Hybrid Credentials

Be it a card or a mobile phone, credentials will be smart

There are three major initiatives for cards and credentials on college and healthcare campuses that every security director needs to be aware of:

1. Smart cards are becoming the credential of choice. If you currently use magnetic stripe or proximity cards, start planning for the switchover now.

2. It’s going to be a hybrid world. Although smart cards will be the credential of choice, multiple types of credentials, such as key systems, PINs and various types of cards and biometrics, will still be necessary for certain operations. Adding special credentials is possible, and even though you may be using multiple credentials, you still will want one system to manage all of them.

3. Get ready for new technologies, such as NFC (near field communications). With NFC-enabled smartphones, students and staff will be able to use their own smartphones as access credentials, just like they would use smart cards.

A smart credential, at about the same price as a proximity card, provides a higher level of security, more convenience and far greater functionality. As used on campuses and in newer access control systems, smart credentials have the ability to manage access, payments and many other functions much more securely. Plus issuing only one smart credential favorably impacts administrative costs. Not only is the cost of a single credential less than purchasing multiple forms of ID, but the reduced management and distribution time for one credential will have a significant impact on productivity.

For instance, MIFARE DESFire EV1 smart cards offer several different layers of security including mutual authentication that creates the ability for the client to verify or authenticate the server. These smart credentials will also provide AES 128-bit encryption, a key encryption technique that helps protect sensitive information as well as diversified keys that virtually ensure no one can read or access the holder’s credential information without authorization. They provide message authentication code (MAC) that further protects each transaction between the credential and the reader by ensuring complete and unmodified transfer of information, helping to protect data integrity and prevent outside attacks. Therefore, smart credentials increase the security of information kept on a card and stored in a facility.

IT Approved

When presenting a smart card solution, know that representatives from the IT department will probably take notice in a positive manner as more security system decisions are being made with input from the IT department. One reason is to meet the increased desire for the convergence of physical and logical security access control.

IT professionals want strong authentication credentials, the level of security provided by smart cards. Communications are encrypted using industry-standard, encryption techniques. By welcoming their involvement and showing the ability to speak their language and answer their questions, you will gain additional layers of approval within the IT department.

Smart Cards and Smartphones

Colleges have been outspoken in their use of the one smart card solution. Although many are still using proximity cards, they have been quickly migrating to smart cards over the past couple of years mainly because they can get applications on a smart card more easily, including identification, library circulation privileges, building access, meal plans, bankcard access to university services, holding a biometric template, among others.

Choosing the right smart card credential, however, can make all the difference when trying to use them with applications other than access control. Look for platforms that are open format rather than those designed for proprietary systems. Open formats allow for easy integration into other applications with minimal programming that speeds up the time of deployment while reducing the cost of implementation, giving organizations more freedom to get the most out of their investment. Open architecture readers also let organizations use both their present software and panels with their new credentials. If down the road they change their software, they can still use the readers.

NFC Technology

As Near Field Communications (NFC) technology is now being added to a growing number of mobile handsets to enable access control and many other applications, more organizations are considering joining the bring your own device (BYOD) trend and having their users deploy their own smartphones and access control credentials. It was projected that more than 285 million NFC-enabled smartphones were expected to be sold in 2013 and over half the phones sold in 2015 will be NFC-capable.

NFC provides simplified transactions, data exchange and wireless connections between two devices that are in close proximity to each other, usually by no more than a few inches.

As an example, Allegion’s aptiQmobile web-based credential management system allows NFC-enabled smartphones to grant access to buildings and dorm rooms as well as partake of other badge ID applications. To turn NFC-enabled smartphones into an access control credential, allowing people to use their smartphones to enter buildings in the same way they present a badge ID, users simply download the aptiQmobile app to their smartphone. Then, their access control administrator uses the aptiQmobile cloud service to send a secure mobile credential directly to the user’s phone. Once the mobile credential is downloaded, users open the app and tap their smartphone to the reader in the same way they use an ID card.

Verifying Who Is at the Door

For those situations in which the campus needs additional verification to confirm access (above someone having the appropriate smart card or smartphone), biometrics handles this challenge.

Healthcare facilities biometrics. On university healthcare campuses, physicians are not likely to always have their badges, but with a hand geometry reader, all they need to remember is an issued PIN code. From a security standpoint, hand geometry readers provide secure, tracked access that protects staff, patients, visitors and records in highly-secured hospital areas such as the pharmacy, patient records, labs and surgery rooms.

Identification Verification

At a major hospital in the southern United States, 39 Schlage Hand- Key terminals heighten security for patients and 3,500 employees on a 61-acre main hospital campus. These terminals are used in the birth center, IT data center and other major IT areas, the operating rooms and the emergency department.

University facilities biometrics. Data from independent research, Effective Management of Safe & Secure Openings & Identities, showed that 10 percent of colleges are already using biometrics. Besides residence halls, one of the most popular venues for biometrics is the recreational facility.

