Migrating to Smart Cards

At some point, many facilities with physical access control systems are faced with making a decision to upgrade their existing card and reader system. Adding new applications, implementing a single card solution, increasing system security and re-badging aging card populations represent just some of the factors influencing migration decisions.

Customers have a variety of flexible migration solutions. From combining multiple technologies on a single card to readers that accept diverse card populations in a single footprint, Identiphoto is a one-stop shop for navigating card and reader upgrades.

What is Prox?

• "Prox" is a term used predominately in the United States to describe an RFID technology used in the Access Control Market
  • Requires no physical contact between a card and reader
  • Operates at 125 kHz
  • Typical operating distance from 4 to 6"
  • Packaged in cards or key fobs
  • Read-only
  • Data content typically from 26 to 40 bits
  • Generally very low security of data
  • No ISO standards exist
  • More than 250 million Prox cards have been sold

What is Contactless Smart Card Technology

• Contactless Smart Cards
  • Requires no physical contact between a card and reader
  • Operates at 13.56 MHz
  • Typical operating distance from 2" to 6"
  • Maximum operating distance of 39"
  • Packaged in cards, key fobs, stickers, labels, and more
  • Data content from 256 bits to 4k bytes and more
  • Memory can be segmented for multi-application use
  • Very high security
  • Supports true read/write on the fly
  • ISO Standardized (ISO 14443A/B & 15693)

What is a Multi-Technology Card?

• Choices include:
  • Contact Smart Card
  • 13.56 MHz Contactless Smart Card
    • PicoPass™, Mifare™, iClass™, MyD™, etc.
  • 125 kHz Prox
    • HID, Indala, AWID, EM, etc.
  • Magnetic Stripe
  • Debit Stripe
  • Bar Code
  • Optical Stripe
  • Barium Ferrite (Magnetic Technology)

Why Migrate to Contactless Smart Cards?

• Added Benefits With No Increase in Price
• Increased Security
• Ability to use same card for additional applications:
  • Biometrics: Carry multiple templates on card
  • Logical Access
  • ID: Carry Tamperproof Digital Photographs
  • Portable Database: Encrypted Information for authentication or emergencies
  • True Read/Write
  • ISO Standard
  • Greater Memory Density
• Interoperability
• Future Growth
  • Multi-Application Capability
• Faster Transaction Speed
• Lower Card Production Costs
• Multi-Application Support
  • 64 bit serial number
  • 32 applications each with individual secret keys
  • Each application "slot" has up to 232 usable bytes
  • Can combine multiple apps to increase memory

Multi Application example using PicoPass 32KS

Application	Data Blocks
0	Access Control
1-4	Logical Access
5	Time & Attendance
6	Vending
7-14	Finger Print (2 fingers)
15-16	IRIS Scan
17-27	Digitally Signed Photographs
28-30	Environmental & Building Mgmt
31	Burglar Alarm Arm/Disarm

• Multi-Application Support
  • Smart cards allow multiple applications - each protected with its own keys
  • Vendor should disclose keys for unused applications, i.e., open key strategy
  • Open Key Strategy advantages:
    • Other application slots free for use
    • Increases value of access control card
    • Allows one card to be used for many applications at the same time
    • Eliminates obsolesce
    • You're in control, switch access control vendors without reissuing cards
• International Standardization
  • Current 125 KHz Prox Technology
    • No ISO existing or planned standardization
    • Proprietary
      • HID, Motorola, AWID, Casi-Rusco, etc.
  • New 13.56 MHz Contactless Smart Cards
    • Standards DO exist
      • ISO 14443A, 14443B, 15693
    • Open standards with interoperability encourages broad supplier support and customer acceptance
    • Open standards can increase market size driving prices down
    • Facilitates interoperability between vendors and applications
    • Helps to drive costs down
    • Helps to eliminate obsolescence

Migration Strategies

Move Data from multiple applications onto a single card

• Advantages
  • Most aesthetic looking card
  • Most secure card
• Disadvantages
  • Most expensive card
    • Each technology contributes to manufacturing and cosmetic fallout
  • Reduced field-reliability due to multiple technologies
    • Some combination of technologies weaken card structure
    • Additional cost to re-badge due to failure

Use Existing Card with Smart Card Sticker

• Several companies make a smart card "Sticker"
• Sticker contains antenna and chip just like a card
• Advantages
  • Much lower cost because existing card is not thrown out
  • No migration of existing information from legacy applications
• Disadvantages
  • Not as aesthetic as a single card
  • Slightly reduced range due to smaller antenna
  • Location of patch important so card still works in existing readers (like magstripe)
  • Some organizations (Gov't, etc.) do not allow anything to be affixed to a card
  • Possible security issue if sticker is removed from card
  • Patch is designed to self destruct when removed
    • Electronic anti-tamper mechanisms available
    • Sticker utilizes a permanent adhesive for easy affixing to existing card

Use Multi-Technology Readers

• Multi-technology readers are capable of reading two different technologies
  • Prox and Contactless Smart Card
  • Contact and Contactless Smart Card
  • Prox and Magnetic Stripe
• Multi-technology readers may have multiple output protocols and interfaces
  • Wiegand
  • Clock & Data
  • RS232
• Advantages
  • No changes to cards
  • No card re-badging
• Disadvantages
  • Typically most expensive migration strategy
    • Cost of readers are higher
    • Readers available from only a few vendors
    • Not all technology choices available
  • Reader obsolescence occurs faster

Optimum Migration Strategy

Optimum strategy is to migrate all legacy applications to just contactless smart card solution utilizing separate application areas

• Single technology card is most cost effective and reliable
• Biggest stumbling block is
  • Retrieving data from legacy application and moving it to contactless smart card
  • Emulating legacy protocol and physical interface
• Can use all of the previous migration methods discussed for interim

Moving Data From Legacy Applications

Best method is to electronically move data under computer control

• No human typing errors
• Can automate process
• Very convenient, complete process can take less than 30 seconds
• Can almost always retrieve legacy data using its legacy reader interfaced to a PC
  • Security and internal formats need not be known since legacy reader already knows how to read card
  • Even if reader is proprietary, output data can usually still be captured at a PC
  • Ideal method to move legacy applications where vendor has gone out of business or is uncooperative

Integrated Card Issuing

If legacy data is already stored in a database:

• Can use a Dye-Sub Printer w/Smart Card Encoding to automate process
  • Unattended batch processing possible
  • Issue and personalize cards on demand

Wedge Readers

Many times a keyboard "wedge" reader can be used with a contactless smart card reader instead of original legacy reader

• Advantage is original PC application does not have to be changed at all!
• If legacy application already uses a wedge reader then it is a no-brainer to retrieve legacy data into a PC and rewrite into a contactless smart card