Configuring and managing tokens and readers McAfee Drive Encryption supports different logon tokens, for example, Passwords, Stored Value SmartCards, PKI SmartCards, CAC SmartCards, and Biometric tokens. This section describes how to configure the Drive Encryption software to support these SmartCards. Modify the token type associated with a system or groupYou can create a new user-based policy with a required token type and deploy it to the required system or a system group. You can also edit and deploy an existing policy. Using a Stored Value token in Drive EncryptionA Stored Value token supported in Drive Encryption stores some token data on the token itself. You must initialize these tokens with Drive Encryption before you can use them for authentication. The token needs to contain the necessary token data to allow successful authentication of the user. Using a PKI token in Drive EncryptionA PKI token is a smartcard supported in Drive Encryption that finds the necessary certificate information for the user in a PKI store (such as Active Directory) and used to initialize the Drive Encryption token data. You must initialize these tokens before they can be used to authenticate a user. Using a Self-Initializing token in Drive EncryptionA Self-Initializing token is a form of PKI token, but rather than referencing certificate information and pre-initializing the token data in McAfee ePO, the client sees the card and performs the necessary initialization steps. Only the client performs the initialization of the token data. One of the assumptions for using a Self-Initializing token is that the necessary certificate information cannot be referenced in Active Directory or any other supported Directory Service. Setup scenarios for the Read Username from Smartcard featureYou can set up your environment using the new Drive Encryption feature Read Username from Smartcard. Using a Biometric token in Drive Encryption A Biometric token allows fingerprints to authenticate to Drive Encryption instead of using passwords. Currently, Drive Encryption 7.2 supports two Biometric fingerprint readers in specific laptop models.