Kicking it up a leve

Kicking It Up a Level

How new credentials and biometrics are helping protect people and property better

An employee at a particular major teaching hospital carries a magnetic stripe card with two barcodes on the lanyard. In addition, the employee must remember two different PINs and carry a proximity card for the institution’s other facility. That doesn’t make sense.

A credential is what you use to identify yourself to a system. Whether it’s a key, a card or a biometric, your credential can provide access to spaces or services within your facility. For system managers, card-based credentials offer a solution that is easier to manage than keys and harder to duplicate than PINs. Managers can easily assign and revoke access privileges, or alter a single user’s access privileges without affecting the entire population of users.

With card-based access, the threat of unauthorized keys and shared PIN codes is eliminated. In facilities that require permission to multiple systems, card-based credentials offer the potential to consolidate technologies across multiple systems, enabling users to carry one credential to achieve multiple activities.

However, today’s typical access control system was, in all too many cases, installed in stages. As a result, it is made up of different brands and disparate products that often do not integrate into the same system or talk with one another. Too many of today’s systems require many separate databases and a plethora of software interfaces that create confusion, lower the level of security within the facility, and decrease staff productivity for the customer and the installer.

Not only are such scenarios cumbersome for the employees, they drive the physical access control management crazy. And on the horizon sits the IT department, becoming more and more prevalent in access control hardware and software purchases. They shouldn’t put up with it.

In addition, not all card technologies are the same. Some card credentials are a great deal more secure than others. So, with this is mind, what’s the outlook for the future in IDs, biometrics and credentials?

Smart Cards Are the Future

We used to think that Homeland Security Presidential Directive 12 (HSPD- 12) would fuel smart card use in the government and accelerate adoption by large enterprises because HSPD-12 seeks to establish secure and reliable identification for all federal employees and contractors. Because federal mandates tend to have a cascading effect, this directive would have a huge significance: State and local governments, as well as first responders, would become major buyers of FIPS 201-compliant smart cards as they follow the federal initiatives. Private contractors would have to follow.

But organizations have bigger and more important reasons for choosing smart credentials, and there is no reason not to deploy smart cards immediately, even if the only application is to ensure physical access control. Organizations need smart credentials that work for them today and give them the flexibility to add applications in the future. After all, it is simply too easy for unauthorized people to duplicate and use another person’s proximity card.

Smart cards provide a higher level of security, more convenience and far greater functionality than proximity cards do for a comparable price. In addition, these smart cards have the ability to manage access, payments and many other functions.

Unlike proximity cards, smart cards using MIFARE DESFire EV1 technology offer several different layers of security, including mutual authentication, which ensures that the reader and the card are allowed to talk with each other before any information is exchanged. They also provide AES 128-bit encryption, a key encryption technique that helps protect sensitive information. They additionally supply diversified keys, which virtually ensure no one can read or access the holder’s credentials information without authorization. A message authentication code further protects each transaction between the credential and the reader, ensuring complete and unmodified transfer of information, helping to protect data integrity and prevent outside attacks.

Thus, smart cards provide groups with a way to increase the security of their access control solution today while providing a pathway to other smart credential applications. For that reason, although organizations might currently be using proximity, they are quickly migrating to smart credentials because they can incorporate a multitude of applications on a smart card more easily.

Besides access control, popular smart credential applications include identification, check-out verification, company cafeteria charges, access to recreational facilities, charge privileges at various locations, admission to events, transit passes, service access, bankcard service and biometric template holding.

The Bottom Line on Smart Cards

It is important that organizations be prepared for smart credential deployment, even if their facility wants to install proximity, magnetic stripe or keypad readers at present. Integrators can help customers by proposing multitechnology readers that combine the ability to read both proximity cards and smart cards. That way, when the group switches over to smart cards, it doesn’t have to tear out its old readers to install smart card readers. During the transition, the group can use both its old proximity credential and the new smart credential.

