CCID (protocol)

Last updated February 04, 2025

CCID (chip card interface device) protocol is a USB protocol that allows a smartcard to be connected to a computer via a card reader using a standard USB interface, without the need for each manufacturer of smartcards to provide its own reader or protocol.^[1] This allows the smartcard to be used as a security token for authentication and data encryption, such as that used in BitLocker. Chip card interface devices come in a variety of forms. The smallest CCID form is a standard USB dongle and may contain a SIM card or Secure Digital card inside the USB dongle.^{[ citation needed ]} Another popular interface is a USB smart card reader keyboard, which in addition to being a standard USB keyboard, has an built-in slot for accepting a smartcard. However, not all CCID compliant devices accept removable smartcards, for example, select Yubikey hardware authentication devices support CCID, where they play the role of both the card reader and the smartcard itself.

Hardware implementation

According to the CCID specification by the USB standards work group, a CCID exchanges information through a host computer over USB by using a CCID message that consists of a 10-byte header followed by message-specific data.^[2] The standard defines fourteen commands that the host computer can use to send data and status and control information in messages. Every command requires at least one response message from the CCID.^[3]

Software driver

CCID driver support has been natively supported by Microsoft beginning with Windows 2000.^[4] Apple has included some form of native CCID support since Mac OS X, with support evolving alongside Common Access Card and Personal Identity Verification specifications set by the US Federal Government.^[5]^[6] Apple's has included native CCID support on iOS since 16.0 and iPadOS since 16.1.^[7]^[8] On Linux and other Unixes, CCID and CT-API devices are usually accessed with user-space drivers, for which no special kernel adaptation is required.^[9]

List of CCID providers

Advanced Card Systems
ActivIdentity
Baltech
Bit4id
[[BLUTRONICS]]
Elyctis
FEITIAN Technologies
Gemalto
Giesecke & Devrient
HID Global
JaCarta
rf IDEAS
SafeNet
SecuTech Solutions
SpringCard
Verisign
Yubico
Reiner Kartenlesegeräte
DUALi

Related Research Articles

Bluetooth is a short-range wireless technology standard that is used for exchanging data between fixed and mobile devices over short distances and building personal area networks (PANs). In the most widely used mode, transmission power is limited to 2.5 milliwatts, giving it a very short range of up to 10 metres (33 ft). It employs UHF radio waves in the ISM bands, from 2.402 GHz to 2.48 GHz. It is mainly used as an alternative to wired connections to exchange files between nearby portable devices and connect cell phones and music players with wireless headphones, wireless speakers, HIFI systems, car audio and wireless transmission between TVs and soundbars.

<span class="mw-page-title-main">Personal digital assistant</span> Multi-purpose mobile device

A personal digital assistant (PDA) is a multi-purpose mobile device which functions as a personal information manager. Following a boom in the 1990s and 2000s, PDAs were mostly displaced by the widespread adoption of more highly capable smartphones, in particular those based on iOS and Android in the late 2000s, and thus saw a rapid decline.

Universal Serial Bus (USB) is an industry standard, developed by USB Implementers Forum (USB-IF), that allows data exchange and delivery of power between many types of electronics. It specifies its architecture, in particular its physical interface, and communication protocols for data transfer and power delivery to and from hosts, such as personal computers, to and from peripheral devices, e.g. displays, keyboards, and mass storage devices, and to and from intermediate hubs, which multiply the number of a host's ports.

A smart card (SC), chip card, or integrated circuit card, is a card used to control access to a resource. It is typically a plastic credit card-sized card with an embedded integrated circuit (IC) chip. Many smart cards include a pattern of metal contacts to electrically connect to the internal chip. Others are contactless, and some are both. Smart cards can provide personal identification, authentication, data storage, and application processing. Applications include identification, financial, public transit, computer security, schools, and healthcare. Smart cards may provide strong security authentication for single sign-on (SSO) within organizations. Numerous nations have deployed smart cards throughout their populations.

