Virtual Smart Cards enable the use of onboard security chips to handle digital certificates just like physical smart cards. Charismathics VSC supports two types of onboard security chips, Trusted Platform Modules (TPM) and Intel vPRO based Identity Protection Technology (IPT), the secure element built into the latest Intel vPRO computer chips.
The core function of CVSC is to secure the cryptographic key associated with a digital certificate. This is done by using the onboard security chip to securely store the key, and to execute the cryptographic functions in such a way that the key cannot be copied or retrieved. Charismathics VSC is fully integrated into the Charismathics CSSI middleware, enabling full Windows CAPI and PKCS11 support for all types of applications, including Logon, File and Email encryption, and Digital Signing.
CVSC provides a True Virtual Smart Card, including APDU interface, a virtual smart card reader, and support for the Charismathics CSSI middleware, including Microsoft CAPI/CNG and PKCS11 interfaces.
Charismathics VSC supports any secure cryptographic hardware device that supports one of the following:
- Microsoft CNG KSP interface (such as TPM 2.0)
- Microsoft/OEM TPM Software Stack (such as TPM 1.2 on Windows 8 and later)
- Charismathics TSS Stack (such as TPM 1.2 on Windows 7)
- Microsoft CSP interface (such as Intel IPT HW Engine)
The selected crypto engine determines the security level of the product.
Applications will recognize no difference between a regular card and the virtual one, which enables us to use the existing smart card middleware as is.