Security

Painless Truths – Busting the Myths of Smart Card Migration

dtavassoli's picture

A few months back, I wrote a blog about the top reasons Colleges and Universities are making progress towards moving to Smart Cards as a secure means of safeguarding people, data and assets. Here’s the link to that conversation to help remind you about the points I made in that blog.  In this conversation, I would like to build on the content in that earlier blog to share my thoughts about five myths that need to be de-mystified for colleges and universities who are considering the implementation of a Smart Card system for their campuses.

Institutions willing to tackle the complexity of installing a Smart Card system to manage their campus security will realize the benefits of using multi-function Smart Cards to obtain a myriad of services and applications that can be accessed campus-wide from physical facility and logical network access to cashless payment and tracking time and attendance. Though these institutions have embraced the idea of multi-function Smart Cards, they may have concerns about the logistics and costs associated with the installation and operation of a Smart Card security system. These concerns may be keeping some institutions from implementing Smart Cards even though they have a true desire to do so.

We have prepared an Executive Brief that debunks five myths involving multi-function Smart Card systems and their implementation. The five myths reviewed in the Executive Brief are:

Myth #1: I have to upgrade everything at once or I only have one option. FACT: A combination of phased implementation steps can be executed as needed to meet your specific needs.

Myth #2: We have too many access control technologies currently in place to migrate smoothly. FACT: A single Smart Card can house up to four different access control technologies.

Myth #3: It’s not possible to support old and new application technologies at the same time. FACT: Transaction-based applications can co-exist with access technologies on a single Smart Card.

Myth #4: Migrations are too expensive to implement. FACT: Maximize your system investment by migrating in phases versus all at one time.

Myth #5: Migrating to contactless Smart Cards will slow down the card issuance process. FACT: Smart Card encoders provide electronic and graphic personalization in one seamless step.

The Executive Brief will comment on these five myths in detail to offer reasonable Facts about implementing Smart Card systems to help you understand there may be light at the end of the tunnel. Please read HID Global’s Executive Brief to learn more about breaking down the myths of installing a multi-function Smart Card system. Let me know what you think.

Source: https://www.hidglobal.com/blog/painless-truths-busting-myths-of-smart-card-migration

Smart Cards for FIPS 201 compliant Personal Identity Verification

Today, HID Global announces the availability of the Crescendo PIV smart card that enables organizations to comply with FIPS 201 and that is part of the HID PIV Enterprise solution.
 
Crescendo smart cards enable access to a broad range of applications, like PKI based authentication, digital signature, and data encryption. Use cases also include secure login to workstations and laptops, web-based cloud applications, or VPN gateways.

The card leverages HID Global’s Identity Applet Suite, which offers secure storage and protection for cryptographic keys and their associated digital certificates, as well as personal information.

View Product Page

The Crescendo PIV is dual interface card that enables cryptographically secure authentication through either a contact interface, by inserting the card in a smart card reader, or a contactless interface, presenting the card to a contactless smart card reader or NFC enabled device. The card uses a FIPS 140-2 Level 2 certified cryptographic module and is capable of containing multiple keys and certificates as specified in NIST special publication 800-73. This card is part of the HID PIV Express and HID PIV Enterprise solutions, which help organizations improve their security posture, comply with mandates, and improve the user experience.

Crescendo PIV is meant to be issued and managed by ActivID Credential Management System. By exposing a standardized card edge, the card can work out of the box with major operating systems or can work in combination with ActivClient middleware that provides additional diagnostic, usability and integration features.

CRESCENDO PIV HIGHLIGHTS:
One card for physical and IT access featuring a cryptographic secure element

Allows access to doors, computers, network and cloud. PKI based authentication, digital signature and encryption

Integrated and tested with ActivID® ActivClient®, ActivID Credential Management System, HID PIV Express® and HID PIV Enterprise®

Compliant with FIPS 201 mandates for physical and logical access

Optimized performance for faster physical access using digital certificates

NIST FIPS 140-2 Level 2 security certification

NIST FIPS 201 interoperability certification

MorphoTrust USA rolls out new Utah Driver’s License aimed at reducing fraud and identity theft

By MorphoTrust USA
A new Driver’s License to reducing identity theft

Starting today, residents of Utah will be receiving the brand new, highly secure driver’s license when they renew or apply for a new driver’s license or ID card. This change stems from a new five-year contract between the Utah DLD and MorphoTrust USA to revamp Utah’s driver’s license and identification (ID) cards with an updated look-and-feel, including new enhanced security features. The licenses and IDs feature encoded elements such as security backgrounds and barcodes that will reduce driver license fraud and identity theft.

Morpho Trust helps reduce Fraud & Identity Theft

 

 

Back Key Control Gets Intelligent: Announcing New Medeco X4 CLIQ!

