Products & Solutions
- Services & Support
- Contact Us
- Learning Center
While NFC standards are open, the security required for the communication between cards, phones and readers in access control and closed loop payment applications is not. Choose your reader manufacturer wisely, as it will be supplying your institution with readers, NFC credentials and cards for a long time.
The term Near Field Communication, or NFC, was created about 10 years ago to describe a type of wireless communication between mobile phones and other devices, such as contactless readers. NFC follows the standards originally set for MIFARE and FeliCa cards and allows the phone to communicate directly, through an integrated NFC chip, to a tag or reader. Recently, the term has been used to describe any high frequency communication between contactless devices such as cards and readers, which has resulted in some confusion.
Because contactless cards such as iCLASS, MIFARE and MIFARE DESFire are so much more expensive than cards with only mag stripes, physical access is the primary reason that universities across North America have decided to implement them. The security and convenience available with these cards has justified the additional expense. Using contactless cards at the point of sale has always been an attractive goal, but has not been a sole reason for schools to move to contactless cards, since mag stripes are still functional and cost effective for that purpose.
Point of Sale
In North America, standard credit card payment communications between contactless cards (or phones) and readers are not encrypted. Any security in those systems comes from the infrastructure, between the readers and the back end processors. Universities with closed loop payment technology can follow the credit card protocols or introduce secure and proprietary communications for their contactless or NFC technology, depending on the point of sale reader manufacturer.
Anticipating usage with mobile handsets in the near future, access control reader manufacturers such as HID, Schlage, XceedID and Blackboard have released contactless door readers with NFC capability. Due to the advanced security in the communication between contactless cards and readers, both cards and readers usually have to come from the same manufacturer. The same applies to NFC credentials - the credential that is stored on the phone has to be supplied by the manufacturer of the readers it will be used with. The security in the card- or phone-to-reader communication comes from the encryption of the credentials on the card or phone.
When choosing a contactless/NFC technology, it is very important to consider physical access control readers. Once readers are hung on walls, they will probably be there for ten years. The readers will determine what type of cards or NFC credentials an institution can use and from whom they can be purchased. HID has a well-developed and very secure platform called SE, available on iCLASS SE and SEOS cards, and NFC credentials. XceedID/IR/Schlage has built their aptiQ platform for MIFARE, MIFARE DESFire EV1, and NFC. Cards and readers from both of these manufacturers are available from a wide range of distributors around the world and are used by most access control systems. Blackboard chose the FeliCa platform several years ago and has recently added MIFARE capability, both with NFC compatibility.
The last question for NFC is when? Payment applications were the initial hope for NFC, but there are still very few NFC-enabled readers at merchant locations across the United States. Japan has a widespread NFC mobile payments infrastructure, but in most of the rest of the world, NFC implementations have been limited to pilots. Also, Apple has stubbornly resisted putting NFC chips in its phones. It looks like the best hopes for NFC will be commercial marketing applications, such as couponing and offer notices, and secure credentials, such as for physical access. Access control applications for NFC are complicated, as the credentials have to be securely loaded, stored and easily accessed by door readers. HID and XceedID/IR are working on this, but neither are yet ready to go live in a university setting, using native NFC apps on a wide range of existing phones. Blackboard also has a solution, but on which phones? Practical implementation in the near future would most likely require standardizing on a particular make and model of phone, or distributing external readers for the phones, which would also require a standardization of phone types.
HID, XceedID/IR and Blackboard all make readers that will read NFC credentials at doors. Terminals are available that will read NFC at the point of sale. The key is selecting a door reader that is secure, readily available and cost effective. Then, the appropriate contactless cards can be used until a phone-based NFC application is available and implemented.
ColorID specializes in Biometric Solutions & Services across multiple industries. We take a consultative approach that allows us to listen to what your project requires as well as what it is you want to accomplish a successful job.
See the below video as our very own Biometric expert David Stallsmith talks about how biometrics are revolutionizing security in the higher education sector.
If you'd like to learn more about biometrics and how they can work in your existing physical, logical or transaction systems contact ColorID today.
by David Stallsmith, Director of Product Management, ColorID
Universities in the United States and Canada are very familiar with one-card systems for closed-loop payment and access services based on official ID cards. What are the international trends in credentials that could affect universities in North America in the near future?
One-card systems are more commonly employed by universities throughout the United States, Canada, Australia and New Zealand, than by universities in other parts of the world. Eugene McKenna of the Waterford Institute of Technology in Ireland was one of the founders of the European Campus Card Association (ECCA) in 2002, patterned after the North American Campus Card Association (NACCU). WIT has one of the most comprehensive one-card systems in Europe and has won EU funding to develop the European Education Connectivity Solution, a system that would enable a student ID to be used interoperably at universities across Europe. Universities in Sweden, Austria and Hungary have also developed their own one-card systems for a variety of applications. In other countries, where student ID cards also serve as banking cards and national IDs, one-card systems have usually been independently developed on an as-needed basis.
Card technologies for access control (opening doors) vary somewhat by location. In North America, the older prox technology by HID is still prevalent, though it is quickly being replaced by HID’s newer iCLASS contactless smart card product line. Throughout most of the rest of the world, cards based on the NXP MIFARE family of contactless chips have predominated for access control. MIFARE DESFire EV1 cards, the latest version of MIFARE, are typically used in systems that take advantage of the full security offered by the newer chip. Coincidentally, cards with MIFARE chips are becoming popular in cards used by schools in North America. Legic is a Swiss maker of contactless smart cards and readers used by European schools that has yet to gain
much traction in North America.
MIFARE cards were originally designed for public transit fare collection applications and are still used throughout the world for this purpose today. Schools in North America that would like to use their student IDs on the local transit system often find they must add a MIFARE chip to their cards.
EMV – CHIP AND PIN
For general payments, cards with mag stripes are by far the most convenient and inexpensive credentials available. More than 1 trillion mag stripe cards are estimated to exist worldwide. Data on most mag stripe cards are not encrypted, so the cards are easy to clone and present to POS terminals for fraudulent purchases. To address the vulnerabilities of mag stripe cards, Europay, MasterCard and Visa developed a secure chip and PIN-based card standard in the 1990s, called EMV. These cards have a rectangular gold-colored contact on the face of the card by which the IC chip in the card
can communicate directly to a smart card reader when the card is inserted. EMV cards are widely used for payments throughout Europe, Canada and many other parts of the world. Visa and MasterCard have instituted a liability shift policy to incent card issuers and merchants in the United States to distribute EMV cards and readers. Closed-loop university one-card systems will not normally have to accept EMV payments. However, in order to accept open-loop (MasterCard, Visa, etc.) payments, EMV-enabled terminals may be required.
NEAR FIELD COMMUNICATION
Japan leads the way in Near Field Communication, with over 80 models of NFC mobile phones being used by more than 20 million people to make payments. NFC, the payment standard for contactless communication between a card reader and an integrated circuit chip, is embedded in most Android smart phones and now the iPhone 6. Apple is creating a lot of buzz for its own version of NFC payments, but many merchants have not yet installed NFC-enabled POS terminals in the United States. It is expected that new EMV-enabled readers will also be able to read NFC. Several access control reader makers have introduced applications and digital credentials that enable a phone to open a door. Some of these use NFC, but others are exploring encrypted Bluetooth communication.
While biometric technologies are widely used by governments to identify travelers and population groups, commercial use of the technology is gaining popularity in North America. Biometrics employs sensors and systems to identify a person by measuring some part of the body. Fingerprint and iris are often used for physical access, while vein pattern recognition is commonly used in conjunction with cards at ATM machines in Japan. Universities in the United States are beginning to look at biometrics as an alternative way of identifying people, especially where high security (server centers) or high throughput (dining halls, rec centers, athletic facilities) is required.
David Stallsmith is Director of Product Management for ColorID, a leading provider of identification systems and components across North America. By communicating complicated technical information in understandable terms, he has helped hundreds of health care institutions, universities and government agencies with their decision-making processes regarding contactless smart card and biometric technologies. He is an annual presenter at the National Association of Campus Card Users conference and has presented at other card and identification-related conferences in the United States, Canada and Europe.
