How to choose the right access control card reader and card

The basic access control system is composed of card reader, controller, card, electric control lock and other accessories. As far as the stability of the entire system is concerned, any part is crucial. The instability of any component will affect the stability of the entire system. But in terms of security, the card reader and the card should be the most important. The card is like an "electronic key". If the key is easily copied by others, the entire access control system will not have any security at all.

The development of card recognition technology has probably gone through the following stages:

Magnetic card-contact smart card-proximity card-contactless smart card. Although both contactless smart cards and proximity cards use RFID, they have the characteristics of contact-free and convenient use. But there are still many differences between them. From the perspective of technology development, it is inevitable that contactless smart cards replace induction cards. The market situation also proves this. In China, contactless smart cards have experienced two-digit growth for several years in a row. It is an indisputable fact that contactless smart card technology is bound to be the next-generation mainstream technology. Many domestic and foreign companies have launched their own contactless smart cards and card readers (13.56MHz). In the face of so many brands of cards and card readers on the market, how to choose safe and reliable products? How can users upgrade from proximity card technology to contactless smart card technology at a minimal cost? This is also a concern for many users.

Product choice

Choose professional access control card and card reader

Speaking of professionalism, many engineering companies or users may find it difficult to have a standard. Individuals feel that the following factors should be considered. Followed ISO standards: For 13.56MHz contactless smart cards, there are usually 4 ISO standards:
ISO14443A
ISO14443B
ISO15693
ISO18000

Each ISO standard includes four parts, such as: physical size, frequency, power and signal interface, initialization and anti-collision and transmission protocol. The ISO standard followed by the card reader and the card, the most direct performance in front of the user is the card reader and the card reading distance, communication speed, etc. For example: products that comply with ISO15693 have farther reading than products that comply with ISO14443 Card distance, but the communication speed is slower than ISO14443. As a card reader and a card disabled by the door, the amount of data transmission between them is very small, any ISO standard communication rate is sufficient to meet the requirements, but if there is a farther card reading distance, it is the most convenient for users Therefore, it is more convenient for users of access control systems to choose cards and readers that comply with the ISO15693 standard. However, if users want to perform biometric authentication such as fingerprints, irises, and palm shapes, and store the biometric template on the card, they must choose products that comply with the ISO14443 standard because the biometric template has a large amount of data. Some companies' products can meet multiple ISO standards at the same time, such as: HID's iCLASS products. HID
The iCLASS card uses the ISO15693 standard when swiping on an ordinary iCLASS card reader to obtain a longer reading distance; but the same card, when it is close to the iCLASS fingerprint reader, will automatically use the ISO14443B standard to obtain a higher communication rate .

Do not use CSN as the access control card number

Due to some historical reasons or other reasons, many users choose to use the card CSN (Card Serial
Number) to do the access control card number. In fact, there are many deficiencies in the security, management and use of the card number for access control with CSN. CSN is also called UID, CUID, PUPI, etc. in some places. The CSN is not encrypted, and reading it does not require mutual authentication. It is like our house number, anyone can see it, and the security is very low. Its role in the ISO standard is only for anti-collision. Many manufacturers have made the following statement to CSN:

"CSN is a unique serial number, which is permanently written into the ROM of the device at the factory and cannot be modified and all serial numbers are guaranteed to be unique." However, many encryption workers, chip manufacturers and industry Experts pointed out: "CSN does not have encryption and protocol layer protection, so it is easy to be copied; moreover, some CSNs can be changed." From this point of view, it is really not a good idea to use CSN as a card number on the access control system. Security risks. Therefore, HID never uses the CSN as the access control card number, but uses the protected data in the contactless smart card as the access control card number, which can achieve a perfect balance between the security, compatibility and convenience of the contactless smart card Balance. Moreover, because the CSN serial number is random, users simply cannot get a set of consecutive numbers, which brings a lot of trouble to use and management. In addition, some manufacturers will intercept part of the CSN for access control card number, there is a risk of duplicate card number.

