Skip to main content

No middleware to install, several Authentication Factors, several form factors

Gemalto .NET cards put state of the art technology to the service of organizations committed to take their IT Security and Identity & Access infrastructure to the next level. Two-factor authentication (2FA) solutions help secure your company's digital assets from end to end.  Gemalto .NET comes equipped with support  for 2 different 2FA technologies: One Time Passwords (OTP) and Digital Certificates (PKI). Choose the one that suits you best, or combine both at once for different uses.

With Gemalto .NET technology, you benefit from unparalleled level of integration with Microsoft's platforms and solutions: Native support by all Windows OS from XP to 8 and their associated Server versions. .NET cards are also fully compatible with Forefront Edge, Microsoft's  FIM - ILM CMS, Active Directory Domain Services and Certificate Services. With Gemalto .NET implementation, Encryption and Digital Signature services become easier than ever.

Features

  • Unparalleled Integration with Microsoft Identity and Access Ecosystem: See the Base CSP / CAPI links.
  • Support for Certificate Based and One Time Password based strong authentication
  • Compliance with the Microsoft Minidriver specifications version 7
  • Support for Windows, Linux & Mac Operating Systems
  • Wide range of .NET based devices and form factors
  • 1st ever .NET Framework implementation for smart cards
  • Strong Smart card Security
  • Smart Card integration with Web Services
  • DAS - Device Administration Solution for Small and Medium Enterprise
  • Large enterprise device administration through Microsoft's ForeFront Identity Manager (ex Identity Lifecycle Manager)

Specifications

 Characteristics 
Smart card chip Chip manufacturer Infineon
Chip reference SLE 88CFX4000P
ROM memory 80 KB
EEPROM memory 400 KB
RAM memory 16 KB
CPU RISC 32 bit
Internal clock 66 MHz
External clock up to 10 MHz
Voltage range 1.62 V -  5.5 V
Temperature range -25 C to +85 C
Technology CMOS 0.13 microns
Memory rewrite >  500 K r/w cycles
Data retention >10 years
Crypto processor Yes (1408 bit)
Onboard key generation Yes
True Random Number Generator Yes
Smart card OS OS type Gemalto .NET 
Free EEPROM (approx) 54 KB
Max. number of certificates and key pairs (up to 2048 bit) 15 containers
Max I/O speed 223 Kbps,
negotiable PPS
Communication protocols ISO 7816 protocol T=0
RMI / Remoting .NET Remoting
SConnect Yes
Cryptographic
algorithms
RSA Yes (512 to 2048 bit)
Elliptic Curves No
DES / TDES Yes
AES Yes (256)
Hash SHA1 / SHA256 Yes
Hash HMAC / MD5 Yes
Security certifications Common Criteria  EAL5+ (chip)
FIPS 140-2 Level 3
Standards ISO 7816  1, 2,3
Javacard No
Others ECMA 335
  ISO/IEC 23271
Supported crypto.
architectures
Microsoft CAPI Base CSP v5 to v7
PKCS#11 for Windows Yes
PKCS#11 for  Linux Yes
PKCS#11 for MacOS Yes
One Time Password OATH OTP Yes
OTP provisioning Self or Live using SA Server v4 +
(batch prov. in option)
CAP OTP Option
Microsoft Minidriver Windows 7, Server 2008 R2 Microsoft Update (automatic download)
Vista, Server 2008 v5 In the Box  &  Update
XP up to SP3, Server 2003 v5 Base CSP  & Update
Performance of crypto. operations Key Gen (CSP) 3.4 s
Key Gen (P11) 6.9 s
Import P12 (CSP) 9.1 s
Import P12 (P11) 7.4 s
Cached WinLogon (CSP) 1.5 s
Crypto (CSP) 2.3 s
Crypto (P11) 4.5 s
Enumeration (CSP) 4.7 s
Enumeration (P11) 4.2 s
Supported certificate / data formats X509 v3 Yes
PKCS#12 / PFX Yes
PKCS#15 No
Form factors Smart Card Standard (ID1) & SIM (ID000) format
Hybrid Card
(contact + contactless)
Yes
USB Token Yes
USB Token with OTP display Yes
USB Token with secure mass storage Yes
Contactless technologies MIFARE 1K, 4K, DESFire, Plus Yes
HID IClass and/or Prox Yes
Legic Yes
Others See the complete list
Tools SDK Yes
DAS, vSEC:CMS, Minidriver Manager Tool Change & unblock PIN, Admin Key & certificates Mgmt

