The Business Case for Smart Credentials

Smart credentials are in the future for every organization. With increased security capabilities, they can be used to host multiple applications, enabling organizations to consolidate many services on one card — producing cost savings and increased efficiency. By combining the openness and security of open system contactless smart credentials with a myriad of applications, organizations can provide staff with more contactless functions without having to perform the software and interface tweaks so prevalent with proprietary credentials.
From checking out parts at the factory depot and buying lunch at the company cafeteria to passing a biometric verification for security at the data center, contactless smart credentials are convenient — one credential has the ability to provide many features, including identification, check-out privileges, building access, cafeteria and vending machine purchases, and many more.
Of course, any type of card can be used in these applications — magnetic strip, proximity or proprietary smart card. However, organizations are learning that they get their best return on investment (ROI) with open architecture smart credentials. Within a smart credential, a microchip can store, protect and modify information, providing many opportunities for information sharing and exchange. Smart cards offer a number of ways to verify an individual, including static and dynamic passwords, digital certificates and private keys, biometrics and pictures.
With the price of smart credentials being comparable to proximity cards today, there is no reason not to deploy smart credentials immediately, even if the only application will be physical access control. A smart credential, for the same price, provides a higher level of security, more convenience and far greater functionality than a proximity card.

Cost Repercussions
Secure access solutions available with open system smart credentials have important ROI implications. For example, in smart card programs introduced for password control, an organization immediately solves the problem of (forgotten) passwords — a nemesis for both users and administrators. The organization will reduce overhead costs simply by not having to administer passwords.
Also, the roll-out of smart credential solutions for physical access control is typically done in tandem with the implementation of card management systems that involve card issuance, personalization, access rights, management and post-issuance. Such solutions alone simplify management processes, making them more cost-effective.
By introducing smart credential-based authentication, a facility can immediately reduce the number of staff members needed to manage and control access to laboratories, data centers and other buildings that only authorized staff should enter. By demonstrating their reduced risk in terms of intruders gaining access to their facilities, organizations can affect marked savings on insurance premiums.
At the core of an access control system is the need to stop unwanted individuals from gaining access to facilities. Companies require systems that minimize the prospect of equipment and intellectual theft. The effect of equipment theft is also highly likely to impact staff productivity in the short term, due to a lack of equipment and potentially ensuing stress.
Most important of all, though, is protecting the safety of employees and visitors. In today’s environment, programs that foster increased facility security are on the forefront of every security director’s mind. In comparison to door keys, magnetic stripe cards or proximity cards, smart credentials are more difficult to duplicate. By issuing their staff credentials with strong authentication mechanisms, companies are effectively investing in their well being and demonstrating that they take security seriously.

Specifications that Will
Increase ROI
Look for a contactless smart credential that is armed with mutual authentication and encrypted with AES 128- bit diversified keys. With such capabilities, the card and reader verify that they are authorized to communicate bi-directionally.
Additionally, 128-bit keys virtually ensure no one can read or access credential information without authorization. The technology behind AES has approval by the NSA (National Security Agency) for classified information. A message authentication code (MAC) further protects each transaction between the credential and the reader. This security feature ensures complete and unmodified transfer of information, helping to protect data integrity and prevent outside attacks
Facilities should use an open solution smart credential — one built to adhere to ISO 14443, a four-part international standard for contactless smart credentials. This results in faster data transfer between credential and reader, up to 848 kbps baud rate (1K baud = 1,000 bits of data per second). ISO 14443 technology — the same standard used by the U.S. government — is especially recommended for applications requiring large amounts of data (such as biometric templates), which are often used in tandem with card or PIN access.
With smart cards soon to be the most popular choice for credentials, it is very important that security professionals understand the ramifications of differing smart credentials. In an atmosphere of openness and inclusiveness, specifiers must make sure that they are adhering to smart card standards that will make their selected smart credential easy to deploy and use. ?

Jennifer Toscano is Portfolio Marketing Manager for Credentials, Readers, Software and Controls for Ingersoll Rand Security Technologies.