Taglio PIVKey C910 Certificate Based PKI Smart Card for Authentication and Identification, Dual Interface Contact/Contactless Smart Card, Supports Windows PIV Drivers, Standard ISO.

I love my PIVKey!I like to “get my hands dirty” and dig into different kinds of technologies, usually related to Linux or Windows servers. I thought it’d be pretty cool to take a look into smart card login integration with Active Directory as I already had a Windows 2012 domain controller setup in my home lab, but I initially wasn’t too sure on what all I needed. It turned out that all I really needed was a smart card reader and a smart card – after doing some research online, it was pretty clear to me that the PIVKey had a good success rate.Enrolling a user account for a smart card in Active Directory was easier than I thought it would be, and I didn’t have any issues with the PIVKey, and the setup is still working great two months later! The PIVKey came with some instructions and general information that made enrollment a breeze. With the PIVKey, I’m simply able to insert the PIVKey into a smart card reader and then enter a PIN number that I set to login to Windows. I’ve also read that smart cards can be integrated with Exchange – I hope to test out the PIVKey with that soon as well. Overall, I would highly recommend this smart card and I haven’t had any issues whatsoever.

The card does indeed respond as a PIV card. Windows smartcard logon (windows 10) recognizes it. Minor nit: the card itself has no printing on it (so label it before you toss it in the bucket with your other sample PIV cards.)

Another wasted cash. Would not work and kept giving error certificate not trusted.

I tried these as my first foray into the PIV smartcard world. I have experience with PKI and certificates, but not with smartcards. The documentation is great for those new to smart cards, loading certificates onto it is pretty straight forward, and it comes with a test certificate. Windows recognizes them read-only without a driver. I'm currently using it for authentication and signing certificates without issue in Chrome, Windows (code signing and logon), SSH (via PuttyCAC), a Keepass database (with plugin), and Softether VPN client (needs OpenSC).Be aware though that these have limitations compared to other PIV solutions. The documentation mentions many of them, but not all. Some notable limitations:* The provided tools for loading certificates and managing the slots and PIN are Windows-only. The open source tools for PIV management out there such as OpenSC's pivtool or yubico-piv-tool are NOT compatible.* No write support via PKCS11 at all. OpenSC's PKCS11 library is supported read-only if middleware is needed.* No support for the non-certificate parts of the PIV standard, such as the printed information and biometrics containers. Applications that try to access these containers will error out or crash (Veracrypt for example is incompatible for this reason).Veracrypt (needs biometric containers), GnuPG/Kleopatra's PIV support (no PKCS11 write support), and HID ActivClient (both the user console and PKCS11 library) are a few examples of software that do not function properly with a PIVKey regardless of configuration. ActivClient was especially disappointing to see unsupported considering its one of the most widely used enterprise middleware and end-user GUIs for smart cards. Taglio's official advice in their docs is to uninstall it.Hardware-wise, these look to be Feitian cards supporting javacard 2. GlobalPlatform was able to do a --list using the 404142... key.Printable on a standard badge printer (be sure to mark the chip area as excluded in the print driver).4 of 5 stars because these are perfect for small deployments that need nothing but basic Windows support, but are not a good choice if you want advanced capability.

I ordered one and it was not functional, even for the test. However, after communicating back and forth with Taglio, their customer service was exceptional and replaced the card, and sent another one for me to test with. so far the cards work as intended, and the next step is on me for the certificate authority using Win server 2012 R2. They've offered to help with that, which is a rarity in many organizations. Thanks for the restitution.

New to smart cards. Installed pivkey miniport, used certutil to load my PKCS #12 file and pivkey tool to make loaded cert default. Took a few minutes for a total noob to get up and running. My only problem was initially inserting card upside down into the reader.

It took a well over a week to get the thing even though I should have got it the next day. The card works as advertised so I gave them three stars

I bought one, I love it - I'm very happy they sell them in quantity one, smart cards can be VERY tough to get in low volumes.I also like that the client PC does not need to install software to use these cards! just the "admin" computer (the computer that writes the certs)tip - when u use the software to write the cert, you'll be doing so using the "miniport". this "miniport" is required to be installed on all client computers. If you'd prefer not to install software on the client computer, follow PIVKeys instructions for "mapping". It's very easy, I just didnt realize why I'd need to map - the idea is w/o installed software, there are a small number of slots. You have to map your cert into one of these default slots, else the out of the box software cannot locate the certA++