Kicking it up a leve

Kicking It Up a Level

How new credentials and biometrics are helping protect people and property better

An employee at a particular major teaching hospital carries a magnetic stripe card with two barcodes on the lanyard. In addition, the employee must remember two different PINs and carry a proximity card for the institution’s other facility. That doesn’t make sense.

A credential is what you use to identify yourself to a system. Whether it’s a key, a card or a biometric, your credential can provide access to spaces or services within your facility. For system managers, card-based credentials offer a solution that is easier to manage than keys and harder to duplicate than PINs. Managers can easily assign and revoke access privileges, or alter a single user’s access privileges without affecting the entire population of users.

With card-based access, the threat of unauthorized keys and shared PIN codes is eliminated. In facilities that require permission to multiple systems, card-based credentials offer the potential to consolidate technologies across multiple systems, enabling users to carry one credential to achieve multiple activities.

However, today’s typical access control system was, in all too many cases, installed in stages. As a result, it is made up of different brands and disparate products that often do not integrate into the same system or talk with one another. Too many of today’s systems require many separate databases and a plethora of software interfaces that create confusion, lower the level of security within the facility, and decrease staff productivity for the customer and the installer.

Not only are such scenarios cumbersome for the employees, they drive the physical access control management crazy. And on the horizon sits the IT department, becoming more and more prevalent in access control hardware and software purchases. They shouldn’t put up with it.

In addition, not all card technologies are the same. Some card credentials are a great deal more secure than others. So, with this is mind, what’s the outlook for the future in IDs, biometrics and credentials?

Smart Cards Are the Future

We used to think that Homeland Security Presidential Directive 12 (HSPD- 12) would fuel smart card use in the government and accelerate adoption by large enterprises because HSPD-12 seeks to establish secure and reliable identification for all federal employees and contractors. Because federal mandates tend to have a cascading effect, this directive would have a huge significance: State and local governments, as well as first responders, would become major buyers of FIPS 201-compliant smart cards as they follow the federal initiatives. Private contractors would have to follow.

But organizations have bigger and more important reasons for choosing smart credentials, and there is no reason not to deploy smart cards immediately, even if the only application is to ensure physical access control. Organizations need smart credentials that work for them today and give them the flexibility to add applications in the future. After all, it is simply too easy for unauthorized people to duplicate and use another person’s proximity card.

Smart cards provide a higher level of security, more convenience and far greater functionality than proximity cards do for a comparable price. In addition, these smart cards have the ability to manage access, payments and many other functions.

Unlike proximity cards, smart cards using MIFARE DESFire EV1 technology offer several different layers of security, including mutual authentication, which ensures that the reader and the card are allowed to talk with each other before any information is exchanged. They also provide AES 128-bit encryption, a key encryption technique that helps protect sensitive information. They additionally supply diversified keys, which virtually ensure no one can read or access the holder’s credentials information without authorization. A message authentication code further protects each transaction between the credential and the reader, ensuring complete and unmodified transfer of information, helping to protect data integrity and prevent outside attacks.

Thus, smart cards provide groups with a way to increase the security of their access control solution today while providing a pathway to other smart credential applications. For that reason, although organizations might currently be using proximity, they are quickly migrating to smart credentials because they can incorporate a multitude of applications on a smart card more easily.

Besides access control, popular smart credential applications include identification, check-out verification, company cafeteria charges, access to recreational facilities, charge privileges at various locations, admission to events, transit passes, service access, bankcard service and biometric template holding.

The Bottom Line on Smart Cards

It is important that organizations be prepared for smart credential deployment, even if their facility wants to install proximity, magnetic stripe or keypad readers at present. Integrators can help customers by proposing multitechnology readers that combine the ability to read both proximity cards and smart cards. That way, when the group switches over to smart cards, it doesn’t have to tear out its old readers to install smart card readers. During the transition, the group can use both its old proximity credential and the new smart credential.

Also, ensure the new credential readers are open-architecture. Save money by using the existing access control system, if at all possible. Open architecture readers will let groups use both their current software and panels with their new credentials. If, down the road, the group changes its software, it can still use these readers.

