Access Control: Are Your Clients Prepared for Smart Cards?

Oct. 3, 2013
Clear benefits and features are driving the transition of many markets to one-card solutions

Colleges, for the most part, already understand the importance of a one-card solution. Today, they are using proximity but many are quickly migrating to smart credentials — because they can get applications on a smart card more easily, including identification, library circulation, building access, meal plans and charging privileges, which eliminates the need to carry money on campus, holding a biometric template and more.

While college campuses have taken the lead in the smart card transition, smart, one-card solutions are a great fit for many different campus and facility applications, and markets like healthcare, government and others are also jumping on the one-card bandwagon.

It is important that your clients are prepared for smart credential deployment, even if the client currently wants to install proximity, magnetic stripe or keypad readers. Integrators can help by proposing multi-technology readers that combine the ability to read magnetic stripe, proximity and smart cards in just one reader; so if and when the client switches over to smart cards, they don’t have to install new smart card readers.

Why Use Smart Cards?

A smart credential, for the same price, provides a higher level of security, more convenience and far greater functionality than a proximity card. Smart credentials have the ability to manage access, payments and many other functions much more securely.

MIFARE DESFire EV1 smart cards, for example, offer several different layers of security, including mutual authentication and AES 128-bit encryption that help protect sensitive information. Message authentication code (MAC) further protects each transaction between the credential and the reader, ensuring complete and unmodified transfer of information — thus protecting data integrity and preventing outside attacks.

In comparison to door keys, magnetic stripe cards or proximity cards, the encrypted security of smart credentials ensures that they are far harder to counterfeit. It is not possible to put a dollar amount on the potential damage that an organization could suffer by unauthorized individuals gaining access to restricted areas of the facility.

Issuing a single smart credential also impacts administrative costs. Not only is the cost of a single credential lower than purchasing multiple forms of ID, but the reduced management and distribution time for one credential will have a significant impact on productivity.

Additionally, choosing the right smart card credential can make all the difference when using them with applications other than access control. Rather than those designed for proprietary systems, look for platforms that are open format that allow easy integration into other applications with minimal programming — speeding up the time of deployment and thus reducing the cost of implementation. Open architecture readers also let organizations use both their present software and panels with their new credentials. If, down the road, they change their software, they can still use the readers.

IT-approved and Future-Ready

When presenting a smart card solution, be prepared for representatives from the IT department to take notice. More and more security system decisions are being made with input from the IT department. And we’re seeing increased desire for the convergence of physical and logical security access control.

IT professionals want strong authentication credentials, the level of security provided by smart cards. Contrary to proximity and magnetic stripe cards and their readers, smart cards go through a challenge and response sequence to initiate conversations with the network. Communications are encrypted using industry standard encryption techniques. By welcoming their involvement and showing ability to speak their language and answer their questions, you will gain additional layers of approval within the IT organization.

Near Field Communications (NFC) technology is now being added to a growing number of mobile handsets to enable access control as well as many other applications. Over 285 million NFC-enabled smart phones are expected to be sold in 2013 and over half the phones sold in 2015 will be NFC-capable. Existing aptiQ™ 13.56 MHz smart card/multi-technology readers are already compatible with the new NFC technology which allows users to deploy their own smartphones as their credentials to enable secure access into their facilities. When NFC-enabled phones are available, those using such readers won’t have to replace their present smartcard/multi-technology readers.

Hospitals: A Natural Fit

A hospital employee carries a magnetic stripe card with two barcodes on her lanyard. In addition, she must remember two different PINs and has a proximity card in her pocket for the institution’s other facility. That is because, if we review the typical access control system in use today, it was installed in stages. As a result, it is comprised of different brands and disparate products, many of which do not integrate into the same system or talk with each other.

 Too many of today’s systems require many separate databases and a plethora of software interfaces that create confusion, lower the level of security within the facility and decrease staff productivity for the customer and the installer. Not only are such scenarios cumbersome for the employees, they drive the physical access control management crazy. And, on the horizon sits the IT department, becoming more and more prevalent in access control hardware and software purchases — IT won’t put up with it.

As a result, it is much more efficient, economical and secure to have the teaching hospital’s employee carry a single smart card that provides a variety of applications, including her biometric template. It can provide her access to the areas of the hospital to which she is authorized, including the biometrically-secured pharmacy, as well as access to many other hospital applications, making her job easier, adding to her productivity and helping the hospital become more secure. The same would be true if she was a student or staffer on the campus proper or worked in an office building.

At the hospital, smart credential technology offers a way to significantly reduce administrative costs while maintaining or increasing quality of care and customer service. It helps hospitals achieve better patient identification, securely storing various identity credentials (such as a PIN, photo or biometric) directly on the card and making it very difficult to forge or steal the credentials on the card. Smart credentials provide hospitals with administrative efficiencies, cutting down the time for admissions by providing ready access to accurate, up-to-date patient information and linking a patient to their medical records to reduce medical errors. They provide similar benefits for other types of organizations.

Jeremy Earles is Ingersoll Rand Security Technologies’ Portfolio Manager for Credentials and Readers. He can be contacted at [email protected]. Request more information about IR by visiting www.securityinfowatch.com/10215684.