The University of California-Irvine, with 22,000 students, is an example. Plus this recreational facility doesn’t face the problem of students transferring an ID card to a friend.

“The number one suggestion from our members was eliminating the need for ID cards,” said Jlil Schindele, director of campus recreation at the University of California-Irvine. “We took their suggestions seriously and feel that hand geometry is the fastest and most efficient alternative to identification cards.”

Students throughout the nation appreciate the added security and convenience of not worrying about lost, stolen or borrowed credentials. Biometrics also are popular at dining halls where they limit access to students who have paid for the meal plan and at computer labs where only those authorized to enter can do so, protecting sensitive equipment and information.

What to Do Today

For those campuses already using aptiQ multi-technology readers, there is no need to replace readers for migration. These all-in-one readers work with proximity and smart cards as well as the NFCenabled mobile phone credential, providing an easy migration path to upgrade credentials between any of those versions at their own pace. If non-smart access technology is being used, multi-technology readers can be installed to help ease into the transition by reading both the ID badges and the smartphones. This makes it easy for customers to continue to operate in a hybrid world of cards and mobile, if needed.

In addition, while the major carriers will ultimately offer NFC card emulation/secure element solutions, organizations wanting to use NFC-enabled smartphones as their access control credentials for employees and students can begin the transition now. The recently introduced aptiQmobile secure peer-to-peer (P2P) NFC mode lets organizations provide the convenience of using a mobile device today.

This secure, peer-to-peer solution provides several advantages. It lets organizations use NFC-enabled Android phones, regardless of carrier, to create a universal solution that even works on unlocked phones. Apple iPhone users would continue using a special case to enable their phones. But, for many, its most important advantage is that it lets customers across multiple market segments deploy now.

It is very important that campuses prepare for smart credential and NFC deployment while embracing when to deploy biometrics, even if that facility wants to install proximity, magnetic stripe or keypad readers at present. If a new reader is needed, select multi-technology readers that combine the ability to read magnetic stripe, proximity, smart cards and NFC-enabled smartphones in a single unit. That way, when the campus switches over to smart credentials, it won’t have to tear out all the old readers to install smart credential readers; and during the transition, the campus can use both their old magnetic stripe and proximity credentials along with the new smart credentials.

This article originally appeared in the July 2014 issue of Security Today.


  • Security Today Launches 2023 Government Security Awards

    Security Today Launches 2023 Government Security Awards

    Security Today is proud to announce the launch of the 2023 Government Security Awards. The Govies honor outstanding government security products in a variety of categories. For this year’s awards program, participants can choose from 38 different categories to enter their product(s) into. Read Now

  • Back to the Basics

    Back to the Basics

    Security is a continuous evolution of practices and procedures. The developments in technology and advancements in threats make security difficult at times. Although security from one location may look different from another location, there is a common goal applied to security measures. The common goal is protection. Read Now

  • The Top Three Security Trends in 2023

    The Top Three Security Trends in 2023

    As security technology has become more widely used, the interest in new capabilities and increased security measures has increased. As we head into 2023, these three trends will shape the security landscape. Read Now

  • TSA Breaks Record Nationally and in Washington for Firearm Discoveries in 2022

    TSA Breaks Record Nationally and in Washington for Firearm Discoveries in 2022

    Transportation Security Administration (TSA) officers in Washington detected 164 firearms in travelers’ carry-on luggage in 2022, with the majority of the firearms discovered at Seattle-Tacoma International Airport’s (SEA) security checkpoints. Read Now

Featured Cybersecurity

New Products

  • VideoEdge 2U High Capacity Network Video Recorder

    VideoEdge 2U High Capacity Network Video Recorder

    Johnson Controls announces a powerful recording solution to meet demanding requirements with its VideoEdge 2U High Capacity Network Video Recorder. This solution combines the powerful capabilities of victor with the intelligence of VideoEdge NVRs, fueled by Tyco Artificial Intelligence, for video management that provides actionable insights to save time, money and lives. 3

  • BriefCam v6.0

    BriefCam v6.0

    BriefCam has released BriefCam v6.0, which introduces the new deployment option of a multi-site architecture. This enables businesses with multiple, distributed locations to view aggregate data from all remote sites to uncover trends across locations, optimize operations and boost real-time alerting and response – all while continuing to reap the benefits of BriefCam's powerful analytics platform for making video searchable, actionable and quantifiable. 3

  • QCS7230 System-on-Chip (SoC)

    QCS7230 System-on-Chip (SoC)

    The latest Qualcomm® Vision Intelligence Platform offers next-generation smart camera IoT solutions to improve safety and security across enterprises, cities and spaces. The Vision Intelligence Platform was expanded in March 2022 with the introduction of the QCS7230 System-on-Chip (SoC), which delivers superior artificial intelligence (AI) inferencing at the edge. 3