Skip to main content

Smartcards

What is a smartcard?

A smartcard is a physical electronic authentication device used to control access to a system. It is typically a credit card-sized plastic card with an integrated circuit (IC) that enables personal identification, authentication, data storage, and application processing. Smartcards can be contact or contactless and can perform multiple functions simultaneously, such as ID, credit card, stored value card, and personal data storage.

What is the difference between a NFC-chip and a smartcard?

Both NFC chips and smartcards are electronic authentication devices that enable wireless communication between devices, but differ in form factor, range, and application areas.

NFC chips are small silicon devices or integrated circuits (ICs) that can be used in different ways depending on the target application. When used in conjunction with a suitable antenna, an NFC chip enables wireless communication between two devices over short distances. NFC is typically used for proximity-based applications such as contactless payments, data transfer between devices in close proximity, and access control systems.

Smartcards, on the other hand, are physical electronic authentication devices used to control access to a resource. They are typically a plastic card the size of a credit card with an integrated chip that enables personal identification, authentication, data storage, and application processing.

In summary, NFC chips are mainly used to transmit data over short distances, while smartcards are mainly used to transmit authentication data such as certificates or passwords.

How can I write on my smartcards?

When you purchase a license for TheFlex, you also get a tool that allows you to write your certificates (used for logging in to SAP or Microsoft Azure AD) to your smartcards.

In the next section you will find instructions on how to write certificates to smartcards using this tool.

Screenshot of flexkey

Additional hardware is required to write to the smartcard. For example, a device from Omnikey can be used for this purpose. For the smartcards the Mifare Desfire is recommended.

Note: With the generated QR code, the settings can be transferred directly to the TheFlex browser with a scan. In the settings under flexkey configuration there is an import function which opens the camera. Now this QR code can be scanned.

Writing p12 certificates to smartcards

The following requirements must be met in order to write a certificate to a smart card:

  • p12 certificate must be available (see section "How can I create personal certificates for logging in?")
  • SmartCard must be available (Mifare Desire recommended)
  • SmartCard writer must be available (Omnikey recommended)
  • flexkey tool must be available

If all requirements are fulfilled, the tool can be started with a double click on flexkey.exe. Afterwards a UI opens, in which with the pen button above right once, initial settings can be made:

  • AppID: Should be set to 000002 by default.
  • FileID: Should be set to 1 by default.
  • AES Key: This is used to encrypt the smart card. This value must be specified in HEX format. As an example, "48656c6c6f576f726c64" can be used.
  • Cert PW: This is the password used to encrypt the p12 certificates.

Once these settings have been made, it is possible to save. This only needs to be done once at the beginning. Now the folder in which the p12 certificates are located can be drag'and'dropped into the large free space. Now all p12 certificates in this folder should be listed there.

Note: If the error message Loading error: keystore password was incorrect is displayed, this indicates that the Cert PW (which was entered in this tool) does not match the password used to create the p12 certificates.

If the certificates were read successfully, any one can be selected and written to the smart card currently placed on the writing device with Write NFC.