PKI tokens are already widely used for 2FA in multi-fields, banks, enterprises, government agencies and even end users in their daily lives to protect their online transactions, document signing, online tax and other services. Another important feature is that protect user’s system logon.
Logon to system maybe the most common thing to do every day, users need to input the password every time and also may worry about to lose it or not secure if the password is too simple, so traditional password is low-efficiency and low security level, obviously a more secure and easier method could help users to enhance their work efficiency and security. FEITIAN’s system logon solution bring such method to users.
FEITIAN, as the world leading identity authentication provider, can solve users concerns by offering system logon solution for PKI products in Windows and Mac OS, the solution will work with 3rd party software together:
Windows system
Work with EIDAuthenticate (from https://www.mysmartlogon.com/), as most logon programs require specific smart card driver, storage facility on the smart card itself or user process authentication, this program is the only one which does the authentication inside of the security kernel of Windows (lsass.exe) : even with signature only card, your data is safe. For example, EIDAuthenticate is the only solution supporting natively the windows “force smart card logon” policy, used to secure the local administrator accounts in datacenters or to comply with HSPD-12.
FEITIAN ePass PKI tokens provide secure medium to store the system logon digital certificate which generated by EIDAuthenticate, and implement Windows system logon with token PIN after finish the configuration of EIDAuthenticate. A smart card account will be shown in the Windows logon interface when restart the system and plug ePass PKI token, just click the account and input the token PIN to logon.
Mac OS with FEITIAN PIV
Mac os already supported PIV natively, just enable the pairing function in system, and plug PIV token/card into system to finish the pairing, after that, just restart or log off the system and then the logon interface will show the logon option with PIN.
Mac OS with FEITIAN GIDS
Work with OpenSCToken (re-build by FEITIAN) to implement Macos smart card logon. OpenSCToken is actually use CryptoTokenKit which is Apple’s take on programmatic access to smart cards and other tokens. It provides both low level access to tokens (comparable with PC/SC) and high level access for system wide integration of a token (comparable with Windows Smart Card Minidriver).
FEITIAN GIDS token/card is able to work with OpenSCToken application, just install the OpenSCToken which rebuild by FEITIAN in Mac os, and enable the pairing function in system, and plug GIDS token/card into system to finish the pairing, after that, just restart or log off the system and then the logon interface will show the logon option with PIN.
