PC/SC (e.g. for FIDO2)
Use Case
- You want to use PC/SC to interact with ISO 14443-4 cards, e.g. to implement FIDO2.
- You don't need to control reader feedback (e.g. LED and beeper).
Implementation overview
What is PC/SC?
PC/SC is a standardized, vendor-independent software interface. You can use it to exchange APDUs (application protocol data units) with ISO 14443-4 cards.
How it works
- To activate the PC/SC interface on the reader, deploy the configuration provided by us.
- The reader acts as a pass-through and doesn't intervene in the communication with the card. It directly forwards your commands to the card and all card responses back to the host.
Requirements
Hardware
Readers from our standard product line
Print-management readers are not supported.
Firmware
FW 1100 v2.10.03 or above (for ID-engine Z and ACCESS200)
Current firmware versions are available for download here.
If you want to use a different firmware, please get in touch.
Supported interfaces
USB on Windows (access by Windows Terminal Server via
RDP possible)
Learn more
Alternatives
Use APDU via VHL if:
- You want to control reader feedback (e.g. LED and beeper) via the host.
- You want options to narrow down card selection to one or more card types.
Your workflow
Activate PC/SC via reader configuration
To activate PC/SC on the reader, you need to deploy a PC/SC configuration: BALTECH USB readers then implement the CCID protocol. Windows has its own CCID drivers, which then provide the readers as PC/SC devices. USB HID always remains active in parallel as a support interface. You can use it to access the readers with our GUI tools, e.g. to update the reader firmware.
To configure readers for PC/SC:
-
Open BALTECH ConfigEditor.
If you haven't installed it yet, you can download it here as part of BALTECH ToolSuite. -
Click Create from Scratch.
-
Click the Plus icon > Host Interface > USB > PCSC (e.g. for FIDO2).
-
Select the card families to scan for.
-
Release and export the configuration to obtain a deployable BEC or BEC2 file.
-
Deploy the BEC or BEC2 file to readers.
Run commands
Please refer to the Pcsc5 specification available for download here.
FIDO2 demo
When implementing FIDO2, we recommend using the demo at https://webauthn.io before testing the reader with your own application. This lets you identify and resolve potential issues outside your code.
To use the FIDO2 demo:
- Open https://webauthn.io in your browser.
- In the example_username entry field, enter a username of your choice.
- Click Advanced Settings.
- From the Attachment dropdown, select Cross-Platform.
-
Enable both Security Key checkboxes.
-
Leave all other settings at their default values and click Register.
- If your password manager opens automatically, close it.
-
In the dialog, select Security key.
-
Click OK through the prompts until the following dialog is shown:
-
Ensure that a reader configured for PC/SC is connected to your computer, then present the security key to the reader.
-
Follow the on-screen instructions to complete the test.
For initial debugging, start with a direct connection of the security key to your computer. Once that works reliably, proceed to test with the reader setup.
Troubleshooting & support
Got stuck somewhere along the way? Don't worry, we'll help you troubleshoot: