Supported smart card functions on iPhone and iPad
For devices with iOS 16 and iPadOS 16.1, or later, Apple offers built-in support for the following capabilities:
Authentication: Safari and authentication in third-party apps supporting CryptoTokenKit
Signing: Mail and third-party apps supporting CryptoTokenKit
Encryption: Mail and third-party apps supporting CryptoTokenKit
Authentication
On iPhone and iPad, the authentication process varies depending on the operating system version. With all versions, iPhone and iPad support soft certificate (derived) credentials and persistent (network based) tokens for websites using Safari and for third-party apps that support CryptoTokenKit. For devices with iOS 16 and iPadOS 16.1, or later, native support for physical smart card authentication using an NFC or a CCID class-compliant reader has been added.
Digital signing and encryption
In the Mail app in iOS 16 and iPadOS 16.1, or later, users can now use a PIV token in a compatible smart card to send messages that are digitally signed and encrypted. To use this feature, users must have a case-sensitive email address subject or subject alternative names on digital signing and encryption certificates which are on attached PIV tokens in compatible smart cards. If a configured email account matches an email address on a digital signing or encryption certificate on an attached PIV token, Mail automatically displays the email signing button in a new message toolbar. A locked lock icon indicates that the message was sent encrypted with the recipient’s public key.