ISO/IEC 7816 is an international standard related to electronic identification cards with contacts, especially smart cards, and more recently, contactless mobile devices, managed jointly by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC).

A software protection dongle is an electronic copy protection and content protection device. When connected to a computer or other electronics, they unlock software functionality or decode content. The hardware key is programmed with a product key or other cryptographic protection mechanism and functions via an electrical connector to an external bus of the computer or appliance.

A USB and Firewire Host Controller Interface (UFHC) is a register-level interface that enables a host controller for USB or IEEE 1394 hardware to communicate with a host controller driver in software. The driver software is typically provided with an operating system of a personal computer, but may also be implemented by application-specific devices such as a microcontroller.

A human interface device (HID) is a type of computer device usually used by humans that takes input from or provides output to humans.

<span class="mw-page-title-main">Security token</span> Device used to gain access to restricted resource

A security token is a peripheral device used to gain access to an electronically restricted resource. The token is used in addition to, or in place of, a password. Examples of security tokens include wireless key cards used to open locked doors, a banking token used as a digital authenticator for signing in to online banking, or signing transactions such as wire transfers.

<span class="mw-page-title-main">USB mass storage device class</span> USB device class for drives

The USB mass storage device class is a set of computing communications protocols, specifically a USB Device Class, defined by the USB Implementers Forum that makes a USB device accessible to a host computing device and enables file transfers between the host and the USB device. To a host, the USB device acts as an external hard drive; the protocol set interfaces with a number of storage devices.

Intel High Definition Audio (IHDA) (also called HD Audio or development codename Azalia) is a specification for the audio sub-system of personal computers. It was released by Intel in 2004 as the successor to their AC'97 PC audio standard.

<span class="mw-page-title-main">Common Access Card</span> Standard identification for Active Duty United States Defense personnel

The common access card, also commonly referred to as the CAC, is the standard identification for active duty United States defense personnel. The card itself is a smart card about the size of a credit card. Defense personnel that use the CAC include the Selected Reserve and National Guard, United States Department of Defense (DoD) civilian employees, United States Coast Guard (USCG) civilian employees and eligible DoD and USCG contractor personnel. It is also the principal card used to enable physical access to buildings and controlled spaces, and it provides access to defense computer networks and systems. It also serves as an identification card under the Geneva Conventions. In combination with a personal identification number, a CAC satisfies the requirement for two-factor authentication: something the user knows combined with something the user has. The CAC also satisfies the requirements for digital signature and data encryption technologies: authentication, integrity and non-repudiation.

A card reader is a data input device that reads data from a card-shaped storage medium and provides the data to a computer. Card readers can acquire data from a card via a number of methods, including: optical scanning of printed text or barcodes or holes on punched cards, electrical signals from connections made or interrupted by a card's punched holes or embedded circuitry, or electronic devices that can read plastic cards embedded with either a magnetic strip, computer chip, RFID chip, or another storage medium.

In computing, the USB human interface device class is a part of the USB specification for computer peripherals: it specifies a device class for human interface devices such as keyboards, mice, touchscreen, game controllers and alphanumeric display devices.

A Bluetooth stack is software that is an implementation of the Bluetooth protocol stack.

IEEE 1394 is an interface standard for a serial bus for high-speed communications and isochronous real-time data transfer. It was developed in the late 1980s and early 1990s by Apple in cooperation with a number of companies, primarily Sony and Panasonic. It is most commonly known by the name FireWire (Apple), though other brand names exist such as i.LINK (Sony), and Lynx.

USB-C, or USB Type-C, is a 24-pin connector that supersedes previous USB connectors and can carry audio, video, and other data, to connect to monitors or external drives. It can also provide and receive power, to power, e.g., a laptop or a mobile phone. It is used not only by USB technology, but also by other protocols, including Thunderbolt, PCIe, HDMI, DisplayPort, and others. It is extensible to support future protocols.