It is official!  The CLIQ technology is now available in Medeco X4 format! Medeco X4 CLIQ is available for immediate order and has launched in these cylinder formats:

  • Mortise 1 1/8” (10 0200)
  • RIM (10 0400)
  • KIK (20 2000)

Medeco X4 CLIQ combines Patented Mechanical Key Control and CLIQ technology, allowing cylinders in the Medeco X4 format to become part of a true Loss and Liability Solution with full audit trail, controlled access and electronic rekeying. There is no hard-wiring or expensive door modification required! Simply install Medeco X4 CLIQ cylinders and use CLIQ Web Manager software to control where and when key access is granted. Medeco X4 CLIQ provides enhanced security and accountability in a retrofit cylinder at a fraction of the cost of traditional electronic access control systems.  (Note: Medeco X4 CLIQ will not be available in SFIC format)

Event IDs – Matica XL8300

Supporting the Porsche European Golf Open with Secure ID cards

HID Global’s Seos Smart Cards and HID Mobile Access Bring Convenience, Security and the Mobile ID “Cool” Factor to Major U.S. University

AUSTIN, Texas, April 20, 2017 — HID Global®, a worldwide leader in trusted identity solutions, today announced a major U.S. university selected its Seos® smart cards and HID Mobile Access® solution to streamline card office operations, simplify the management and use of trusted IDs, and offer the “cool” factor to students using phones for accessing buildings, services and resources. The phased deployment of thousands of readers over the last few years enabled these benefits, while preserving investments in previously installed HID Global readers.

“We applaud this visionary university as one of the most sweeping examples of how to transform the campus experience using trusted identities on cards and mobile phones,” said Brett St. Pierre, Director of Education Solutions with HID Global. “As they move toward full deployment, they will be creating a new kind of One Card office that secures the campus while delivering new and innovative services.”

The university will support HID Mobile Access in all common campus areas by the summer of 2017 and plans to use the solution’s Mobile IDs as its primary form of campus identification in the years to come.  HID Mobile Access enables users to request and receive new Mobile IDs over the air to their phones, improving convenience while significantly reducing card office support requirements.  Likewise, administrators can revoke identities and modify permissions with the same over-the-air speed and simplicity, streamlining the work of managing identities across the university’s large campus population.

After a successful technology pilot, the university began upgrading many of its existing HID readers to support the Bluetooth capabilities required for Mobile IDs.  It is also installing more than 400 additional mobile-enabled readers during 2017, with all readers supporting both earlier card technologies and Mobile IDs to ensure a smooth transition.

The university plans to ultimately use Mobile IDs as its primary form of identification in the future.  Accordingly, the university issued 300 to 400 Mobile IDs in the first deployment phase of HID Mobile Access and will issue another 500 during 2017. Next year, the university intends to issue ID cards while simultaneously provisioning Mobile IDs to all students and staff.

The university will explore new ways to benefit from HID Mobile Access after the deployment is complete.  Mobile IDs can be used alongside ID cards for applications ranging from entering parking lots, buildings and residence halls to making meal plan purchases, and accessing library and media center resources.

Stay Connected with HID Global

Visit our Media Center, read our Industry Blog and follow us on Facebook and Twitter.

About HID Global

HID Global powers the trusted identities of the world’s people, places and things. We make it possible for people to transact safely, work productively and travel freely. Our trusted identity solutions give people secure and convenient access to physical and digital places and connect things that can be accurately identified, verified and tracked digitally. Millions of people around the world use HID products and services to navigate their everyday lives, and over 2 billion things are connected through HID technology. We work with governments, educational institutions, hospitals, financial institutions, industrial businesses and some of the most innovative companies on the planet. Headquartered in Austin, Texas, HID Global has over 3,000 employees worldwide and operates international offices that support more than 100 countries. HID Global® is an ASSA ABLOY Group brand. For more information, visit www.hidglobal.com.

HID Prox FOBs

prox-fobThe ProxKey III is a proximity card keyfob for access control offering HID proximity technology in a convenient, pocket size device. The proximity card keyfob easily attaches to a key ring, badge clip or lanyard. The ProxKey III is built to withstand harsh operating environments or handling.

The ProxKey III is suited for use in access control applications where a Photo ID is not required.

Key Features of the ProxKey III:

  • Small enough to fit on a key ring.
  • Universal compatibility with HID proximity card readers.
  • Provides an external number for easy identification and control Can be
    placed on a key ring for convenient entry.
  • Supports formats up to 85 bits, with over 137 billion codes.
  • Using HID’s ProxProgrammer®, card vendors can ship proximity keyfobs, custom programmed to
    their customers’ requirements, from their own inventory. Enables smaller order
    quantities and overnight delivery. (Check with vendor for availability.)
  • Lifetime warranty.

What level of card security do I need?