ColorID's most recent installation of the Biometric Dining Solution installed at Virginia Commonwealth University received national spotlight this past week.
NBC.com posted the following video as it reviews the system and the technology behind it .
ColorID exhibited and participated at the NACCU Workshop held on the campus of University of Notre Dame last week.
We enjoyed being with industry experts, sharing ideas & solutions and of course growing camaraderie.
It was first class event, organized by NACCU and held at the Morris Inn on University of Notre Dame.
Iris cameras offer VCU students faster entrance to Shafer Court
By Brian McNeill
University Public Affairs
Thursday, July 30th 2015
Hungry Virginia Commonwealth University students will have a speedier – and more futuristic – option for entering Shafer Court Dining Center this fall.
The university on Wednesday installed two iris cameras that will allow meal plan holders to use their eyes instead of having to swipe their IDs to access the dining hall.
"Students won't need their ID to enter the dining center anymore," said Stephen Barr, the director of campus services who oversees VCU Dining Services. "With iris identification, it’s as simple as a camera taking a picture of their eyes and two seconds later they walk through."
“With iris identification, it’s as simple as a camera taking a picture of their eyes and two seconds later they walk through.”
The new system, which is voluntary, is meant to serve as something of an express lane for students.
"We thought it'd be a nice service for students to help everybody get through at peak times," Barr said.
Plus, he added, the iris cameras will give students who lose their IDs over the weekend the ability to still access their meal plans even though the ID card office is closed.
"There currently isn’t a mechanism for students to get a replacement ID [over the weekend] so they can access Shafer," Barr said. "So how do they eat over the weekend? In the past, they've had to come out of pocket. Now they don't have to. This backup lets them get into Shafer so they can eat.”
Cashiers will remain in place for those who choose not to use the iris cameras, as well as for visitors and others entering Shafer Court.
The iCAM 7100 iris cameras, made by North Carolina-based ColorID, take a high-definition photo of the user's iris and then identify 220-plus unique points. It then generates a number, which is associated with that individual meal plan holder's iris.
"We don't keep pictures of your iris," Barr said. "It's just a number, just like your ID. Your ID has a unique number that ties it to you."
To sign up interested students, the university will have stations set up at Shafer Court and elsewhere during the first couple weeks of the fall semester.
The iris cameras are an example of how biometric credentials are being increasingly embraced. Many people use their fingerprints to unlock their iPhones, for example. And the Cary Street Gym uses a fingerprint – and soon a handprint – scanner to verify the identity of students and subscribers accessing the gym.
VCU Dining Services chose to go with iris cameras, Barr said, because it is reliable and does not require touching – which is especially important before a meal.
"We're going to continually improve access to Shafer and see if there are other places [on campus] that we can expand this kind of technology to, as well," he said.
Thank you again for making the 2015 the National Association of College & University Food Services Trade Show a success for ColorID!
We showcased our Biometric Dining Solution, met a lot of new schools and we look forward in following up with all of you and continuing to expand our membership at NACUFS.
ColorID is set to attend the upcoming NACCU Regional Workshop at University of Notre Dame on July 28th-29th. The workshop will cover a number of roundtable discussions on the higher education industry, leadership, card program basics/development/marketing as well as a tour of the University of Notre Dame campus.
Host Scott Kachmarik (Director of Auxiliary Services at University of Notre Dame) stated, "We are pleased to host the NACCU Regional Workshop at the University of Notre Dame. We welcome all to attend to learn about exciting new initiatives in campus card programs, explore the Notre Dame campus, network with colleagues and meet with vendors and partners. We are especially pleased that ColorID continues to offer its expertise and resources in support of professional development in the campus card industry. They have been a long-time and valuable partner in enhancing the ND campus card program and we thank them for their support of this NACCU Regional Workshop."
ColorID Vice President Danny Smith added, “We are extremely excited to be a part of this workshop. When you gather industry experts & leaders in the same room good ideas are shared, issues are identified, solutions are created and camaraderie grows between all.”
If you’re interested in attending this event, there is still time to register by clicking here.
The busy season is upon us, where missing critical tasks and orientation events occur every week. You’re relying on your identification equipment & supplies now more than ever.