Apple Home is a smart home platform developed by Apple Inc. that lets users configure, communicate with and control smart appliances using Apple devices. Apple Home communicates with devices using HomeKit, the software framework and communication protocol developed by Apple, and the open Matter standard. By designing rooms, items and actions in Apple Home, users can enable automations in the home through a voice command to Siri or through Apple's Home app or third party apps. With Apple Home, developers are able to create complex applications in order to manage accessories at a high level.

<span class="mw-page-title-main">YubiKey</span> Hardware authentication device by Yubico

The YubiKey is a hardware authentication device manufactured by Yubico to protect access to computers, networks, and online services that supports one-time passwords (OTP), public-key cryptography, authentication, and the Universal 2nd Factor (U2F) and FIDO2 protocols developed by the FIDO Alliance. It allows users to securely log into their accounts by emitting one-time passwords or using a FIDO-based public/private key pair generated by the device. YubiKey also allows storing static passwords for use at sites that do not support one-time passwords. Google, Amazon, Microsoft, Twitter, and Facebook use YubiKey devices to secure employee accounts as well as end-user accounts. Some password managers support YubiKey. Yubico also manufactures the Security Key, a similar lower-cost device with only FIDO2/WebAuthn and FIDO/U2F support.

Universal 2nd Factor (U2F) is an open standard that strengthens and simplifies two-factor authentication (2FA) using specialized Universal Serial Bus (USB), near-field communication (NFC), or Bluetooth Low Energy (BLE) devices based on similar security technology found in smart cards. It is succeeded by the FIDO2 Project, which includes the W3C Web Authentication (WebAuthn) standard and the FIDO Alliance's Client to Authenticator Protocol 2 (CTAP2).

References

↑ USpatent 7748636,Finn, David,"Portable identity card reader system for physical and logical access",published 2010-07-06, assigned to Dpd Patent Trust Ltd.
↑ "Specification for Integrated Circuit(s) Cards Interface Devices Revision 1.1". usb.org. USB Implementers Forum, Inc. p. 25. Retrieved January 26, 2015.
↑ USB Complete: Everything you need to develop custom USB peripherals, Jan Axelson, 2005, page 189
↑ "Microsoft Class Drivers for USB CCID Smart Cards". Microsoft Developer Network. Microsoft. Retrieved January 26, 2015.
↑ "Jamf Pro Overview—macOS Smart card Functionality" (PDF). Jamf. 2018. p. 7. Archived (PDF) from the original on 2020-11-26. Retrieved 2020-11-26.
↑ "Intro to smart card integration". Apple Support. Apple. Archived from the original on 2020-11-26. Retrieved 2020-11-26.
↑ "Use a smart card on iPhone and iPad". Apple Support. Retrieved 2024-01-23.
↑ "Supported smart card functions on iPhone and iPad". Apple Support. Retrieved 2024-01-23.
↑ "CCID free software driver" . Retrieved June 22, 2018.

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.

[1] USpatent 7748636,Finn, David,"Portable identity card reader system for physical and logical access",published 2010-07-06, assigned to Dpd Patent Trust Ltd.

[2] "Specification for Integrated Circuit(s) Cards Interface Devices Revision 1.1". usb.org. USB Implementers Forum, Inc. p. 25. Retrieved January 26, 2015.

[3] USB Complete: Everything you need to develop custom USB peripherals, Jan Axelson, 2005, page 189

[4] "Microsoft Class Drivers for USB CCID Smart Cards". Microsoft Developer Network. Microsoft. Retrieved January 26, 2015.

[5] "Jamf Pro Overview—macOS Smart card Functionality" (PDF). Jamf. 2018. p. 7. Archived (PDF) from the original on 2020-11-26. Retrieved 2020-11-26.

[6] "Intro to smart card integration". Apple Support. Apple. Archived from the original on 2020-11-26. Retrieved 2020-11-26.

[7] "Use a smart card on iPhone and iPad". Apple Support. Retrieved 2024-01-23.

[8] "Supported smart card functions on iPhone and iPad". Apple Support. Retrieved 2024-01-23.

[9] "CCID free software driver" . Retrieved June 22, 2018.

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]