • Strong Smart card Security
  • Smart Card integration with Web Services
  • DAS - Device Administration solution for Small and Medium Enterprise
  • Large enterprise device administration through Microsoft's Identity Lifecycle Manager
News
February 2010 New PKCS#11 libraries version v2.1.3: The new v2.1.3 libraries now support the biometric authentication on Windows 7 and Server 2008 R2, the No_PIN type and the following OS:
- Windows (32 and 64 bit): XP Pro up to SP3, Vista SP1/SP2, Seven, Server 2003, 2008 and 2008 R2
- Mac OS 10.6 Snow Leopard (32 and 64 bit): The Tokend libraries are not supplied in this package (on request).
- Solaris v10 SPARC and Intel
The Linux distributions such as Red Hat v5, Ubuntu v9.05, Debian v5 and Suze v11 are not part of this release. They are still supported by the v2.1.1 release (see below).
The libraries, their associated User Guides and Release Notes are available from Download / Libraries.
January 2010 The Gemalto .NET cards are supported by the SafeNet ProtectDrive Enterprise encryption solution v9.1.0
December 2009 New form factor: .NET cards can now be delivered in a WORLD Module format and can be embedded by 3rd parties in a wider range of hybrid card bodies.

Release of the .NET SDK v2.2.181: The main new features are the support of Visual Studio 2008 and 64 bit platforms.
 
November 2009 Update of the .NET and .NET Bio cards Minidriver (MD) dll: This MD is available from the Microsoft Update Catalog that lists all the certified MDs. There is now only one MD for all the Windows OS and all the 32/64 bit platforms. This MD complies with the Microsoft Base CSP and MD specifications v7 and supports all the existing .NET v2+ cards.
 
October 2009 New PKCS#11 library version v2.1.2 for Windows: The new v2.1.2 library now supports:
- Windows 7 and Server 2008 R2
- Mozilla Firefox 3.5 and Adobe Acrobat 9.x
- PINpad readers compliant with PC/SC v2.0: Verify PIN function only supported.
The library and its associated User Guides are available from Download / Libraries
August 2009 New PKCS#11 libraries version v2.1.1: The new v2.1.1 libraries now support the biometric authentication on Windows, the Single Sign On function (if the option is selected in the .NET card) and the following OS:
- Windows (32 and 64 bits): XP Pro up to SP3, Vista SP1/SP2, Server 2003  and 2008
- Linux distributions (32 bits): Red Hat v5, Ubuntu v9.05, Debian v5 and Suze v11
- Mac OS 10.5 (32 bits): A Tokend v1.1 component is added to the PKCS#11 libs to provide extented cryptographic support to Apple's native applications such as Safari, Mail and Logon, as well as 3rd party applications. 
- Solaris v10 SPARC and Intel: On request.
The libraries and their associated User Guides are available from Download / Libraries.

Technical Specifications
Last update: October, 2009 .NET v2+
Chip characteristics Chip manufacturer Infineon
Chip model SLE 88CFX4000P
ROM memory 80 KB
EEPROM memory 400 KB
RAM memory 16 KB
CPU RISC 32 bit
Internal clock 66 MHz
External clock up to 10 MHz
Voltage range 1.62 V -  5.5 V
Temperature range -25 C to +85 C
Technology CMOS 0.13 microns
Memory rewrite >  500 K r/w cycles
Data retention >1 0 years
Crypto processor YES (1408 bit)
Onboard key generation Yes
True Random Number Generator Ys
Card OS
characteristics		 OS type .NET 
Free EEPROM (approx) 65 KB
Max # of 1024 certificates 15
Max # of 2048 certificates 15
Max I/O speed 223 Kbps,
negotiable PPS
Communication protocols ISO 7816 protocol T=0
RMI / Remoting .NET Remoting
SConnect Yes
Cryptographic
algorithms
supported		 RSA YES (up to 2048 bit)
Ellyptic Curves No
DES / TDES Yes
AES Yes (256)
Hash SHA1 / SHA2 Yes
Hash HMAC / MD5 Yes
Security certifications Common Criteria CC EAL5+ (chip)
FIPS 140-2 Level 3
Standards ISO 7816  1, 2,3
Javacard No
Others ECMA 335
  ISO/IEC 23271
Supported crypto
architectures		 Microsoft CAPI Base CSP v5 to v7
PKCS#11 for Windows Yes
PKCS#11 for  Linux Yes
PKCS#11 for MacOS Yes
One Time Password support OATH OTP Yes
CAP OTP Option
Microsoft Minidriver Windows 7, Server 2008 R2 Microsoft Update (automatic)
Vista v5 In the Box  &  Update
Vista SP1, SP2 v5 In the Box,
v6 Update
XP up to SP3, Server 2003 v5 Base CSP  & Update
Server 2008 v5 In the Box
Performance cryptographic operations
(seconds)		 Key Gen (CSP) 3.4
Key Gen (P11) 6.9
Import P12 (CSP) 9.1
Import P12 (P11) 7.4
Cashed WinLogon (CSP) 1.5
Crypto (CSP) 2.3
Crypto (P11) 4.5
Enumeration (CSP) 4.7
Enumeration (P11) 4.2
Supported certificate / data formats X509 Yes (v3)
PKCS12 / PFX Yes
PKCS#15 No
Available form factors Smart Card Yes
Hybrid Card
(Converged Badge)		 Yes
USB Token Yes
USB Token + OTP Display Yes
USB Token + Secure Mass Storage Yes (SEG)
Supported physical access standards (Converged  Badge) MIFARE 1K, 4K, DESFire, Plus Yes
HID IClass and/or Prox Yes
Legic Yes
Others Option
Tools SDK Yes
Pin Mgmt Yes (DAS  /ILM)
Remote Unblock Yes (DAS / ILM)
Admin Key Mgmt Yes (DAS / ILM)
Certificate Mgmt Yes  (ILM)
Compatibility

