Smart Technology in Access Control

Smart devices bring a new dimension to access.

To maintain security, read/write cards have a ?key,? an encryption algorithm that must match between card and reader before data transfer. Honeywell's DESfire credentials maintain a high degree of security through triple encryption with a built-in encryption processor on the card.

Access control functions that were once only available in fully networked systems have become more accessible with microprocessor cards. These include the ability to void other credentials and reprogram the reader to accept a new card, require a PIN entry with the read, carry a descending count code that limits the number of uses without revalidation, and maintain photo or signature files for user verification. Perhaps the greatest value of smart credentials is their ability to be used for secure transactions (banking, time and attendance, access to services) while allowing card access systems to function on their own dedicated networks.

Manufacturers of smart cards and readers offer development kits that designers can use to build security applications. In addition, several companies have expertise in designing software for smart cards, and many of them will develop software under contract with clients that may choose not to maintain a full-time staff of software designers. Security applications are limited only by the imagination of software developers.

One unique application of smart cards stores a photo image of the holder on the card. When the user presents a card at a stationary or portable reader (embedded in a PDA), his or her photo appears on a screen for visual verification.

Another significant security application integrates biometric technology with smart cards to verify the user's identity without having to manage biometric template data in the background. The template is the biometric user profile that the access system creates when each user enrolls. This template from enrollment is compared against the user's live biometric information whenever that user attempts to gain access. Networked biometric access systems share template data so that a user's template is ready for comparison when he or she attempts access. However, it is not always possible or practical to manage biometric templates through a network. Users with large databases or with readers that do not connect directly to a network can benefit from biometrics integrated with smart cards. By encoding the biometric data on user cards, the terminal verifies the user's identity by extracting template information from the card before sending the user's ID number to the access control system.

Government and private security professionals are increasingly considering ?process-on-the-card? concepts. Access decisions and biometric verification take place on the credential, thus the biometric template never leaves the card. Precise? Biometrics uses this process in some of its products.

Emerging technologies will revolutionize how biometric and access information are stored and processed. Following the ?dot-bomb??the crash of so many Internet-based businesses in Northern California's Silicon Valley?investors and civic leaders alike anxiously await the next new technology wave to revive the valley. Many analysts believe the next new thing in the Silicon Valley will likely be nanotechnology, the miniaturization of processes to the molecular level. Computer chip makers have already reduced the size of their processors to microscopic levels. Nanotechnology will embed enormous computing power into access credentials at ever-lower cost.

Microprocessor cards are more costly than other credential technologies, but the cost is coming down as manufacturers refine their processes. Axalto (Schlumberger) is a major producer of multiple ISO smart cards and the leading manufacturer of microprocessor cards. This market is continually expanding as security professionals demand higher performance in access control and debit applications.

Smart cards bring a new dimension to access control. Mifare, iClass, DESfire and similar encrypted credentials offer the highest level of security against tampering and replication. The read/write, memory and processing capability of smart credentials offer advanced access control functions that broaden the functionality of both networked and stand-alone systems. Biometric integration ensures the cardholder is indeed the authorized user. Card memory can store audit trail information that security administrators can retrieve from the card. This is particularly valuable with stand-alone or fragmented network access controls.