Hybrid Credentials

Be it a card or a mobile phone, credentials will be smart

There are three major initiatives for cards and credentials on college and healthcare campuses that every security director needs to be aware of:

1. Smart cards are becoming the credential of choice. If you currently use magnetic stripe or proximity cards, start planning for the switchover now.

2. It’s going to be a hybrid world. Although smart cards will be the credential of choice, multiple types of credentials, such as key systems, PINs and various types of cards and biometrics, will still be necessary for certain operations. Adding special credentials is possible, and even though you may be using multiple credentials, you still will want one system to manage all of them.

3. Get ready for new technologies, such as NFC (near field communications). With NFC-enabled smartphones, students and staff will be able to use their own smartphones as access credentials, just like they would use smart cards.

A smart credential, at about the same price as a proximity card, provides a higher level of security, more convenience and far greater functionality. As used on campuses and in newer access control systems, smart credentials have the ability to manage access, payments and many other functions much more securely. Plus issuing only one smart credential favorably impacts administrative costs. Not only is the cost of a single credential less than purchasing multiple forms of ID, but the reduced management and distribution time for one credential will have a significant impact on productivity.

For instance, MIFARE DESFire EV1 smart cards offer several different layers of security including mutual authentication that creates the ability for the client to verify or authenticate the server. These smart credentials will also provide AES 128-bit encryption, a key encryption technique that helps protect sensitive information as well as diversified keys that virtually ensure no one can read or access the holder’s credential information without authorization. They provide message authentication code (MAC) that further protects each transaction between the credential and the reader by ensuring complete and unmodified transfer of information, helping to protect data integrity and prevent outside attacks. Therefore, smart credentials increase the security of information kept on a card and stored in a facility.

IT Approved

When presenting a smart card solution, know that representatives from the IT department will probably take notice in a positive manner as more security system decisions are being made with input from the IT department. One reason is to meet the increased desire for the convergence of physical and logical security access control.

IT professionals want strong authentication credentials, the level of security provided by smart cards. Communications are encrypted using industry-standard, encryption techniques. By welcoming their involvement and showing the ability to speak their language and answer their questions, you will gain additional layers of approval within the IT department.

Smart Cards and Smartphones

Colleges have been outspoken in their use of the one smart card solution. Although many are still using proximity cards, they have been quickly migrating to smart cards over the past couple of years mainly because they can get applications on a smart card more easily, including identification, library circulation privileges, building access, meal plans, bankcard access to university services, holding a biometric template, among others.

Choosing the right smart card credential, however, can make all the difference when trying to use them with applications other than access control. Look for platforms that are open format rather than those designed for proprietary systems. Open formats allow for easy integration into other applications with minimal programming that speeds up the time of deployment while reducing the cost of implementation, giving organizations more freedom to get the most out of their investment. Open architecture readers also let organizations use both their present software and panels with their new credentials. If down the road they change their software, they can still use the readers.

NFC Technology

As Near Field Communications (NFC) technology is now being added to a growing number of mobile handsets to enable access control and many other applications, more organizations are considering joining the bring your own device (BYOD) trend and having their users deploy their own smartphones and access control credentials. It was projected that more than 285 million NFC-enabled smartphones were expected to be sold in 2013 and over half the phones sold in 2015 will be NFC-capable.

NFC provides simplified transactions, data exchange and wireless connections between two devices that are in close proximity to each other, usually by no more than a few inches.

As an example, Allegion’s aptiQmobile web-based credential management system allows NFC-enabled smartphones to grant access to buildings and dorm rooms as well as partake of other badge ID applications. To turn NFC-enabled smartphones into an access control credential, allowing people to use their smartphones to enter buildings in the same way they present a badge ID, users simply download the aptiQmobile app to their smartphone. Then, their access control administrator uses the aptiQmobile cloud service to send a secure mobile credential directly to the user’s phone. Once the mobile credential is downloaded, users open the app and tap their smartphone to the reader in the same way they use an ID card.

Verifying Who Is at the Door

For those situations in which the campus needs additional verification to confirm access (above someone having the appropriate smart card or smartphone), biometrics handles this challenge.

Healthcare facilities biometrics. On university healthcare campuses, physicians are not likely to always have their badges, but with a hand geometry reader, all they need to remember is an issued PIN code. From a security standpoint, hand geometry readers provide secure, tracked access that protects staff, patients, visitors and records in highly-secured hospital areas such as the pharmacy, patient records, labs and surgery rooms.

Identification Verification

At a major hospital in the southern United States, 39 Schlage Hand- Key terminals heighten security for patients and 3,500 employees on a 61-acre main hospital campus. These terminals are used in the birth center, IT data center and other major IT areas, the operating rooms and the emergency department.

