 |
 |
|
Menu
Search
 |
Identification Cards - Just the Ticket? By Steve Halliday, President, High Tech
Aid Quick Links
What are card techs There are currently available several technologies which can be used to secure data on a magnetic stripe. Although these technologies work in different ways, they all set out to achieve the same thing - ensure that the data encoded on the stripe is only valid with one card. So if the card is duplicated in some way, the security feature is able to detect the fact that the data is now encoded on the wrong card. Watermark Magnetics™ from Thorn EMI Secure Science International uses a special magnetic stripe with a number permanently encoded into the oxide. The number is created during the manufacturing process of the stripe and is permanently locked into the stripe. The process uses a special reader to read and verify the presence of the number. The number is encoded across the width of the stripe but it allows for conventional data to be encoded over the top of the Watermark number. During the encode process the data is linked to the Watermark number in some way. Then during the read process, both the Watermark number and the conventional data are read and the link is verified. ValuGard® from Rand McNally also uses the physical properties of the stripe to ensure that no duplication or counterfeiting takes place. Unlike Watermark Magnetics which uses a physical change encoded into the stripe, ValuGard uses the inherent properties of the stripe. A read head analyzes the physical properties of the stripe (alignment, noise et.) and a value is encoded on the stripe to represent the properties. This "security" value is calculated every time the stripe is read and is compared to the value encoded on the stripe, to ensure that it is the same document. Holomagnetics from American BankNote Holographics uses a series of machine-readable holographic images over the magnetic stripe. The pattern of images on each stripe is unique, based on the registration of the images from the edge. The pattern is read and converted to a numerical code and stored on the magnetic stripe. As with the other security systems, the numerical code is re-calculated each time the card is read and compared to the value encoded on the stripe. XSec® from Xtec, Inc. uses the physical properties of the magnetic stripe to derive its security. The technology concentrates on the inherent jitter of the magnetic data on the card. The encoding is analyzed and a value is then encoded on to the magnetic stripe. This value is checked each time the card is read to ensure the card is not a counterfeit. XiShield™ from Xico, Inc uses a permanent infrared optics pattern concealed within the card during its manufacture to provide the security. As each individual card has a unique optical pattern associated with it, the magnetic stripe data and the optical pattern can be linked to provide the security needed. Identification cards are used by many people in many aspects of their normal everyday life. When most people think about an ID Card their first thoughts are of the ID badge worn at work but this is not the complete spectrum of ID cards that we see and use everyday. What about your drivers license, or the transit pass you use to ride the bus, or your credit card? These are all forms of ID cards though their function is very different from one card to the next. The requirements of each card system have some commonality but many differences.
Identification cards are used by many people in many aspects of their normal everyday life. When most people think about an ID Card their first thoughts are of the ID badge worn at work but this is not the complete spectrum of ID cards that we see and use everyday. What about your drivers license, or the transit pass you use to ride the bus, or your credit card? These are all forms of ID cards though their function is very different from one card to the next. The requirements of each card system have some commonality but many differences.
This basic information has now given us the ability to start designing the system. We know that we need a photo on the card, that signature is probably not required and that we need an electronic means of verification. In this particular case, security seems to be an issue and we need to choose a system that offers the security we will need. In some applications the issue of cost to secure will be a major factor. An example of this may be the credit card world. Do we need security on the magnetic stripe of the credit card? A standard magnetic stripe is very easily counterfeited and the losses to counterfeit cards run in the hundreds of millions of dollars every year. However, this is a very small percentage of the business conducted with these cards, and the cost to include a security feature may be too high.
Other technologies, such as Smart Card offer extremely high security, but the penalty is high cost. Smart Cards costing $5 to $10 each may be suitable for a system that only has a handful of cards issued, but as the general access card at a major corporation with thousands of employees, the cost may well be prohibitive. Magnetic stripe offers several advantages over other technologies in the choice for an electronic identification card. The initial cost of the system is low and the ongoing cost of the cards is low. Depending on the type of card being used (paper, plastic, photo, etc.) and the features required, the cost per card could range from a few cents to a few dollars. With Smart Card and Radio Frequency ID cards this cost can range from a few dollars to tens of dollars. What about other forms of security? The data could be encrypted on the card, but it only offers protection against unauthorized reading of the data. It does not help prevent copying the card. What about PIN numbers? How many of you have at one time or another "loaned" your PIN number to someone? And of course everyone of us changes our PIN monthly as we have all been told to do. And finally, none of us would think of using the same PIN for more than one Credit Card, Bank ATM Card, or Drivers License Card, right? What about Signature Panel? A great idea, but it is hardly ever checked. When was the last time any store clerk compared your signature to the signature panel and could they have detected a forgery anyway?
The latest innovation in photo ID cards is the direct printed card. Several companies are now offering systems that allow you take a photo and print it and any details directly on to the card. This allows a much higher quality card to be used, and it guarantees a flat card. There is no need for photo cutters and laminators at the point of issue. The penalty is of course initial price but in the long run this method may turn out to be more economical. The second advantage of the direct printed card is that the photo is digitized as part of the process. Now you can keep a copy of the photo in your database, negating the need for an employee to get a new photo when they need a new badge as well as allowing you to have a permanent electronic record of the employee. Other questions to ask are related to the system and the software that drives the system. Can you void a card easily? Can different security zones be set up? What about time zones? How easy is it to change a card's security level and access? There are many other questions like these that need to be thought through before the system can be specified. These ideas should give you a strong place to start out on your quest for an ID Card System. With the above information in hand, your next step should be to contact one of the reputable vendors of ID Card Systems and get that system installed. Email:
|
The
next item to address is how to achieve this purpose. As an
example, the purpose of the system may be to control access
to a secret project being developed in your R&D department.
Only a handful of individuals will need to have access to
the system, and to the area it is being stored in, but these
people may change from time to time. There will be no
"doorman" at the access points to the area, so an all
electronic means of recognition will be needed. There will
be guests in the area and so a photo card would give
everyone the chance to "police" visitors.
The
issue of security will help determine the technology that
can be used to provide the electronic verification. A bar
code hidden behind a colored patch may be all that’s
necessary to prevent the office janitor from photocopying a
badge and getting access to all your secrets. However, in
today’s high tech society, more and more people have the
awareness to defeat the first line of defense and a better
form of security may be required. Magnetic stripe has
traditionally received a poor rating for its security but
today there are several technologies that offer the high
security that may be needed. (See Sidebar "Magnetic Stripe -
Secure or Perilous")
So now you have chosen the technologies on
the card, you still need to think about the card itself. You
want a photo so this will have some impact on the type of card
you choose. Traditionally a photo ID card has been a 35 mil
thick polyester card with a Polaroid photo laminated in the
card. This gives an excellent card, though there are some
potential problems. The card is typically thicker than a
standard credit card which may cause some problems in using the
card in a card reader. The fact that the card has been laminated
at the point of issue can mean that the edges of the card are
not as smooth as might be required. The glue that is used to
help in the lamination process has a tendency to leak from the
edges of the card giving a very rough edge card that sometimes
sticks in a reader. The location of the photo is another
potential hazard. If a magnetic stripe is being used, the photo
cannot overlap the stripe. Even with the best designed cards,
the lamination process can leave a ghosting of the photo cutout.
This could be a problem if the cutout is behind the stripe as it
could cause a bump in the stripe leading to a misread.