Compatibility with third party solutions - Last update: December, 2009

Solution type Partner Solution Smart card support through .NET v2+
Operating System
log on		 Microsoft Windows 7 BaseCSP Yes
Microsoft Windows Server 2008 R2 BaseCSP Yes
Microsoft Windows Vista BaseCSP Yes
Microsoft Windows XP BaseCSP Yes
Microsoft Windows Server 2008 BaseCSP Yes
Microsoft Windows Server 2003 BaseCSP Yes
Sun Unix (Solaris) P11 On request
Apple Mac OS X Token D Yes
[Open Source] Linux P11 On request
RedHat Redhat Linux P11 Yes
Novell Suse Linux P11 Yes
Debian Etch P11 Yes
Ubuntu Ubuntu Linux P11 Yes
Desktop applications Microsoft Word BaseCSP Yes
Microsoft Excel BaseCSP Yes
Microsoft Powerpoint BaseCSP Yes
Adobe Acrobat P11 Yes
[Open Source] Open Office P11 Yes
E-Mail clients Microsoft Outlook BaseCSP Yes
Microsoft Outlook Express BaseCSP Yes
Microsoft Outlook Web Access OTP OATH Yes
Mozilla Thunderbird P11 Yes
Apple Mail App Token D Yes
E-mail servers &
E-mail security		 Microsoft Exchange BaseCSP Yes
Web browsers Microsoft Internet Explorer BaseCSP Yes
Mozilla Firefox  Windows P11 Yes
Mozilla Firefox Linux P11 Yes
Apple Safari Apple Token D Yes
SSO Citrix Password Mgr BaseCSP Yes
Evidian ESSO BaseCSP Yes
Passlogix v-Go BaseCSP Yes
Quest QSSO BaseCSP Yes
IBM Tivoli Access Manager   Yes
Avencis SSOX P11 Q2'10
Media encryption & Preboot Authentication Utimaco SafeGuard Enterprise P11 Yes
McAfee (Safeboot) Endpoint Encryption BaseCSP Yes
Becrypt Disk Protect   Yes
Winmagic SecureDoc   Yes
SafeNet ProtectDrive   Yes
Microsoft Bitlocker BaseCSP Yes
VPN Citrix Access Gateway BaseCSP Yes
Checkpoint VPN-1 SecureClient
NGX R60		 BaseCSP Yes
Cisco VPN BaseCSP Yes
Juniper Network Connect BaseCSP Yes
Microsoft Direct Access BaseCSP Yes
Thin Client/ Remote Access Citrix Presentation Server / Xenapp BaseCSP Yes
Sun Microsystems Sunray   Yes
Wyse WTOS Thin Client   Yes
Microsoft Remote Desktop BaseCSP Yes
Bio Match on Card Precise Biometrics Biomatch BaseCSP Yes
Innovatrix   BaseCSP Yes
Certificate Authority Microsoft CA Cert Srv BaseCSP Yes
Verisign UA PKI BaseCSP Yes
Entrust Authority v7.1 BaseCSP Yes
Keynectics   P11 Yes
Cross platform interop.
MS AD <--> Linux, Mac		 Centrify Direct Control v4.2 Tokend Yes
CMS Microsoft ILM 2007 BaseCSP Yes
Intercede myID P11 Yes
Opentrust SCM P11 Yes
Passlogix v-GO Credential Mgr BaseCSP Yes
File encryption Microsoft EFS BaseCSP Q1'10
Prim'X ZoneCentral P11 Q1'10
Virtual desktop VMWare View (&VDI)   Q1'10
Citrix XENDesktop v3   Yes
Next Steps

.NET card based tokens links

  

 

Smart Enterprise Guardian (SEG)

  

Smart Guardian (SG)

  

USB Shell Token V2

Other links

  • .NET Utilities A set of online tools that allow you to manage samples of Gemalto .NET cards
  • Microsoft Upgrade: Download the latest certified v7 .NET card minidriver dll
  • .NET Forum A moderated forum for exchange of information about programming, features and uses of  Gemalto .NET cards
  • .NET Bio Solution main page
     

Exclusive information for Gemalto Enterprise Partners

Additional information about this product is available exclusively to Gemalto Enterprise Partners. Click here to access it through the Enterprise Partner Portal.
 
EU Commitments | Sitemap | Disclaimer | © 2006-2010 Gemalto NV