Skip Navigation

Topic: The Smart Card Movement

Q&A with Peter Boriskin, Software House, a part of Tyco Fire & Security’s Access Control and Video Systems

The transition to smart cards is the next logical step in the evolution of access control. As vendors present new technologies to remove the barriers that have slowed the smart card transition, the benefits to all in the security space will be immeasurable. Following is a conversation with Peter Boriskin of Software House regarding smart card technology.

Q: For a security manager looking into the possibilities of smart cards in his/her organization, what are some of the things you would tell them in relation to the enhanced security provided by smart cards?

A: It’s certainly well known that smart cards are more secure than proximity cards. The ability to duplicate cards is much more difficult with a smart card and reader system. In addition to encryption, which allows for access and privileges to be assigned to a card recipient by tying those privileges specifically to documentation or identity, the ability to add biometric identifiers to a smart card because of the enhanced memory of the chips makes smart cards a more secure solution. The combination of smart cards along with addition of a biometric identifier makes smart cards the most secure access control card solution on the market.

Q: What about facilities that don’t need that high level of security? What are the advantages of smart cards for an enterprise that is comfortable with the security provided in its current proximity or mag stripe system?

A: While not every organization needs smart cards, there are certain advantages for many facilities beyond enhanced security. With smart cards, cashless purchases can be made at the company cafeteria and vending machines can be tied into smart cards. Certain departments within a company can be allotted money on a smart card as well to better control internal spending. For example, a department might be allotted money to buy lunch at the company cafeteria for every new employee. The head of that department can then use a department smart card designated for that purpose. This eliminates the need for internal spending expense reports and time is saved with payroll/human resources.

Q: Security Managers are now under pressure to integrate physical security with logical/IT security. Can smart cards help in this effort?

A: Organizations such as the Open Security Exchange (OSE) discuss how the lack of assimilation between physical and IT security is perhaps the most glaring example of how security management remains fragmented at most organizations today. Without physical/IT security integration, security teams cannot readily determine if someone is trying to use a computer system while its owner is not physically present in the building. The ability to bring physical door access and IT user identification together will significantly streamline the costs and potential security concerns associated with credentialing employees. The cardholder can now gain access to both computers and entranceways with a single card.

Q: Beyond the security and IT departments, how can smart cards help other entities within an organization such as human resources or payroll?

A: One way to show the benefits of this technology to your company is to look at the business overall. For example, by integrating time and attendance into smart card use, access control information stored on a smart card can be routed into human resources databases, allowing the department to track the attendance habits of their employees in a more structured manner. In addition, payroll can take advantage of the cards by replacing punch cards to track time with smart cards.

Q: How likely is smart card adoption to happen over the next few years? How much is hype and how much is going to happen?

A: To date, the government sector has led the charge as the largest adopter of smart card systems. A report released by the U.S. General Accounting Office (GAO) in 2003 found that 18 federal agencies had initiated 62 smart card projects, though most were of a somewhat smaller scale. Software House already has early adopters of smart card technology, mainly global companies with whom we service.

Even though the enterprise market is adopting the technology, it has not been as wide-scale as the government. Like many technologies, the government likely will lead the charge with the adoption of this technology while the enterprise market will be close to follow.

Q: What are some of the barriers security managers might face when considering smart card adoption?

A: The single biggest barrier to wider smart card adoption has been the lack of interoperability among cards and readers and the costs associated with this challenge. The coming year will be one of change, as the barriers toward interoperability come down following the arrival of the multi-technology reader.

These new readers, introduced late last year, are open standard, multi-protocol readers that can read both proximity and smart cards. This new breed of readers can process multiple smart card protocols and multiple proximity card protocols simultaneously.

This multi-frequency, multi-protocol and multi-modulation approach allows customers – until now locked into proprietary reader/card technology and stalled by infrastructure upgrade costs – to use their current proximity cards as they transition to a smart card system. This allows them greater overall flexibility when choosing new, more advanced smart cards.

Q: What are the latest technologies security managers can take advantage of when deploying smart card systems?

A: Late last year, the next generation of access control readers was unveiled. These new readers cover multiple standards, removing any speculation on which standard is best. They also read both smart and proximity cards from different vendors to allow for simpler transitions, and leave room for future advances in card technology to protect investments over time.

Q: For a security manager who has decided to upgrade, but doesn’t know where to begin, what would you tell them?

A: Beyond getting buy-in from the executive staff by highlighting some of the advantages to the overall business, when it comes to the technology itself, any smart card migration has to start with the readers. Only true interoperability with existing proximity cards and new smart cards will allow companies to gradually make the transition. For example, by putting a multi-technology reader in place in certain doorways that read both proximity cards and smart cards, both the addition/replacement of readers to entranceways and the re-badging of employees can be absorbed over time. In addition, the multi-technology reader can protect the customer’s investment regardless of what smart card technology becomes the standard.

No longer should the costs of a smart card migration/upgrade be either daunting or immediate. Companies will now have the option of executing a more simple transition, now that their existing proximity cards can co-exist with the incoming smart cards.

Appearing in the April 2005 issue of Security Products