The Starcos 3.0 and higher smart card is supplied with the I.CA SecureStore application, which supports the functionality of the card (card management) and which is formed by several modules:

  • SecureStore CSP (Crypto Service Provider) – a component allowing the use of a card in the environments of MS Explorer, MS Outlook and other applications on the Windows platform that use the standard CryptoAPI interface
  • SecureStore PKCS11 – a component allowing the use of a card in applications like Mozilla Firefox on the Windows platform that use the Cryptoki interface
  • SecureStore application – a Windows application allowing the administration of a card.

The I.CA SecureStore application is a separate program running on the MS Windows platform with the following basic functions:

  • generation of a pair of keys up to the size of 2,048 bits simultaneously on a card with the generation of the relevant application for a certificate of the selected type (commercial, qualified).
  • import of an issued certified onto a card – a certificate issued in the DER format is stored on a card in the relevant storage location with the paid of keys
  • import of certificates of communication partners and root certificates of supported certification authorities
  • work with certificates stored on a smart card and administration of storage locations on the card – including removal and import of certificates
  • designation of a storage location used for Windows SmartCard Logon
  • PIN management – PIN changing (a new PIN can be set using the old one), PIN unblocking (a new PIN can be set by entering PUK)
  • Certificate registration for Windows – installs the certificate in Windows storage locations in order for it to be available via services working with certificates in the Windows environment
  • Monitoring of the use of the card space (the card lifetime is not monitored by the application)
  • Use of the free card space for the storage of any files. The storage location for the free space may be selected in two variants:
    • Unsecured, which is freely available
    • Secured, which is available only after entering the PIN for the storage location. This storage location is suitable for example for the management of passwords.

Registration authorities



8/28/2019 Swedish partnership
More here
7/16/2019 I.CA starts issuing certificates using elliptic curve cryptography (ECC)
More here
3/27/2019 I.CA became a member of the OBE QTSP Working Group
More here