A card reader is a data input device that reads data from a card-shaped storage medium. Historically(SONY Vaio VGN-FW32J Battery), paper punched card card readers were used throughout the first several decades of the computer industry to store information and write programs for computer system(SONY Vaio VGN-FW17W Battery). More modern card readers are electronic devices that use plastic cards imprinted with barcodes, magnetic strips, computer chips or other facilities to store data(SONY Vaio VGN-FW31E Battery).
A memory card reader is a device used for communication with a smart card or a flash memory card. A business card reader is a scanning device used to scan and electronically save printed business cards(SONY Vaio VGN-FW139E Battery). A magnetic card reader is a device used to scan cards containing magnetic data strips, such as credit cards(SONY Vaio VGN-FW139E/H Battery).
Smart card readers
A smart card reader is an electronic device that reads smart cards. Some keyboards have a built-in card reader. There are external devices and internal drive bay card reader devices for PC. Some laptops have built-in smart card reader(SONY Vaio VGN-FW465J Battery).
Some have a flash upgradeable firmware. The card reader supplies the integrated circuit on the smart card with electricity. Communication is done via protocols and you can read and write to a fixed address on the card(SONY Vaio VGN-FW31M Battery).
If the card is not using any standard transmission protocol, but uses a custom/proprietary protocol it has the communication protocol designation T=14(SONY VAIO VGN-FZ21E Battery).
With the latest PC/SC CCID specifications the PC/SC Workgroup (www.pcscworkgroup.com) has defined a new way of smart card framework. It works with USB devices with the specific device class 0x0B(SONY VAIO VGN-FZ21Z Battery). Readers with this class do not need device drivers because the operating system manufacturer supplies it by default(SONY VAIO VGN-FZ21J Battery).
PKCS#11 is an API, designed to be platform independent, defining a generic interface to cryptographic tokens, such as smart cards(SONY Vaio VGN-FW11 Battery).
Memory card readers
A memory card reader is a device, typically having a USB interface, for accessing the data on a memory card such as a CompactFlash (CF), Secure Digital (SD) or MultiMediaCard (MMC). Most card readers also offer write capability, and together with the card, this can function as a pen drive(SONY Vaio VGN-FW11M Battery).
Access control card reader
Access control card readers are used in physical security systems to read a credential that allows access through access control points, typically a locked door. An access control reader can be a magnetic stripe reader, a bar code reader, a proximity reader, a smart card reader, or a biometric reader(SONY Vaio VGN-FW11S Battery).
Access control readers may be classified by functions they are able to perform and by identification technology:
Barcode
A barcode is a series of alternating dark and light stripes that are read by an optical scanner(SONY Vaio VGN-FW21E Battery). The organization and width of the lines is determined by the bar code protocol selected. There are many different protocols but Code 39 is the most popular in the security industry(SONY Vaio VGN-FW21J Battery). Sometimes the digits represented by the dark and light bars are also printed to allow people to read the number without an optical reader(SONY Vaio VGN-FW21L Battery). The advantage of using bar code technology is that it is cheap and easy to generate the credential, and it can easily be applied to cards or other items(SONY Vaio VGN-FW21M Battery). However the same affordability and simplicity makes the technology susceptible to fraud, because fake barcodes can also be created cheaply and easily, for example by photocopying real ones(SONY VGP-BPS13Q Battery). One attempt to reduce fraud is to print the bar code using carbon-based ink and then cover the bar code with a dark red overlay. The bar code can then be read with an optical reader tuned to the infrared spectrum, but can not easily be copied by a copy machine(SONY VGP-BPS13B/Q Battery). This does not address the ease with which bar code numbers can be generated from a computer using almost any printer(SONY VGN NR11S/S battery).
Biometric
There are several forms of biometric identification employed in access control: fingerprint, hand geometry, iris and face recognition(SONY VGN NR11M/S battery). The use of biometric technology significantly increases security level of systems because it eliminates such problems as lost, stolen or loaned ID cards, and forgotten or guessed PINs(SONY VGN NR11Z/S battery). The operation of all biometric readers is alike: they compare the template stored in memory to the scan obtained during the process of identification. If the probability that the template in the memory and the live scan belong to the same person is high enough(SONY VGN NR11Z/T battery), the ID number of that person is sent to a control panel. The control panel then checks permissions of the user and makes the decision whether to grant access or not(SONY VGP-BPS13A/Q Battery). The communication between the reader and the control panel is usually done in the industry standard Wiegand protocol. The only exception is intelligent biometric readers that do not require any panels and directly control all door hardware(SONY VGP-BPS21/S Battery).
