June 16, 2023

Types of Smartcard PINs

Smartcards use various types of PINs (Personal Identification Numbers) for authentication and security purposes. Some common types of PINs associated with smartcards are:

  1. User PIN: The User PIN is the primary PIN used by the cardholder to authenticate themselves and access the smartcard’s functionality. It is typically used for general card operations, such as authentication, digital signatures, and encryption. The User PIN is unique to the cardholder and should be kept confidential.
  2. Admin PIN: The Admin PIN, also known as the Card Administration PIN or Cardholder Administration PIN, is used to manage administrative functions and perform tasks such as initializing the card, changing PINs, and managing security settings. The Admin PIN is typically assigned to an administrator or an entity responsible for card management and should be closely guarded.
  3. Unblocking PIN (PUK): The Unblocking PIN, also known as the Personal Unblocking Key (PUK), is used to unblock a smartcard or reset the User PIN after multiple incorrect attempts or card lockouts. It serves as a recovery mechanism to regain access to the smartcard. The PUK is typically provided by the card issuer and should be securely stored as it provides a means to bypass security measures.
  4. Transport PIN: The Transport PIN is used during the personalization or initialization process of a smartcard. It is employed to establish the initial trust between the card and the card issuer or during the issuance process. The Transport PIN is temporary and is usually replaced by the User PIN after successful card personalization.
  5. Key Management PIN: In some smartcard systems, a separate Key Management PIN is used to handle cryptographic key operations. This PIN is specific to key management functions and is used to protect and manage the cryptographic keys stored on the smartcard.

It’s important to note that the availability and specific terminology of these PIN types can vary depending on the smartcard technology, card application, and implementation. Therefore, the actual PIN types used may differ based on the smartcard system you are referring to.

ScMinidriver

When accessing a smartcard via the ScMinidriver API, the pinId can be “user”, “admin”, or “3” through “7”. (It is typically “user”.) The pin is the alphanumeric PIN.

See https://www.chilkatsoft.com/refdoc/csScMinidriverRef.html#method15

Also see:
In most cases, the “user” PIN can be used for smartcard authentication prior to performing a digital signature operation.  If Chilkat’s ScMinidriver API is directly used, the application can directly specify the pinId.   However, if Cert.LoadFromSmartcard is called, then Chilkat will automatically authenticate using the “user” pinId.  Some smartcards, however, require the “3” pinId (not “user”) for authentication prior to a signing operation.  Chilkat’s LoadFromSmartcard will automatically use the “3” pinId for those cards where we already know it is required.  (As Chilkat gains experience with additional cards in the future, then future versions of Chilkat will incorporate the new knowledge to automatically choose the correct pinId.)

To directly tell Cert.LoadFromSmartcard to use the “3” pinId, you can set the Cert.SmartCardPin property using JSON, like this:

// Provide the smart card PIN's for both the "user" and the signing PIN, which is role "3".
// These PINs may be the same.

// If the PIN is not explicitly provided here, the Windows OS should
// display a dialog for the PIN.
cert.SmartCardPin = "{ \"user\":\"0000\", \"3\":\"12345678\" }";

 

admin
0
Tags :

Tags

ActiveX asp async asynchronous C# callbacks Delphi email Encryption error messages events exchange server FTP GMail HTTP IMAP IOS Java Linking MIME oauth2 Office365 pfx PHP pop3 port-forwarding regsvr32 release notes RSA SFTP smartcard SMTP socket SSH SSL TLS tunnel upload vb6 VBScript VC++ x64 xades XML zip