The DoD utilizes a method known as Public Key Infrastructure (PKI) to implement and enforce the use of smart cards – which contain user certificates – and personal identification numbers (PINs) for two-factor authentication. Many users will never understand or appreciate the complexity that works behind the DoD’s PKI. Nor will users fully understand why their CACs (smart cards) are not functioning on a personal computer (PC) while using a smart card reader alone.
Often, CAC-holders will be misled by retailers into believing that they can use their CACs by simply inserting it into a “plug-and-play” card reader. Due to the nature of PKI, it takes a little more effort to Public Key Enable (PKE) a computer. Aside from having an internal or external smart card reader to use a CAC, the computer needs to have the hardware drivers, the trusted root chains (of the user’s certificates), and possibly even third party middleware.