Biometric templates may be stored in the memory of readers, in which case the number of users is limited by reader memory size. Readers currently available in the market may store up to 50,000 templates(SONY VGP-BPS21 Battery). Template of each user may also be stored in the memory of his/her smart card. This option removes all limits to the number of system users, but it requires each user to have a card and makes finger-only identification impossible(SONY VGP-BPS21B Battery). Biometric templates may also be stored in the memory of a central server PC. This option is called "server-based verification". Readers simply read biometric data of users and forward it to the main computer for processing(SONY VGP-BPS21A/B Battery). Such systems support large number of users, but they are very much dependent on the reliability of the central server and communication lines.
1-to-1 and 1-to-many are the two possible modes of operation of a biometric reader(SONY VAIO PCG-5K1L battery).
In the 1-to-1 mode a user must first identify himself/herself to the reader by either presenting an ID card or entering a PIN. The reader then looks up the template of the user in the database and compares it with the live scan(SONY VAIO PCG-6W2L battery). The 1-to-1 method is considered more secure and is generally faster as the reader needs to perform only one comparison(SONY VAIO PCG-7112L battery). Most 1-to-1 biometric readers are "dual-technology" readers: they either have a built-in proximity, smart card or keypad reader, or they have an input for connecting an external card reader(SONY VAIO PCG-8Z1L battery).
In the 1-to-many mode a user presents his finger (or hand, eye, etc.) and reader needs to compare the live scan to all the templates stored in the memory. This method is preferred by most end-users, because it eliminates the need to carry ID cards or use PINs(SONY VAIO PCG-8Z2L battery). On the other hand this method is slower, because the reader may have to perform thousands of comparison operations until it finds the match. An important technical characteristic of 1-to-many readers is the number of comparisons that can be performed in one second(SONY VAIO PCG-8Y2L battery), which is considered the maximum time that users can wait at a door without noticing a delay. Currently most 1-to-many readers are capable of performing 2000-3000 matching operations in one second(SONY VAIO PCG-8Y1L battery).
Magnetic stripe
See also: Magnetic stripe card
Magnetic stripe technology, usually called mag-stripe, is so named because of the stripe of magnetic oxide tape that is laminated on a card. There are three tracks of data on the magnetic stripe(SONY VAIO PCG-7Z2L battery). Typically the data on each of the tracks follows a specific encoding standard, but it is possible to encode any format on any track. A mag-stripe card is cheap compared to other card technologies and is easy to program(SONY VAIO PCG-7Z1L battery). The magnetic stripe holds more data than a bar code can in the same space. While a mag-stripe is more difficult to generate than a bar code, the technology for reading and encoding data on a mag-stripe is widespread and easy to acquire(SONY VAIO PCG-7133L battery). Magnetic stripe technology is also susceptible to misreads, card wear, and data corruption.
Wiegand card
Wiegand card technology is a patented technology using embedded ferromagnetic wires strategically positioned to create a unique pattern that generates the identification number. Like magnetic stripe or bar code(SONY VAIO PCG-7113L battery), this card must be swiped through a reader to be read. Unlike those other technologies the identification media is embedded in the card and not susceptible to wear(SONY VAIO PCG-6W3L battery). This technology once gained popularity because of the difficulty in duplicating the technology creating a high perception of security(SONY VAIO PCG-7111L battery). This technology is being replaced by proximity cards because of the limited source of supply, the relatively better tamper resistance of proximity readers, and the convenience of the touch-less functionality in proximity readers(SONY VAIO PCG-6W1L battery).
Proximity card
Access control
Proximity reader with keypad
Developed by Elko International
Usage access control
The Wiegand effect was used in early access cards. This method was abandoned in favor of other technologies. Card readers are still referred to as "Wiegand output readers" but no longer use the Wiegand effect(SONY VAIO PCG-6V1L battery). The new technologies retained the Wiegand upstream data so that the new readers were compatible with old systems. A Proximity reader radiates a 1" to 20" electrical field around itself(SONY VAIO PCG-6S3L battery). Cards use a simple LC circuit. When a card is presented to the reader, the reader's electrical field excites a coil in the card. The coil charges a capacitor and in turn powers an integrated circuit(SONY VAIO PCG-6S2L battery). The integrated circuit outputs the card number to the coil which transmits it to the reader.