Also, ensure the new credential readers are open-architecture. Save money by using the existing access control system, if at all possible. Open architecture readers will let groups use both their current software and panels with their new credentials. If, down the road, the group changes its software, it can still use these readers.

Biometrics—Making Security Include Who You Are

Biometrics are automated methods of recognizing an individual based on unique physical characteristics. Biometric technologies, like hand geometry and fingerprinting, enable a facility manager to ensure that only verified users have access to a facility at authorized times. Biometrics provides the highest level of assurance that the actual authorized individual, rather than just the authorized key, card or code, has access to a secure facility. Because of the versatility of biometric technologies, you will find them used in universities, data centers, day care centers, airports, healthcare facilities and government buildings—any place where resources, lives or sensitive information require the highest levels of security.

If access control systems are to control where people, not credentials, can and cannot go, then only a biometric device truly provides this capability. Most people are familiar with the idea that biometrics are used in high-security venues such as data centers, nuclear plants and laboratories. However, many find it surprising that their biggest deployments are where they are chosen for convenience.

Biometrics are user-friendly. First of all, they can eliminate the need for keys or cards. While keys themselves don’t cost much and dramatic price reductions have lowered the capital cost of the cards in recent years, the true benefit of eliminating them is realized through reduced administrative efforts. For instance, an administrator must replace and reissue a lost card. Lost keys not only require replacement, but they also create the need for replacing the cylinders for all the openings that the lost key accessed. Thus, when taken together, the overall administration of a key or card system is costly. Hands and fingers are not stolen or forgotten. They also don’t wear out or need to be replaced.

“The number-one suggestion from our members was eliminating the need for ID cards,” said Director of Campus Recreation Jill Schindele at the University of California-Irvine. “We took [these] suggestions seriously and feel that hand geometry is the fastest and most efficient alternative to identification cards.”

Secondly, biometrics are easy to administer, install and maintain. Replacing card readers, in many cases, is simply an unplug-plug-and-play operation. Hand geometry readers, especially, get people into buildings and rooms quickly. They include a variety of options, such as letting an employee quickly check accrued vacation time. Plus, it is easy to control threshold levels, allowing administrators to implement tight access control in a nuclear power plant and loose access at a spa. At the University of Georgia, biometric palm readers control access to campus housing. “Housing basically has an electrified door system,” said Bill McGee, formerly the manager of the Bulldog Bucks office blackboard transaction system at University of Georgia card services. “Any door can be opened from the control desk or remote desks around campus. We also have cameras on the doors. By adding the [palm reader] HandKey, we go from an access control system to a security access system. We feel that this is an important attribute. By simply putting one HandKey at an entrance, an organization can turn that door into a security system in its simplest form at a low cost.”

According to McGee, eliminating re-keying upon lost or stolen keys and students or employees leaving the university is especially important for larger institutions. With 800 people in a dormitory, re-keying would be both cost-prohibitive and a logistical nightmare.

As a result of so many biometric implementations that took place on college campuses during the last decade—in addition to the countless campuses that already had been using biometrics for years—in the residence halls, dining halls, and recreation centers, the industry has created thousands upon thousands of future prospects that see biometrics as a tool to be trusted for its security and convenience rather than equipment to be feared as “futuristic” or worrisome.

Tightening the ID Process Is Now a Two-Step Procedure

Most people will agree with Gary Conley, the University of Virginia’s facilities and systems engineer for the office of business operations, that simply running a magnetic stripe card or entering a PIN is not enough in today’s world. A lost card or found PIN should not be the ticket for unauthorized users to enter places they don’t belong.

That’s why two-step/multi-factor authentication is becoming more common. Indeed, it has been one major selling point in the phenomenal growth of biometrics over the past several years in which a PIN or card is used to bring up the biometric template that must be matched. Using smart cards in conjunction with biometrics raises the security level.

