Understanding 26-bit Wiegand

Oct. 27, 2008
Basics of Wiegand access control and 26-bit encoding technology

Q: Installation instructions for access control frequently refer to the reader or keypad as 26-bit Wiegand . What does 26-bit mean and is it secure?

A: Wiegand is the trade name for a technology used in card readers and sensors in access control products. They look like credit cards that use magnetic stripe but instead of a band of ferromagnetic material, the card contains a set of embedded wires. The wires are made of a special alloy with magnetic properties that are difficult to duplicate. The set of wires can contain sensitive data such as credit card and bank account numbers, employee identification information, criminal records and medical history. The card is read by passing it through, or bringing it near, a device called a Wiegand sensor.

The Wiegand effect was invented by John R. Wiegand and it took him 40 years to do it. It is based on the phenomenon of what occurs when specially-manufactured wire passes through a magnetic field.

Wiegand performs under a wide range of temperatures, making the technology suitable for hostile environments. Other pluses include rapid response time and portability. These properties make Wiegand cards and readers ideal for use in the field.

The term Wiegand originally referred to card reader technology which included the encoded credential, the reader and the interface (data communications format) between the reader and the access control electronics. The “26-bit” referred to the protocol of the data on the card. Proximity credentials and readers typically use the Wiegand interface and 26-bit encoding.

Wiegand credentials once ruled as the most popular access control, but the readers hold a definite disadvantage compared to proximity. Although the Wiegand reader was totally sealed and robust, performing a card read required physical contact between the reader and the credential to gain access. The need to manipulate the credential in the reader slowed down throughput, making proximity more convenient and quicker to deploy.

The other Wiegand disadvantage was that the credentials had to be factory ordered, since they were encoded during the manufacturing process. Unlike magnetic stripe, where the ferrous material on the credential is magnetized with the data pattern, the Wiegand card is embedded with small wires in a specific pattern and when the card is passed through the magnetic field in the reader, measurable fluctuations in the wires embedded in the card are sensed by the reader sensor and buffered into a Wiegand bit stream.

In access control 26-bit is the industry standard, open encoding format. The data encoded using 26-bit format consists of 255 possible facility codes and within each there is a total of 65,535 unique card numbers. This is a relatively small number of unique cards, so additional authentication is often used. There are three universally recognized factors for authenticating individuals: passwords, security tokens or encoded credentials or a physical characteristic, such as a fingerprint, retinal scan or other biometric characteristic.

The use of a memorized password or biometric template in conjunction with the proximity credential is referred to as multiple factor authentication and regarded as highly secure.