Security Expertise
Replicating information like password hashes when no trusts exist is possible. This is typically used in large companies. With our expertise with DCSync and DCShadow we know what we are doing and are the worldwide expert on the subject.
Integrating smart card, especially EIDs compliant with iso 7816-15 / PKCS#15 or not, can be difficult because most software vendors are providing bugged software. Is your driver supporting pinpads ?
Is that because they lack development skills or because they don’t know how the smart card can be used ? Yes, developing a CSP, an OpenSC driver or a mini driver requires specific competences (especially testing) as this critical component can be loaded into security kernels. Common mistakes includes : user caching, incompatible with system accounts, don’t work under SILENT contexts, can’t enumerate key containers, incompatible with Microsoft Update …
At MySmartLogon we know what we are doing : we have already developed numerous smart card drivers, like the Open PGP smart card mini driver or the EIDVirtual mini driver, and provided bug reports to numerous software companies. We have also submitted several patches to the OpenSC project.
We are offering very competitive / fixed price / high quality packages.
Ask Mysmartlogon for a qualified smart card driver, compliant with Microsoft tests and/or ready to be autodeployed by Microsoft Update !
Common Sign On to Single Sign On
Mysmartlogon has developed a wide range of web server plugins to adjust on the fly authentication messages.
We can for example rewrite NTLM source domain in the Windows Integrated Authentication, when large corporate domain are not trusted, using an ISAPI filter on IIS (see Microsoft KB254787).
Password synchronization
We have the expertise to develop custom passwordfilter libraries running on domain controllers to synchronize passwords among many systems including Windows and unix. We can also work directly with the SAM (security account manager) database.
Integrating to Windows custom authentication protocols or devices
Mysmartlogon can develop Credential Provider, Gina DLL, Authentication package (SSP/AP), Security Support Provider (SSP), Kernel SSP, compatibility with NegoEx for custom authentication protocol or security devices like smart card. As a proof of our knowledge, you can look at the project EIDAuthenticate, our solution to allow smart card logon on stand alone computer.
- A smart card was detect but is not the one required for the current operation
- ADCS – Active Directory Certificate Services
- Clear a smart card which use a minidriver
- ECC Smart card logon
- Generic Identity Device Specification (GIDS) KB
- How to change the PIN of a smart card ?
- How to choose a smart card to buy ?
- How to unblock the smart card PIN ?
- Save a pfx/p12 file to a smart card
- Trace APDU on Windows
- Ask for the PIN of the card using the PIN Windows Dialog
- CNG calls for ECC smart card logon
- Decrypting the smart card minidriver auto-installation process
- Developing Kernel mode security package
- Development notes about NegoEx security packages
- Links about smart card infrastructure
- PIV smart cards and the CERT SET KEY PROV HANDLE PROP ID optimisation
- Searching for a driver each time a smart card is connected
- VMWare Virtual CCID reader optimization problem
- Test the presence of a minidriver or a CSP