There are two services offered by windows for the express card;
- Socket service
- Card Service
When clients connect to the Windows Socket service, the services begin its operations for the mutual authentication sequence. The DoAuthentication routines use the socket handle the first authentication packet from the client. The client buffer is passed to the GenServerContext function, which then passes the buffer to the SSPI security package for authentication. DoAuthentication then sends the security package output back to the client. This loop continues to repeat until the authentication fails or GenServerContext sets a flag indication for authentication success.
Card services include embedded integrated chips that act as a security token. The smart card has the same size as a driver’s license or credit card and can be made of metal or plastic. They connect to a reader either by direct physical medium or through a short-range wireless connectivity standard such as radio-frequency identification. The chips on the card services can be either microcontroller or an embedded memory chip. Card services are designed to be tamper-resistant and use encryption to provide protection for in-memory information. International standards and specifications cover smart card technology with some focus on industry-specific requirements.