Biometrics—Making Security Include Who You Are

Biometrics are automated methods of recognizing an individual based on unique physical characteristics. Biometric technologies, like hand geometry and fingerprinting, enable a facility manager to ensure that only verified users have access to a facility at authorized times. Biometrics provides the highest level of assurance that the actual authorized individual, rather than just the authorized key, card or code, has access to a secure facility. Because of the versatility of biometric technologies, you will find them used in universities, data centers, day care centers, airports, healthcare facilities and government buildings—any place where resources, lives or sensitive information require the highest levels of security.

If access control systems are to control where people, not credentials, can and cannot go, then only a biometric device truly provides this capability. Most people are familiar with the idea that biometrics are used in high-security venues such as data centers, nuclear plants and laboratories. However, many find it surprising that their biggest deployments are where they are chosen for convenience.

Biometrics are user-friendly. First of all, they can eliminate the need for keys or cards. While keys themselves don’t cost much and dramatic price reductions have lowered the capital cost of the cards in recent years, the true benefit of eliminating them is realized through reduced administrative efforts. For instance, an administrator must replace and reissue a lost card. Lost keys not only require replacement, but they also create the need for replacing the cylinders for all the openings that the lost key accessed. Thus, when taken together, the overall administration of a key or card system is costly. Hands and fingers are not stolen or forgotten. They also don’t wear out or need to be replaced.

“The number-one suggestion from our members was eliminating the need for ID cards,” said Director of Campus Recreation Jill Schindele at the University of California-Irvine. “We took [these] suggestions seriously and feel that hand geometry is the fastest and most efficient alternative to identification cards.”

Secondly, biometrics are easy to administer, install and maintain. Replacing card readers, in many cases, is simply an unplug-plug-and-play operation. Hand geometry readers, especially, get people into buildings and rooms quickly. They include a variety of options, such as letting an employee quickly check accrued vacation time. Plus, it is easy to control threshold levels, allowing administrators to implement tight access control in a nuclear power plant and loose access at a spa. At the University of Georgia, biometric palm readers control access to campus housing. “Housing basically has an electrified door system,” said Bill McGee, formerly the manager of the Bulldog Bucks office blackboard transaction system at University of Georgia card services. “Any door can be opened from the control desk or remote desks around campus. We also have cameras on the doors. By adding the [palm reader] HandKey, we go from an access control system to a security access system. We feel that this is an important attribute. By simply putting one HandKey at an entrance, an organization can turn that door into a security system in its simplest form at a low cost.”

According to McGee, eliminating re-keying upon lost or stolen keys and students or employees leaving the university is especially important for larger institutions. With 800 people in a dormitory, re-keying would be both cost-prohibitive and a logistical nightmare.

As a result of so many biometric implementations that took place on college campuses during the last decade—in addition to the countless campuses that already had been using biometrics for years—in the residence halls, dining halls, and recreation centers, the industry has created thousands upon thousands of future prospects that see biometrics as a tool to be trusted for its security and convenience rather than equipment to be feared as “futuristic” or worrisome.

Tightening the ID Process Is Now a Two-Step Procedure

Most people will agree with Gary Conley, the University of Virginia’s facilities and systems engineer for the office of business operations, that simply running a magnetic stripe card or entering a PIN is not enough in today’s world. A lost card or found PIN should not be the ticket for unauthorized users to enter places they don’t belong.

That’s why two-step/multi-factor authentication is becoming more common. Indeed, it has been one major selling point in the phenomenal growth of biometrics over the past several years in which a PIN or card is used to bring up the biometric template that must be matched. Using smart cards in conjunction with biometrics raises the security level.

That’s because a single smart card can store both the user’s ID number and biometric template. Because of this, there is no need to distribute hand templates across a network of readers or require the access control system to manage biometric templates. This means integration to any existing access control application is greatly simplified, eliminating extra network infrastructure costs. Because the template resides only on the card, the solution also eases individual privacy concerns.

Providing the best of smart cards and biometrics, the solution provides dual authentication by requesting both the right card and the right person. A smart card reader is attached to or embedded into the biometric reader. A plastic cardholder is affixed to the side of the unit. The verification process takes approximately one second.

