The Windows smart card framework uses a smart card minidriver together with the Windows Smart Card Base CSP to enable the use of a smart card for authentication, logon and signing. However Windows does not have a specific client application to easily trouble shoot when a smart card is not working. This blog reviews how you can check that a minidriver smart card is working correctly.
There are two aspects to checking that a Minidriver is working for a specific smart card. The first is to check that it recognized as a genuine smart card driver by windows Plug and Play (PnP). The second is that the driver can be found by the cryptographic subsystem. This post focuses on PnP and applies to Windows 7, 8 and Windows server 2008 Sp2 and later OS versions.
When you insert a smart card into a Windows machine, the Plug and Play process is initiated. Windows tries to identify the smart card through a multi step process. To check if PnP has correctly installed the driver open the Device Manager ( just type “Device Manager” into Windows search, or click Device Manager on the property pane of the Computer). If the smart card is correctly installed it will look like this:
If it is not recognized it is will look like this:
What do you do now? There are any number of reasons a minidriver is not installed for a particular smart card. Check the following:
- Check if the mini driver is supported for your card. Many older smart cards don’t use the Windows smart card framework, and instead use a smart card middle-ware application.
- Many smart card drivers are not downloadable by Plug & Play. You may have to install the minidriver manually. If you have this problem with a Taglio smart card, such as the C2 Series card, just download the Minidriver installer application, and this will pre install the drivers for you. The installer can be download from the Taglio Download Page.
- PnP may simply be turned off. If your computer is managed (provided to you by your employer) this is quite likely.
It should be pointed out that it is not strictly required for the smart card to be recognized in the device manager for the smart card to actually work. Though it is unusual, it is quite possible. That is because the crypto subsystem does not require a PnP installation work. You can install the driver and set the registry files manually if you want.