Skip to main content
Skip table of contents

Smart ID Desktop App overview

This article includes updates for Smart ID Desktop App 1.13.



Nexus Smart ID Desktop App lets you provision and manage virtual smart cards, which are hosted on your laptop. Virtual smart cards and Yubico Yubikey tokens can be used via the app for Windows-related use cases, such as two-factor authentication to external resources, protection of data by secure encryption, and integrity through reliable signing. The app also supports PKI encoding of smart cards as part of the Smart ID solution. 

Virtual smart cards on your local computer helps to digitalize securely

Secure your day-to-day business

Today, most organizations need to offer their employees and other end users secure access to applications and information at all times and wherever they are. With virtual smart cards on the desktop, you get an integrated and user-friendly two-factor authentication (2FA) method. 

Save time and costs

Physical smart cards are often chosen for their high level of security, but they cost money to buy, renew or replace, and require manual processes to distribute. By using Windows Virtual Smart Cards (VSCs), end users can say goodbye to passwords while complexity, logistics and costs for the business are reduced, since the process for supplying physical smart cards, hardware tokens and smart card readers is completely obsolete. With virtual smart cards, you can take advantage of automated and purely digital processes for provisioning and management.

Ensure same level of security as for physical cards

Smart ID Desktop App is based on the Microsoft technologies Virtual Smart Card (VSC) and Universal Windows Platform (UWP). Keys are securely created and stored on the Trusted Platform Module (TPM) chip, which is available on most laptops. The TPM fulfills the same level of security as the physical smart card in terms of non-exportability, cryptography isolation and anti-hammering.

Offer users a seamless experience

Virtual smart cards are easy to use and do not require users to carry additional physical devices with them. Users can easily get started by requesting a virtual smart card via self-service, and activating it by clicking an activation link. Using virtual smart cards in the Smart ID Desktop App offers users a seamless experience that is based on native Windows use cases. 

Get started without delay

Since there is no need to distribute physical cards or tokens, it is quick and easy for an organization to get started with virtual smart cards. Smart ID Desktop App lets you provision and manage virtual smart cards, that can be used for Windows-related use cases, such as two-factor authentication to external resources, protection of data by secure encryption, and integrity through reliable signing. The app is downloaded via Nexus support portal. 

Use Smart ID Desktop App with other tokens

Use a Yubikey for authentication and signing

Certificates can be enrolled from Smart ID Identity Manager to Yubico Yubikey 5 tokens and then used via Smart ID Desktop App for online authentication and signing as part of the Smart ID solution, or any other use cases. For more information, see Yubikey 5 overview.

Store keys in Microsoft certificate store

If TPM hardware is not available on the laptop, keys can be stored in Microsoft certificate store instead. Keys can be used for all use cases, similar to virtual smart cards. 

Manage the lifecycle of tokens

The Smart ID Desktop App is integrated into Nexus' Smart ID solution that includes standard workflows, self-service and automation for easily manage on- and offboarding, enrollment of certificates and common use cases throughout the lifecycle. 

The Identity Manager, which is included in the Smart ID solution, gives a good overview of current users, virtual smart cards and other tokens. Thanks to the use of a public REST API, the solution can also be integrated into other vendors’ infrastructure.

PKI-encode smart cards

As part of the Smart ID solution, the Smart ID Desktop App can be used to PKI-encode smart cards, in integration with Smart ID Identity Manager and a smart card middleware. The solution provides ready-to-use workflows to issue, activate and renew employee cards, and change card PIN. 

One-time passwords (OTP)

The Smart ID Desktop App supports time-based and event-based one-time passwords (OTP). A one-time password (OTP) is a temporary and unique passcode, that is generated by an algorithm to authenticate users to digital resources. See Set up an OATH-compliant mobile/desktop app as authentication method for more information.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.