With the hand reader, the hand template requires only nine bytes to define the hand, the smallest in the biometric industry. This ensures fast response times and that the smart card can maximize its benefits by offering users increased room for other applications. In addition, the implementation supports multiple secure applications on the smart cards. Possible applications include the storage of additional information to allow for secure log on to a PC or laptop and accessing the company’s network.

Help That Hospital Employee

Today, it is much more efficient, economical and secure to have the initially mentioned teaching hospital’s employee carry a smart card that provides a variety of applications, including a biometric template. It can provide the employee with access to the areas of the hospital to which the person is authorized, including the biometrically secured pharmacy and other similarly secure locations, making the job easier, adding to employee productivity and helping the hospital become more secure. The same would be true if the employee were a student or staffer on the campus proper, or if he or she worked in an office building.

This article originally appeared in the August 2011 issue of Security Today.


  • Maximizing Your Security Budget This Year

    7 Ways You Can Secure a High-Traffic Commercial Security Gate  

    Your commercial security gate is one of your most powerful tools to keep thieves off your property. Without a security gate, your commercial perimeter security plan is all for nothing. Read Now

  • The Power of a Layered Approach to Safety

    In a perfect world, every school would have an unlimited budget to help secure their schools. In reality, schools must prioritize what budget they have while navigating the complexities surrounding school security and lockdown. Read Now

  • How a Security System Can Enhance Arena Safety and the Fan Experience

    Ensuring guests have both a memorable experience and a safe one is no small feat for your physical security team. Stadiums, ballparks, arenas, and other large event venues are increasingly leveraging new technologies to transform the fan experience and maintain a high level of security. The goal is to preserve the integrity and excitement of the event while enhancing security and remaining “behind the scenes.” Read Now

  • Protecting Data is Critical

    To say that the Internet of Things (IoT) has become a part of everyday life would be a dramatic understatement. At this point, you would be hard-pressed to find an electronic device that is not connected to the internet. Read Now

Featured Cybersecurity


New Products

  • A8V MIND

    A8V MIND

    Hexagon’s Geosystems presents a portable version of its Accur8vision detection system. A rugged all-in-one solution, the A8V MIND (Mobile Intrusion Detection) is designed to provide flexible protection of critical outdoor infrastructure and objects. Hexagon’s Accur8vision is a volumetric detection system that employs LiDAR technology to safeguard entire areas. Whenever it detects movement in a specified zone, it automatically differentiates a threat from a nonthreat, and immediately notifies security staff if necessary. Person detection is carried out within a radius of 80 meters from this device. Connected remotely via a portable computer device, it enables remote surveillance and does not depend on security staff patrolling the area. 3

  • ResponderLink


    Shooter Detection Systems (SDS), an company and a global leader in gunshot detection solutions, has introduced ResponderLink, a groundbreaking new 911 notification service for gunshot events. ResponderLink completes the circle from detection to 911 notification to first responder awareness, giving law enforcement enhanced situational intelligence they urgently need to save lives. Integrating SDS’s proven gunshot detection system with Noonlight’s SendPolice platform, ResponderLink is the first solution to automatically deliver real-time gunshot detection data to 911 call centers and first responders. When shots are detected, the 911 dispatching center, also known as the Public Safety Answering Point or PSAP, is contacted based on the gunfire location, enabling faster initiation of life-saving emergency protocols. 3

  • PE80 Series

    PE80 Series by SARGENT / ED4000/PED5000 Series by Corbin Russwin

    ASSA ABLOY, a global leader in access solutions, has announced the launch of two next generation exit devices from long-standing leaders in the premium exit device market: the PE80 Series by SARGENT and the PED4000/PED5000 Series by Corbin Russwin. These new exit devices boast industry-first features that are specifically designed to provide enhanced safety, security and convenience, setting new standards for exit solutions. The SARGENT PE80 and Corbin Russwin PED4000/PED5000 Series exit devices are engineered to meet the ever-evolving needs of modern buildings. Featuring the high strength, security and durability that ASSA ABLOY is known for, the new exit devices deliver several innovative, industry-first features in addition to elegant design finishes for every opening. 3