FAQ's

Start
FAQ's
ESCB-PKI smart card management

ESCB-PKI smart card management

Is it mandatory to use ESCB-PKI secure tokens to get ESCB-PKI certificates?
- No, it isn't. Central Banks which already have cryptographic tokens can reuse their tokens to store ESCB-PKI certificates. A token certification process must be followed to ensure that every ESCB-PKI process operates properly with each candidate token. A request has to be placed through the ESCB-PKI Competency Centre to trigger the token certification process.
- See also: What is the ESCB-PKI Competency Centre service?

Which tokens have been validated to store ESCB-PKI certificates?


Manufacturer	Model	Format	Middleware	Minimun version of the native application
Manufacturer	Model	Format	Middleware	Minimun version of the native application	G&D	(**) Sm@rtCafe Expert 64 v2	Smartcard	SafeSign Identity Client v3.0+	1.0.6.0
G&D	(**) Sm@rtCafe Expert 3.2	Smartcard	SafeSign Identity Client v3.0 - v3.5	1.0.6.0
G&D	Sm@rtCafe Expert 7.0	Smartcard	SafeSign Identity Client v4.0+	1.0.7.5
AET Europe BV	JCOP21 v2.3.1 (Winter AG)	Smartcard	SafeSign Identity Client v3.0+	1.0.6.0
SafeNet	(**) eToken 4100 (CC EAL 4+)	Smartcard	SafeNet Authentication Client 8.1 SP1	1.0.6.0
SafeNet	(**) eToken 5100 (CC EAL 4+)	USB token	SafeNet Authentication Client 8.1 SP1	1.0.6.0
CRYPTAS	TicTok	Smartcard	Athena-SCS IDProtect 6.20.08	1.0.6.4
Certgate	SmardCard microSD 2.0	MicroSD card	cv cryptovision act sc/interface v5.1.0.236	1.0.6.0
Gemalto	IDPrime .NET 510 v3.0	Smartcard	IDGo 800 v1.2	1.0.6.6
Gemalto	IDPrime 940(B), 941(B)	Smartcard	SafeNet Authentication Client v10.7+	1.0.7.5
SafeNet	eToken 5110 (CC EAL 4+)	USB token	SafeNet Authentication Client v10.7+	1.0.7.5
Yubico	Yubikey 5C NFC	USB-C token	Yubikey Manager QT v1.2.6	1.0.7.5
SafeNet	eToken 5300-C (CC EAL 6+)	USB-C token	SafeNet Authentication Client v10.8+	1.0.7.5

(**) Tokens in End-of-sale and End-of-life.

How can I get an ESCB-PKI secure token?
- To know who can provide you an ESCB-PKI secure token please contact your local Help Desk, your local ESCB-PKI Access Manager or your local Registration Officers.
- See also: What is the Crypto Token Request service?
Can my ESCB-PKI secure token hold several certificates?
- Yes, in fact your ESCB-PKI secure token you will hold at least 3 certificates: one for authentication, one for encryption and a third one for signing. Additional certificates can be stored if needed (for example old encryption certificates).
How should I proceed to change the PIN of my ESCB-PKI secure token?
- To change your PIN you must use the smart card software tool. This tool is available in the ESCB-PKI web page.
  
  The licence for the tool is linked to the secure token; therefore you can download and install the tool in any PC in which you will need to use your token.
How should I proceed if my ESCB-PKI secure token is lost/broken/stolen?
- You must complete the following tasks:
- See also: How should I proceed to suspend an ESCB-PKI certificate?
- See also: How can I get an ESCB-PKI secure token?
- See also: How should I proceed to renew ESCB-PKI certificates?
How should I proceed if I forget my ESCB-PKI secure token PIN?
- If you have forgotten your PIN you can set a new PIN using your PUK. You must use the smart card software tool. This tool is available in the ESCB-PKI web page.
How should I proceed if I forget both my ESCB-PKI secure token PIN and PUK?
- If you have forgotten both your PIN and your PUK you must request new token and certificates.
- See also: How can I get an ESCB-PKI secure token?
- See also: How should I proceed to obtain ESCB-PKI certificates?
Which web browsers are supported?
- You should not have any problem to use your ESCB-PKI secure token with most common browsers. However, in order to download the certificates into your smart card you will have to install the native application component plus one of the two different Web Extensions published in this link. There is one web extension for Mozilla Firefox and other one for Google Chrome and Microsoft Edge (chromium engine version).

Back