Smart Cards Control Campus Activities

One Credential—Many Functions

• Asymmetric, or public key, algorithms do not require secret parameters when performing encryption or verification operations. These enable the mathematical equivalent of a padlock, which can be locked by anybody but requires a key to open. Although the card cost can be a few cents higher, they can lower infrastructure costs and improve reliability by reducing the need for accepting devices to communicate with servers. The most commonly used public key techniques are the RSA and EC-DSA (elliptic curve DSA) algorithms.

There are standards that describe how these techniques are implemented. The main ones are: ISO-7816 and ISO-14443 define physical interface requirements for contact-based and contactless smart cards, respectively.

• Federal Information Processing Standard 201 (FIPS 201) defines the U.S. government ID card for federal employees.

• Common Criteria and Federal Information Processing Standard 140 (FIPS 140) define requirements and validation procedures for security devices.


A unique college campus solution developed by Heartland Payment Systems' new micro-payments division, capitalizes on two well-established trends: the ubiquity of the mobile phone among college students; and the popularity of new contactless, or tap-and-go, payments among American consumers.

According to Heartland, this program launches the next generation of campus card programs which have remained unchanged for the last 20 years.

Beginning in July, Slippery Rock University 's 8,500 students, faculty and staff received a new official campus ID card and a separate contactless token designed for use with their mobile phones. Slippery Rock University is located in Pennsylvania .

Using either the card or the phone, they will be able to make payments at on-campus locations as well as participating merchants in the surrounding community. During the summer, campus vending machines, laundry facilities, photocopiers and printers will be outfitted with dual-technology readers to enable contactless payments via mobile phone in addition to the traditional ID card payments.

The new mobile phone tokens incorporate the same standards-based contactless technology (ISO 14443) used worldwide by MasterCard, Visa and leading card issuers in the payment and identity sectors. The technology enables data to be read without physical insertion into – or contact with – a card reader. Thus, it is more convenient and secure than prior payment options. By design, the phone must be held in close proximity – no more than 2 inches – to an approved contactless reader for communication to occur.

The new Rock Dollars card and ID token provide access to a fully functional debit account that is FDIC insured. Student financial aid will be distributed to the new accounts, and funds can be added or withdrawn from select ATMs.

A robust Website and voice response system enable 24/7/365 account access for balance inquiries, funds transfer, and other tasks. For more information, visit and

FreedomPay and iCLASS Contactless Smart Cards Fully Integrate

The move to contactless transactions may be as transformational to the credentials as the adaptation to IP is for video surveillance; it's hard to predict where it will ultimately go but there is definitely no turning back.

Many consider that the breakthrough began with HID's introduction of its economical and robust iClass 13.56MHz contactless read-write technology in 2005.

HID's clamshell-style card is constructed of an acrylonitrile-butadiene-styrene (ABS) shell and polyvinyl chloride (PVC) cover label that is strong, flexible and resistant to cracking and breaking. Additionally, the card can be custom printed utilizing most direct image printers offering convenient on-site photo identification capabilities.

The iCLASS Clamshell Card is based on HID's iCLASS 13.56 MHz read/write contactless smart card technology platform that includes a highly-secure, encrypted 64-bit diversified key format for mutual authentication. For even higher security, the card data can be protected with DES (Data Encryption Standard) or triple-DES encryption.

It is a symmetric cryptography algorithm which is the U.S. Government's officially adapted standard for the encryption of non-classified information. DES is a block cipher and encrypts data in 64 bit blocks. (Actually 56 bits because 8 bits are parity). DES encrypts 64 bits of data by executing the algorithm 16 times. Triple DES also known as 3DES, is a newer standard that was designed to replace DES. It essentially performs the process that DES does three more times (48).