diff --git a/configure.ac b/configure.ac
index 45e169bf..8d06eaa8 100644
--- a/configure.ac
+++ b/configure.ac
@@ -415,7 +415,7 @@ AC_FUNC_STAT
 AC_FUNC_VPRINTF
 AC_CHECK_FUNCS([ \
 	getpass gettimeofday getline memset mkdir \
-	strdup strerror \
+	strdup strerror memset_s explicit_bzero \
 	strlcpy strlcat strnlen sigaction
 ])
 AC_CHECK_SIZEOF(void *)
diff --git a/src/common/libpkcs11.c b/src/common/libpkcs11.c
index 9f99b8af..337bb5b1 100644
--- a/src/common/libpkcs11.c
+++ b/src/common/libpkcs11.c
@@ -100,7 +100,6 @@ C_UnloadModule(void *module)
 	if (mod->handle != NULL && sc_dlclose(mod->handle) < 0)
 		return CKR_FUNCTION_FAILED;
 
-	memset(mod, 0, sizeof(*mod));
 	free(mod);
 	return CKR_OK;
 }
diff --git a/src/libopensc/cwa14890.c b/src/libopensc/cwa14890.c
index a8b0664d..d28242d0 100644
--- a/src/libopensc/cwa14890.c
+++ b/src/libopensc/cwa14890.c
@@ -647,23 +647,22 @@ static int cwa_prepare_external_auth(sc_card_t * card,
 	if (bnsub)
 		BN_free(bnsub);
 	if (buf1) {
-		memset(buf1, 0, 128);
+		sc_mem_clear(buf1, 128);
 		free(buf1);
 	}
 	if (buf2) {
-		memset(buf2, 0, 128);
+		sc_mem_clear(buf2, 128);
 		free(buf2);
 	}
 	if (buf3) {
-		memset(buf3, 0, 128);
+		sc_mem_clear(buf3, 128);
 		free(buf3);
 	}
 	if (sha_buf) {
-		memset(sha_buf, 0, 74 + 32 + 8 + 1 + 7);
+		sc_mem_clear(sha_buf, 74 + 32 + 8 + 1 + 7);
 		free(sha_buf);
 	}
 	if (sha_data) {
-		memset(sha_data, 0, SHA_DIGEST_LENGTH);
 		free(sha_data);
 	}
 
@@ -770,15 +769,14 @@ static int cwa_compute_session_keys(sc_card_t * card)
 
  compute_session_keys_end:
 	if (kseed) {
-		memset(kseed, 0, 32);
+		sc_mem_clear(kseed, 32);
 		free(kseed);
 	}
 	if (data) {
-		memset(data, 0, 32 + 4);
+		sc_mem_clear(data, 32 + 4);
 		free(data);
 	}
 	if (sha_data) {
-		memset(sha_data, 0, SHA_DIGEST_LENGTH);
 		free(sha_data);
 	}
 	if (res != SC_SUCCESS)
diff --git a/src/libopensc/sc.c b/src/libopensc/sc.c
index 85ab0b76..1b957653 100644
--- a/src/libopensc/sc.c
+++ b/src/libopensc/sc.c
@@ -928,7 +928,13 @@ void sc_mem_secure_free(void *ptr, size_t len)
 void sc_mem_clear(void *ptr, size_t len)
 {
 	if (len > 0)   {
-#ifdef ENABLE_OPENSSL
+#ifdef HAVE_MEMSET_S
+		memset_s(ptr, len, 0, len);
+#elif _WIN32
+		SecureZeroMemory(ptr, len);
+#elif HAVE_EXPLICIT_BZERO
+		explicit_bzero(ptr, len);
+#elif ENABLE_OPENSSL
 		OPENSSL_cleanse(ptr, len);
 #else
 		memset(ptr, 0, len);
diff --git a/src/pkcs15init/profile.c b/src/pkcs15init/profile.c
index 107529a5..b5f08a9d 100644
--- a/src/pkcs15init/profile.c
+++ b/src/pkcs15init/profile.c
@@ -485,7 +485,6 @@ sc_profile_free(struct sc_profile *profile)
 
 	if (profile->p15_spec)
 		sc_pkcs15_card_free(profile->p15_spec);
-	memset(profile, 0, sizeof(*profile));
 	free(profile);
 }