Contactless Access Credentials Guide

By: Brian Rhodes, Published on Oct 29, 2018

Contactless credentials are the most common component used in an access control system and while many look alike externally, important differences exist.

Choosing the correct one can be the difference between a secure facility and wasting significant money. Understanding how they operate and what their specifications mean is a big challenge.

** **** ******, ** cover *** ***** ******** needed ** ******* *** right *********** *********** ***** time, *********:

  • *** **. *** ********** Formats
  • *** *** **. **.** MHz ***********
  • ******** *****
  • ******** *****
  • **** **/****** *******
  • *** ****** **. ******
  • **** *******

Credentials ********

***** ***** ********** ******* exist, *** **** ****** choice ** **** '***********' types. ****** **% ** systems *** *********** ***** or **** ***** ** unpowered ******* **** *** excited *** **** **** brought ***** ** * reader ****. **** '******** power' ******* ** ************** ****** ********. *** ******* ** demonstrated *************** ** ************ *********:

** ***** *** ******* principle ** **** ** our ********* ******* ********, ******* *** ****** itself ***** * ***** collected ** *** ****, eventually ******** ****** ** a ****** **** *********** powers * ******** **** transfer ******* *** ***. The ***** ***** ******* typical ******** ********** ** the ****, ***** *** wire ******* ******** ******, the ********* ****** **, and **** **** ********** ICC **** (**********) **** back ******* *** ******* to *** ******:

** *******, *** *********** credentials **** **** *** but *** ***** ********** like ********* *********, **** of ********** ****, **********, and ****** ** *** data ******* **** ** the *****. ** *** sections **** ******, ** examine ***** ********** ** depth.

Contactless *********** ********* ** ******

*** ** *** ******* differences ** *********** *********** is *** ****** ** the **** ** ********, typically ********** ** *** manufacturer. ******* ** *****-******** of *********** *********** *** ******* ********* ** ******** ** *** ****** *** *** *************.

*** ********

***** *** ****** ***** migrating **** **** '*********' credentials ** *** ***** 1990's, HID ****** ****** *********** **** its *** *** "****" *********. *** **** of **** *****, *** *** ****** the **** ****** ******** market ********** ********, *** OEM ** ******** *** access ****** ********* *****, Honeywell, *** *******. *** company's ****-***** ******* *******:

  • "*********": ** ***** *** *** ******, *** ***** ********* used *** ********* **** in *** *******
  • ******: ** *** ****** specific **.** *** '*********'

*** ** *** **** common ****** *** *********** in *** **. ******* of ********** ****** *****, HID ** **** ** license *** *** ** its ********** ******* ** a ******* ** ********** and ****** *************. **** when ********* ******* '*** 14443 *********' *********, *** strictly ******* "**** *" standards (** **** "*" - ********* ** **** detail *****).

*** ********

******** ******** *************, ******-***** *** ****** a ****** ** '***********' credential ********** **** ** a ****** ** ******* - ********, *******, *** industrial. **** ********** ******** of *** ********* ** credential **************, *** ****** a ******* ** ***** built ** ****, *********:

  • ****** ****: ***'* *** *** ****** ***** ** ***** drafts ** *** *********, but *** ** ****** adopted ** ***'* "*********" lines
  • ******/*******: ** *** *********-***** NXP '*********' ******, **** operating ** **.** *** The '*******' ******* *** introduced ** *** ***** 2000s ** *********** *** format **** '****** *******' credentials. ******* *********** ******* stronger ********** **** ******** higher ********** *****. *** 'Classic' ****** **** ***** scrutiny *** ***** ********** ** snoop *******, *** ******* countered **** ******. ******* these ************ **** **** only ** ***********, *** existing ****** ******* ***** still ** ****, *** new ****** ****** ***** as '******/*******'.

****** ***, ***'* ********** formats *** '*******-****' *** the ********* ********* *** available *** ********** *** for ** ****. *** manufacturers *** *** ***** product ** "**** *" standards. ***'* *********** ** largest ******* *** **, mostly ********** ** *** early (******** ** ~****'*) adoption ** *** ****** formats ****** *** **, but *** *****'* ******* are ***** *** ******* ones **** ** ****** and **** *** ******** access *******.

