Contactless Access Credentials Guide

Author: Brian Rhodes, Published on Sep 10, 2015

Few access topics are as complicated as contactless credentials. Chosing the correct one can be the difference between a secure facility and wasting big money. Understanding how they operate and what their specifications mean is a big challenge.

In this update, we cover the basic elements needed to specify the right contactless credentials everytime, including:

  • HID vs. NXP Credential Formats
  • 125 kHz vs. 13.56 MHz Frequencies
  • Facility Names
  • Facility Codes
  • Card ID/Serial Numbers
  • ISO 14443A vs. 14443B
  • Form Factors

*** ****** ****** *** ** *********** ** *********** ***********. ******* the ******* *** *** ** *** ********** ******* * ****** facility *** ******* *** *****. ************* *** **** ******* *** what ***** ************** **** ** * *** *********.

** **** ******, ** ***** *** ***** ******** ****** ** specify *** ***** *********** *********** *********, *********:

  • *** **. *** ********** *******
  • *** *** **. **.** *** ***********
  • ******** *****
  • ******** *****
  • **** **/****** *******
  • *** ****** **. ******
  • **** *******

[***************]

Credentials ********

***** ***** ********** ******* *****, *** ********** ****** *** **** 'contactless' *****. ********** *******, ****** **% ** ******* *** *********** ***** ** **** built **** ** ********* ********** **** **** ** ******* *** read **** ******* ***** ** * ****** ****. **** '******** power' ******* ** ************** ****** ********.

** ***** *** ******* ********* ** **** ** ************ ******* ********, ******* *** ****** ****** ***** * ***** ********* ** *** card, ********** ******** ****** ** * ****** **** *********** ****** a ******** **** ******** ******* *** ***.  *** ***** ***** details ******* ******** ********** ** *** ****, ***** *** **** antenna ******** ******, *** ********* ****** **, *** **** **** discharges *** **** (**********) **** **** ******* *** ******* ** the ******:

** *******, *** *********** *********** **** **** *** *** *** exact ********** **** ********* *********, **** ** ********** ****, **********, and ****** ** *** **** ******* **** ** *** *****.  In *** ******** **** ******, ** ******* ***** ********** ** depth.

Contactless *********** ********* ** ******

*** ** *** ******* *********** ** *********** *********** ** *** format ** *** **** ** ********, ********* ********** ** *** manufactured **. ******* ** ***** ******** ** *********** *********** *** ******* ********* ** ******** ** *** ****** *** *** *************.

*** ********

***** *** ****** ***** ********* **** **** '*********' *********** ** the ***** ****'*, *** ****** **** ** ********** **** **'* *** *** "****" *********. ***** ***** ********* ** **** *****, *** ******* ****** '*** *********** *****' *** * **** swath ** *** ******** ******, *** **** ******** *** ****** brands **** *****, *********, *** *******. *** *******'* ****-***** ******* include:

  • "*********": ** ***** *** *** ******, *** ***** ********* **** *** ********* **** ** *** systems
  • ******: ** *** ****** ******** **.** *** '*********'

*** ** *** **** ****** ****** *** *********** ** *** US. ******* ** ********** ****** *****, *** ** **** ** license *** *** ** *** ********** ******* ** * ******* of ********** *** ****** *************. **** **** ********* ******* '*** 14443 *********' *********, *** ******** ******* "**** *" ********* (** Part "*" - ********* ** **** ****** *****).

*** ********

******** ******** *************, ******-***** *** ****** * ****** ** '***********' ********** ********** **** ** * number ** ******* - ********, *******, *** **********. **** ********** adoption ** *** ********* ** ********** *************, *** ****** * catalog ** ***** ***** ** ****, *********:

  • ****** ****: ***'* *** *** ****** ***** ** ***** ****** ** *** *********, *** *** as ****** ******* ** ***'* "*********" *****
  • ******/*******: ** *** ********* ***** *** '*********' ******, **** ********* on **.** *** *** '*******' ******* *** ********** ** *** early ***** ** *********** *** ****** **** '****** *******' ***********. DESFire *********** ******* ******** ********** **** ******** ****** ********** *****. The '*******' ****** **** ***** ******** *** ***** ********** ** ***** *******, *** ******* ********* **** ******. ******* ***** ************ **** made **** ** ***********, *** ******** ****** ******* ***** ***** be ****, *** *** ****** ****** ***** ** '******/*******'.