That’s because a single smart card can store both the user’s ID number and biometric template. Because of this, there is no need to distribute hand templates across a network of readers or require the access control system to manage biometric templates. This means integration to any existing access control application is greatly simplified, eliminating extra network infrastructure costs. Because the template resides only on the card, the solution also eases individual privacy concerns.

Providing the best of smart cards and biometrics, the solution provides dual authentication by requesting both the right card and the right person. A smart card reader is attached to or embedded into the biometric reader. A plastic cardholder is affixed to the side of the unit. The verification process takes approximately one second.

With the hand reader, the hand template requires only nine bytes to define the hand, the smallest in the biometric industry. This ensures fast response times and that the smart card can maximize its benefits by offering users increased room for other applications. In addition, the implementation supports multiple secure applications on the smart cards. Possible applications include the storage of additional information to allow for secure log on to a PC or laptop and accessing the company’s network.

Help That Hospital Employee

Today, it is much more efficient, economical and secure to have the initially mentioned teaching hospital’s employee carry a smart card that provides a variety of applications, including a biometric template. It can provide the employee with access to the areas of the hospital to which the person is authorized, including the biometrically secured pharmacy and other similarly secure locations, making the job easier, adding to employee productivity and helping the hospital become more secure. The same would be true if the employee were a student or staffer on the campus proper, or if he or she worked in an office building.

This article originally appeared in the August 2011 issue of Security Today.

Featured

  • Gaining a Competitive Edge

    Ask most companies about their future technology plans and the answers will most likely include AI. Then ask how they plan to deploy it, and that is where the responses may start to vary. Every company has unique surveillance requirements that are based on market focus, scale, scope, risk tolerance, geographic area and, of course, budget. Those factors all play a role in deciding how to configure a surveillance system, and how to effectively implement technologies like AI. Read Now

  • 6 Ways Security Awareness Training Empowers Human Risk Management

    Organizations are realizing that their greatest vulnerability often comes from within – their own people. Human error remains a significant factor in cybersecurity breaches, making it imperative for organizations to address human risk effectively. As a result, security awareness training (SAT) has emerged as a cornerstone in this endeavor because it offers a multifaceted approach to managing human risk. Read Now

  • The Stage is Set

    The security industry spans the entire globe, with manufacturers, developers and suppliers on every continent (well, almost—sorry, Antarctica). That means when regulations pop up in one area, they often have a ripple effect that impacts the entire supply chain. Recent data privacy regulations like GDPR in Europe and CPRA in California made waves when they first went into effect, forcing businesses to change the way they approach data collection and storage to continue operating in those markets. Even highly specific regulations like the U.S.’s National Defense Authorization Act (NDAA) can have international reverberations – and this growing volume of legislation has continued to affect global supply chains in a variety of different ways. Read Now

  • Access Control Technology

    As we move swiftly toward the end of 2024, the security industry is looking at the trends in play, what might be on the horizon, and how they will impact business opportunities and projections. Read Now

Featured Cybersecurity

Webinars

New Products

  • QCS7230 System-on-Chip (SoC)

    QCS7230 System-on-Chip (SoC)

    The latest Qualcomm® Vision Intelligence Platform offers next-generation smart camera IoT solutions to improve safety and security across enterprises, cities and spaces. The Vision Intelligence Platform was expanded in March 2022 with the introduction of the QCS7230 System-on-Chip (SoC), which delivers superior artificial intelligence (AI) inferencing at the edge. 3

  • Connect ONE’s powerful cloud-hosted management platform provides the means to tailor lockdowns and emergency mass notifications throughout a facility – while simultaneously alerting occupants to hazards or next steps, like evacuation.

    Connect ONE®

    Connect ONE’s powerful cloud-hosted management platform provides the means to tailor lockdowns and emergency mass notifications throughout a facility – while simultaneously alerting occupants to hazards or next steps, like evacuation. 3

  • AC Nio

    AC Nio

    Aiphone, a leading international manufacturer of intercom, access control, and emergency communication products, has introduced the AC Nio, its access control management software, an important addition to its new line of access control solutions. 3