Contactless Access Credentials Guide

By: Brian Rhodes, Published on Oct 29, 2018

Contactless credentials are the most common component used in an access control system and while many look alike externally, important differences exist.

Choosing the correct one can be the difference between a secure facility and wasting significant money. Understanding how they operate and what their specifications mean is a big challenge.

** **** ******, ** cover *** ***** ******** needed ** ******* *** right *********** *********** ***** time, *********:

  • *** **. *** ********** Formats
  • *** *** **. **.** MHz ***********
  • ******** *****
  • ******** *****
  • **** **/****** *******
  • *** ****** **. ******
  • **** *******

Credentials ********

***** ***** ********** ******* exist, *** **** ****** choice ** **** '***********' types. ****** **% ** systems *** *********** ***** or **** ***** ** unpowered ******* **** *** excited *** **** **** brought ***** ** * reader ****. **** '******** power' ******* ** ************** ****** ********. *** ******* ** demonstrated *************** ** ************ *********:

** ***** *** ******* principle ** **** ** our ********* ******* ********, ******* *** ****** itself ***** * ***** collected ** *** ****, eventually ******** ****** ** a ****** **** *********** powers * ******** **** transfer ******* *** ***. The ***** ***** ******* typical ******** ********** ** the ****, ***** *** wire ******* ******** ******, the ********* ****** **, and **** **** ********** ICC **** (**********) **** back ******* *** ******* to *** ******:

** *******, *** *********** credentials **** **** *** but *** ***** ********** like ********* *********, **** of ********** ****, **********, and ****** ** *** data ******* **** ** the *****. ** *** sections **** ******, ** examine ***** ********** ** depth.

Contactless *********** ********* ** ******

*** ** *** ******* differences ** *********** *********** is *** ****** ** the **** ** ********, typically ********** ** *** manufacturer. ******* ** *****-******** of *********** *********** *** ******* ********* ** ******** ** *** ****** *** *** *************.

*** ********

***** *** ****** ***** migrating **** **** '*********' credentials ** *** ***** 1990's, HID ****** ****** *********** **** its *** *** "****" *********. *** **** of **** *****, *** *** ****** the **** ****** ******** market ********** ********, *** OEM ** ******** *** access ****** ********* *****, Honeywell, *** *******. *** company's ****-***** ******* *******:

  • "*********": ** ***** *** *** ******, *** ***** ********* used *** ********* **** in *** *******
  • ******: ** *** ****** specific **.** *** '*********'

*** ** *** **** common ****** *** *********** in *** **. ******* of ********** ****** *****, HID ** **** ** license *** *** ** its ********** ******* ** a ******* ** ********** and ****** *************. **** when ********* ******* '*** 14443 *********' *********, *** strictly ******* "**** *" standards (** **** "*" - ********* ** **** detail *****).

*** ********

******** ******** *************, ******-***** *** ****** a ****** ** '***********' credential ********** **** ** a ****** ** ******* - ********, *******, *** industrial. **** ********** ******** of *** ********* ** credential **************, *** ****** a ******* ** ***** built ** ****, *********:

  • ****** ****: ***'* *** *** ****** ***** ** ***** drafts ** *** *********, but *** ** ****** adopted ** ***'* "*********" lines
  • ******/*******: ** *** *********-***** NXP '*********' ******, **** operating ** **.** *** The '*******' ******* *** introduced ** *** ***** 2000s ** *********** *** format **** '****** *******' credentials. ******* *********** ******* stronger ********** **** ******** higher ********** *****. *** 'Classic' ****** **** ***** scrutiny *** ***** ********** ** snoop *******, *** ******* countered **** ******. ******* these ************ **** **** only ** ***********, *** existing ****** ******* ***** still ** ****, *** new ****** ****** ***** as '******/*******'.

****** ***, ***'* ********** formats *** '*******-****' *** the ********* ********* *** available *** ********** *** for ** ****. *** manufacturers *** *** ***** product ** "**** *" standards. ***'* *********** ** largest ******* *** **, mostly ********** ** *** early (******** ** ~****'*) adoption ** *** ****** formats ****** *** **, but *** *****'* ******* are ***** *** ******* ones **** ** ****** and **** *** ******** access *******.

