This section provides installation information that is specific to smart card reader drivers for Microsoft Windows. Vendors that supply their own reader drivers should make each driver a member of the SmartCardReader setup class in the INF Version Section of the driver's INF file. Smart Card Minidrivers.; 2 minutes to read; t; D; a; In this article. The smart card minidriver provides a simpler alternative to developing a legacy cryptographic service provider (CSP) by encapsulating most of the complex cryptographic operations from the card minidriver developer. This package installs the software (SmartCard Reader Driver) toenable the following device. Device name Device name in the Device Manager - - SmartCard Reader driver Integrated Smart Card Reader. Card reader drivers: ActivIdentity USB Reader V1 - Windows XP: ActivIdentity USB Reader V2 - Windows Vista, (32-bit) ActivIdentity Serial SmartReader - Windows Vista (32-bit) USB Reader EZ100 - Windows Vista, Windows XP (32-bit) - Windows Vista, Windows XP, (64-bit) - Windows 7 (32-bit) - Windows 7 (64-bit) - Windows XP, (32-bit) Gemalto.

-->

The smart card minidriver provides a simpler alternative to developing a legacy cryptographic service provider (CSP) by encapsulating most of the complex cryptographic operations from the card minidriver developer.

For information about the specification for smart card minidrivers, see Smart Card Minidriver Specification.

Beginning with Windows Vista, applications can use the Microsoft Cryptography API: Next Generation (CNG) for smart card–based cryptographic services. As part of the elliptic curve cryptography (ECC) effort that was introduced in Windows Vista, ECC smart cards are supported in the new cryptographic framework. Applications and interfaces that interact with existing Rivest-Shamir-Adleman (RSA) card minidrivers through the legacy CAPI subsystem continue to work without modification.

RSA smart card minidrivers can also be registered with the smart card key storage provider (KSP) so that they can be called through the CNG interface. Dual-mode ECC/RSA + ECC-only requests are routed to the KSP and, through it, to the appropriate card minidrivers. For Windows Vista–based clients, ECC-only and ECC/RSA dual-mode cards are supported by using the Windows smart card framework. Dual-mode cards can also be accessed through CAPI primarily to expose RSA-only features.

Applications use CAPI for smart card–based cryptographic services. CAPI, in turn, routes these requests to the appropriate CSP to handle the cryptographic requirements.

The Microsoft Smart Card Base CSP and KSP is a refinement of the architecture that separates commonly needed CAPI-based CSP and CNG-based KSP functionality, respectively, from the implementation details that must change for every card vendor.

Although Base CSP can use the RSA capabilities of a smart card only by using the minidriver, the CNG-based KSP supports ECC-only as well as ECC/RSA dual-mode smart cards in Windows Vista and later versions of Windows.

Ultimately, the intention is for the new architecture to support all new smart cards—RSA, ECC, and whatever follows. It splits the implementation of the CSP into two parts:

• The Base CSP/KSP (the common part), which includes functionality for hashing, symmetric, and public key cryptographic operations in addition to personal identification number (PIN) entry and caching.
• A series of plug-ins, which are known as “card minidrivers,” that translate the characteristics of particular smart cards into a uniform interface that is the same for all smart cards. Card minidrivers then communicate with their cards by using the services of the smart card resource manager (SCRM) that similarly abstracts the characteristics of a variety of smart card readers.

The remaining portion for smart card vendors is to implement a card minidriver, a reasonably limited interface layer that provides an abstraction of the card to the Base CSP/KSP and that is organized as a file system, and a set of primitive capabilities. Higher order functionality, such as caching (ensuring that different files on the card have consistent content) or handling naming collisions, is handled at a higher level, outside the card minidriver.

Actividentity Driver

The following figure shows the interfaces between card minidrivers and CAPI-based applications.

The following figure shows the interfaces between card minidrivers and CAPI2-based applications.

It is recommend that developers take advantage of the rich set of libraries that Microsoft provides for cryptographic operations that the minidriver performs. This lets developers benefit from the Microsoft Windows Update infrastructure for the distribution of critical security updates.

When it comes to using any CAC reader from home, it isn’t just plug and play. You’re going to need a couple extra things to get started such as Drivers and ActivClient.

And while you may be familiar with what drivers are, ActivClient may be relatively new to you. So let’s discuss what ActivClient is and where to obtain the proper version for your CAC.

What is ActivClient?

ActivClient is one of the most important pieces of the being able to use your CAC at home puzzle. It’s the actual software that allows your computer to communicate with the little computer chip embedded within the CAC itself.

The program was purposely designed with 4 major goals in mind.

1. Increase Security
2. Optimize Productivity
3. Improve Compliance
4. Reduce Costs

And for the most part, the program runs as designed. But if you’re using your CAC for DoD applications… Each branch has differences when installing ActivClient. (More info on that later.) And like most software, there are many different versions available.

It’s imperative that you’re running the appropriate version–which normally means you’re updated to the latest edition. However, it can often be difficult to determine exactly what version you need. If you’re unsure at all, don’t hesitate to ask your command or local PSD which one you need.

Where can I download the right version of ActivClient for my CAC?

Utilizing ActivClient properly is one of the biggest hangups when it comes to ensuring functional operation of your CAC reader. Normally, the hardware drivers are pretty simple. Most come with the CAC reader itself. But ActivClient is another story.

You’re going to need to independently install ActivClient to your computer.

But that’s OK. It’s not as difficult as you would believe–depending on your branch of service anyway. Here’s the best way each branch can get the right ActivClient software:

Navy

This includes Navy reservists. You’re going to need to contact your command’s IT personnel. Alternatively, you can outright purchase ActivClient 7.1 but… It’s so much simpler otherwise. Just remember, if you do purchase the software, ActivClient 7.1 works with Windows versions 7, 8, 8.1, 10.

Army

This includes Reservists and National Guard. You can easily access ActivClient through your AKO (Army Knowledge Online) portal. Just be sure you’re choosing the right program. There’s ActivClient 7.1 options for both 64-bit and 32-bit Windows.

Here’s the link for each:

64-bit: ActivClient AKO 64-bit

32-bit: ActivClient AKO 32-bit

NOTE: In order to best use these links, right click the link and select “Copy Link Address”. Then paste the URL above in your URL bar. This will prevent you from being directed to the AKO homepage.

Air Force

This includes Air Force reservists. You’d think that the Air Force would make this simple for you, however… not so much. The Air Force only has a convoluted download process for older Windows OS’s such as XP and Vista. The best route to take for this would be to purchase the software outright from a third party.

We recommend getting it from SCB Solutions. One download will provide you with the capabilities to install ActivClient on Windows 7, 8, or 10.

Marines

This includes reservists. Previously, the Marines had a download for the program on their MCNOSC… but they’ve since updated and removed the download. You’ll have to get this through an external purchase. Again, we recommend SCB Solutions. It’s super simple to get and will cover all your issues.

Actividentity Driver Windows 10

Coast Guard

This includes reservists. The Coast Guard currently has a download for ActivClient 6.1 on their portal. But this will only work for older OS’s such as XP and Vista. SO… just like the Marines and Air Force above, get it from SCB Solutions.

DOD Civilians

Actividentity Mini Driver Cannot Perform

So as far as I know, there’s no portal for DoD Civvies where you can get ActivClient. Thankfully, you can buy the software from a third party vendor.