Card Readers For Access Control Applications

A reader, keypad or combination of both is an essential ingredient in virtually any access control system, and in the majority of systems the reader will be a prox reader.

Although biometric readers are on the horizon, this technology has yet to establish itself in mainstream access control installations. The original allure of biometrics was to eliminate the need for a credential by using a human physiological characteristic like a fingerprint or hand geometry. Although the technology is here, the cost to implement it is too high for the majority of customers.

There are constraints where the biometric “signature” is used without a credential. The biometric system must first read the finger or hand, and then compare that template with the stored database of authorized users. This takes processing power and time.

When used with a credential, such as a smart card, a template of the user is stored on the credential, and the system has only to compare the individual's fingerprint or hand with the template stored on the credential. While this technique verifies the cardholder's identity, it doesn't fulfill the goal to eliminate the credential.

No doubt, biometrics will eventually become the defacto standard for identity verification, but for the present time, credentials still prevail.

CARD CREDENTIALS

Card credentials offer additional benefits. As mentioned, smart cards are imbedded with data to allow multi-factor authentication. Card credentials also can be used for multiple purposes by carrying more than one type of data. By having the cardholder's image and other information imprinted on the credential, it becomes a powerful security tool, allowing employees to all participate in the security management of their workplace. Photo-ID also enhances the professionalism of the organization.

In access control, proximity credentials are by far the most popular. It is curious that for debit cards and credit cards, a much older and far less secure type of encryption, mag stripe, still prevails. Magstripe is also very popular in educational facilities, where legacy card populations, and installed hardware constrain budget conscious facilities managers from scrapping what they already have and retooling.

Because much new technology in access control is proximity-based, it is very common to see access credentials with both proximity and magstripe encoding.

SPECIFYING THE RIGHT CARD READER

Obviously, your choice of what card reader to use will be based on the following basic issues.

1- The reader must be able to read the format of your credentials.

2- The data back to the access controller uses a communications protocol that is compatible with your access controller.

3- The environment the reader will be installed and used.

4- The mounting options you have for placing the reader must be accessed.

5- The read range you will require for the reader must be determined.

CARD ENCODING FORMAT

The industry standard format is 26-bit. It is an open format. (The use of this format is not restricted). The data encoded using 26-bit format consists of 255 possible facility codes. Within each facility code, there are 65,535 unique card numbers. This means there are a total of 16,711425 unique codes available in the 26 bit format.

There are three universally recognized factors for authenticating individuals:

• ‘Something you know,' such as a password, PIN

• ‘Something you have,' such as a security token.

• ‘Something you are,' such as a fingerprint, retinal scan or other biometric.identifier.

Using only one of the first two factors is considered weak authentication.

The use of a memorized PIN or biometric template in conjunction with the proximity credential is referred to as multiple factor authentication and regarded as strong authentication.

Several other Wiegand formats with higher levels of security are available to the access control industry.

READER TO CONTROLLER PROTOCOL

You will encounter several communications protocols in access control.

RS232 is typically used to connect a PC to a peripheral, for example, a printer. RS 485 is commonly used to connect all the access controllers together.

Clock & Data is how magstripe readers communicate with access controllers.

Wiegand is the standard interface between card readers and controllers. The term Wiegand originally applied to the technologies incorporated into a device called a Wiegand Reader and the credentials used with it. The Wiegand card was plastic, and had many tiny pairs of wires imbedded into it which formed a pattern which represented the encoded data on the credential. Although you couldn't see the wires with the naked eye, it wasn't difficult to figure out the pattern of the wires, and therefore possibly duplicate a card surreptitiously.

The Wiegand card was used in what was referred to as a turnstile reader. This reader had a slot in it, and the user dragged the card through he slot for it to be read. The Wiegand Card reader connected to the access controller using a data transmission protocol also called Wiegand. Although Wiegand cards and readers are no longer ‘technology du jour,' Wiegand protocol survives and is the most commonly used interface between readers, keypads and alarm controllers. The Wiegand interface requires three conductors; DATA-1; DATA-0; and DATA RTN. You'll usually see an additional wire or two for audible (beeper) and visual (LED) signals on the reader.

ENVIRONMENTAL FACTORS

Proximity readers do not have slots or other apertures. The credential does not have to make physical contract with the reader. Additionally, proximity readers are frequently encapsulated modules with a short piece of cable for connection to the access controller, or housed in waterproof lexan cases. For particularly harsh environments, the reader may be further protected with non-metallic shields. Proximity technology uses low power 125 Kilocycle Radio Frequency transmission, which is attenuated by metal and distance between the credential and the reader.

MOUNTING OPTIONS

Proximity readers are versatile and robust. There are many package styles from which to choose. Many commercial applications involve storefront type structure, and there are numerous mullion mount type proximity readers available. Single-gang electrical boxes are also a favorite home for proximity readers which blend into the aesthetics of any environment.

Perhaps someday you will be able to really impress a client if you remember that a proximity reader can read through plate glass and non-metallic wall material.

READ RANGE

Mounting options might be partially dictated by the read range of your proximity reader. For example, for parking control applications, you would need to mount the reader on a pedestal, and an extended range would also be beneficial to assure convenience to the end-user and maximum through-put. In situations where the reader cannot be mounted in close proximity to the door being controlled, an enhanced read range might be a benefit.

On a recent project where we were installing access control onto the computer room door, we installed an extended range reader at the client's request. The idea was to maintain an aesthetic continuity throughout the structure where we already had a couple of dozen of the enhanced range readers in service. However, shortly after the access control system went into service, we got a hysterical phone call from the security department for us to hurry over. Seems that the computer room door was in a narrow hallway, and individuals merely passing by the reader were being picked up and producing unauthorized cardholder reports, or unlocking the door for those with authorization even if they didn't want to enter the computer room. We replaced the reader with one with a more appropriate read range.

Your experiences and usage of card readers will vary on the nature of your business and the markets you serve. And the number of units sold may not accurately reflect the dollar value of those sales.

Here's an informal report of my own experiences in the last year.

For standalone access, we sold far more keypad types than those with integral readers, although the fact that some products had readers which could be used later if a security upgrade was required was a valuable sales feature that contributed to closing deals.

For network access we sold many magstripe systems, but this was largely due to add-ons to existing systems for educational institutions. Otherwise, prox was the next most popular, and curiously, the large long range readers were most used.

Standalone and hardwired systems using i-Button fobs were easy to sell and popular among our smaller commercial clients. I-button fobs are extremely robust, and the readers can be adapted to a wide variety of applications.

I did one biometric system last year and it was a standalone, and a near disaster. (The vendor was Korean, and the lapses in product support were exasperating.)

In the retail side, non restricted keyways are far and away the most popular, but for the corporate sector, restricted keyways and interchangeable cores are gaining a lot of market share as low cost alternatives to electronics, and as a defense against the negative press associated with key bumping.

About the Author

Tim O'Leary

Tim O'Leary is a security consultant, trainer and technician who has also been writing articles on all areas of locksmithing & physical security for many years.