Security Expertise

Deep-level Windows security engineering — from smart card drivers to Active Directory protocol internals.

Active Directory Replication

We are the worldwide experts on AD replication techniques including DCSync and DCShadow. Whether you need to replicate credential data in trust-less environments or harden against such attacks, we have deep hands-on experience.

Smart Card Driver Development

CSP, OpenSC driver, or Windows minidriver — delivered at fixed price with full compliance with Microsoft's test suite and optional auto-deployment via Microsoft Update.

Windows Authentication Hooks

Credential Providers, GINA DLLs, SSP/AP packages, Kernel SSPs, NegoEx extensions, password filters, ISAPI filters — we build the deepest authentication integrations Windows supports.

Smart card driver & integration

Integrating smart cards — especially EIDs compliant with ISO 7816-15 / PKCS#15 — is difficult because most vendors ship drivers with subtle, hard-to-reproduce bugs. Common failures include user-context caching, incompatibility with system accounts, silent-context breakage, broken container enumeration, and Microsoft Update incompatibility.

Developing a CSP, an OpenSC driver, or a minidriver requires specialized skills — these components can be loaded into Windows security kernels, and errors are often silent and difficult to diagnose.

Smart card minidriver architecture

My Smart Logon has built numerous production smart card drivers — including the OpenPGP minidriver and the EIDVirtual minidriver — and has contributed patches to the OpenSC project.

Fixed-price packages available. We offer competitive, high-quality smart card driver development — fully compliant with Microsoft tests and ready for Microsoft Update auto-deployment. Contact us to discuss your project.

Windows authentication hooks
Common Sign-On to SSO

We build web server plugins — including IIS ISAPI filters — that rewrite NTLM authentication messages on the fly, bridging untrusted corporate domains seamlessly.

Password synchronization

Custom password filter libraries running on domain controllers — synchronizing passwords across Windows, Unix, and custom identity stores, including direct SAM database access.

Custom authentication protocols

Credential Providers, GINA DLLs, SSP/APs, Kernel SSPs, NegoEx packages — for any device or protocol, including smart card and hardware token integration. See EIDAuthenticate as a proof of our depth.

Knowledge base
Smart card not recognized
ADCS – Active Directory Certificate Services
Clear a smart card (minidriver)
ECC smart card logon
GIDS knowledge base
How to change the smart card PIN
How to choose a smart card
How to unblock the PIN
Import PFX/P12 to smart card
Trace APDU on Windows
Technical deep-dives
Ask for the PIN using the Windows Dialog
Bypass PIN prompt on container creation
CNG calls for ECC smart card logon
Minidriver auto-installation process
Developing Kernel SSP
NegoEx security packages
PIV cards & CERT_SET_KEY_PROV_HANDLE_PROP_ID
Driver search on card insertion
Smart card infrastructure links
Test minidriver or CSP presence
VMware Virtual CCID reader issue
Discuss a project with us →