Microsoft has the right idea by implementing Smart Cards that not only allow their employees to access their computing resources, but their physical campus as well. But why stop there? Smart Cards are essentially cryptographic tokens that not only enable "something you have" security, but strong authentication using PKC (Public Key Cryptography). A traditional metal key provides "something you have", but it can't provide PKC. PKC is used in most modern Cryptography systems like SSL, S/MIME, or PGP just to name a few. Essentially, it's the strongest form of authentication ever invented and it can also enable strong encryption by providing a secure key exchange.
So why stop at access to the building and computer systems, how about replacing all of the following applications with a single standardized cryptographic token with an integrated finger print reader and/or numeric keypad for good measure.
- Credit Card and ATM Card replacement
- Car key replacement
- House key replacement
- Building badge replacement
- Computer and Network login
- Wireless Access token
- VPN Access token
- Un-forgeable passport with Digitally Signed Photo
- Un-forgeable driver's license with Digitally Signed Photo
- Un-forgeable Social Security Number with Digitally Signed Photo
Now imagine that you could just carry a single token to do all that! Maybe on a key chain, maybe built in to a watch, or maybe something else or whatever your choice. I would like that very much.