Don't choose some so-called "compatible" card readers from a company or a brand in the market, especially in the domestic market, there will be some card reader manufacturers claiming their card readers and some major international brands (such as: HID, etc.) is compatible with card readers, the author recommends that users do not purchase such card readers. Because, first, technically, their so-called compatibility may only be compatible with some of the formats or technologies. For example, they can only read CSN, etc., and cannot achieve the security of a real brand; second, many technologies of card readers With patent protection, these imitations or compatibility are inherently a serious illegal act.

Product sequence diversity

The diversity of products mentioned here includes the size, shape, color and interface of products in the same sequence. For card readers, different antenna sizes determine different card reading distances. The brand selected by the user preferably has products with different card reading distances. For example, the user requires different card reading distances for the card reader for access control and the card reader for parking lot. Different shapes are also for the convenience of users, such as cards, key pendants and patches. The different colors are mainly to be consistent with the style of building decoration. Different interfaces can well meet the different functional needs of users in a system. For example, in the same system, the card reader for access control can only have the Wiegand output interface, which is both economical and more capable. Good compatibility with controllers of different manufacturers; card readers for non-cash transactions such as rice sales, can choose card readers with RS232 / RS422 interface, so that the data on the card can be read / written.

An important issue that has been overlooked: data format and card number control.

This is a very important issue for security, but it is often overlooked by many users. It is recommended that users choose companies and products that strictly control the data format and card number. The data format mentioned here refers to the binary data format stored in the card. This format can only be interpreted by the controller. The card number refers to the data stored in the card and is used to represent a cardholder in the access control application. The diversity of data formats is very important. On the one hand, it can meet the personalized needs of a large number of users. At the same time, users can also use their own private formats to ensure the security of access control systems. For example, HID currently has thousands of data formats, and the "Enterprise 1000" format for end users is also available. Strict control of card numbers is particularly important. Imagine if there is no strict control of the card number, what will be the consequences of the access control system? In that way, there will be a large number of cards with the same number, and people with the same card number can enter illegally, which will be a great disaster for the access control system. Strict control of a large number of card numbers is not only a technical problem, but also a management, experience and capital investment problem. It requires the company's strict management system, long-term experience accumulation and a large number of Capital investment. For example, HID uses a strict management system and ERP system to track every card number except the open format and records it in the database. It is impossible to produce cards with the same card number to ensure the uniqueness of the card number. Ensure that only private format and "Enterprise 1000" format cards are sold to designated dealers.

Multi-technology card reader and multi-technology card

In order to facilitate users to upgrade from proximity card technology (125KHz) to contactless smart card technology (13.56MHz) at a minimum cost, some companies have introduced multi-technology card readers, and some companies have introduced multi-technology cards. Multi-technology card reader, that is, the same card reader can be compatible with different technologies at the same time, and can read cards of different technologies (mostly CSN); multi-technology cards are all in the same card, and at the same time integrate the proximity card technology, Non-contact smart card technology, magnetic stripe or contact smart card technology, etc. For multi-technology card readers, although they seem to be very powerful, they only have their specific application range-access control system upgrades. Because its cost will be very high, it is completely unnecessary for users to use it under ordinary circumstances; at the same time, the more compatible technologies, the less safe it is for users. When upgrading, users should choose the appropriate plan according to the actual situation. In order to protect user investment and facilitate user upgrades, HID company also has a multi-technology card reader (RP40) and a multi-technology card (2020: iCLASS Prox Card), users can choose the most economical and most reasonable upgrade plan according to the actual situation— -Whether to use multi-technology card reader or multi-technology card. In general, if the number of users' cards is relatively small, the scheme of replacing with multi-technology cards can be adopted, which is the most economical. Multi-technology cards can be read on the card reader of the old system (inductive card reader, 125KHz). It can also be read in the card reader of the new system (contactless smart card, 13.56MHz). The original system does not require any changes. If the user has a large number of original system cards, the multi-technology card reader upgrade scheme can be used. Once the user's old card is completely replaced, the multi-technology card reader can be re-configured through the preparation card. Security.