• Home
  • Blog
  • Remote Smart Card Reader Access on Windows

Remote Smart Card Reader Access on Windows

avatar
Written by
Updated on: January 29, 2026
Time to read: 3 minutes
A card reader in the Device Manager

Smart card readers are highly secure devices, and their passthrough is usually disabled by default. In some cases, this requires a simple setting adjustment, in others – a digital certificate. There are also other methods to use a smart card reader over RDP or in virtual machines, such as USB Network Gate, which imitates a direct USB connection.

Table of Contents

How to Use a Card Reader over RDP Sessions

Two things need to be enabled in order to use a local card reader on a remotely hosted RDP session – a group policy, and a device setting that you can access in the Remote Desktop Connection client.

1. On the host, open the Group Policy Editor, either by searching for it, or pressing Win+R and running gpedit.msc.

Opening the group policy editor

2. Go to “Computer Configuration” > “Policies” > “Administrative Templates” > “Windows Components” > “Remote Desktop Services” > “Remote Desktop Session Host” > “Device and Resource Redirection” > “Do not allow smart card device redirection”.

Locating the redirection policy

3. Make sure the policy is disabled.

Disabling the policy to allow redirection

4. On the client, when starting an RDP session, click “Show options” and navigate to “Local resources” > “More”.

Resource settings in MSTSC

5. Enable “Smart cards or Windows Hello for Business”.

Smart cards enabled in MSTSC

6. To test if your reader has been connected, you can run certutil -scinfo.

certutil shows that the reader is connected

The certutil command has other uses, for cases where a remote login via certificate is required (-dspublish), or domain-based access is needed (-scroots update).

USB Network Gate for Card Reader Passthrough

USB Network Gate is one of the best solutions for smart card reader passthrough, both to RDP sessions and into virtual machines. It shares a device on a local network, and emulates a direct USB connection from remote computers, bypassing many of the problems that usually arise with remote device access.

USB Network Gate has a 14-day free trial. With it, you can explore all the features – most importantly for a smart card reader, USB Network Gate can encrypt the traffic, and protect shared devices with a password to prevent unauthorized access by other users.

How to Access a Smart Card Reader with USB Network Gate

1. Install USB Network Gate on both computers. Activate the copy on the computer that will share the card reader.

USB Network Gate installation

2. Click the gear next to the “Share” button of your card reader to open sharing options.

The reader is visible on the device list

3. Enable encryption and password protection.

Connection settings to ensure security

4. On the remote computer or in the virtual machine, you will see the device. Click “Connect” and enter the password.

Connection settings to ensure security

5. You can check if the device has connected properly by using certutil.

Testing with certutil output
Note: Sometimes, a USB Network Gate server won’t be detected right away. This can happen in some virtual machines. If this is the case, manually add the server’s IP from the “Connect devices” menu on the menu bar.

Card Readers in VirtualBox

VirtualBox USB settings

Card readers can sometimes not work by default in VirtualBox. Follow this procedure to rule out some common causes.

  1. Shut down the virtual machine and go into the settings.
  2. Go to Ports > USB, enable the USB controller.
  3. Click the “+” USB icon to add a device filter, select the reader from the list.
  4. Launch the VM, open the Windows device manager, and update your card reader’s drivers.