http://www.smartcardstrends.com/det_atc.php?idu=13258 In addition to HW-protected keys they will have E2ES (End to End Security) schemes for key provisioning, *presumably* run through the browser. Anders