US ** *** *****

******* ** *** **************'* strength ** **** *** the **** ** *********, MIFARE, *******, *** *** associated *********** *** ******* outside *** **.

*******, *** ******'* ********* markets *** ** *** Americas, ********** ** *** US. ******* *** ********** cost ** ********* ********* credentials *** *******, *** ******* also ******** ******** **** use *** ********** *** formats and *** ***** ** greater *********** ** * result.

125 *** ** **.** ***

*** **********'* ** ********* factors * *** **** in *** ***********. ******* readers *** **** **** credentials ********* ** ******** matching ***********, **** ********* is *** ***** ** consider. ** ** ******* in *** **** ****** ********, ** ********* *** format ** *** *****, credentials *** ****** *** read. *** ***** ***** shows *** ********* ** popular *******:

******* *** ******* ********** between *** *** *** 13.56 *** *********** ** credential ********. ** ** addressed ** ******* **. ****** ****, *** *** ******* do *** ******* ********** and *** ****** ******* or *******. *******, **.** MHz ******* *** ********* (usually *** *** *** or *******) *** ********** data *** **** ** read ** * ****** that ** ************ ***** *** key ** ** **.

Deciphering ********** *****

*** ** *** **** challenging **** *** *********** and *** ***** ***** is ****** *********** ***** credential * ****** ** using. *** ****** ** crowded **** ******** ** options **** ** ********** of ************* *** ***** that *** ****** ** be * ***** ***** card. *** ***** ***** details **** ********* ********** types **** ************ ********* performance *** ******** ***************, yet **** *** **** the **** ** *** untrained ***:

*** *********** *****, *** must **** ***** ********** that *** *** ********* clearly ******* ** ******* labeled ** *** **********:

  • ****** ****: **** ********** *** *** how **** **** *** credential *********, ******* ******* by ** *** ******** for ******* *******. *** example ****** ** *** typical ** *** ******, H10304 ** ***'* ******* 37 ***, *** ** on. *** **** *** to ******* *** ****** used ** * **** is ** ****** * box ***** ** ******** cards (*** ***** ***** 'Card ****** *******'), ** use ** ****** ********** (*****'* ******* ******) ** interpret *** *** *********** output ** * ******** format. ** **** ***** are *** *********, *********** the ********** **** **** by ******** *** ****** used ** *** ****** ******* ********** ******** application, ********* ** *** cardholder *** ****** ************* settings.
  • ******** ****: **** ********* ** NOT ******* ** *** card ** **** *****. This ***** ** *********** is **** ********* ***** on *** ****** *** can ** ******* ***** the **** ****** *********** for ****** ****. ** certain *****, ****** ******* must ** ********** ** accept ******** ******** ***** and **** ***-*** ******* may ***** ********** ***** to *** ******** ******. Without ******* **** ****, credentials *** *** **** to ****.
  • **** **/****** ****** (***/***): ** **** *****, the ** ****** ** embossed ** ******* ** the ****. **** ****** is *** '****** **' that **** * **** to * ******** *****. While ********** ******* *** not ** *****, ********* numbers ***, *** *** same **** ** *** Facility ***** ********** ****** be ****** ***** ** the **** ******. *** image ***** ***** 

*************, *** ***** *****/***** Number *********** ******* ** the **** ** ***** not **** ** *** access ****** ** *** and ** **** ******* to ****** ** *********** the ****** ** *** card ** ******* ** a ******** ***********, *** user, ** ******.

** **** *****, * card ****** ** *********** will '****' ** ******* card *** * ***, but **** ****** ***** may **** ******* ******** days.

*****, *** *** *** cards currently ** ********** ** often *** ********, ******* way ** ****** *** three ****** ** **** information, ** *** * reordering **** ******, ** shown *****:

The ***/*** ***** ********

**** ****** ********* ***'* ****** **** ***'* ****** *********, and ** *** *** ambiguous ************** ** ** ISO ********, **** ***** 'look' *** **** ** most *******. *******, ******* early ******** ** *** standard **** **** *** differentiation, *** *** *** designed ***** '*********' ********* with * ********* ********** structure.

