Do You Know Your Smart Card Technology?

For almost 15 years, contactless RFID cards and tags have been changing the access control landscape. While the market has grown exponentially over that period, it is only recently that the cards and readers have evolved from simply transmitting numbers to complex multi-application card and reader environments that can perform multiple functions including security and encryption with flexible card structures. Advances in technology have made contactless cards and readers a must-have for all a company’s security and access control needs.

Contactless card technologies

According to research analyst Blake Kozak, IMS Research, although smart cards are being used more in European countries than in the U.S., smart cards in the U.S. are beginning to see large growth, with proximity cards still taking up the greatest portion of the market. “Multi-technology readers are popular at the moment because they allow an organization to futureproof themselves,” explained Kozak. “Simply stated, this allows users to continue using their current technology until the funding and/or time is right to upgrade their system. The multi-technology reader will then allow them to upgrade more seamlessly.”

There are a variety of contactless card technologies available in today’s market. Proximity cards are the most prevalent, primarily because that’s what end-users are accustomed to using. These cards and tags communicate at 125 kHz and work when a card is brought within the area of the RFID field created by a reader. It’s very simple and easy to use, but is usually only good for one application. From a security standpoint, this card can only be secured using a specific format in the card or with a matching format between the card and reader. There are, however, newer and better options available.

  • Contactless smart cards: These cards/tags communicate at 13.56 MHz, a much higher frequency than the proximity cards. The primary benefit of these cards is their larger memory capacity (32kbits/4kbytes) and ability to store vast amounts of information, such as history, employee information and biometrics (e.g., fingerprints and iris templates). Contactless smart cards are secured via multiple authentication methods, in that the communication transmission is secure between the card and reader – and different every time – so a hacker cannot “sniff” the information. Additionally, because the cards have wired logic memory (organized in fixed sectors or pages), additional security can be added to protect information written to the cards through encryption or special passwords, more commonly known as “security keys.”
  • Microprocessor cards: A variation on the contactless smart card, this type of card, as its name implies, has small microprocessors and memory on the chip. The bigger the card’s memory (available up to 8 kilobytes), the more application possibilities exist. For example, a card with 8 kilobytes of memory can potentially manage 28 applications. Depending on the applications, this card can be used to enter the parking lot/building, access IT/secure networks, biometrics, photos, time and attendance, secure printing and even cashless payments to manage the cafeteria or vending machine purchases, thus eliminating the need for multiple cards per person. And, you can create and arrange application sectors inside the memory storage to your liking, much like a hard disc on a computer.

Overcoming obstacles

Despite the advances in card technology, there are many challenges that must be overcome before full adoption of these newer, bigger, better cards can be achieved. The primary challenge is overcoming the idea that proximity cards are the be-all, end-all access control solution. The bigger challenge is one you face as a dealer/integrator. Currently, you rely on a variety of people to provide information on customer cards – the customer itself, vendors, etc. Unfortunately, accessing information on existing cards from these sources can take time and energy. Vendors can take awhile to get back to you and, let’s face it, companies are notorious for not knowing their own card technology. This puts you in an awkward position when you’re in the field and are handed a card.

“What we’re seeing in terms of new product development is that it’s more about combing multiple factors into one integrated system,” said Randy Vanderhoof, executive director of the Smart Card Alliance, Princeton Junction, N.J. “Methods of unlocking a door with a simple red/green light are being replaced with a much more intelligent controller, one that has the ability to have biometrics match to go along with the information that is on the card—adding a second level of security so someone can’t just pick up an access card and get into a building or a secured area. Controller devices are more IP-driven so that they’re not running on thin copper wire but instead running on the network backbone of the organization. These are the kind of advances that we see happening all the time in the electronic security industry.Part of that has been enabled by having more of a capable security badge technology, such as smart cards, that can provide features such as biometric match-on card, security digital images and certificates that can be validated in real-time to verify that that credentials has not been revoked recently.”

ISLOG’s R.F.I.D. Suite– ReadCard™, FindFormat™, IDtransfer™ and DataEncoder™ -- is one solution that is available today. And here’s how a discussion might go with regards to this technology.

What is encoded on this piece of plastic you just handed me?

You need to know all about this card, including what technology it supports; who manufactured it; how much memory it holds (if any); what its serial number is; and how the card is organized.ReadCard is a software tool that can perform all these tasks in seconds. It allows a user to respond quickly and accurately to your customer.

Can I use this card with the existing system?

The next challenge is to recognize, out of binary information, the specific format encoded on a card or tag. Today, as previously mentioned, you have to send the card back to your vendor to determine formats, a task that can be quite time-consuming.

FindFormat is a simple tool that can determine the format encoded on a card or tag in only a few seconds. Everyone in all levels of the supply chain can use and benefit from FindFormat, from field sales to technical support to the business development team, all of whom will be able to quickly answer questions such as whether the card can be used with the current system or whether more cards can be sold.

What can I do with this information?

Now that you can read and find the card’s information, the next logical question is what can be done with it. Today’s cards can be used for so much more than access control.

IDTransfer, has many application possibilities, for integrators/dealers as a universal card enroller for all access control software, or as a tool that enables companies to develop support for RFID without costly development and integration.

Can I encode cards myself?

Today, you buy the cards already encoded. However, demanding customers require that card programming be done independent of the card provider; they don’t want anyone to know their security.

DataEncoder is a solution for encoding data to a 13.56MHz card or tag. Whether it’s MIFARE, DESFire or another 13.56MHz, like iCLASS, DataEncoder is compatible with industry-leading, card-management software, allowing you to organize the structure, determine and set the security keys in the card and readers and write to the card in specific formats.

With the increased acceptance of RFID and the growing market for contactless smart cards, the challenges associated with managing these new technologies can be difficult. Supporting products must be able to meet or exceed certain criteria – flexible solutions that cross different technologies and brands. Software tools take the mystery out of cards and put control back in your hands by providing access to important information, which up until now, was difficult to obtain.

Robert Gailing is the managing director, ISLOG Americas.