Hybrid Credentials

Be it a card or a mobile phone, credentials will be smart

There are three major initiatives for cards and credentials on college and healthcare campuses that every security director needs to be aware of:

1. Smart cards are becoming the credential of choice. If you currently use magnetic stripe or proximity cards, start planning for the switchover now.

2. It’s going to be a hybrid world. Although smart cards will be the credential of choice, multiple types of credentials, such as key systems, PINs and various types of cards and biometrics, will still be necessary for certain operations. Adding special credentials is possible, and even though you may be using multiple credentials, you still will want one system to manage all of them.

3. Get ready for new technologies, such as NFC (near field communications). With NFC-enabled smartphones, students and staff will be able to use their own smartphones as access credentials, just like they would use smart cards.

A smart credential, at about the same price as a proximity card, provides a higher level of security, more convenience and far greater functionality. As used on campuses and in newer access control systems, smart credentials have the ability to manage access, payments and many other functions much more securely. Plus issuing only one smart credential favorably impacts administrative costs. Not only is the cost of a single credential less than purchasing multiple forms of ID, but the reduced management and distribution time for one credential will have a significant impact on productivity.

For instance, MIFARE DESFire EV1 smart cards offer several different layers of security including mutual authentication that creates the ability for the client to verify or authenticate the server. These smart credentials will also provide AES 128-bit encryption, a key encryption technique that helps protect sensitive information as well as diversified keys that virtually ensure no one can read or access the holder’s credential information without authorization. They provide message authentication code (MAC) that further protects each transaction between the credential and the reader by ensuring complete and unmodified transfer of information, helping to protect data integrity and prevent outside attacks. Therefore, smart credentials increase the security of information kept on a card and stored in a facility.

IT Approved

When presenting a smart card solution, know that representatives from the IT department will probably take notice in a positive manner as more security system decisions are being made with input from the IT department. One reason is to meet the increased desire for the convergence of physical and logical security access control.

IT professionals want strong authentication credentials, the level of security provided by smart cards. Communications are encrypted using industry-standard, encryption techniques. By welcoming their involvement and showing the ability to speak their language and answer their questions, you will gain additional layers of approval within the IT department.

Smart Cards and Smartphones

Colleges have been outspoken in their use of the one smart card solution. Although many are still using proximity cards, they have been quickly migrating to smart cards over the past couple of years mainly because they can get applications on a smart card more easily, including identification, library circulation privileges, building access, meal plans, bankcard access to university services, holding a biometric template, among others.

Choosing the right smart card credential, however, can make all the difference when trying to use them with applications other than access control. Look for platforms that are open format rather than those designed for proprietary systems. Open formats allow for easy integration into other applications with minimal programming that speeds up the time of deployment while reducing the cost of implementation, giving organizations more freedom to get the most out of their investment. Open architecture readers also let organizations use both their present software and panels with their new credentials. If down the road they change their software, they can still use the readers.

NFC Technology

As Near Field Communications (NFC) technology is now being added to a growing number of mobile handsets to enable access control and many other applications, more organizations are considering joining the bring your own device (BYOD) trend and having their users deploy their own smartphones and access control credentials. It was projected that more than 285 million NFC-enabled smartphones were expected to be sold in 2013 and over half the phones sold in 2015 will be NFC-capable.

NFC provides simplified transactions, data exchange and wireless connections between two devices that are in close proximity to each other, usually by no more than a few inches.

As an example, Allegion’s aptiQmobile web-based credential management system allows NFC-enabled smartphones to grant access to buildings and dorm rooms as well as partake of other badge ID applications. To turn NFC-enabled smartphones into an access control credential, allowing people to use their smartphones to enter buildings in the same way they present a badge ID, users simply download the aptiQmobile app to their smartphone. Then, their access control administrator uses the aptiQmobile cloud service to send a secure mobile credential directly to the user’s phone. Once the mobile credential is downloaded, users open the app and tap their smartphone to the reader in the same way they use an ID card.

Verifying Who Is at the Door

For those situations in which the campus needs additional verification to confirm access (above someone having the appropriate smart card or smartphone), biometrics handles this challenge.

Healthcare facilities biometrics. On university healthcare campuses, physicians are not likely to always have their badges, but with a hand geometry reader, all they need to remember is an issued PIN code. From a security standpoint, hand geometry readers provide secure, tracked access that protects staff, patients, visitors and records in highly-secured hospital areas such as the pharmacy, patient records, labs and surgery rooms.

Identification Verification

At a major hospital in the southern United States, 39 Schlage Hand- Key terminals heighten security for patients and 3,500 employees on a 61-acre main hospital campus. These terminals are used in the birth center, IT data center and other major IT areas, the operating rooms and the emergency department.

University facilities biometrics. Data from independent research, Effective Management of Safe & Secure Openings & Identities, showed that 10 percent of colleges are already using biometrics. Besides residence halls, one of the most popular venues for biometrics is the recreational facility.

The University of California-Irvine, with 22,000 students, is an example. Plus this recreational facility doesn’t face the problem of students transferring an ID card to a friend.

