My first exposure to smart credentials was using public telephones in Europe. Before the widespread use of cell phones, the easiest and cheapest way to make phone calls from public phones?without stuffing unfamiliar currency into unfamiliar coin slots?was to use a telephone debit card. Today, cell phones that use the secure GSM network use smart technology in the form of the subscriber information module (SIM) card to store and maintain user information. Financial and services access remain the major uses of smart cards; however, their memory and processing ability add new dimensions to physical access control.
Surprisingly, a small market segment of the builders' hardware industry, considered to be a mature business, led the way in access control applications of memory credential technology. Intellikey ' smart locks and keys were developed more than 10 years ago. They use infrared communication technology to exchange information between two microprocessors, one in the lock cylinder, and the other in the key. A security administrator programs the keys with unique user ID codes, access levels, activation dates and special functions such as toggle codes or dual custody.
To ensure security, Intellikey's electronic restricted keyway ensures that only the keys issued for a site will be granted access to that facility's doors. The electronic keyway is similar to a conventional access control facility code. It is a unique encryption code programmed into the memories of the keys and locks. The encryption serves the same purpose as the custom keyways in mechanical keying systems, but provides higher security. If the key's facility code doesn't match that of the controller, the lock will not grant access. Likewise, the key and lock programming unit must use the same electronic keyway before any key can be read or lock updated. This prevents an unauthorized individual from stealing a key and attempting to compromise a keying system by examining the information in the key. This same read, write and process concept has found applications in smart credentials for physical access control.
How Smart Is Smart?
Smart credentials are commonly thought of as cards that send and receive data from a reader. However, there are varying degrees of ?smart.? A ROM (read-only memory) credential contains data that remains in the card for its entire service life.
The codes in EPROM (erasable programmable read-only memory) credentials can only be changed with special equipment that erases existing codes with ultraviolet light. These credentials are difficult to replicate and offer greater security than magstripe cards. EEPROM (electronically erasable programmable read-only memory) credentials can send, receive, and store information in computer chip memory.
Microprocessor credentials process information on board. It is this ability to read, write and process information that makes them the ?smartest? of credentials and makes them ideal for access control applications.
Microprocessor smart cards, which allow for read/write capability, fall under two main categories: contact and contactless. The contact, or chip, card (ISO 7816) includes an integrated circuit chip on its face. The reader connects to the card through contacts in the chip. Contact cards are primarily used for debit transactions, though they can have applications in access control.
Contactless smart cards vary considerably and are often combined with magstripe, contact chip or bar code technology, allowing the holder to use multiple services with a single credential. The microprocessors in contactless cards communicate with the reader through radio frequency technology. These cards typically use oscillators to draw power from the magnetic field of a reader, though battery-powered cards read at greater distances than the typical zero- to 10-centimeter range. Mifare' cards and HID's iClass cards both meet ISO standards for contactless smart credentials.