Contactless smart cards precisely balance security and user-friendliness, but they’re not all created alike. If you’ve ever waved a contactless smart card in front of a door lock, metro turnstile or store checkout, you know that it’s fast and convenient. If you haven’t, chances are good that you will soon.

Contactless technology is already widely used in Asia, Europe and North America. Train and subway systems around the world use contactless smart cards for transit payment. Major US cities such as Boston, Chicago, Washington D.C. and San Francisco are implementing contactless smart card-based Automatic Fare Collection (AFC) systems.

In the United States, contactless payment systems are used for a wide variety of applications. For example, Chase Bank US recently announced a broad roll-out of ‘blink’-branded credit cards, and KeyBank is offering debit cards branded with MasterCard’s PayPass. Both products include contactless payment technology.

Another important application for contactless smart cards is physical access control, where contactless smart cards are increasingly accepted as the credential of choice. Just as proximity technology brought advantages over magnetic stripe and weigand card technology 20 years ago, contactless smart card technology today is bringing new advantages over proximity. Contactless smart cards are both robust and flexible, giving security professionals the ability to reduce maintenance costs, improve employee productivity and increase security.

As this technology takes hold in the security industry, it is important to understand the standards that have emerged for contactless smart cards. Contactless smart cards use electromagnetic induction to transfer information between the card and a reader that is located at a few inches or feet away. Contactless smart cards don’t require a battery, so the card will not stop working after a few years. The lack of physical contact eliminates to wear and tear, so the contactless smart card does not have to be replaced often. For example, a credit card that uses a magnetic strip (also known as ‘magstripe’) stops operating correctly much earlier when compared to a contactless smart card.

Another key difference between today’s contactless smart cards and cards that use magstripes, proximity Radio Frequency Identification (RFID) or older technologies is the flow of information. Although the latter can be loaded with information - such as an account number - they are ‘read-only’ because that’s a one-time programming process. By comparison, today’s contactless smart cards are ‘read-write’ because they can be programmed and reprogrammed - although only by authorised sources and then in a tightly secured process.

Here is why contactless smart cards provide power with flexibility: Although contactless smart cards look like their magstripe and proximity cousins, they contain a small integrated circuit with on-board storage space and far more security. As a result, not only are contactless smart cards capable of storing more information, they are also able to interact with card readers and accessory systems, rather than merely serving as mute subordinates.

These abilities directly affect the return on investment (ROI) and total cost of ownership (TCO) for the companies that use or issue contactless smart cards. For example, a contactless smart card can host multiple applications, so the cost can be spread over multiple initiatives. In the case of an enterprise, a single smart card could be used for purposes such as identification, access to buildings and IT systems, or paying for lunch in the company cafeteria.

Contactless smart cards improve ROI and lower TCO by providing flexibility to host multiple applications, including those that weren’t envisioned when the cards were initially deployed. That flexibility is particularly important for contactless smart cards used initially for access control, but gradually enhanced to support revenue-generating applications.

Although contactless smart cards are ideal for a wide variety of applications in areas such as retail, government, security, transit and financial services, choosing the right contactless smart card is key for ensuring a successful deployment. That’s why it’s important to understand the major standards and how they determine the differences between one contactless smart card and another.

The two major contactless smart card standards today are International Organization for Standardization (ISO) 15693 and 14443. Both standards define the protocols, data formats and other features necessary to ensure that contactless smart cards can communicate with readers and applications that adhere to the same standard. However, it’s important to note that as far as reader-writer devices are concerned, supporting one standard does not lock out other options. For example, HID’s iCLASS contactless smart card readers work with cards based on 14443A, 14443B2 and 15693, as well as related protocols such as MIFARE.

ISO 15693 is the basis for contactless smart cards designed for use over distances of up to one meter (3.28 feet). This range makes them a good fit for applications such as physical access or controlling entry to a parking garage, where it’s inconvenient for users to open their door or roll down a window just to get a contactless smart card close enough to the reader to work. By comparison, contactless smart cards based on ISO 14443 are designed for a range of about 10cm (3.94 inches), so they are a good fit for applications such as vending machines.

Another advantage to contactless smart cards is data speeds. Because an ISO 15693 contactless smart card can transfer data over a longer distance, its throughput is about one-quarter the speed of ISO 14443’s rate. However, contactless smart cards usually transfer small amounts of data, so throughput isn’t a deciding or noticeable factor.

ISO 15693 has helped contactless smart cards’ cost structure. The ISO 15693 standard serves as the foundation for a wide variety of applications outside of contactless smart cards, such as airline baggage tracking and supply chain management. Such an extensive adoption means more ISO 15693 components, which will reduce prices as their volumes increase, a plus for contactless smart card vendors and their customers. That is why contactless smart card solutions based on ISO 15693 typically cost less than models based on technologies such as MIFARE.

A widely used technology isn’t the same as a standard. For example, although MIFARE technology is used in many contactless smart cards, it’s not a standard, nor is it the only read-write technique available. The current trend is toward using ISO 14443 for transit applications and ISO 15693 for tasks such as access control. For example, when HID introduced a contactless technology that was optimised for access control called iCLASS, the company selected the ISO 15693 standard because of its advantages.

Although ISO 15693 uses the same 13.56MHz band as MIFARE and offers the same features, there are some key differences. For example, ISO 15693 supports a read range of up to five times longer than MIFARE. That extra distance lets ISO 15693-based contactless smart cards tap into a wider range of applications. iCLASS also has tougher security, thanks to its 64-bit key. By comparison, MIFARE uses only a 48-bit key.

In conclusion, the bottom line is that although contactless smart cards are ideal for a wide variety of security and non-security applications, picking the right contactless smart card is critical for a successful implementation. That’s possible only with an understanding of the standards and how they affect factors such as ease-of-use and security. For physical access control in particular, choosing a more secure, simpler, diversified and multi-faceted smart card technology based on 15693, such as HID’s iCLASS, provides a competitive edge with endless possibilities.

BIOS, Mar 31, 06 | Print | Send | Comments (0) | Posted In Miscellaneous