In Europe, as in many other countries, i smart card readers they are used in multiple application fields, mainly related to security and digital identification. Smart card readers Bit4id they are among the best known and most used of all: they are designed and produced by the Europen company of the same name, specialized in solutions digital identity and digital signature.
Smart card readers are commonly used to read information contained in the TS-CNS i.e. the health card (TS) which also acts as a National Services Charter (CNS) or to extract the contents of the chip that equips the Electronic Identity Card (CIE). There CIE it is an identity card with an electronic chip that contains the owner’s personal and biometric information. It has become increasingly popular as an alternative to SPID (Public Digital Identity System) for theauthentication on the services provided by the Public Administration (in another article we see the differences between CIE and SPID).
Most of the trust service providers that operate in Europe offer the possibility of purchasing, after verifying the applicant’s identity, CNS or cards equipped with microchips that allow the user to be authenticated and digital signatures placed on documents. The CNS can also integrate an NFC compatible chip (like the CIE) which allows you to authenticate without having a smart card reader, simply by holding the card close to a NFC reader or to a smartphone with NFC support. There are also USB sticks and remote digital signature mechanisms. On Amazon Europe you can find classic and contactless smart card readers.
How to configure the Bit4id smart card reader
Judging by readers’ requests, many users still encounter some difficulties ininstalling the player of smart cards and its subsequent use.
Before moving on to practice, we want to share some general information. A smart card reader is a device that receives power through the USB port of the PC to which it is connected. It also requires a special one driver to become usable in Windows as well as Linux and macOS operating systems.
If we consider the case of Windows, the first time the smart card reader is connected, it is automatically recognized by the Microsoft operating system. Try pressing the key combination
Windows+X so choose Device management from the menu that appears. When you connect a smart card reader, such as a Bit4id device, Windows changes the contents of the window Device management adding Smart card readers. By double clicking on this item, you will discover that the Bit4id smart card reader (or from other manufacturers) is recognized as a generic reader.
Install drivers for Bit4id players
In order for Windows to correctly recognize a reader smart card Bit4id and allow its use, it is first necessary to identify and install the correct drivers. On the manufacturer’s website you can find the specific drivers for the various models of players on the market today. For the vast majority of traditional readers (model mini LECTURER base), we have verified the perfect compatibility of these universal drivers.
Once thedriver installationit is best to unplug the smart card reader from the USB port and then reconnect it so that Windows can detect it properly.
However, installing the drivers is not sufficient to use the Bit4id smart card reader without problems: it is in fact necessary to install, as a second step, a middleware.
What is middleware and what is it for
Middleware is software that providesinterface between the operating system and applications that require the use of smart cards or other cryptographic devices. It acts as an additional software layer that allows applications to communicate securely with smart cards, managing operations such as authentication and digital signature.
The middleware to be installed may vary depending on the entity providing the smart card and on its type. This is an essential aspect to keep in mind.
Take for example the TS-CNS (Health Card System) project: the MEF (Ministry of Economy and Finance) website provides a middleware different depending on the card you want to read. The right software can be selected by choosing from the drop-down menu sail (paper manufacturer’s acronym) which is printed on one corner of the TS-CNS equipped with a microchip.
With the widespread cards Actalis, Oberthur, Idemia, as per the scheme published on the MEF website, in Windows it is sufficient to download and install this universal middleware. The package allows the installation of the necessary software components for read data from cards supported with Bit4id. Specifically, the middleware adds in the folder Program files Windows software Bit4id – PKI Manager e Bit4id Notifications.
The module Bit4id Notifications is responsible for displaying the icon in the Windows traybar, at the bottom right. Double clicking on it opens the software PKI Manager while right clicking then selecting Upload certificates to the system store you can add i digital certificates extracted from the card, after entering the PIN correct, in the personal archive managed by Windows. By clicking on that item then pressing
certmgr.msc and finally clicking on Staff, Certificatesyou will find the certificate read from the card (whether TS-CNS or CNS).
What is PKI and what does it have to do with middleware?
PKI, acronym for Public Key Infrastructure (Public Key Infrastructure), is a set of hardware, software, procedures and standards that work together to enable the creation, management, distribution and revocation of cryptographic keys public and private. It is used to ensure the safety in electronic communications and to support features such as digital signature and data encryption.
The use of PKI involves the key management Cryptographic: Middleware plays a critical role in ensuring that the operating system and applications can securely access keys stored within smart cards.
Thanks to the use of digital certificates, the PKI can associate public keys with real identity. The middleware, in turn, facilitates the use of digital certificates by applications, allowing the authenticity of the information provided by inserting the smart card to be verified.
Authenticate with the smart card
By going to one of the services that allow authentication via smart card, you can use TS-CNS or CNS and Bit4id reader to log in. As a first step, your web browser asks you to select the certificate known to Windows and extracted from the smart card. It is essential to ensure that you choose the certificate that corresponds to the smart card inserted into the reader.
Finally, the system asks you to confirm the codice PIN of the smart card. By entering the correct one, authentication is successful and you immediately have access to the requested service.
As noted previously, it is however essential to always install the “ad hoc” middleware, depending on the chip mounted on your smart card. On this page, by moving the mouse pointer over the question mark icons, you can find various diagrams that reflect the external structure of the microchips installed on many cards. In this case, however, we are talking about the chips mounted on the CNS marketed by Aruba-Actalis, which differ from, for example, the TS-CNS.
Opening image credit: iStock.com/imaginima