FAQ SafeSign Identity Client

Is SafeSign IC compatible with Windows 10?

Both, Microsoft and AET Europe have tested and approved the 32-bit and the 64-bit version of SafeSign IC 3.0.112 in combination with Windows 10. Here is an overview of known issues:

Version 1511: During the Windows 10 Anniversary update you may need to de-install SafeSign 3.0.112 or 3.0.113 when a message pops up. Read more here >.
Upgrade 1511 to 1607: Reported issues of SafeSign IC 3.0.112 know from the Support team of AET with upgrade Windows 10 from 1511 to 1607. Advice is to skip the 1607 version and upgrade directly to version 1703.
Version 1607: No issues known.
Upgrade 1607 to 1703: No issues known.
Version 1703: No issues known.

If we have new insights AET will inform you about it.

Where can I download the latest version of SafeSign IC?

For the purchase, deployment and downloads of our software solution SafeSign Identity Client, please contact one of our AET Certified Solution Partners or contact AET directly if your organisation has a valid AET support contract.

Issues with November update of Windows 10 Enterprise (version 1511 build 10586)

Further investigation has made clear that all Windows 10 editions (version 1511 build 10586) cause issues with all versions of SafeSign Identity Client. ?The solution for this ‘policy issue’ is to update with the January 2016 patch build 10586.63. Both versions of SafeSign perform correct on build 10586.63 of Windows 10 and all functionality is restored and available. Read more here >?

Would we need any drivers or software apart from SafeSign middleware when using IDP tokens?

Since the IDpendant token is CCID compatible, most OS’s like Linux and MAC OS X support the token without additional drivers. Just install SafeSign Identity Client 3.0.14 or higher and start!

Signature of SafeSign corrupt or invalid in IE

When downloading a SafeSign 3.0.112 installer package in Internet Explorer you get a message that the signature of SafeSign is corrupt or invalid. The message is related to enhanced security measures for SHA1 files in IE for dowloads. The workaround is to rightclick on the Download entry and select “Run Anyway” or close the window and select the executable in your Download folder and run it from this folder. Another option is to use another browser like FireFox or Chrome to download the SafeSign file.

Would we need any drivers or software apart from SafeSign middleware when using IDP tokens?

Since the IDpendant token is CCID compatible, most OS’s like Linux and MAC OS X support the token without additional drivers.Just install SafeSign Identity Client 3.0.14 or higher and start!

Can I use SafeSign IC on VMWare?

The use of SafeSign Identity Client in a VMware environment is supported. SafeSign IC for Biometrics is not supported in VMware; the biometric API needs the actual hardware to work.

Does SafeSign IC support the RSA SecurID SID800 token?

The RSA SecurID SID800 authenticator is a multi-function device that combines the features of the RSA SecurID hardware authenticator with a smart chip based on Sun Java technology, packaged together in a more convenient USB form factor. This single authenticator is designed to generate time synchronous onetime- passwords (OTP) for anytime, anywhere access, support PKI for authentication, digital signatures and file encryption and securely store password information; making it an ideal choice for a wide range of environments where diverse system, application and customer needs exist.

The RSA SecurID SID800 USB-Token is supported by SafeSign IC like a normal JavaCard.

Please keep in mind that to use any JavaCard with SafeSign IC, the SafeSign IC Applet must be loaded on the token. This SafeSign IC applet can be pre-loaded on the token, or loaded by SafeSign IC as part of the initialization of the token.

In either scenario, to be able to load the applet, the KeySet used to protect the token must be known. If the token was set with a custom KeySet during production, this KeySet must be obtained from the manufacturer (i.e. RSA) to be able to prepare the token for use with SafeSign IC.

Would we need any drivers or software apart from SafeSign middleware when using Marx CrypTokens?

Since the token has an integrated Omnikey reader, the driver for the Cardman 6121 can be used. But the token is CCID compatible, which means that most OS’s like Linux and MAC OS X support the token without additional drivers.

Just install SafeSign Identity Client and start!

Does SafeSign IC support the Windows Installer (MSI) format for installation?

Yes, our product supports the Windows Installer MSI format for installation.

I get an error message 'Unknown ATR'?

This error is an indication that the card you are using is not (yet) supported by your version of SafeSign identity Client. Please contact your local supplier of the SafeSign IC software and ask them for a recent version that supports the inserted card.

Issues after updating SafeSign IC from old versions (less than 3.0.45)

When certain cards are not functioning in Internet Explorer after updating SafeSign IC from an older version like 3.0.40 or 3.0.45 there may be an issue with older registry settings not being removed. In order to make sure no wrong registry settings are being used, we have a utility called UnSafeSign which will remove the incorrect settings. Please ask your AET Solution Partner for more details.

Does SafeSignIC support Apple Keychain?

For OS X applications that make use of Apple Keychain, AET has created a smart card driver extension in recent SafeSign releases for MacOS. This smart card extension is used for Apple (native) applications, such as Safari, replacing AET’s deprecated TokenLounge product, which was using the deprecated CDSA architecture (since OS X 10.7 / Lion). Because the extension is read-only (by design), the contents of the smart card are not visible in the KeyChain.app (as with TokenLounge), in accordance with the description above and Apple requirements. The objects are imported in the user’s keychain database.