• Home
• About Gemalto
  • Our Company
  • Corporate Governance
  • Sustainability
  • Investors
  • Partners
  • Office Locations
• Products & Solutions
  • Telecommunications
  • Financial Services & Retail
  • Enterprise
  • Government
  • Transport
  • Training
  • Buy On-Line
• Contact Us
  • Office Locations
  • Jobs/Careers
  • Tech Support
  • Sales/Other
• Media Center
  • Media Contacts
  • Feature articles

Focus

Comparing PKI storage methods

Although they are appropriate for some PKI deployments with moderate security needs, soft certificates are more vulnerable because the private key can be compromised relatively easily. Smart card-based solutions provide a safer way of storing, using and managing keys and certificates. Components on the device protect user data and on-card functions to enable secure operations such as logon, encryption and digital signature.

Smart card devices are interoperable with operating systems and available in multiple form factors to support a broad range of use cases. Compliance with applicable industry standards ensures their compatibility with virtually any computing platform. Smart card-based PKI systems have the flexibility to handle future security applications without hardware upgrades. They are also natively supported in Windows and various identity management systems, like Microsoft Forefront Identity Manager, which improves their return on investment by reducing deployment costs and implementation complexity.

In addition, smart card-based certificates are required for transactions with U.S. Federal Government agencies due, in part, to their ability to protect private keys. With products available from several suppliers and support built into Windows, smart card devices are cost effective and easy to use. For most PKI systems, they provide an optimal combination of security, usability, manageability and support for regulatory compliance.
 

Advantages and limitations of Soft and Smart Card Certificates