Access Control Card Readers
Access control card readers are used in physical security systems to read a credential that allows access through access control points, typically a locked door. An access control reader can be a magnetic stripe reader, a bar code reader, a proximity reader, a smart card reader, or a bio metric reader.
Access control readers are classified by functions they are able to perform and by identification technology:
There are several forms of bio-metric identification employed in access control: fingerprint, hand geometry, iris, Voice Recognition, and facial recognition. Bio-metric technology has been promoted for its ability to significantly increase the security level of systems.
Proponents claim that the technology eliminates such problems as lost, stolen or loaned ID cards and forgotten Pins.
All bio-metric readers work similarly, by comparing the template stored in memory to the scan obtained during the process of identification.
If there is a high enough degree of probability that the template in the memory is compatible with the live scan (the scan belongs to the authorized person), the ID number of that person is sent to a control panel.
The control panel then checks the permission level of the user and determines whether access should be allowed. The communication between the reader and the control panel is usually transmitted using the industry standard Wiegand interface. The only exception is the intelligent bio-metric reader, which does not require any panels and directly controls all door hardware.
Bio-metric templates may be stored in the memory of readers, limiting the number of users by the reader memory size (there are reader models that have been manufactured with a storage capacity of up to 50,000 templates).
User templates may also be stored in the memory of the smart card, thereby removing all limits to the number of system users (finger-only identification is not possible with this technology), or a central server PC can act as the template host. For systems where a central server is employed, known as "server-based verification", readers first read the bio-metric data of the user and then forward it to the main computer for processing. Server-based systems support a large number of users but are dependent on the reliability of the central server, as well as communication lines.
A reader radiates a 1" to 20" electrical field around itself. Cards use a simple LC circuit. When a card is presented to the reader, the reader's electrical field excites a coil in the card. The coil charges a capacitor and in turn powers an integrated circuit. The integrated circuit outputs the card number to the coil, which transmits it to the reader.
A common proximity format is 26-bit Wiegand. This format uses a facility code, sometimes also called a site code. The facility code is a unique number common to all of the cards in a particular set. The idea is that an organization will have their own facility code and a set of numbered cards incrementing from 1. Another organization has a different facility code and their card set also increments from 1.
Thus different organizations can have card sets with the same card numbers but since the facility codes differ, the cards only work at one organization. This idea worked early in the technology, but as there is no governing body controlling card numbers, different manufacturers can supply cards with identical facility codes and identical card numbers to different organizations. Thus there may be duplicate cards that allow access to multiple facilities in one area. To counteract this problem some manufacturers have created formats beyond 26-bit Wiegand that they control and issue to organizations.
In the 26-bit Wiegand format, bit 1 is an even parity bit. Bits 2–9 are a facility code. Bits 10–25 are the card number. Bit 26 is an odd parity bit. 1/8/16/1. Other formats have a similar structure of a leading facility code followed by the card number and including parity bits for error checking, such as the 1/12/12/1 format used by some American access control companies.
- 1/8/16/1 gives as facility code limit of 255 and 65535 card number
- 1/12/12/1 gives a facility code limit of 4095 and 4095 card number.
- Wiegand was also stretched to 34 bits, 56 bits and many others.
There are two types of smart cards: contact and contact less. Both have an embedded microprocessor and memory. The smart card differs from the proximity card in that the microchip in the proximity card has only one function: to provide the reader with the card's identification number. The processor on the smart card has an embedded operating system and can handle multiple applications such as a cash card, a pre-paid membership card, or an access control card.
The difference between the two types of smart cards is the manner with which the microprocessor on the card communicates with the outside world.
A contact smart card has eight contact points, which must physically touch the contacts on the reader to convey information between them.
Since contact cards must be inserted into readers carefully in the proper orientation, the speed and convenience of such a transaction is not acceptable for most access control applications. The use of contact smart cards as physical access control is limited mostly to parking applications when payment data is stored in card memory, and when the speed of transactions is not as important.
A contactless smart card uses the same radio-based technology as the proximity card, with the exception of the frequency band used: it uses a higher frequency (13.56 MHz instead of 125 kHz), which allows the transfer of more data, and communication with several cards at the same time. A contactless card does not have to touch the reader or even be taken out of a wallet or purse.
Most access control systems only read serial numbers of contactless smart cards and do not utilize the available memory.
Card memory may be used for storing biometric data (i.e. fingerprint template) of a user.
In such case a biometric reader first reads the template on the card and then compares it to the finger (hand, eye, etc.) presented by the user. In this way biometric data of users does not have to be distributed and stored in the memory of controllers or readers, which simplifies the system and reduces memory requirements.