TPM chip (Trusted Platform Module) for secure login
A simple way to protect and use digital certificates using a special chip located directly in your laptop or PC.
A TPM chip is a component integrated by most computer and electronics manufacturers.
Allows you to securely store cryptographic keys and certificates directly inside the device.
The method can be combined with other certificate lifecycle management tools and modules.
Virtual smart card in TPM module
The TPM chip is a common component of modern laptops and other devices. It is a hardware element that is part of the motherboard of the device and is designed to securely store certificates and digital keys.
Operating systems allow you to create virtual smart cards in TPM that can be used for secure authentication, electronic signing, encryption, or decryption. Virtual cards support PIN/PUK – they simulate both the card and the reader.
We have integrated this technology into the ProID platform as one of the user methods. Organizations can simultaneously use both TPM and regular cards or mobile applications and manage everything in a single interface.
Protection of digital keys and certificates in TPM
To use virtual cards in TPM chips, it is necessary to build a central register for the management of virtual cards and certificates, which automates administrative operations. We deliver these applications as part of our solution.
Digital keys can also be stored directly at the TPM level, without a virtual card. The TPM chip then acts as a software storage with hardware protection. This is suitable, for example, for computer certificates – for computer authentication to the network, VPN or wifi.
Using TPM in the ProID ecosystem
- TPM can protect keys and certificates for both users (virtual smart card) and computers.
- The virtual card behaves like a physical chip card – PIN authorization is required.
- A virtual reader for Smartcard Logon is also available with the card.
- Thanks to the standardized interface, certificate keys can be used by common 3rd party applications.
- TPM chip support is a full-fledged part of our ProID platform.
- You can also use and combine other ProID authentication methods.
- You can use a variety of add-on applications to control and automate the certificate lifecycle.
- All this can be complemented by the PKI infrastructure layer and certification authorities.