Problem solve Get help with specific problems with your technologies, process and projects.

Web browsers & smart cards

With respect to security, how does the Web browser handle the non-repudiation (digital signature) and encryption of a message using a smart card? The smart card contains a user private key. Is it really secure (as compared to a window message client)?

A Web browser handles the non-repudiation and encryption of a message using a smart card just as when using the technology on a desktop computer, except the private key is stored on the card. Software will require a passphrase (or biometrics) to access the private key; hence we have something the user knows -- passphrase and something he has -- the card.

There is no fundamental difference between a smart card and window message client except that a person can carry his smart card from computer to computer, making his identity more portable (not tied to a particular desktop or notebook PC).

This was last published in April 2001

Dig Deeper on Two-factor and multifactor authentication strategies

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.