US ** *** *****

******* ** *** **************'* strength ** **** *** the **** ** *********, MIFARE, *******, *** *** associated *********** *** ******* outside *** **.

*******, *** ******'* ********* markets *** ** *** Americas, ********** ** *** US. ******* *** ********** cost ** ********* ********* credentials *** *******, *** ******* also ******** ******** **** use *** ********** *** formats and *** ***** ** greater *********** ** * result.

125 *** ** **.** ***

*** **********'* ** ********* factors * *** **** in *** ***********. ******* readers *** **** **** credentials ********* ** ******** matching ***********, **** ********* is *** ***** ** consider. ** ** ******* in *** **** ****** ********, ** ********* *** format ** *** *****, credentials *** ****** *** read. *** ***** ***** shows *** ********* ** popular *******:

******* *** ******* ********** between *** *** *** 13.56 *** *********** ** credential ********. ** ** addressed ** ******* **. ****** ****, *** *** ******* do *** ******* ********** and *** ****** ******* or *******. *******, **.** MHz ******* *** ********* (usually *** *** *** or *******) *** ********** data *** **** ** read ** * ****** that ** ************ ***** *** key ** ** **.

Deciphering ********** *****

*** ** *** **** challenging **** *** *********** and *** ***** ***** is ****** *********** ***** credential * ****** ** using. *** ****** ** crowded **** ******** ** options **** ** ********** of ************* *** ***** that *** ****** ** be * ***** ***** card. *** ***** ***** details **** ********* ********** types **** ************ ********* performance *** ******** ***************, yet **** *** **** the **** ** *** untrained ***:

*** *********** *****, *** must **** ***** ********** that *** *** ********* clearly ******* ** ******* labeled ** *** **********:

  • ****** ****: **** ********** *** *** how **** **** *** credential *********, ******* ******* by ** *** ******** for ******* *******. *** example ****** ** *** typical ** *** ******, H10304 ** ***'* ******* 37 ***, *** ** on. *** **** *** to ******* *** ****** used ** * **** is ** ****** * box ***** ** ******** cards (*** ***** ***** 'Card ****** *******'), ** use ** ****** ********** (*****'* ******* ******) ** interpret *** *** *********** output ** * ******** format. ** **** ***** are *** *********, *********** the ********** **** **** by ******** *** ****** used ** *** ****** ******* ********** ******** application, ********* ** *** cardholder *** ****** ************* settings.
  • ******** ****: **** ********* ** NOT ******* ** *** card ** **** *****. This ***** ** *********** is **** ********* ***** on *** ****** *** can ** ******* ***** the **** ****** *********** for ****** ****. ** certain *****, ****** ******* must ** ********** ** accept ******** ******** ***** and **** ***-*** ******* may ***** ********** ***** to *** ******** ******. Without ******* **** ****, credentials *** *** **** to ****.
  • **** **/****** ****** (***/***): ** **** *****, the ** ****** ** embossed ** ******* ** the ****. **** ****** is *** '****** **' that **** * **** to * ******** *****. While ********** ******* *** not ** *****, ********* numbers ***, *** *** same **** ** *** Facility ***** ********** ****** be ****** ***** ** the **** ******. *** image ***** ***** 

*************, *** ***** *****/***** Number *********** ******* ** the **** ** ***** not **** ** *** access ****** ** *** and ** **** ******* to ****** ** *********** the ****** ** *** card ** ******* ** a ******** ***********, *** user, ** ******.

** **** *****, * card ****** ** *********** will '****' ** ******* card *** * ***, but **** ****** ***** may **** ******* ******** days.

*****, *** *** *** cards currently ** ********** ** often *** ********, ******* way ** ****** *** three ****** ** **** information, ** *** * reordering **** ******, ** shown *****:

The ***/*** ***** ********

**** ****** ********* ***'* ****** **** ***'* ****** *********, and ** *** *** ambiguous ************** ** ** ISO ********, **** ***** 'look' *** **** ** most *******. *******, ******* early ******** ** *** standard **** **** *** differentiation, *** *** *** designed ***** '*********' ********* with * ********* ********** structure.

