Axalto unveils smart card powered by .Net

Axalto last week offered up a smart card based on Microsoft's .Net technology, which could make it easier for corporations adopting .Net for Web services to develop card-based security.

The Cryptoflex .Net card, which can provide two-factor authentication and e-mail encryption based on public-key technology, can be programmed using .Net tools, including Microsoft VisualStudio .Net, says Neville Pattinson, director of business development for Axalto. Until now, Axalto had based its smart cards - which are basically coprocessors and software on a plastic card - on either a proprietary operating system or Java.

"Before, [the developer] had to specifically be trained in a Java card environment, which created errors and inefficiencies," Pattinson says. "With the Cryptoflex .Net card, it will be easier to program the server, client and card applications together."

Axalto worked with the software firm Hive Minded to design the .Net card. It took more than a year to have it ready, largely because the .Net smart card footprint required 8K bytes of RAM, more than double the amount used in Java smart cards.

"We had to search for the right chip platform," Pattinson says.

The .Net card, which can hold an X.509 digital certificate and run a variety of cryptographic processes, hasn't yet been implemented in any organizations. In contrast, there are millions of Java-based smart cards in use today.

Microsoft has announced its willingness to be an early adopter in a big way.

The company will swap out the Indala-brand smart cards, now used by more than 55,000 Microsoft employees for remote authentication to the network, to replace them with the Cryptoflex .Net smart cards, says Charles Fitzgerald, Microsoft's general manager of platform strategy.

Fitzgerald says the .Net-based card will also give Microsoft the opportunity to test the smart card in applications other than remote-access authentication.

"With .Net we can put more applications on the card, such as perhaps using it for cafeteria credit for employees," says Fitzgerald, noting that Microsoft will be looking at a range of possibilities for internal use of the Axalto cards next year.

Fitzgerald says Microsoft anticipates developers supporting .Net technology will make use of smart cards in the future. Microsoft began mandating employee use of smart cards for encryption-based, two-factor authentication after a security breach a few years ago involving a hacker break-in traced back to a stolen password.

Smart cards with X.509 digital certificates provide a stronger form of authentication, and Microsoft now issues a smart card to every employee for authenticating identity over the network or encrypting e-mail.