Bluink Smart Card is a smartphone-based implementation of smart card functions that allows employee smartphones to be used as a smart card with existing middleware. Bluink Smart Card is compliant with industry standards PIV (Personal Identity and Verification) and GIDS (Generic Identity Device Specification) which enables “out-of-the-box” interoperability on Windows and Mac platforms.
Instead of issuing physical smart cards to employees, companies deploy the Bluink Smart Card app to employee-owned smartphones. Digital certificates can then be issued to employees to provide strong authentication to systems and secure email with encryption and digital signatures.
With Bluink Smart Card you can increase the security of your identity, verification, and data security needs. The following capabilities work with “out-of-the-box” software on Windows and Mac. No extra software needs to be installed.
Certificate-based logins to Windows and Mac:
Use Bluink Smart Card to securely login to Windows or Mac OS computers using certificates with private key operations performed on the smartphone.
Email signing and encryption:
Bluink Smart Card can be used to add digital signatures to emails and to decrypt messages that were encrypted with your public key.
Walk-away workstation lock:
Windows computers can be configured to automatically lock when your smartphone disconnects from Bluetooth.
Secure Enclave Protection of Smart Card Data:
Bluink Smart Card uses strong encryption to securely store the smart card data. For the strongest available security Bluink Smart Card generates a key within Apple’s Secure Enclave coprocessor that is used to protect the encryption process. This key never leaves the Secure Enclave.
Multiple Smart Card Support:
The Bluink Smart Card app allows you to have more than one smart card. This is convenient for users who have multiple roles such as an administrator. Use the card selector in the Bluink Smart Card app to choose which card you want to use.
No Third-party Software to Install:
Windows and Mac platforms both ship with smart card middleware pre-installed. Mac OS supports PIV compatible smart cards and Windows supports both GIDS and PIV compatible smart cards. This means that Bluink Smart Card will work without installing any extra software or device drivers.
Dual-edge Smart Card Support:
The PIV middleware that ships on both Mac and Windows is read-only but you can issue certificates to GIDS smart cards in Windows. For maximal portability, Bluink Smart Card supports creating a PIV card edge on a GIDS smart card. This allows you to issue certificates to a GIDS smart card and use them with PIV middleware across Windows and Mac.
No Third-party Management System Required:
If you have a Microsoft PKI, certificates can be issued to GIDS smart card users using Microsoft Certificate Manager.
PKCS #12 Secure Key Import:
Bluink Smart Card supports the import of certificates and keys via PKCS #12 password protected files.
Interoperability with Desktop and Mobile Email Security:
Using PKCS #12 key archives you can share email encryption keys between Bluink Smart Card and Apple Mail on iOS, enabling interoperability between desktop email clients (such as Outlook and Apple Mail) and mobile email security.
Certificate-based Logins to Windows:
Bluink Smart Card can be used for smart card logins to domain-joined Windows machines.
Certificate-based Logins to Mac:
A certificate issued from Windows can be used with Bluink Smart Card for smart card logins to Mac computers.
Simplified User Experience with the new DUAL card type
Better User Experience via Auto Connect to device and Auto Insertion of last used smart card
Support for time extensions on authentication and background processing
Cached authentication state bug fixes
Challenge PIN Unblock working on Windows 8 and 10 (GIDS only)
Applied iOS Data Protection to app data (NSFileProtectionComplete)
PIN verification now secured with PKCS 5 (10,000 iterations)
PIN creation dialog on new card
With Family Sharing set up, up to six family members can use this app.