*** *** ****** ** both ******** ** ********** claim '*** ***** **********', *** *** *** entirely ***************. ** ********* this **********, *** ******* 14443 ** ******* ***** '* ***/** *' ** ********* the *** *********. *** default, ***** ****** ****** of ***** ** ******** in **** * & B *****, *** *** encoded **** ** *** card ** ********** ******* the *** ******* *** original ******** **** **** for ************** *********.

** *******, ******* ***** is ** ********* **** in ***** '**** *' standards, **** ***-****, ***-** target ******, *** *** reader ******** ***** ****. However, ******* ******** ************ in *** ** ** from ******* **** * broader ****** ****** ******* use '**** *' ********** common ** ***.

*** *******, **** **** reader ******** *****-*, *** not *****-*, ******* ** practical ***** ** **** not ******* ***'* **.** MHz ****** *******, *** does ******* ***'* **.** MHz ******/******* *******:

** ********, *** ****** readers ******* **** '*' and '*' ***** **** the ***-*** ******** '***' such **** ****** **** of *********** **** **** with ***** *******:

13.56 *** ********* ****************

***** *** '**** * & *' ******** ** ISO ***** ********* ******* from ***** *** ****, it **** *** ****** mean **** *** ******** with **** *****. ******** of *** ***** *** the **** ** **** parts, ********* *** '**** Serial ******'. *** **** access *******, **** ** the ****** ****** **** identifies ****** *****, *** because **** ****** ** not *******, ** **** register ** '*** ********' readers:

  • ***/*** ******: *********** *** ****'* ****** identifier ** ******** ******* it ** *** ****** in *** **** '*********' media. **** ****** *** platforms *** **** **** number ** ****** * user, *** ******* *** the ******** ******** ** assign ******, *********, *** privileges.
  • ******* ****/*****: *******, *** **** ******** of ******* ****** *** card ** ********* *** unreadable ****** ********* ******* are ****. ********** *** access ******* ***** *** credential ****** *** ******* (**: *****, ***** *******) and *** *****-****** ************** (**: **********) **** ******** deployments, *** ****** *** is *** **********.

The *** ********

** ***** ** ********, not *** ********** ******* are *********. *** '**** Serial ******' (******* ** ISO *********) *** **.** MHz ***** *** ***** be **** ********** ** underlying ******, ********** ******, or **********. *** *** may ** ****** ** a ****** ** ** the ******, *** *** full **** *** ** the ********** **** *** be *********.

*** ******* ******* **** only * *** ***** and * ******* ** fewer ***********, ***** *** CSN ** *** ******* ID ** ****** *** to *** **** ** enrollment ** ***** **** as ****** ***** *******. However, *** ****-******** ***** where ****** ******** ********** is ******** ** ******** or **** *********** *** used *** ******** ********** systems, ***** **** ** identify ****** *********** ** often *** ********. ******, the ****'* ********* **** is ******** *******.

Form ******

********** ****** *** *** just ******* ** ***** or ****. ** ** cover ** *** ****** ********** **** ****** Tutorial, *** **** *** method ** ******* * credential *** ******* ********, tokens, ****-***** *****, ** even *******.

*** **** ****** ** the ********** ***** ** an ********* ************* ** overall ********** *** ******* life. *** *******, ***** a ***** *** **** may ** ***** ** print ** ** ***** on *** **** **** a *******, ** *** easily ** **** ** broken ** * ***** environment. * *** ***, while ********** *** ******** a ******* **, ** designed ** ** ******* enough ** ********* *****, harsh *********** *********, *** even ********** ** *****.

*** ***** **** ****** choice ****** ** ******** by *** **** *** *** user's ***********, *** *********, all ***** ********** ***** have ******** **** ****** options ** ****.

System ******

** ***** ** ****** systems, ********** *********/******* ****** most ****** ******. ****** selection **** ******** *** credential ******, *** *** subsequent ****** ** **** must ***** **** **** choice. ** ***** ** 'Access ********** ********' *********, this ****** **** *** generally ******, ******* *** reader ****** ********** ********** communication. ** **** ** the ******** ** ********** with *** ******, *** credential ****** ** * marginal ******, *** **** specify ********** ***** ***** on ********* *** **** of ******** ****** **** technology **********.

*******, **** **** ******** is ****, ******* *** costly ******* **** ********* require *********** ** *********** or ****** *******. ******** from *** ****** ** the ***** *** **** thousands *** ******* *** users, ** ******* *** uncommon.

Comments (10)

**** ***** *** **** vulnerability ******* ** ** manufacturers **** ***** ***'*/****'* of ******* ** ***** that ***** *** **** facility **** *** **** sequentially ****** ****?

*****://***.********.***/*****/*****-********-********-*************-********-*****-************/

**** ** * ********** the *****, *** *** saying **** **** *** facility **** *** * valid ***** ****** ** known, ******** ***** ********* valid ************ ** *** difficult?

*******. **** *** +* to *** **** # and ***'** ** **** to **** ** *** identity ** *** **** (lucky/unlucky) ******** ** **** into **** ******* ****** that *********, ***** ****** the ****** **** *** swiped *** ******* **** from.

****'* ** *********** ********.  In **** **********, ** you *** ***-********** **** orders, ** '**********' ********* being ****?

 

**'* ***** **** **** way (** ** **********), and ** ** ********** wrong *** **. * very *** ********, *** a *-**** *******:

#*- **** ****** ******* Systems **** *** ******* limits ** *** ****** of ******** ***** **** the ***** **** ******** only *, *** ****** only ********** ** ** 8. *** ****** *** number ** ******** ******** codes, *** ******.

#*- *** *** **** experience. *** *** *** badging ***** ** ***** 2 **** ******, **** 1 ** ** **** more **********?

#*- **** ************* **** stockpiles ** ***** **** are **********, *** **** these *********** ******** ****? (Boy ***** * **** to ******* **** ** a ***** *** *** issue **** ** ** clients ** *** ***** they'd *** **!)

*'** **** ****** **** enough ** ******** *** old ****** ******* *******. They ******** *** ****** bits ** **** ******** in *** ******* **** that *** ****** **** read ** ****** * 1 ** * * as *** ****** *** card *** ** *** slot.  **** ***** *****, you ***** *** **** serialized **** *** ******** number (** ********* ****** a *** *****) *** a ***-********** ******** ****** that *** ******** ********.  Each **** ******** **** with * *****-********* ***** that *** ****** ** use ** ******* *** cards **** *** ****** because ***** *** ** way ** ********* *** internal ****** **** *** external ******.  *** *** me **** ***, **** was * **** ** the *** ** ******* a ***** ***** ** cards! :-)  *** ***'* lose **** *****!

* *** ****** *** to ** **** ** use *** ***** ***** approach **** **** **** cards **** ******* * trusted ******** *** ***'* just ** ******.

********* * ******* **** old-fashioned ******* **** *****, but *** **** ****** installations ***** ********* ******* such ** ****** ******* and *** ***** ************ of *** ****** ***'* have.

*'** *** *** *********** in ******* *** *** stupid ********* ** * am *** ** *** access ******* ********. ** company *********** ** **** products *** ** ****** security ********* **** * visit ** **** ** our ******* *** * 2 ***** ********. **** use *  *********** **** combined **** ********* **** scanners ** ********* *******.

** *** ** *** with **** ********** **** I *** *** ******** heading ****** * ********** approach, *** **** ******* and ****** ***. *** example ** * **** common *** **?

**'* *** * ****** question ** *** ***** - *** '********** ********' you *** ***** ** typically ****** *****-****** ****** ******* **************.  **** **** ** our *****.

** ***** ** * trend, *********** ************** ** indeed ******** **** ******. Especially ** *********** ** individualy ***** ** ******* improve, ** ******* **** of * **** ******* to *** ***** ** enter ******** *********** - PINs, *****, **********, *** the **** ******.

***** *****

* ** **** *** to ****** ******* ** all *** ******* *** very *********** ***** ** Trinidad *** ****** ** in ******* ** ***** be ****** *** *** and ****** ** ********** access ******* ********.

* **** ****** *** Keri NXT-3R  ******  **** ** a ***** ***** ********** this ****** "********* **** Between ****** *** **** or ***" ******* ** the **** **** *** distributor *******  ***-* "*** KHz ********** / **.* KHz ******" ** * guess **** ** ** enhanced ********* ****...********* *********** is **** **** *** reader *** " ******* to **** *** *** KHz ***********"...

*******

******

Login to read this IPVM report.
Why do I need to log in?
IPVM conducts unique testing and research funded by member's payments enabling us to offer the most independent, accurate and in-depth information.

Related Reports

HID Releases Lower-Cost Signo Readers on Mar 06, 2020
HID Global is releasing a new line of readers called Signo they claim read farther, are mobile-ready, and automatically adjust for better reads on...
Vulnerability Directory For Access Credentials on Feb 20, 2020
Knowing which access credentials are insecure can be difficult to see, especially because most look and feel the same. Even insecure 125 kHz...
Access Credential Form Factor Tutorial on Feb 10, 2020
Deciding which access control credential to use and distribute, including form factor, can be a difficult task. Knowing the limitations and...
Directory of Access Reader Manufacturers on Nov 27, 2019
Credential Readers are one of the most visible and noticeable parts of access systems, but installers often stick with only the brand they always...
Fingerprints for Access Control Guide on Sep 09, 2019
Users can lose badges, but they never misplace a finger, right? The most common biometric used in access are fingerprints, and it has become one...
Mobile Access Control Guide on Aug 28, 2019
One of the biggest trends in access for the last few years has been the marriage of mobile phones and access cards. But how does this...
Mobile Access Control Shootout - Farpointe, HID, Openpath, Nortek, Proxy on Jul 29, 2019
One of the biggest rising trends in access control is using phones as credentials but which offering is best? IPVM has tested five of the...
Nortek Blue Pass Mobile Access Reader Tested on Jul 11, 2019
Nortek claims BluePass mobile readers are a 'more secure and easy to use approach to access', but our testing uncovered security problems and...
HID Mobile Tested on Jun 21, 2019
HID Global is one of the largest access brands, but their mobile access has had challenges. Indeed, the company has already restructured their...
Farpointe Data Conekt Mobile Access Reader Tested on Jun 13, 2019
California based Farpointe Data has been a significant OEM supplier of conventional access readers for years to companies including DMP, RS2, DSX,...

Most Recent Industry Reports

USA's Feevr Thermal Temperature System Examined on Mar 31, 2020
This US company has burst on to the scene, brashly naming itself 'feevr' and branding itself as a "COVID 19 - AI BASED NON CONTACT THERMAL...
JCI Coronavirus Cuts on Mar 31, 2020
JCI has made coronavirus cuts, the company told employees in an email that IPVM has reviewed. Inside this note, we examine the cuts made, the...
Add Door Operators To Fight Coronavirus on Mar 31, 2020
IPVM recommends that integrators advocate and end-users consider adding door operators to fight the spread of coronavirus. This delivers...
Video Surveillance Business 101 on Mar 30, 2020
This report explains the fundamental elements of the video surveillance business for those new to the industry. This is part of our Video...
FDA Gives Guidance on 'Coronavirus' Thermal Fever Detection Systems on Mar 30, 2020
The US FDA has given IPVM guidance on the use of thermal fever detection systems being marketed for coronavirus, as an explosion of such devices...
Worsen: Integrators Hit Even Harder By Coronavirus on Mar 30, 2020
Integrator's problems have worsened over the past 2 weeks, according to new IPVM survey results. Inside this report, we share statistics and...
Pivot3 Mass Layoffs on Mar 27, 2020
Pivot3 has conducted mass layoffs, the culmination of grand hopes, a quarter of a billion dollars in VC funding, and multiple failures to gain...
Athena CEO Criticizes 'Deplorable' 'Nitpicking', IPVM Refutes on Mar 27, 2020
UPDATE: NBC News Report Cites IPVM On Coronavirus 'Fever Detection' Cameras Athena Security's CEO Lisa Falzone has strongly objected to IPVM's...
Hikvision Admits Sanctions Harming Its Financial Performance on Mar 27, 2020
While Hikvision initially downplayed being sanctioned for human rights abuses, the company is now admitting a significant impact in a new PRC...