#PC/SC over BLE on Windows

Once configured to run the CCID profile / PC/SC mode, a Bluetooth-attached SpringCore device is supported by SpringCard PC/SC Bridge virtual driver and its companion application.

The SpringCard PC/SC Bridge Solution is made of three layers:

• A virtual PC/SC driver. The driver is said to be virtual, because it is not attached to a physical device that is wire-connected to the computer’s motherboard, but rely on an underlying user-land software to communicate with the device.
• The SpringCard.SpringCore.BleBridge.dll library is the software that runs in user-land and acts as the bridge between the BLE device and the virtual PC/SC driver,
• The SpringCard PC/SC Bridge application is a lighweight utility that controls the driver, provides configuration screens, and runs the library in the tray of the user’s desktop.

Integrators may also use the library to develop their own bridging application.

#Security considerations

The unpaired (not bonded) BLE channel is intrinsically insecure: it provides neither confidentiality nor integrity protection. It must therefore only be used for tests and demonstration purposes, not in a live application.

The bonded BLE channel is not rely better since the bonding uses the Just Works pairing method (because the SpringCore device does not have a keypad or any other mean to enter a PIN or a secret key). The link is encrypted (AES-CCM), but there is no real mutual authentication, and no protection against man-in-the-middle attacks. It provides basic confidentiality only, not strong security.

However, the SpringCore device can be adapted to operate at a much higher security level, by using a protocol-level encryption of the CCID messages, after a mutual authentication either with a shared AES key or through an ECDH key exchange. Integrators requiring such a level of security should contact SpringCard’s sales team since these features are only available as part as a dedicated project.