A common proximity format is 26 bit Wiegand(SONY VAIO PCG-5J2L battery). This format uses a facility code, sometimes also called a site code. The facility code is a unique number common to all of the cards in a particular set. The idea is that an organization will have their own facility code and a set of numbered cards incrementing from 1(SONY VAIO PCG-5L1L battery). Another organization has a different facility code and their card set also increments from 1. Thus different organizations can have card sets with the same card numbers but since the facility codes differ, the cards only work at one organization(SONY VAIO PCG-5K2L battery). This idea worked fine for a while but there is no governing body controlling card numbers, and different manufacturers can supply cards with identical facility codes and identical card numbers to different organizations(SONY VAIO PCG-5J1L battery). Thus there is a problem of duplicate cards. To counteract this problem some manufacturers have created formats beyond 26 bit Wiegand that they control and issue to organizations(SONY VAIO PCG-5G3L battery).
In the 26 bit Wiegand format, bit 1 is an even parity bit. Bits 2-9 are a facility code. Bits 10-25 are the card number. Bit 26 is an odd parity bit(SONY VAIO PCG-5G2L battery). 1/8/16/1. Other formats have a similar structure of a leading facility code followed by the card number and including parity bits for error checking, such as the 1/12/12/1 format used by some American access control companies(SONY VGP-BPS13B/S Battery).
1/8/16/1 gives as facilty code limit of 255 and 65535 card number
1/12/12/1 gives a facilty code limit of 4095 and 4095 card number.
Wiegand was also stretched to 34 bits, 56 bits and many others(SONY VGP-BPS13S Battery).
Smart card
There are two types of smart cards: contact and contactless. Both have an embedded microprocessor and memory. The smart card differs from the card typically called a proximity card in that the microchip in the proximity card has only one function(SONY VGP-BPS13AS Battery): to provide the reader with the card’s identification number. The processor on the smart card has an operating system and can handle multiple applications such as a cash card, a pre-paid membership card, and even an access control card(SONY VGP-BPS13A/S Battery). The difference between the two types of smart cards is found in the manner with which the microprocessor on the card communicates with the outside world. A contact smart card has eight contacts, which must physically touch contacts on the reader to convey information between them(Sony VAIO VGN-FZ15G Battery). Since contact cards must be inserted into readers carefully and the orientation has be observed the speed and convenience of such transaction is not acceptable for most access control applications(Sony VAIO VGN-FZ15T Battery). The use of contact smart cards is physical access control is limited mostly to parking applications when payment data is stored in card memory and when the speed of transactions is not important. A contactless smart card uses the same radio-based technology as the proximity card with the exception of the frequency band used(SONY VGP-BPS13/B Battery): higher frequency (13.56Mhz instead of 125 kHz) allows to transferring more data and communicating with several cards at the same time. A contactless card does not have to touch the reader or even be taken out from a wallet or purse(Dell N3010 Battery). Most access control systems only read serial numbers of contactless smart cards and do not utilize the available memory. Card memory may be used for storing biometric data (i.e. fingerprint template) of a user. In such case a biometric reader first reads the template on the card and then compares it to the finger (hand, eye, etc.) presented by the user(Dell INSPIRON 1764 battery). This way biometric data of users does not have to be distributed and stored in the memory of controllers or readers, which simplifies the system and reduces memory requirements(Dell INSPIRON 1564 battery).
Smartcard readers have been targeted successfully by criminals in what is termed a supply chain attack, in which the readers are tampered with during manufacture or in the supply chain before delivery(Dell INSPIRON 1464 battery). The rogue devices capture customers' card details before transmitting them to criminals.
PIN
A personal identification number (PIN) falls in the category of what you know rather than what you have. The PIN is usually a number consisting of four to eight digits – fewer and the number is too easy to guess, more and the number is too difficult to remember(Dell INSPIRON 1520 battery). The advantage to using a PIN as an access credential is that once the number is memorized, the credential cannot be lost or left somewhere. The disadvantage is the difficulty some people have in remembering numbers that are not frequently used and the ease with which a PIN can be observed and therefore used by unauthorized people(Dell INSPIRON E1505 battery). The PIN is even less secure than a bar code or magnetic stripe card, but it is more versatile.
No comments:
Post a Comment