In addition to being small and portable, smart cards afford a much higher level of secure storage for certificates than, say, if they are stored on a hard drive.
Also, the simpler PINs are not susceptible to brute-force attacks because the smart card locks out after several unsuccessful attempts to enter the PIN. Unlike passwords, smart cards allow us to provide the more secure two-factor authentication, comprising something that is held (the card) and something that is known (the PIN.) Two-factor authentication means that PINs can be simpler and therefore easier to remember than with a password, since, without the card, the PIN is useless, and vice versa. The EPO decided very early on in the planning process for its online services that the certificates which would allow users to conduct secure transactions with us would be stored on smart cards.
Smart cards are credit card-sized plastic cards that contain a microprocessor and a small amount of memory.
