Security of private keys is extremely important, as this is the means by which a person signs messages (or documents) and creates legally binding obligations. If a person’s private key is lost, stolen or compromised in any way, regardless of whether this is due to the owner’s negligence or a hacking attack, the key pair must be revoked.
There are a number of ways to store a private key. In many applications, digital certificates and private keys are stored on the user’s hard drive of their PC, but this can leave them vulnerable to attack by hackers.
Another method involves placing or creating the private key on a physical token such as a smart card. This option provides additional protection against electronic theft and thus impersonation, as the user is able to carry the key with them meaning it is stored away from the workstation they access systems from which reduces the availability to hacking attempts. Furthermore, a pass-phrase must be entered on each occasion a smart card is used, providing additional protection should the card be lost or stolen.
Smart cards are considered to have advantages over other tokens (such as a USB tokens) these advantages include the ability to use chips that can store and process multiple applications.