“The number one suggestion from our members was eliminating the need for ID cards,” said Jlil Schindele, director of campus recreation at the University of California-Irvine. “We took their suggestions seriously and feel that hand geometry is the fastest and most efficient alternative to identification cards.”

Students throughout the nation appreciate the added security and convenience of not worrying about lost, stolen or borrowed credentials. Biometrics also are popular at dining halls where they limit access to students who have paid for the meal plan and at computer labs where only those authorized to enter can do so, protecting sensitive equipment and information.

What to Do Today

For those campuses already using aptiQ multi-technology readers, there is no need to replace readers for migration. These all-in-one readers work with proximity and smart cards as well as the NFCenabled mobile phone credential, providing an easy migration path to upgrade credentials between any of those versions at their own pace. If non-smart access technology is being used, multi-technology readers can be installed to help ease into the transition by reading both the ID badges and the smartphones. This makes it easy for customers to continue to operate in a hybrid world of cards and mobile, if needed.

In addition, while the major carriers will ultimately offer NFC card emulation/secure element solutions, organizations wanting to use NFC-enabled smartphones as their access control credentials for employees and students can begin the transition now. The recently introduced aptiQmobile secure peer-to-peer (P2P) NFC mode lets organizations provide the convenience of using a mobile device today.

This secure, peer-to-peer solution provides several advantages. It lets organizations use NFC-enabled Android phones, regardless of carrier, to create a universal solution that even works on unlocked phones. Apple iPhone users would continue using a special case to enable their phones. But, for many, its most important advantage is that it lets customers across multiple market segments deploy now.

It is very important that campuses prepare for smart credential and NFC deployment while embracing when to deploy biometrics, even if that facility wants to install proximity, magnetic stripe or keypad readers at present. If a new reader is needed, select multi-technology readers that combine the ability to read magnetic stripe, proximity, smart cards and NFC-enabled smartphones in a single unit. That way, when the campus switches over to smart credentials, it won’t have to tear out all the old readers to install smart credential readers; and during the transition, the campus can use both their old magnetic stripe and proximity credentials along with the new smart credentials.

This article originally appeared in the July 2014 issue of Security Today.


  • 12 Commercial Crime Sites to Do Your Research

    12 Commercial Crime Sites to Do Your Research

    Understanding crime statistics in your industry and area is crucial for making important decisions about your security budget. With so much information out there, how can you know which statistics to trust? Read Now

  • Boosting Safety and Efficiency

    Boosting Safety and Efficiency

    In alignment with the state of Mississippi’s mission of “Empowering Mississippi citizens to stay connected and engaged with their government,” Salient's CompleteView VMS is being installed throughout more than 150 state boards, commissions and agencies in order to ensure safety for thousands of constituents who access state services daily. Read Now

  • Live From GSX: Post-Show Review

    Live From GSX: Post-Show Review

    This year’s Live From GSX program was a rousing success! Again, we’d like to thank our partners, and IPVideo, for working with us and letting us broadcast their solutions to the industry. You can follow our Live From GSX 2023 page to keep up with post-show developments and announcements. And if you’re interested in working with us in 2024, please don’t hesitate to ask about our Live From programs for ISC West in March or next year’s GSX. Read Now

    • Industry Events
    • GSX
  • People Say the Funniest Things

    People Say the Funniest Things

    By all accounts, GSX version 2023 was completely successful. Apparently, there were plenty of mix-ups with the airlines and getting aircraft from the East Coast into Big D. I am all ears when I am in a gathering of people. You never know when a nugget of information might flip out. Read Now

    • Industry Events
    • GSX

Featured Cybersecurity


New Products

  • Camden CM-221 Series Switches

    Camden CM-221 Series Switches

    Camden Door Controls is pleased to announce that, in response to soaring customer demand, it has expanded its range of ValueWave™ no-touch switches to include a narrow (slimline) version with manual override. This override button is designed to provide additional assurance that the request to exit switch will open a door, even if the no-touch sensor fails to operate. This new slimline switch also features a heavy gauge stainless steel faceplate, a red/green illuminated light ring, and is IP65 rated, making it ideal for indoor or outdoor use as part of an automatic door or access control system. ValueWave™ no-touch switches are designed for easy installation and trouble-free service in high traffic applications. In addition to this narrow version, the CM-221 & CM-222 Series switches are available in a range of other models with single and double gang heavy-gauge stainless steel faceplates and include illuminated light rings. 3

  • AC Nio

    AC Nio

    Aiphone, a leading international manufacturer of intercom, access control, and emergency communication products, has introduced the AC Nio, its access control management software, an important addition to its new line of access control solutions. 3

  • EasyGate SPT and SPD

    EasyGate SPT SPD

    Security solutions do not have to be ordinary, let alone unattractive. Having renewed their best-selling speed gates, Cominfo has once again demonstrated their Art of Security philosophy in practice — and confirmed their position as an industry-leading manufacturers of premium speed gates and turnstiles. 3