Is it possible to use a chip/EMV credit card as an X.509 certificate? Let the credit card company know your private key (paranoid assumption; not necessarily true) & skip straight to step 3!
Look, I'm not an expert, I just dabble a bit. In theory there's no need for anyone to know your private key, it is generated on the card and kept there, unextractable. As I understand it there's nothing stopping credit card companies from allowing you generate your own keys on it (on a technical side that is), it just wasn't done AFAIK.
I have a smart card so I have the reader, but when I put in my credit card it doesn't even appear as though it can read it. I would love to use my "always-with-me" credit card for home PC sign-on and whatever else but there's nothing out there on the integration. Any pointers would be appreciated!
I guess it's enough information to concoct some kind of 2-factor auth, but what is stopping you from promoting your real smart card into "always-with-me"? Or one of smartcards, since you can have many.
NFC-capable phones can act as a card reader for contactless smartcards AFAIK, so that's something you can look into also.
But I wish people would be aware of smartcards more, they are all around us, but sort of invisible and unnoticed.
1. But cheap blank "Java" smartcards, more or less disposable
2. Install this applet on it https://github.com/philipWendland/IsoApplet
3. Works with OpenSC