The operators who issue the credentials should be vetted and authenticated before they can issue a card. Perform complete background checks on these personnel, and issue them a computer-based credential with biometrics in order to ensure that only authorized operators issue cards on the issuance equipment.
Why should these precautions be taken? Because if you can’t trust your credentials, the whole networked security model falls apart. Monitoring the issuance process when it is distributed over a network of systems makes the process more secure. In the past, the only way to ensure security was with labor and surveillance cameras. Today, intelligent computer programs can enhance issuance security.
Central facilities are still an important part of the credential issuance chain. Cards and computer chips are often mated in a central facility. Initial security features and data templates for computer chips are often pre-personalized in a central facility. Even though the cost to print a card is lower in a central facility, card program managers should consider carefully the cost of capital equipment, batch size, mailing and other factors that limit the flexibility of a central site.
The news frequently reports cases of fraudulent credentials being issued by a trusted individual. Computer programs can help us secure credential issuance using inventory vaults, equipment authentication, and operator monitoring in a networked enterprise. It only takes one creative individual to destroy the trust in a credential-based security system. It’s a chance better not taken.
Gary Klinefelter serves as vice president of Technology for Fargo Electronics Inc. Mr. Klinefelter holds 22 patents with Fargo and a BSEE degree. He is a long-time member of IEEE and the Society for Imaging Science and Technology. He is currently the Chairman for the Open Security Exchange.