Axalto Declares World’s First Commercial Deployment of Microsoft .NET-based Smart Card; Cryptoflex .NET powered Card from Axalto Makes Smart Cards Easier to Deploy

November 16, 2004 — Amsterdam, Netherlands — Axalto announced today the first commercial deployment of Axalto’s .NET-based smart cards to help secure access to Microsoft’s corporate network. Axalto’s Cryptoflex .NET powered smart card is a secure, ultra-miniature personal computing technology that runs a small footprint version of the .NET Framework. The .NET-based smart card provides customizable two-factor authentication as well as full cryptographic capabilities, seamlessly via the standard Microsoft .NET programming tools and interfaces. Microsoft marks the first enterprise deployment of the .NET-based smart card.

“We’re delighted to see smart cards based on the ECMA standards for the core Microsoft .NET technologies,” said Charles Fitzgerald, general manager of platform strategy at Microsoft. “Axalto’s new .NET-based smart card is both a great solution to bring strong, two-factor authentication to the enterprise as well as yet another way for .NET developers to take advantage of their skills and code.”

“The best approach to network access security is to add a microprocessor card into the authentication process. And adding smart cards to Microsoft environments is made even easier by Axalto’s Cryptoflex .NET powered cards,” said Marvin Tansley, vice president, Access, Axalto. “Supporting Microsoft .NET is a natural extension of Axalto’s commitment to innovation around industry standards which enable secure access for many with varied identity management solutions.”

Tens of thousands of Microsoft employees worldwide carry a corporate access badge that secures Microsoft computer systems and facilities. Microsoft will be deploying Axalto’s Cryptoflex .NET powered smart card to its employees for secure remote network access in 2005.

About Axalto

Axalto (Euronext: NL0000400653 AXL) is the world’s leading provider of microprocessor cards (Gartner Dataquest 2004) — the key to digital networks — and a major supplier of point-of-sale terminals. Its 4500 employees come from 70 nationalities and serve customers in more than 100 countries, with worldwide sales reaching 3 billion smart cards to date. The company has 25 years’ experience in smart card innovation and leads its industry in security technology and open systems.

Axalto continuously creates new generations of products for use in a variety of applications in the telecommunications, finance, retail, transport, entertainment, healthcare, personal identification, information technology and public sector markets. Microprocessor cards provide convenience, security and privacy to public and private services operators, their customers and end users.

For more information, visit us at www.axalto.com
All trademarks are properties of their respective owners.

Background:

Despite strong password policies, Microsoft determined that additional forms of authentication were required, especially for those that needed remote access to their corporate network to ensure that remote connections to the network are initiated only by authorized users. To counter the threat of unauthorized access to the Microsoft corporate network, Microsoft chose to deploy smart cards because of the cumulative sum of the products’ reliability, performance, cost, security features, convenience and portability benefits. This approach to logical access security, completed worldwide in 2002 for Microsoft’s 61,000 employees, has substantially increased the overall security of enterprise network assets and data at Microsoft.

Microsoft’s selected .NET-based cards are smart IDs that support both physical and logical access on one smart card. A contactless feature embedded in the card provides the physical access to buildings and offices. The logical access control is provided via a microprocessor contact smart card with specialized security features, large memory for application storage, and implements Microsoft .NET. Secure and reliable cryptographic operations, such as symmetric (DES, AES) and asymmetric (RSA) algorithms are accessible via an implementation of the standard Cryptographic Services architecture of the .NET Framework. This empowers existing solutions that use .NET cryptographic services to be easily modified to use smart cards, bringing enhanced security and customization to .NET solutions, and allowing Microsoft’s internal IT organization to use the same programming tools and skills they employ for other development projects. The .NET-based smart card represents a breakthrough in security technology by providing developers with an innovative and crucial component for building secure. NET connected systems.

The implementation includes a MSIL (Microsoft Intermediate Language) interpreter, application programming interfaces (system libraries needed for execution and smart card specific libraries for communication and security), a converter that turns a CLI (common language infrastructure) compliant binary into a binary file for loading onto the smart card, a set of relevant ECMA specifications of the reference implementation and a comprehensive test suite that verifies the compliance of the reference implementation to the specifications.