diff --git a/nixos/modules/yubikey.nix b/nixos/modules/yubikey.nix
index 2e30bd9..46ab043 100644
--- a/nixos/modules/yubikey.nix
+++ b/nixos/modules/yubikey.nix
@@ -13,23 +13,20 @@
     libu2f-host
   ];
 
-  # Add udev rule for YubiKey CCID interface to be readable by pcscd
+  # Give pcscd access to the YubiKey CCID USB interface (interface 1 on FIDO+CCID devices)
   services.udev.extraRules = ''
-    # YubiKey FIDO+CCID (0x0406) - ensure CCID interface is accessible
     SUBSYSTEM=="usb", ATTRS{idVendor}=="1050", ATTRS{idProduct}=="0406", MODE="0666"
-    SUBSYSTEM=="usb_device", ATTRS{idVendor}=="1050", ATTRS{idProduct}=="0406", MODE="0666"
   '';
 
-  # CCID driver for smartcard access (required for YubiKey CCID functionality)
-  # Set up the PC/SC drivers directory with CCID driver bundle
+  # CCID driver for smartcard access
+  # NixOS's services.pcscd.plugins does not populate /var/lib/pcsc/drivers,
+  # so we symlink the ifd-ccid.bundle from the ccid package directly.
   system.activationScripts.pcscdSetup = ''
     mkdir -p /var/lib/pcsc/drivers
-    # Symlink the entire CCID bundle (or create it if it doesn't exist)
     rm -rf /var/lib/pcsc/drivers/ifd-ccid.bundle 2>/dev/null || true
     ln -sf "${pkgs.ccid}/pcsc/drivers/ifd-ccid.bundle" /var/lib/pcsc/drivers/ifd-ccid.bundle
   '';
 
-
   # YubiKey management tools
   environment.systemPackages = with pkgs; [
     yubikey-manager          # ykman CLI