The old technologies like 125KHz proximity, magnetic stripe, barcode, and CSN (Card Serial Number) readers are best avoided. The customers also want a secure connection to the access control host, so avoid Wiegand, and clock and data. Encryption for card reading and for host communication is vital.
Typical 13.56MHz frequency cards offer additional functions, as well as enhanced read range. Think seriously about the use of smart devices as a credential. In essence, many mobile devices have biometric authentication, and users are more comfortable authenticating themselves to a device they own rather than handing biometric markers over to others.
There are significant differences between 125KHz read-only Proximity and higher frequency technologies like 13.56mHz MIFARE, which has a higher frequency and a smart processor and offers more security. When it comes to all-important issues of cost, 125KHz Proximity to MIFARE is not a massive jump in price. At the same time, MIFARE DESFire is a more significant jump for far higher levels of security and greater operational flexibility.
The prevalence of 125KHz proximity revolves around cost convenience and ignorance. For a minimal extra cost, the users can get a much more secure solution. And users can go for slightly more security or much more, depending on the budget.
When it comes to 13.56MHz MIFARE, user getting a smart card so that you can write data to the device. Even a 1Kb smart card will have with data spread over 16 sectors, each sector able to hold its own application and set of encryption keys. Worth noting is the fact that every MIFARE card has its own unique identifier hard-stamped from the factory.
This gives an encrypted key that must be unlocked in order to discover the code.
It’s a lot more flexible than traditional proximity technology because you can use multiple applications, you can have a sector for base building, a sector for tenancy, a sector for biometrics, a sector for time and attendance, etc.
Most secure of all is DESFire, which, while it’s a type of MIFARE card, is significantly different. A 4k DESfire card has four times the amount of data onboard, so you’re not restricted in card layout to the 16 different fixed-size sectors. Instead, you’re allowed up to 28 applications, and they can vary in size. Any card can have 20 apps, and any app can have 15 files inside, the benefit being a solution that is much more flexible and far more dynamic.
The other difference is that while the encryption algorithm for Mifare Classic has been compromised, DESFire using Triple DES/AES and has not been defeated, so it’s more secure. It’s the only completely secure RF technology and is projected to remain secure until 2030, based on current technological trends. Central to the operation of DESfire access control credentials is the 3-path mutual authentication process.
The key difference between read-only prox and DESFire is that the latter waits for a card to enter the field then sends a request saying “are you a DESFire card,” it says “yes, and here is my CSN,” then the reader asks for a key, the card references the key using a random number, the reader decrypts and sends the de-encrypted number back with another number that’s been encrypted.
The card then responds and says, “yes, you decrypted that properly,” and delivers a decryption of the second number. Once all the handshaking is done, the reader can access the card data, and the door can be opened. There’s more data, so it’s a longer read process (80 milliseconds), and a reduced read range, but the result is far higher security
As well as higher security prox cards, the latest biometric readers are something else to seriously consider. There’s a new generation of fingerprint and face recognition readers coming through, and given they eliminate the ongoing cost of managing huge card libraries, they are well worth considering. We especially like Morpho Wave technology from Idemia pictured top.
Proximity Cards
The 125KHz Proximity Cards mostly use in the Access Control System, and it still uses widely used in the United States compared to other parts of the world.
These are contactless cards which can be read by a system without having to be scanned or entered manually. They are a step ahead of the traditional magnetic swipe card. Proximity cards are embedded with a microchip, which will provide the reader with the identification number, or unique code, that will enable access to an area of a building. These cards communicate a faculty code which conveys the identity of the holder. These are activated by the proxy card reader, which will determine whether the code is, in fact, the right one, which then enables the carrier to pass through. These cards are commonly used for door, car park, and workplace access.
The reading process is enabled by radio frequency fields, which spark just enough energy within the card to allow it to give it’s code to its reader.
The 125KHz proximity technology has been around since 1990. In essence, it’s a physical RFID chip, and when you present it to an EMI field, the antenna inside is excited and responds with a signal that is identified by the reader. There’s a 26-bit format, which comprises of a site/facility code and the card number – site code from 0-255 and card number from 0-65500 – which is 16,702,000 possible permutations. It works well, but in the face of modern computing power, it’s vulnerable technology.
The matters get worse, and installers will often label a customer as Site 1 and then add; Card 1, Card 2, Card 3, Card 4, etc.; so if there’s no deliberate attempt to increase the complexity of a customer’s numerical base, there are many duplications locally and globally.
Further, 125KHz proximity is a read-only technology – there’s little or no encryption. There is certainly a place in the market for this low-security technology, but if you want a system that offers serious protection, then you’re best to move to higher frequency options.
Recent studies found out that the U.S. companies are switching to NFC Contactless MIFARE Cards, and in 4-5 years, the MIFARE 13.56MHz chips demand will be much higher.
MIFARE Cards
MIFARE cards and Proximity cards are both used for access control. These two types of access cards are easy to confuse; however, they are very different, read on to discover their distinguishing features:
MIFARE, or Mikron FARE Collection System, is a brand of RFID chip used in access cards and tags. Because it is tiny and subtle, MIFARE is used in several different products. Includes cards, wristbands, fobs, pet collars, and phones. Basically, MIFARE can help you with pretty much anything.
The MIFARE card and chip is especially useful because of its embedded memory. The card is designed to be completely secure, keeping all data stored on its memory safe. An encryption key is what keeps all of this information out of harm’s way, and it prevents it from being emitted until there is mutual authentication between a MIFARE card and the card reader.
MIFARE cards also use radio frequency identification or RFID.
The real differences between MIFARE Cards and Proximity Cards are:
· Their frequency. Although both cards are RFID, Proximity cards have 125KHz, and MIFARE has 13.56 MHz.
· Their codes. A Proximity card will use a facility code within their configuration, while MIFARE cards come pre-programmed with a serial number. This number is a unique and random formation that doesn’t contain any facility code.
· Their memory. MIFARE cards can store up to 1 kilobyte of data memory, whereas Proximity cards cannot store values.
· Their programming capabilities. MIFARE cards are more sophisticated in their programming potential. They can be programmed with credentials, which add an extra process in the interaction between the reader and the card reader software. You can also enhance a MIFARE card by programming its a memory so that it can be used as cash or a membership card.
It is essential to know these differences when purchasing access cards, mostly because it’s essential for the customer’s card reader to be able to understand the card technology. For MIFARE, you need a reader that can read 13.56 MHz. If your reader is only able to read the 125 kHz required for Proximity cards, you will have a problem. If you want to implement MIFARE cards, it is also necessary to find a reader that can read 32-bit formulas, as this is what a MIFARE card comes loaded with.
Now that you know the exact details and differences between Proximity cards and MIFARE cards, you can make an informed decision that is sure to enhance the security of your business.