Our message is simple:
COLORID is here and we have your back
If your team finds themselves needing technical support or service, reach out to COLORID and we will do our best to get you through your busy season and make your event a success.
Sincerely, ColorID’s Campus Card Team
About ColorID, LLC
Every year, ColorID assists more than 1000 colleges and universities and their project managers personally oversee 700 custom projects each year, including many small and large recarding projects. ColorID offers best-in-class products and solutions, including: contactless, smart and financial cards from every major manufacturer, multiple ID printer platforms; transaction and point-of-sale software and hardware, a variety of handheld devices for identification and tracking applications and biometrics solutions, including fingerprint and iris readers. The company’s manufacturing partners include: Iris ID, HID, Fargo, Datacard, CardSmith, Gemalto, Zebra, NiSCA, Evolis, Allegion, Aptiq, Magicard, Brady People ID, Integrated Biometrics, Oberthur, NBS, Vision Database Systems and many others.
Contact ColorID at 704-987-2238 or toll free in Canada and the US at 888-682-6567. Visit ColorID on the web at: www.colorid.com or email ColorID at firstname.lastname@example.org.
For over 10 years, Gemalto has provided a lightweight management portal for their .NET smart cards called Device Administration Service, or DAS. More recently it has been called IDAdmin 100.
As of July 1, 2015 the DAS portal will be discontinued.
Gemalto now offers a much more robust Card Management System called IDAdmin 200. To help DAS users migrate to the new system, we are offering the one-time Admin license (normally $682.50) at no charge and a 25% discount on the user licenses, through July 1.
ID Admin 200 offers the following features, most of which were not available with DAS:
-Smart card & certificate lifecycle management
-Self-hosted solution with no dedicated servers
-Card printing & extended batch processing
-Secure repository & full traceability
-Larger set of supported smart cards
Smart Card Lifecycle
All smart card operations within IDAdmin 200 focus on the lifecycle of the smart cards. To graphically visualize the lifecycle, a state diagram is used. This state diagram always informs the operator what state the selected smart card is in, and available actions/processes from this state. The same diagram is also used by the administrator when configuring the processes.
Fast Installation, High Security, No Dedicated Servers, Low TCO
IDAdmin 200 is client-server based. It streamlines all aspects of smartcard management by easily connecting to enterprise directories, certificate authorities, smart card printers, external databases, physical access control systems, etc. IDAdmin 200 has been designed for having several operators and users working in parallel without a need for synchronization and each operator only needs to have access to the operator application and the operator’s operator smart card.
Client/Operator/User Self-service: MS Windows 7, 8, 2008, 2012
Server: MS Windows 2008, 2012
Supported Smart Cards
Gemalto IDPrime .NET 510 (Standard .NET card)
Gemalto IDPrime .NET 5500
Gemalto IDPrime MD 3810
Gemalto IDPrime MD 830
Gemalto IDPrime MD 840/3840
Gemalto IDPrime PIV Card v2.0
Gemalto IDBridge K3000
Safenet eToken PRO
Mifare DESFIRE EV1
MS Minidriver enabled cards
PIN mailers (both email and regular mail)
Smart Card Readers
User directory: MS AD and LDAP v2/v3
Card DB: SQL comp or local file
Certificate Authority: MS CA, Entrust, Symantec MPKI and EJBCA
MS event handler
Migration path to and from MS FIM/CLM
Upgrade path from vSEC:CMS K-Series
Upgrade path from Gemalto IDAdmin 100/DAS
vSEC:CMS Plugin API
Secure key storage
Secure backup and synchronization of databases
Disaster recovery for stolen/lost tokens
Encrypted audit log
Granular access control
Approval work flows
Connects logical and physical access control
Key archival and key restore processes
Support for fingerprint template management
The system is tested and is functional with 100 000 registered user smart cards and 50 parallel operators interacting with the system.
20480-F Chartwell Center Dr.
Cornelius, NC 28031
CONVENIENT PAYMENT OPTIONS
ColorID provides the highest quality products with superb service at an exceptional value. We want your experience with ColorID to be a positive one - from the ease of ordering products - to the quality of our products - to our follow up and our attention to detail.