HID prox cards are used to provide security for physical and virtual assets of an organization. With the correct use of access control systems, the companies confidential areas can be tightly controlled from unauthorized users.
When implementing an access control system, it is important that the processes set in place facilitate the desired security levels. One of the places in the security process that is vulnerable is the HID prox card. Without proper handling and clear procedures, the card will not provide the security measures needed. For success with these cards, the following recommendations are provided for your review.
1. Make sure that old prox cards are voided immediately. If not voided, an unauthorized person could locate and use the card.
2. Authorize cards upon inital issuance. If cards are pre-validated and spare, the card can be used inappropriately.
3. Investigate situations where access is denied with a non standard denial response. “Card out of range”, “unrecognized,” and other responses indicating incorrect facility codes and formats indicate an illegally obtained card may have been used to attempt access.
4. Use security mechanisms on the card, such as a hologram, to discourage tampering with the card and increasing security levels.
5. Use RFID shield devices when appropriate.
6. Advise card holders to display their badge only when on company property.
The HID iCLASS and MIFARE cards have embedded information inside to activate a door so that the cardholder is able to access the area to complete authorized tasks. The cards are considered contactless smart cards.
The basic process of authorization is almost identical to the process in our How an HID card works blog post. The card is read by the appropriate scanner or reader. The reader transfers the internal binary code to the access controller which interprets the card information in accordance with it’s programming and the database of cardholder information. The controller reviews the length of the data string and the format of the information prior to proceeding further in the sequence. If the format and data string pass, the card is analyzed for facility and site codes. Card numbers are reviewed for access authorization.
In addition to the above processes, an iCLASS and MIFARE card will go through an additional security step. These cards will compare security keys found in both the card and the reader. This process is called mutual authentication. This process happens prior to the forwarding of information from the card reader to the access controller. If the security keys match, the reader activates the process of forwarding the information. If they keys do not match, the reader does not forward the information to the controller as the card is not able to be activated.
For more information about proximity cards or smart card badge holders, contact our id card experts toll free at 888-485-4696.
Proximity cards are contactless integrated circuit cards that are used to access a secure area or network. The increased security of these cards make them imperative in the operations of many organizations with confidential areas and databases of personal information.
Although technology can provide a high level of security. The cards will not, within themselves, provide complete security without proper policies and procedures implemented throughout the organization.
HID corporation recommends implementing the following procedures with the use of prox cards to maximize security and eliminate the possibility of cloning the cards for improper uses.
- Require immediate reporting of lost or stolen cards (so they can be deleted from the system)
- Prohibit sharing or lending of cards
- Encourage employees to shield their cards from public view when not at work (this makes sense from a privacy perspective as well if a name and picture are printed on the card)
- Encourage reporting of suspicious activity at the facility
- Discourage “tailgating” where one employee uses a card to gain access and others follow without using their own cards.
HID also recommends using RFID shielding products to increase the security level of HID cards not in use.
Current Fargo printers that will allow encoding of proximity cards are the Fargo HDP5000, Fargo DTC550 and Fargo DTC400e. For information about cards that can be integrated with identification applications, visit our HID prox card page.