****** ***, ***'* ********** ******* *** '*******-****' *** *** ********* standards *** ********* *** ********** *** *** ** ****.  *** manufacturers *** *** ***** ******* ** "**** *" *********.

US ** *** *****

******* ** *** **************'* ******** ** **** *** *** **** ** *********, ******, *******, *** *** ********** derivatives *** ******* ******* *** **.

*******, *** ******'* ********* ******* *** ** *** ********, ********** in *** **. ******* *** ********** **** ** ********* ********* *********** and *******, *** ******* **** ******** ******* **** **** *** ********** *** formats *** *** ***** ** ******* *********** ** * ******.

125 *** ** **.** ***

*** **********'* ** ********* ******* * *** **** ** *** performance. ******* ******* *** **** **** *********** ********* ** ******** matching ***********, **** ********* ** *** ***** ** ********. ** we ******* ** *** **** ****** ********, ** ********* *** ****** **** *** *****, *********** *** ****** not ****. *** ***** ***** ***** *** ********* ** ******* formats:

******* *** ******* ********** ******* *** *** *** **.** *** *********** is ********** ********.  **** ** ********* ** *** **** **. ****** ********* ****, *** *** ******* ** *** ******* ********** *** *** be ******* ** *******.  *******, **.** *** ******* *** ********* (usually *** *** *** ** *******) *** ********** **** *** only ** **** ** * ****** ************ ***** *** *** to ** **.

Deciphering ********** *****

*** ** *** **** *********** **** *** *********** *** *** users ***** ** ****** *********** ***** ********** * ****** ** using. *** ****** ** ******* **** ******** ** ******* **** no ********** ** ************* *** ***** **** *** ****** ** be * ***** ***** ****. *** ***** ***** ******* **** different ********** ***** **** ************ ********* *********** *** ******** ***************, yet **** *** **** *** **** ** *** ********* ***:

*** *********** *****, *** **** **** ***** **********:

  • ****** ****:**** ********** *** *** *** **** **** *** ********** *********, usually ******* ** ** *** ******** *** ******* *******. *** example ****** ** *** ******* ** *** ******, ****** ** HID's ******* ** ***, *** ** **. *** **** *** to ******* *** ****** **** ** * **** ** ** locate * *** ***** ** ******** *****, ** ***** ****** ********** (*****'* ******* ******) ** ********* *** *** *********** ****** ** a ******** ******.  
  • ******** ****: **** ********* ** *** ******* ** *** **** ** most *****. **** ***** ** *********** ** **** ********* ***** on *** ******, *** *** ** ****** ***** *** **** online *********** *** ****** ****.  ** ******* *****, ****** ******* must ** ********** ** ****** ******** ******** ***** *** **** low-end ******* *** ***** ********** ***** ** *** ******** ******.  Without ******* **** ****, *********** *** *** **** ** ****.
  • **** ** ******: ** **** *****, *** ** ****** ** ******** ** printed ** *** ****. **** ****** ** *** '****** **' that **** * **** ** * ******** *****. ***** ********** numbers *** *** ** *****, ********* ******* ***, *** *** same **** ** *** ******** ***** ********** ****** ** ****** twice ** *** **** ******.

** **** *****, * **** ****** ** *********** **** '****' an ******* **** *** * ***, *** **** ****** ***** are *** ******* *** *** **** ******* ******** ****.

** ********* *****, * *** ***** ** ***** ********* ** production *** ** ***** *** ********, ******* *** ** ****** all ***** ****** ** **** ***********, ** *** * ********** part ******:

The ***/*** ***** ********

**** ****** ********* ***'* ****** **** ***'* ****** *********, *** ** *** *** ********* ************** of ** *** ********, **** ***** '****' *** **** ** most *******. *******, ******* ***** ******** ** *** ******** **** room *** ***************, *** *** *** ******** ***** '*********' ********* with * ********* ********** *********.

*** *** ****** ** **** ** **** ******** ** ********** claim '*** ***** **********', *** *** *** ******** ***************. ** ********* **** **********, ISO ******* ***** ** ******* ***** '* ***/** *' ** ********* *** *** *********. **** ******* ** these ***** *** ******** ****** '*****', *** *** ******* **** is ********** ******* *** ***.

** *******, ******* ***** ** ** ********* **** ** ***** 'Part *' *********, **** ***-**** *** *** ******** ***** ****.

 

*********, ******* ******** ************ ** *** ** ** **** ******* with * ******* ****** ****** ******* *** ** '**** *' compliance **** ***:

*******, *********** ***** '*****' * ****** ** ********** ** ********* with ** *** ****** ******, *** ********** * ******** *****/**** of ********** *** ** **** ** ********.

Smartcard ****************

***** *** '**** * & *' ******** ** *** ***** separates ******* **** ***** *** ****, ** **** *** ****** mean **** *** ******** **** **** *****. ******** ** *** 14443 *** *** **** ** **** *****, ********* *** '**** Serial ******'. *** **** ****** *******, **** ** *** ****** number **** ********** ****** *****, *** ******* **** ****** ** not *******, ** **** ******** ** '*** ********' *******:

  • ***/*** ******: *********** *** ****'* ****** ********** ** ******** ******* ** ** not ****** ** *** **** '*********' *****. **** ****** *** platforms *** **** **** ****** ** ****** * ****, *** instead *** *** ******** ******** ** ****** ******, *********, *** privileges.
  • ******* ****/*****: *******, *** **** ******** ** ******* ****** *** **** ** encrypted *** ********** ****** ********* ******* *** ****. ********** *** access ******* ***** *** ********** ****** *** ******* (**: *****, ***** *******) *** *** *****-****** ************** (**: **********) **** ******** ***********, *** ****** *** ** *** sufficient.

The *** ********

** ***** ** ********, *** *** ********** ******* *** *********. The '**** ****** ******' (******* ** *** *********) *** **.** *** ***** *** ***** ** **** ********** ** underlying ******, ********** ******, ** **********. *** *** *** ** usable ** * ****** ** ** *** ******, *** *** full ******* ** *** ********** **** *** ** *********.

*** ******* ******* **** **** * *** ***** *** * hundred ** **** ***********, ***** *** *** ** *** ******* ID *** *** ** * *******. *******, *** ****-******** *****, systems **** *** *********** *** ******** ********, ** *** ***** systems ***** ********* *********** *** * **** ***** **** ***** are *** ****** *** ********** *** *********** *** *** **** as *** *** *******.

Form ******

********** ****** *** *** **** ******* ** ***** ** ****. Like ** ***** ** *** ****** ********** **** ****** ********, *** **** *** ****** ** ******* * ********** *** include ********, ******, ****-***** *****, ** **** *******

*** **** ****** ** *** ********** ***** ** ** ********* consideration ** ******* ********** *** ******* ****.  *** *******, ***** a ***** *** **** *** ** ***** ** ***** ** ID ***** ** *** **** **** * *******, ** *** easily ** **** ** ****** ** * ***** ***********. * key ***, ***** ********** *** ******** * ******* **, ** designed ** ** ******* ****** ** ********* *****, ***** *********** exposures, *** **** ********** ** *****.

*** ***** **** ****** ****** ****** ** ******** ** *** user, *** *** ****'* ***********, *** ** ******* *** ***** credential ***** **** ******** **** ****** ******* ** ****.

System ******

** ***** ** ****** *******, ********** *********/******* ****** **** ****** design. ****** ********* **** ******** *** ********** ******, *** *** subsequent ****** ** **** **** ***** **** **** ******. ** terms ** '****** ********** ********' *********, **** ****** **** *** generally ******, ******* *** ****** ****** ********** ********** *************. ** long ** *** ******** ** ********** **** *** ******, ********** choice ** * ******** ******, *** **** ******* ********** ***** based ** ********* *** **** ** ******** ****** **** ********** difference.

*******, **** **** ******** ** ****, ******* *** ****** ******* they ********* ******* *********** ** *********** ** ****** *******. ******** from *** ****** ** *** ***** *** **** ********* *** affects *** *****, ** ******* *** ********.

Comments (3)

**** ***********. ***** ** * *** **** ***** *** ******* that **** ********** ********** *** ***** ******** **.

* *****.

**** * **** ** ******** ** *** ********* ** **** article ** ** *** *** ******* ***** ** **** * nice ********. *** ***** * "****'* *** ****" ******* ** what *** ********** *** ** * ******** ****** *** **** zoom ** ** *** ****** *********.

