CCID (protocol)
{{Short description|USB Protocol}}
CCID (chip card interface device) protocol is a USB protocol that allows a smartcard to be connected to a computer via a card reader using a standard USB interface, without the need for each manufacturer of smartcards to provide its own reader or protocol.{{Cite patent|number = 7748636|title = Portable identity card reader system for physical and logical access|country = US|status = patent|pubdate = 2010-07-06|fdate = Jul 18, 2007|pridate = Nov 16, 2004|invent1 = Finn, David|assign1 = Dpd Patent Trust Ltd.}} This allows the smartcard to be used as a security token for authentication and data encryption, such as that used in BitLocker. Chip card interface devices come in a variety of forms. The smallest CCID form is a standard USB dongle and may contain a SIM card or Secure Digital card inside the USB dongle.{{Citation needed|date=November 2020}} Another popular interface is a USB smart card reader keyboard, which in addition to being a standard USB keyboard, has an built-in slot for accepting a smartcard. However, not all CCID compliant devices accept removable smartcards, for example, select Yubikey hardware authentication devices support CCID, where they play the role of both the card reader and the smartcard itself.
As the protocol is based primarily around interaction with smartcards, it builds around the ISO/IEC 7816-4 and ISO 7816-3 as main way of communication with the smartcard, or with the device itself in case of some USB security tokens.
Hardware implementation
According to the CCID specification by the USB standards work group, a CCID exchanges information through a host computer over USB by using a CCID message that consists of a 10-byte header followed by message-specific data.{{cite web|title=Specification for Integrated Circuit(s) Cards Interface Devices Revision 1.1|url=https://www.usb.org/document-library/smart-card-ccid-version-11|website=usb.org|publisher=USB Implementers Forum, Inc.|accessdate=January 26, 2015|page=25}} The standard defines fourteen commands that the host computer can use to send data and status and control information in messages. Every command requires at least one response message from the CCID.USB Complete: Everything you need to develop custom USB peripherals, Jan Axelson, 2005, page 189
Software driver
CCID driver support has been natively supported by Microsoft beginning with Windows 2000.{{cite web|title=Microsoft Class Drivers for USB CCID Smart Cards|url=https://msdn.microsoft.com/en-us/library/windows/hardware/dn653571(v=vs.85).aspx|website=Microsoft Developer Network|publisher=Microsoft|accessdate=January 26, 2015}} Apple has included some form of native CCID support since Mac OS X, with support evolving alongside Common Access Card and Personal Identity Verification specifications set by the US Federal Government.{{cite web |title=Jamf Pro Overview—macOS Smart card Functionality |url=https://resources.jamf.com/documents/technical-papers/macos-smart-card-overview.pdf |publisher=Jamf |access-date=2020-11-26 |archive-url=https://web.archive.org/web/20201126223538/https://resources.jamf.com/documents/technical-papers/macos-smart-card-overview.pdf |archive-date=2020-11-26 |page=7 |date=2018 |url-status=live}}{{Cite web |title=Intro to smart card integration |url=https://support.apple.com/guide/deployment-reference-macos/intro-to-smart-card-integration-apd1fa5245b2/1/web/1 |url-status=live |archive-url=https://web.archive.org/web/20201126224617/https://support.apple.com/guide/deployment-reference-macos/intro-to-smart-card-integration-apd1fa5245b2/1/web/1 |archive-date=2020-11-26 |access-date=2020-11-26 |website=Apple Support |publisher=Apple |language=en}} Apple's has included native CCID support on iOS since 16.0 and iPadOS since 16.1.{{Cite web |title=Use a smart card on iPhone and iPad |url=https://support.apple.com/guide/deployment/use-a-smart-card-on-iphone-and-ipad-dep8b8c8927a/web |access-date=2024-01-23 |website=Apple Support |language=en}}{{Cite web |title=Supported smart card functions on iPhone and iPad |url=https://support.apple.com/guide/deployment/supported-smart-card-functions-iphone-ipad-depb75d71d4c/web |access-date=2024-01-23 |website=Apple Support |language=en}} On Linux and other Unixes, CCID and CT-API devices are usually accessed with user-space drivers, for which no special kernel adaptation is required.{{cite web|url=https://ccid.apdu.fr/|title=CCID free software driver|accessdate=June 22, 2018}}