First of all, please excuse my ignorance about this topic. (related)
What exactly is needed to implement a process like this:
- Client visits login site (example.com/login).
To login, the client enters its client ID. Also, a random (?) code is displayed to the visitor:
251 221 555.The client picks up his smart card reader, puts his smart card into it and clicks on the "Login" button, enters the code 251 221 555
- The client then enter his PIN code (in the smart card reader)
- A token is then returned: 922 444 113
- The client uses the returned token to login in the website.
I guess one needs:
- A smart card (which has a PIN code)
- A smart card reader (see picture 1, 2)
What I wonder is how to authenticate the returned token in a website, and also how to return a token in the smart card reader? What are the exact (or simplest) steps to implement a process like the one above?