How secure do you need your ID cards?

This is a common question from our customers. The level of card security depends on a number of factors but we will try to break it down in basic bullet list:

PVC printed ID card

  • If visual identification is all you require, then a simple photo ID may work just fine. This is a simple, low cost solution and it can be implemented quickly and easily.
  • For this ID, you can simply include you company logo and employee name OR you can considering adding photo, title or access level.
    1. Benefits: low cost, professional and easy entry-level ID solution
    2. Risks: this does not automate access control (i.e. turn card “off” once no longer at company) and some interaction may be required to validate a user.
  • If this security solution will meet your needs, please contact ASAP for information on an ID printer OR for ASAP to print cards on your behalf.

Mag stripe or bar code printed ID card

  • If your organization requires a slightly higher level of security than a simple visual ID, consider a magnetic stripe or bar code solution. This is also a low cost and easy solution to implement that may meet your needs.
  • How can a mag stripe or bar code system work? It may be used for clocking in/out, logging into a POS system, checking books in/out as well as paying for meals on an account simply by swiping the card through a mag stripe or bar code reader connected to your company system.
  • Bar codes can be 1D, 2D or QR codes depending on the amount of data to be stored. Mag strips are low, mid or high-co and again can store a variety of data on 1, 2 or 3 “tracks”.
  • Benefits and Risks are the same as PVC only ID cards. It adds a slightly higher level of function but very little added security.

Proximity ID card

  • Proximity cards/fobs are considered “keyless access”. They offer facilities an easier and more affordable way to control access by issuing Prox “keys” which they can simple “turn off” once the person no longer requires access without having to track down a physical key. Prox also allows tracking of access when readers are required for access control (buildings, parking lots, etc). This would be considered a “moderate” security solution.
  • Users are also able to control access on schedules and/or grant access to certain areas only to certain employees.
  • Finally, you are able to print on most Prox cards to allow you to include both visual security with electronic access control.

Smart (contact and contactless) ID card

  • The highest level of card security are consider Smart Cards.
    • Contactless smart cards use high-frequency radio frequency identification (RFID) and a memory chip to store data (2K, 8K, 16K, etc). The larger the chip, the more capacity to store/encrypt. These cards can be used for building/parking access, secured access to rooms, cabinets, closets, logical access, inventory tracking, cashless vending, clocking in/out.
    • There are risks….primarily privacy concerns since devices store data and can be read by another device if in the wrong hands.
  • Contact smart cards include a chip/microprocessor on the card with enormous storage capacity. These cards must be inserted into a special reader to access data but these are more secure cards and cannot be skimmed (no RFID). Consider the new chip credit cards as an example of contact cards are work. These, too, can have a photo/name added to include visual security if needed.

HOLOKOTE

Screen shot 2014-10-03 at 10.23.49 PMMagicard’s patented HoloKote security prints a watermark graphic into the overlay panel during the normal card printing cycle, providing anti-counterfeit protection for your cards. The image prints in a grid pattern across the entire card surface as a frosted image that is invisible when viewed normally. When flexed or held at an angle in direct light, the HoloKote image becomes clearly visible.

When combined with HoloPatch cards this watermark can be visible in all light conditions.

With the Rio Pro you can print a HoloKote Flex image across the entire card surface. This can be customized to your own logo or security design by using the Custom HoloKote feature.

See samples at UltraMagicard.com

News from Allegion: Smart Cards Offer Many Advantages

Screen shot 2014-09-23 at 10.39.54 AMSmart cards offer many advantages over proximity cards

Proximity readers and cards have been on the market for over 25 years. As the first contactless card that can be “read” without inserting or creating contact with a reader, proximity cards advanced credentials forward significantly.

However, proximity cards are not without their limitations. Namely, storage and security. The storage on proximity cards is limited to the card number alone—making it functional for only one purpose. Additionally, proximity technology is highly susceptible to counterfeits and duplication.

Smart card technology solves both issues.

  • Storage: There are multiple sectors on a smart card, allowing for storage of several different types of applications, including access control, POS, computer access, data storage and cashless vending. Smart cards can be used for multiple purposes and are 100 times faster than proximity credentials.
  • Security: With advanced data encryption, duplication is nearly impossible. As an added level of security, smart technology requires mutual authentication—between the card and reader.

Making the transition
It’s fairly simple to transition to smart cards on existing systems. Allegion’s aptiQ™ Multi-Technology Readers allow companies to move at their own pace because they read both 125 kHz proximity and 13.56 MHz contactless smart cards in a single unit. Even more, Allegion’s aptiQ readers are very easy to install or replace with a quick-connect design that uses standard wiring.

Read more industry insights regarding sorting through credential technology choices by Allegion.

Want more information on Allegion’s aptiQ smart card technology? Contact Sheila Brown today!