*** *** ****** ** both ******** ** ********** claim '*** ***** **********', *** *** *** entirely ***************. ** ********* this **********, *** ******* 14443 ** ******* ***** '* ***/** *' ** ********* the *** *********. *** default, ***** ****** ****** of ***** ** ******** in **** * & B *****, *** *** encoded **** ** *** card ** ********** ******* the *** ******* *** original ******** **** **** for ************** *********.

** *******, ******* ***** is ** ********* **** in ***** '**** *' standards, **** ***-****, ***-** target ******, *** *** reader ******** ***** ****. However, ******* ******** ************ in *** ** ** from ******* **** * broader ****** ****** ******* use '**** *' ********** common ** ***.

*** *******, **** **** reader ******** *****-*, *** not *****-*, ******* ** practical ***** ** **** not ******* ***'* **.** MHz ****** *******, *** does ******* ***'* **.** MHz ******/******* *******:

** ********, *** ****** readers ******* **** '*' and '*' ***** **** the ***-*** ******** '***' such **** ****** **** of *********** **** **** with ***** *******:

13.56 *** ********* ****************

***** *** '**** * & *' ******** ** ISO ***** ********* ******* from ***** *** ****, it **** *** ****** mean **** *** ******** with **** *****. ******** of *** ***** *** the **** ** **** parts, ********* *** '**** Serial ******'. *** **** access *******, **** ** the ****** ****** **** identifies ****** *****, *** because **** ****** ** not *******, ** **** register ** '*** ********' readers:

  • ***/*** ******: *********** *** ****'* ****** identifier ** ******** ******* it ** *** ****** in *** **** '*********' media. **** ****** *** platforms *** **** **** number ** ****** * user, *** ******* *** the ******** ******** ** assign ******, *********, *** privileges.
  • ******* ****/*****: *******, *** **** ******** of ******* ****** *** card ** ********* *** unreadable ****** ********* ******* are ****. ********** *** access ******* ***** *** credential ****** *** ******* (**: *****, ***** *******) and *** *****-****** ************** (**: **********) **** ******** deployments, *** ****** *** is *** **********.

The *** ********

** ***** ** ********, not *** ********** ******* are *********. *** '**** Serial ******' (******* ** ISO *********) *** **.** MHz ***** *** ***** be **** ********** ** underlying ******, ********** ******, or **********. *** *** may ** ****** ** a ****** ** ** the ******, *** *** full **** *** ** the ********** **** *** be *********.

*** ******* ******* **** only * *** ***** and * ******* ** fewer ***********, ***** *** CSN ** *** ******* ID ** ****** *** to *** **** ** enrollment ** ***** **** as ****** ***** *******. However, *** ****-******** ***** where ****** ******** ********** is ******** ** ******** or **** *********** *** used *** ******** ********** systems, ***** **** ** identify ****** *********** ** often *** ********. ******, the ****'* ********* **** is ******** *******.

Form ******

********** ****** *** *** just ******* ** ***** or ****. ** ** cover ** *** ****** ********** **** ****** Tutorial, *** **** *** method ** ******* * credential *** ******* ********, tokens, ****-***** *****, ** even *******.

*** **** ****** ** the ********** ***** ** an ********* ************* ** overall ********** *** ******* life. *** *******, ***** a ***** *** **** may ** ***** ** print ** ** ***** on *** **** **** a *******, ** *** easily ** **** ** broken ** * ***** environment. * *** ***, while ********** *** ******** a ******* **, ** designed ** ** ******* enough ** ********* *****, harsh *********** *********, *** even ********** ** *****.

*** ***** **** ****** choice ****** ** ******** by *** **** *** *** user's ***********, *** *********, all ***** ********** ***** have ******** **** ****** options ** ****.

System ******

** ***** ** ****** systems, ********** *********/******* ****** most ****** ******. ****** selection **** ******** *** credential ******, *** *** subsequent ****** ** **** must ***** **** **** choice. ** ***** ** 'Access ********** ********' *********, this ****** **** *** generally ******, ******* *** reader ****** ********** ********** communication. ** **** ** the ******** ** ********** with *** ******, *** credential ****** ** * marginal ******, *** **** specify ********** ***** ***** on ********* *** **** of ******** ****** **** technology **********.

*******, **** **** ******** is ****, ******* *** costly ******* **** ********* require *********** ** *********** or ****** *******. ******** from *** ****** ** the ***** *** **** thousands *** ******* *** users, ** ******* *** uncommon.

Comments (10)

**** ***** *** **** vulnerability ******* ** ** manufacturers **** ***** ***'*/****'* of ******* ** ***** that ***** *** **** facility **** *** **** sequentially ****** ****?

*****://***.********.***/*****/*****-********-********-*************-********-*****-************/

**** ** * ********** the *****, *** *** saying **** **** *** facility **** *** * valid ***** ****** ** known, ******** ***** ********* valid ************ ** *** difficult?

*******. **** *** +* to *** **** # and ***'** ** **** to **** ** *** identity ** *** **** (lucky/unlucky) ******** ** **** into **** ******* ****** that *********, ***** ****** the ****** **** *** swiped *** ******* **** from.

****'* ** *********** ********.  In **** **********, ** you *** ***-********** **** orders, ** '**********' ********* being ****?

 

**'* ***** **** **** way (** ** **********), and ** ** ********** wrong *** **. * very *** ********, *** a *-**** *******:

#*- **** ****** ******* Systems **** *** ******* limits ** *** ****** of ******** ***** **** the ***** **** ******** only *, *** ****** only ********** ** ** 8. *** ****** *** number ** ******** ******** codes, *** ******.

#*- *** *** **** experience. *** *** *** badging ***** ** ***** 2 **** ******, **** 1 ** ** **** more **********?

#*- **** ************* **** stockpiles ** ***** **** are **********, *** **** these *********** ******** ****? (Boy ***** * **** to ******* **** ** a ***** *** *** issue **** ** ** clients ** *** ***** they'd *** **!)

*'** **** ****** **** enough ** ******** *** old ****** ******* *******. They ******** *** ****** bits ** **** ******** in *** ******* **** that *** ****** **** read ** ****** * 1 ** * * as *** ****** *** card *** ** *** slot.  **** ***** *****, you ***** *** **** serialized **** *** ******** number (** ********* ****** a *** *****) *** a ***-********** ******** ****** that *** ******** ********.  Each **** ******** **** with * *****-********* ***** that *** ****** ** use ** ******* *** cards **** *** ****** because ***** *** ** way ** ********* *** internal ****** **** *** external ******.  *** *** me **** ***, **** was * **** ** the *** ** ******* a ***** ***** ** cards! :-)  *** ***'* lose **** *****!

* *** ****** *** to ** **** ** use *** ***** ***** approach **** **** **** cards **** ******* * trusted ******** *** ***'* just ** ******.

********* * ******* **** old-fashioned ******* **** *****, but *** **** ****** installations ***** ********* ******* such ** ****** ******* and *** ***** ************ of *** ****** ***'* have.

*'** *** *** *********** in ******* *** *** stupid ********* ** * am *** ** *** access ******* ********. ** company *********** ** **** products *** ** ****** security ********* **** * visit ** **** ** our ******* *** * 2 ***** ********. **** use *  *********** **** combined **** ********* **** scanners ** ********* *******.

** *** ** *** with **** ********** **** I *** *** ******** heading ****** * ********** approach, *** **** ******* and ****** ***. *** example ** * **** common *** **?

**'* *** * ****** question ** *** ***** - *** '********** ********' you *** ***** ** typically ****** *****-****** ****** ******* **************.  **** **** ** our *****.

** ***** ** * trend, *********** ************** ** indeed ******** **** ******. Especially ** *********** ** individualy ***** ** ******* improve, ** ******* **** of * **** ******* to *** ***** ** enter ******** *********** - PINs, *****, **********, *** the **** ******.

***** *****

* ** **** *** to ****** ******* ** all *** ******* *** very *********** ***** ** Trinidad *** ****** ** in ******* ** ***** be ****** *** *** and ****** ** ********** access ******* ********.

