In Windows 10, you find that the following registry settings no longer work:
Note These settings are described in more detail in KB 2589130.
This behavior is by design.
Smart card PIN caching behavior depends on the minidriver of the smart card reader. The minidriver should implement the PIN_CACHE_POLICY policy. At the time of PIN operation, the behavior of Smart Card BaseCSP is based on the cache policy parameters that are passed to it by the smart card minidriver.
Smart card minidriver vendors can control this behavior in their respective Smart Card Cryptographic Service Provider (CSP) or Key Storage Provider (KSP) products.
If the smart card implements a Personal Identity Verification (PIV) card, a third-party minidriver is not required. This is because the minidriver for PIV is included in Windows.
We have a fixed PIN caching policy for the default minidriver for a PIV card. This policy is defined as follows:
- If the container is the digital signature container (according to the PIV specification), we forcibly assign a no–pin-caching policy.
- For any other container, we forcibly assign the standard PIN policy (PIN caching is enabled).
The registry locations that are mentioned in the "Symptoms" section are relevant only to the third-party minidriver that's affected by the issue that's described in KB 2589130. These registry locations are not used for all PIV cards. The affected PIV minidriver was used in 2011. Therefore, these registry settings aren't provided by Microsoft.