This post is also available in: Danish
SmartSignatur Mobile SDK is a framework, that allows Apple iOS programmers easy access to certificates and encryption keys on smart cards through a smart card reader.
The Mobile SDK can be used for encrypting and decrypting data as well as signing and verifying data. The private key is kept exclusively on a smart card. Signing and verifying a random piece of data can also be used as proof of possession of the smart card, which can be used for authentication purposes. For secure communications, it may also be preferable to protect a keycard rather than trying to protect a key in device memory.
When using the Mobile SDK, the private keys never leave the smartcard. Decryption and signing with the secret key is done by the card, on the card. This means that malicious software on the mobile device cannot obtain the private key.
The Mobile SDK interacts with the smartcards using the pkcs#11 standard. This version of the Mobile SDK is using the cv cryptovision pkcs#11 library and the smartcard readers need to be the Tactivo reader from Precise Biometrics.
The Mobile SDK includes key pkcs#11 functionalities. It is a feature-rich standard, but only a small, selected subset is used. In particular, the Mobile SDK does not ever write to the smart card. Certificate management and installation is presumed to be handled by other software. The SmartSignatur Server version 3.0 handles the onboard and maintenance of smart card as well as the user life-cycle.
|The Mobile SDK consists of an API and an implementation, as well as a demo program illustrating usage.|
|Download Mobile SDK presentation including the description of the current API: Kill passwords on the tabletDownload free sample app from App Store|
Direct link to SmartSignatur Mobile Sample App demo video