* **** ****** *** Keri NXT-3R  ******  **** ** a ***** ***** ********** this ****** "********* **** Between ****** *** **** or ***" ******* ** the **** **** *** distributor *******  ***-* "*** KHz ********** / **.* KHz ******" ** * guess **** ** ** enhanced ********* ****...********* *********** is **** **** *** reader *** " ******* to **** *** *** KHz ***********"...

*******

******

Login to read this IPVM report.
Why do I need to log in?
IPVM conducts unique testing and research funded by member's payments enabling us to offer the most independent, accurate and in-depth information.

Related Reports

Nortek Mobile Access Reader BluePass Examined on Feb 12, 2019
Nortek's Linear access control division claims to make mobile credentials "more secure and easier to use than ever before" with their BluePass...
Proxy Access Control Tested on May 09, 2019
Silicon Valley Access Startup Proxy raised $13.6 Million in May 2019, focusing on mobile physical access control. Beyond the fund raising, Proxy...
OSDP Access Control Guide on Jun 04, 2019
Access control readers and controllers need to communicate. While Wiegand has been the de facto standard for decades, OSDP aims to solve major...
Farpointe Data Conekt Mobile Access Reader Tested on Jun 13, 2019
California based Farpointe Data has been a significant OEM supplier of conventional access readers for years to companies including DMP, RS2, DSX,...
Nortek Blue Pass Mobile Access Reader Tested on Jul 11, 2019
Nortek claims BluePass mobile readers are a 'more secure and easy to use approach to access', but our testing uncovered security problems and...
Mobile Access Control Shootout - Farpointe, HID, Openpath, Nortek, Proxy on Jul 29, 2019
One of the biggest rising trends in access control is using phones as credentials but which offering is best? IPVM has tested five of the...
Mobile Access Control Guide on Aug 28, 2019
One of the biggest trends in access for the last few years has been the marriage of mobile phones and access cards. But how does this...
Fingerprints for Access Control Guide on Sep 09, 2019
Users can lose badges, but they never misplace a finger, right? The most common biometric used in access are fingerprints, and it has become one...
Open Access Controller Guide (Axis, HID, Isonas, Mercury) on Sep 19, 2019
In the access control market, there are many software platforms, but only a few companies that make non-proprietary door controllers. Recently,...
Directory of Access Reader Manufacturers on Nov 27, 2019
Credential Readers are one of the most visible and noticeable parts of access systems, but installers often stick with only the brand they always...

Most Recent Industry Reports

IronYun AI Analytics Tested on Feb 17, 2020
Taiwan startup IronYun has raised tens of millions for its "mission to be the leading Artificial Intelligence, big data video software as a service...
Access Control ADA and Disability Laws Tutorial on Feb 17, 2020
Safe access control is paramount, especially for those with disabilities. Most countries have codes to mandate safe building access for those...
ISC West 2020 Removes China Pavilion, No Plans To Cancel Or Postpone on Feb 17, 2020
ISC West plans to go on next month, amidst concerns over coronavirus. However, the Asia / China Pavilion has been removed, show organizers...
Hanwha Wisenet X Plus PTRZ Tested on Feb 14, 2020
Hanwha has released their PTRZ camera, the Wisenet X Plus XNV-6081Z, claiming the "modular design allows for easy installation". We bought and...
IPVM Conference 2020 on Feb 13, 2020
IPVM is excited to announce our 2020 conference. This is the first and only industry event that will be 100% sponsor-free. Like IPVM online, the...
Bosch Dropping Dahua on Feb 13, 2020
Bosch has confirmed to IPVM that it is in the process of dropping Dahua, over the next year, as both IP camera contract manufacturer and recorder...
BluB0X Alleges Lenel, S2, Software House Are Dinosaurs on Feb 13, 2020
BluB0X is running an ad campaign labeling Lenel, S2, Software House, Honeywell, AMAG and more as dinosaurs: In a follow-up email to IPVM,...
London Live Police Face Recognition Visited on Feb 13, 2020
London police have officially begun using live facial recognition in select areas of the UK capital, sparking significant controversy. IPVM...
Converged vs Dedicated Networks For Surveillance Tutorial on Feb 12, 2020
Use the existing network or deploy a new one? This is a critical choice in designing video surveillance systems. Though 'convergence' was a big...