We make a program that contains privacy sensitive (patient) information.

We want to protect the login proces by using a certificate on a card or something like that:
The user needs to present a card (with a certificate), they need to enter a pincode, and after that they are logged in.

Has anyone of you already done something similar?
We're not sure yet which route to take.