***** *********** *** ***** * ****** **** ********* **** * am **** **. * ******* ************ ******** *** **** ****** systems, *** **** *** **** * ***** ******** ** *** the ****** ******** *****!

Login to read this IPVM report.
Why do I need to log in?
IPVM conducts unique testing and research funded by member's payments enabling us to offer the most independent, accurate and in-depth information.

Related Reports

Anti-Hack Access Card Shields Tested on May 26, 2017
Keeping your access control card information secure is becoming a big priority, especially since cheaper copiers can hack details easily. Multiple...
Alarm Supervision Guide on May 24, 2017
Burglar alarms can constantly monitor the health of attached circuits, sensors, and devices to ensure that they remain operational. This is known...
Hackable 125kHz Access Control Migration Guide on May 19, 2017
Despite being one of the most popular credentials, 125 kHz credentials are easily copied and insecure as we showed in our test results, video...
Technician Personal Protective Equipment (PPE) Guide on May 12, 2017
Technicians encounter multiple hazards when running wires and installing security devices. Wearing personal protective equipment, or PPE, helps...
Burglar Alarm Partitions Guide on May 10, 2017
Many burglar alarm systems have a single designated level of access for users. A user can arm or disarm the entire alarm by entering a single code....
Alarm Circuits Guide on May 09, 2017
Alarm circuits are a fundamental element of wired burglar systems. Designing the alarm circuit greatly affects its performance. In particular,...
Smartphone Controlled Kevo Lock Tested on May 04, 2017
Smartlocks are a growing market, with millions sold. Kwikset's Kevo is one of the most common choices, using the Unikey smart phone access control...
Hack Your Access Control With This $30 HID 125kHz Card Copier on May 01, 2017
You might have heard the stories or seen the YouTube videos of random people hacking electronic access control systems. The tools that claim to do...
Last Day - IP Networking Course May 2017 on Apr 26, 2017
Today is the last day to register for the May IP Networking Course. This is the only networking course designed specifically for video...
IPVM First Dean's List W2017 - Thomas Atkinson, Matt Hurly and Fredrik Lundqvist on Apr 24, 2017
IPVM is happy to congratulate and celebrate our first "Dean's List", the top students in our courses. For the Winter 2017 IP Networking course...

Most Recent Industry Reports

Anti-Hack Access Card Shields Tested on May 26, 2017
Keeping your access control card information secure is becoming a big priority, especially since cheaper copiers can hack details easily. Multiple...
H.265 / HEVC Codec Tutorial 2017 on May 25, 2017
Since 2013, video surveillance professionals have talked about the potential for H.265. Now, in 2017, H.265 is starting to gain mainstream...
Camera Course Summer 2017 on May 25, 2017
Learn video surveillance and get certified. IPVM provides live online classes, recorded videos, personal help, cutting edge education and...
Most Respected Manufacturer Competitors on May 25, 2017
Manufacturers told IPVM what competitor they most respected. In terms of total revenue, Hikvision, Dahua and Axis are certainly tops but would...
CyPhy 'Unlimited' Flight Time Security Drone Examined on May 25, 2017
Drones face several issues as commercial security platforms - legal restrictions (e.g., in the US, the FAA), costs, and limited flight durations...
Milestone Entry Level Mobile Password Vulnerability Disclosed on May 24, 2017
While many manufacturers have only addressed cybersecurity vulnerabilities after public disclosures were made (or threatened), Milestone has...
How Integrators Use IPVM on May 24, 2017
150 integrators explained how they use IPVM and how it helps them stay informed and improve their business.  The 4 main uses integrators cited for...
Alarm Supervision Guide on May 24, 2017
Burglar alarms can constantly monitor the health of attached circuits, sensors, and devices to ensure that they remain operational. This is known...
Arlo Go Cellular Cloud Camera Tested on May 23, 2017
Totally wireless surveillance cameras are growing but almost all typically depend on a hub and local Internet access. However, many outdoor...
Avigilon New COO James Henderson Profile on May 23, 2017
It has been nearly 2 years since the infamous Bryan Schmode 'resigned' as Avigilon COO. Now, Avigilon once again has a COO, promoting James...

The world's leading video surveillance information source, IPVM provides the best reporting, testing and training for 10,000+ members globally. Dedicated to independent and objective information, we uniquely refuse any and all advertisements, sponsorship and consulting from manufacturers.

About | FAQ | Contact