Compatibility

Solution typePartnerSolutionSmart card supportCompliance
Operating System
log on
Microsoft Windows 7 & Server 2008 R2 BaseCSP Yes
Microsoft Windows Vista & Server 2008 BaseCSP Yes
Microsoft Windows XP & Server 2003 BaseCSP Yes
Sun Unix (Solaris) P11 Yes
Apple Mac OS X Token D, P11 Yes
[Open Source] Linux, Unix P11 Yes
[Open Source] EIDAuthenticate BaseCSP Yes
Other OS Other OS Marshaller API
See Download / Libraries
Yes
Desktop applications Microsoft Word BaseCSP Yes
Microsoft Excel BaseCSP Yes
Microsoft Powerpoint BaseCSP Yes
Adobe Acrobat P11 Yes
[Open Source] Open Office P11 Yes
E-Mail clients Microsoft Outlook BaseCSP Yes
Microsoft Outlook Express BaseCSP Yes
Microsoft Outlook Web Access OTP OATH Yes
Mozilla Thunderbird P11 Yes
Apple Mail App Token D Yes
E-mail servers &
E-mail security
Microsoft Exchange BaseCSP Yes
Web browsers Microsoft Internet Explorer BaseCSP Yes
Mozilla Firefox  Windows P11 Yes
Mozilla Firefox Linux P11 Yes
Apple Safari Apple Token D Yes
SSO Citrix Password Mgr BaseCSP Yes
Evidian ESSO BaseCSP Yes
Passlogix v-Go BaseCSP Yes
Actividentity SecureLogin BaseCSP Yes
Quest QSSO BaseCSP Yes
IBM Tivoli Access Manager Base CSP & P11 Yes
Avencis SSOX P11 Yes
Idactis Idactis Security Base CSP & P11 Yes

Media encryption
& Preboot Authentication

Sophos -
Utimaco
SafeGuard Enterprise / LAN / PrivateDisk BaseCSP / P11 Yes
McAfee (Safeboot) Endpoint Encryption BaseCSP Yes
Winmagic SecureDoc P11 Yes
SafeNet ProtectDrive   Yes
Microsoft Bitlocker BaseCSP Yes
VPN Citrix Access Gateway BaseCSP Yes
Checkpoint Endpoint Security R5 BaseCSP Yes
Cisco VPN BaseCSP Yes
Juniper Network Connect BaseCSP Yes
Microsoft Direct Access /
 ISA Server 2006
BaseCSP Yes
Thin Client/ Remote Access Citrix XenDesktop 4 /
 XenApp 5.0
BaseCSP Yes
Wyse WTOS Thin Client   Yes
Microsoft Remote Desktop BaseCSP Yes
Pragma Systems Secure SHell (SSH)   Yes
Bio Match on Card Precise Biometrics Biomatch BaseCSP Yes
Innovatrix   BaseCSP Yes
Certificate Authority Microsoft CA Cert Srv BaseCSP Yes
Verisign UA PKI BaseCSP Yes
Entrust Authority v7.1 BaseCSP Yes
Keynectics   P11 Yes
Cross platform interop.
MS AD <--> Linux, Mac
Centrify Direct Control v4.2 Tokend Yes
CMS Microsoft FIM 2010 BaseCSP Yes
Intercede myID P11 Yes
Opentrust SCM v4.4.3 P11 Yes
Passlogix v-GO Credential Mgr BaseCSP Yes
Gemalto DAS BaseCSP Yes
Gemalto vSEC:CMS
Operator Token
  Yes
Gemalto vSEC:CMS U series   Yes
[Open Source] scUtil BaseCSP Yes
File encryption Microsoft EFS BaseCSP  Yes
Prim'X ZoneCentral Base CSP & P11 Yes
PKI Client SecMaker net.id   Yes
Virtual desktop VMWare View BaseCSP Yes

Downloads