Is a card better than a token?

Security solutions can be based on a smart card or a token. Technically, these solutions are very much alike. Why does Sesame work with a card?

Sesame uses a smart card because it is a little easier to keep those safe. Token-based solutions can work if the tokens fit on a keychain. Smart cards can be kept in one's wallet. Both key chains and wallets are physical carriers that people tend to safekeep.

The primary advantage of cards for Sesame is that it makes it simpler to carry more than one card, to access more than one account. Had we decided to use a token, then we would have asked users of multiple sites or multiple accounts to carry multiple tokens on their key chain, and this fills up a lot faster than adding multiple thin cards in one's wallet.

Tokens with a USB-interface have the additional problem that they are stuck into one's PC, where they are subject to software and thus, at least in theory, to the virusses and spyware that may live there. Sesame cards were designed for offline use, with a reader that runs on batteries.