University administrators are rapidly adopting new, end-to-end campus ID card issuance solutions that eliminate the problems of earlier obsolete and vulnerable systems while paving the way for enhanced capabilities and ROI value. These solutions improve campus security while still enabling students, faculty and staff to move freely throughout the campus. They also provide the foundation for future capabilities including moving some or all card office operations to the cloud.
Establishing a Strong Foundation
Successful university ID card implementations deliver flexible student and faculty accessibility through visual security. Also important is their ability to support sustainability initiatives on campus through such capabilities as wasteless ID card lamination and eco-friendly card printers.
Universities can greatly enhance security and safety by going beyond student credentials to also deploy visitor management systems that enable them to know the identity of each person on campus. Today’s systems allow for the check-in, check-out, and tracking of all campus visitors. Administrators can quickly and easily flag those who either shouldn’t be on campus or need to be handled differently than other guests.
One of the most important decisions is whether to move campus IDs to contactless smart cards with an embedded smart chip. This improves security because the cards cannot be easily cloned and there is a diminished opportunity for unauthorized individuals to obtain card information. Another benefit of contactless smart card technology is ease of use -- students and faculty access facilities and services by simply tapping the card on a reader. Plus, since the information is specific to the cardholder, cards can be configured to allow access only to specific buildings, services or applications.
Some schools have also begun making mobile credentials an option. Putting credentials onto mobile phone offers a more convenient, trusted and secure experience, and is expected to grow in adoption. It gives users more control over how they access and interact with the campus environment, and how they discover, purchase and enjoy its services and experiences. If a university isn’t ready to upgrade card technologies to mobile solutions, an alternative is to simply add a visual security element (VSE) to student IDs. This makes student and staff credentials easily verifiable. VSEs are available in overt and covert options including holographic overlays, microtext and fluorescing images and more that provide a quick method to determine if the card is authentic as students and staff enter sporting or other campus events.
One of biggest value propositions for smart cards is the ability to use the same card for much more than just simple identification. Today’s applications now range from opening dorm room doors and making cashless payments for meals or transit fares, to checking out media center materials. These and other applications are making campus ID cards more useful and valuable. Meanwhile, the options for issuing them are also expanding.
Understanding Issuance Options
Many universities want the ability to produce cards in high volumes, on demand, from many locations across the campus. This requires a combination of printers, card materials and software that work together to deliver fast and efficient instant issuance capabilities. Today’s issuance solutions also optimize card security by incorporating visual and logical technologies for multi-layered validation. Printer choices range include monochrome direct-to-card (DTC) solutions that combine quality, reliability and ease of use, and high definition printing (HDP) retransfer technology that can be used to create contactless or contact smart cards. Another option is high-throughput solutions that optimize performance and productivity.
In these traditional implementations, ID cards are designed and printed from a PC that is connected to a nearby printer. Someone must be physically present at the PC to design the card, use the student ID database to encode data on the card, and send the card to a printer. More recently, some suppliers have added a piece of locally installed software that enables web-based design and, in some cases, a certain level of encoding work. This is no longer the only way to issue cards, though.
More recent issuance options include cloud-based solutions that deliver a new remote card issuance experience. The cloud-based approach transforms ID card printers into edge devices within the Internet of Trusted Things (IoTT) and redefines the economics of card issuance by ushering in new service-based models. It delivers a completely new way to manage student ID issuance that gives schools back both time and money, and re-envisions how a card office operates to transform the campus experience for staff and students.
A true cloud-based platform brings the entire secure issuance process into a centralized and integrated system. Everything from design and encoding to printing is managed and executed remotely by an administrator in a card office at the main campus or any satellite facility or other remote location. They can use a tablet, laptop or any device with a web interface to access one trusted system for creating new cards, encoding data on them, issuing replacements and managing print queues.
Cloud-based ID card issuance offers many new benefits. It improves the user experience, eliminating the requirement that users visit a main card office to pick up an ID. Cards can be sent to card printers installed at remote offices and satellite campuses. These printers essentially become smart, secure, web-enabled edge devices in the IoTT, leveraging all of the issuance platform’s functionality.
Security and privacy protection are also improved with cloud-based issuance. End-to-end encryption should be used to protect all sensitive data both in transit and at rest, using banking-level protocols. Digital certificates add trust between the cloud and the issuance console. Card data must remain encrypted until it is printed, after which all personally identifiable information (PII) should disappear, and all encryption keys must be securely stored in tamper-proof hardware. Unique firmware should be used to ensure printers only work with the cloud-based issuance system software, and there should be the option of using the issuance console with a card reader to ensure that print jobs are only released when an authorized card or credential has been physically presented for validation.
The cloud-based model also improves the administrator experience by eliminating the need to manage software and other IT resources generally required for card issuance, increasing control and security, and simplifying high-volume card issuance management and delivery. Eliminating the need for PCs to be locally connected to printers also eliminates the task of maintaining associated software updates and security patches. Another benefit of cloud issuance is that it simplifies the task of tracking system activity.
From a budget standpoint, cloud-based issuance may eliminate any capital expenditure requirements for deploying printers as part of a world-class card issuance implementation. Cost savings can be substantial. They include reducing annual expenses associated with cardstock, laminates and ribbons as well as service, maintenance and hardware and software updates. Other savings come from cutting the cost of staff time required for issuance or reordering supplies, IT resources to support the operation and periodic replacement of obsolete equipment.
Cloud-based issuance also provides the option for hardware, software and other resources to be leased and their costs bundled into a service offering billed on an annual or monthly-installment basis. The service model not only cuts multiple layers of program costs but also makes it easier for administrators to scale the card office to accommodate future technology capabilities or changing volume demands. For instance, administrators can opt to have commercial printing bureaus produce large card batches during peak demand periods. In general, cloud-based services deliver all of the benefits of centralized issuance control and visibility along with the option of performing distributed or batch printing.
A service based model also enables administrators to convert their issuance budget into an operational expense covering the service fee for all ribbons, pre-printed cards and mag stripe encoding. This approach diminishes the previous unpredictable expenses, labor and other ancillary costs associated with owning, maintaining, replacing and managing hardware and software. Because cloud-based solutions are aware of printer health and maintenance needs, as well as all activity down to the printer level including the status of consumables, a service provider can drop-ship replacements to a customer before they run out.
Planning for the Future
The way ID cards are issued and used is changing quickly as administrators move to end-to-end issuance solutions and cloud-based issuance and associated services. The transition to contactless smart cards has made campuses more secure and ID cards more valuable across a growing range of applications that can be more easily added and managed using end-to-end issuance solutions. The advent of cloud-based solutions further enhances issuance options, with the potential to revolutionize how the card office operates while ensuring that universities can keep up with advances in credential technology including mobile IDs that enable users to carry ID cards on their smartphones.
About the Author: Robin Tandon is Director of Product Marketing for Cloud Solutions at HID Global.