University facilities biometrics. Data from independent research, Effective Management of Safe & Secure Openings & Identities, showed that 10 percent of colleges are already using biometrics. Besides residence halls, one of the most popular venues for biometrics is the recreational facility.

The University of California-Irvine, with 22,000 students, is an example. Plus this recreational facility doesn’t face the problem of students transferring an ID card to a friend.

“The number one suggestion from our members was eliminating the need for ID cards,” said Jlil Schindele, director of campus recreation at the University of California-Irvine. “We took their suggestions seriously and feel that hand geometry is the fastest and most efficient alternative to identification cards.”

Students throughout the nation appreciate the added security and convenience of not worrying about lost, stolen or borrowed credentials. Biometrics also are popular at dining halls where they limit access to students who have paid for the meal plan and at computer labs where only those authorized to enter can do so, protecting sensitive equipment and information.

What to Do Today

For those campuses already using aptiQ multi-technology readers, there is no need to replace readers for migration. These all-in-one readers work with proximity and smart cards as well as the NFCenabled mobile phone credential, providing an easy migration path to upgrade credentials between any of those versions at their own pace. If non-smart access technology is being used, multi-technology readers can be installed to help ease into the transition by reading both the ID badges and the smartphones. This makes it easy for customers to continue to operate in a hybrid world of cards and mobile, if needed.

In addition, while the major carriers will ultimately offer NFC card emulation/secure element solutions, organizations wanting to use NFC-enabled smartphones as their access control credentials for employees and students can begin the transition now. The recently introduced aptiQmobile secure peer-to-peer (P2P) NFC mode lets organizations provide the convenience of using a mobile device today.

This secure, peer-to-peer solution provides several advantages. It lets organizations use NFC-enabled Android phones, regardless of carrier, to create a universal solution that even works on unlocked phones. Apple iPhone users would continue using a special case to enable their phones. But, for many, its most important advantage is that it lets customers across multiple market segments deploy now.

It is very important that campuses prepare for smart credential and NFC deployment while embracing when to deploy biometrics, even if that facility wants to install proximity, magnetic stripe or keypad readers at present. If a new reader is needed, select multi-technology readers that combine the ability to read magnetic stripe, proximity, smart cards and NFC-enabled smartphones in a single unit. That way, when the campus switches over to smart credentials, it won’t have to tear out all the old readers to install smart credential readers; and during the transition, the campus can use both their old magnetic stripe and proximity credentials along with the new smart credentials.

This article originally appeared in the July 2014 issue of Security Today.


  • Maximizing Your Security Budget This Year

    7 Ways You Can Secure a High-Traffic Commercial Security Gate  

    Your commercial security gate is one of your most powerful tools to keep thieves off your property. Without a security gate, your commercial perimeter security plan is all for nothing. Read Now

  • Busy South Africa Building Integrates Custom Access Control System

    Nicol Corner, based in Bedfordview, Johannesburg, South Africa, is home to a six-star fitness club, prime office space, and an award-winning rooftop restaurant. This is the first building in South Africa to have its glass façade fully incorporate fritted glazing, saving 35% on energy consumption. Nicol Corner (Pty) LTD has developed a landmark with sophisticated design and unique architecture by collaborating with industry-leading partners and specifying world-class equipment throughout the project. This includes installing a high-spec, bespoke security and access control system. Read Now

  • Only 13 Percent of Research Institutions Are Prepared for AI

    A new survey commissioned by SHI International and Dell Technologies underscores the transformative potential of artificial intelligence (AI) while exposing significant gaps in preparedness at many research institutions. Read Now

  • Survey: 70 Percent of Organizations Have Established Dedicated SaaS Security Teams

    Seventy percent of organizations have prioritized investment in SaaS security, establishing dedicated SaaS security teams, despite economic uncertainty and workforce reductions. This was a key finding in the fourth Annual SaaS Security Survey Report: 2025 CISO Plans and Priorities released today by the Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment. Read Now

Featured Cybersecurity


New Products

  • AC Nio

    AC Nio

    Aiphone, a leading international manufacturer of intercom, access control, and emergency communication products, has introduced the AC Nio, its access control management software, an important addition to its new line of access control solutions. 3

  • 4K Video Decoder

    3xLOGIC’s VH-DECODER-4K is perfect for use in organizations of all sizes in diverse vertical sectors such as retail, leisure and hospitality, education and commercial premises. 3

  • HD2055 Modular Barricade

    Delta Scientific’s electric HD2055 modular shallow foundation barricade is tested to ASTM M50/P1 with negative penetration from the vehicle upon impact. With a shallow foundation of only 24 inches, the HD2055 can be installed without worrying about buried power lines and other below grade obstructions. The modular make-up of the barrier also allows you to cover wider roadways by adding additional modules to the system. The HD2055 boasts an Emergency Fast Operation of 1.5 seconds giving the guard ample time to deploy under a high threat situation. 3