printer friendly version

Smartcards

Smartcards provide a convergence link between physical and IT security.

When companies let partners, customers and suppliers connect to their networks, they open themselves to illegitimate access and identity theft. Besides outsiders, employees can also access the network and physical access control system more easily. Therefore, such organisations require an identity authorisation solution that lessens any chances for fraud and unauthorised access. Simple single-factor credentials will not do.

Versus standard credentials, smartcards provide multiple applications on a single card, including employee identification and authentication, physical security, building security, storage of biometric information, secure access to the Internet and secure transactions over the Internet.

Administrative applications, such as property management, storage of medical records, electronic purses, tracking cafeteria purchases, and a multitude of uses, are possible, while still performing all the major uses of the earlier-mentioned items. More importantly, this data can be safely stored with smartcards.

Smartcards provide enhanced security

Using single-factor authentication, such as user ID, for IT or physical access control systems access creates significant security risks. They are written down on desk pads, sticky notes put on the monitor screen, scraps of paper kept in the wallet or written on the back of the ID card. They are even sent over the Internet. A card-only user ID can be easily compromised, and storing such data on corporate networks introduces additional vulnerability to attackers who gain network access or insider fraud.

Strong authentication requires the use of two or three factors. Smartcards work with other authentication techniques by storing some combination of password files, public key infrastructure certificates, one-time password seed files or biometric image templates on a single card. Authentication should require something you have, the smartcard; something you know, a personal identification number or password; and something you are, a unique physical characteristic or biometric identifier.

Lastly, but very importantly, smartcards are the most secure solution in access control. They use cryptography, encryption and the internal computing power of smart chips to provide the most secure access control card solution possible. They are the convergence link between IT and physical access control.

Andy Bulkley is GE Security's manager of Hardware for Engineered Systems.

Share this article:

Further reading: