MFA Guides

FAQ - Card Technology

The following information addresses frequently asked questions about the card technology.

See Types of Cards to learn more about individual card features and functions. To learn how to use the cards with their designated readers, see Card Readers.

Why do I need to use a card for authentication?

Cards provide an alternative to usernames, passwords, and the username-password combinations along with the security concerns and the associated maintenance of each of these three authentication criteria.

The card architecture helps to safeguard identity information and is more resistant to cracking efforts used to decrypt passwords and decipher username syntax based on known identity attributes.

What do I do if I block my card?

If you have access to your organization’s computer network, the card can be unblocked by accessing the RapidIdentity Server User Portal.

If you are not connected to your network and you block your card, you will have to contact the help desk or access your system using the RapidIdentity Client Emergency Access feature.

What do I do if I lose my card?

The exact steps depend on the organization’s security policy and procedure but it is likely that a lost card should be reported to either the help desk or physical security, or maybe both, to obtain a replacement.

Depending on the policy, a temporary or emergency access card may be issued while the lost card is replaced.

Is my card fragile?

Generally, cards are very durable and are commonly used by military and other field personnel since they are resistant to cold and normal heat. Exposure to extreme heat, such as sitting on a car’s dashboard on a hot summer day, should be avoided as this can warp the plastics; however, it should not damage the actual smart card chip.

Always avoid inserting a wet contact smart card into a smart card reader and dry the card thoroughly before use. The card should remain functional after an accidental trip through the laundry without any damage. If the plastic becomes warped the card likely will need to be replaced.

Is my PKI smart card secure?

Yes. The technology in the PKI contact smart card has been around for more than 20 years and has been tested by various governmental and independent security organizations to validate its security.

The technology is used by government, military, banking, health care, law enforcement, and many other organizations around the world. The contact smart card is impenetrable to many advanced hacking techniques.

The card is divided into two containers. The first is known as the public container. This is where public information is stored and accessed. The second is known as the private container. The private container can only be accessed in conjunction with your PIN. The private container stores private cryptographic keys and other sensitive data.

What benefits will my card give me?

There are three key benefits to using cards in conjunction with a PIN.

  1. Securely gain access to physical facilities as well as your network.

  2. Reduce the complexity of multiple passwords by using the smart card in conjunction with single sign-on technology. Single sign-on seamlessly integrates all applications requiring passwords with your card and PIN, allowing the elimination of passwords altogether. In many cases, organizations elect not to periodically force users to change their card PIN on a set time interval, as is the practice with passwords. This enables you to learn and keep your unique PIN for the lifetime of your card.

  3. Contact smart cards can be used to digitally sign and encrypt documents. Digital signatures eliminate the need to print and sign documents, as well as further securing corporate assets.

What is contact smart card middleware?

Contact smart card middleware is client-side software unique to Java smart cards installed on the computer to facilitate communication between the operating system, the smart card reader, and the contact smart card.

The middleware can be used to perform routine functions, such as changing your PIN, however, the RapidIdentity Server User Portal will serve as the primary software interface for the contact smart card. Depending on the organization’s deployment model, smart card middleware may or may not be installed on the computer.

What is a badge holder and why do I need one?

A badge holder is a plastic sleeve that protects your card when not in use or being carried. The badge holder prolongs card use and helps to protect the card from damage.

The card must be removed from the badge holder before being placed into a contact card reader. Contactless card readers can read the card when it is still in the badge holder unless the badge holder is shielded. Additionally, some companies require personnel to keep their badges visible at all times while on company property.