Many systems integrators, at first glance, tend to think of ID card systems as simply a part of the access control system. In fact, photo identification systems occupy a much broader spectrum in the overall security systems and technology world.
This range includes basic photo identification card systems, card access control systems with tightly integrated ID card badging production features, secure visitor management systems for issuing temporary passes, and, finally, high security identification cards with multiple security features designed to deter counterfeiting (see diagram on page 118 of the September issue).
While many systems integrators are aware of one or more of these market segments, it is the primary goal of this article to provide an introduction and overview to each major ID card category, along with a review of the applications, production methods and business opportunities associated with each one.
Basic Identification Card Systems Include Entity, Data and Photo
The basic ID card normally consists of issuing organization information and logo, identification of the cardholder in the form of demographic data, and a photograph. In some cases, part of this information (employee or membership number) may be encoded into a barcode for automated data capture.
Applications for this type of card include small firms with a need to identify their employees to people outside of the organization or membership clubs that need to identify members internally at the time of service delivery. Applications also include small-scale seasonal attraction operators wishing to issue a more sophisticated seasonal pass than the traditional admittance ticket. Small municipalities, libraries, small colleges/universities, customer loyalty programs and nonprofit organizations are also likely to need a cost-effective, basic photo identification system.
With the addition of a barcode for automated data collection, this type of ID card may also be used to establish basic charge/debit accounts for school lunch programs or identification of cardholders performing inventory or production control processes.
The basic ID card is generally produced one of two ways. First, an ID card is produced at some central location when a user becomes part of the organization, either as an employee or member, and the card is sent to a local unit for photo capture and lamination. While most systems previously used a Polaroid film-based camera that was capable of taking multiple photos per sheet of film, digital cameras using simple docking station-style printers are now the popular method.
Most smaller organizations need to produce both the ID card and photo. This can be easily accomplished with one of many standalone ID card production software products, some of which are available at office supply and computer software outlets.
Integrated ID Cards and Access Control Consolidates Info
Card access control systems were developed around the concept of electronically identifying the cardholder to the access control system through one of several card data encoding technologies. During early system implementations it was common for organizations to issue two separate cards: one to be kept in the wallet for organizational identification and one carried to access electronically controlled access points.
Major organizations using card access control soon realized that the photo ID card, worn by members of the organization while on premises, greatly enhanced the overall security program. Access control manufacturers then began to develop integrated solutions to allow the simultaneous production of the photo ID and access control credential. While early efforts usually involved the loose integration of another manufacturer’s ID system with their own access control product, today’s access control manufacturers’ products almost always include fully integrated and supported image capture and badge production functions.
It is important to note that a tightly integrated system goes beyond simply producing a photo ID and access control card at the same time. The system should be able to obtain cardholder demographic information from an external database, such as a human resources data management system, and return credential information to external data collection systems such as time clocks, production process systems, or internal credit/debit purchasing applications (see diagram on page 122 of the September issue).
In small access control system implementations with only one host/workstation computer, the badging functions are accomplished by attaching some type of video capture device and a printer to that computer. The software should also accept video images from bitmap or jpeg file formats to allow import of images from an external source such as a digital camera, allowing images to be captured at remote locations and transferred to the computer for ID card production.
Larger access control implementations usually consist of several task-specific workstations, one of which is dedicated to cardholder image capture, data entry, badge production, and encoding of magnetic stripe or smart cards.
Obviously, times have changed and visitor management is rapidly becoming a very important part of almost any organization’s overall security management plan.
Although many simple products will allow the production of inexpensive visitor badges, an effective secure visitor management system must ensure that a badge is only produced after a valid screening and verification process takes place. Furthermore, the organization must strictly enforce the program by requiring all visitors wear the badge and all employees challenge anyone not displaying proper identification.
The largest hurdle faced by organizations with heavy visitor traffic is the bottleneck caused by the need to collect visitor demographic data, verify that information, obtain a valid authorization from within the organization, ensure that the visitor is not on a “do not allow” list, and then issue the credential — all this without impeding business operations. The block diagram on page 124 of the September issue depicts a tightly integrated system that is scalable to control a single entry point at one facility to hundreds of entry points scattered across many local and remote facilities.
Preauthorization and registration of expected visitors by one or more authorized employees is normally the first step in this process and actually accomplishes two important tasks: 1) input of visitor information (name, company, address, contact info) and 2) internal authorization.
At this point — depending on the amount of visitor traffic — the visitor may appear directly at the verification, screening, and badge production point or at one of several visitor self check-in terminals. If visitors are preregistered, they simply confirm their information and, while their badges are printing, move on to the screening point where they show valid identification and receive their visitor badges.
Visitors not preregistered enter their demographic information themselves, and then proceed to the screening point where the operator verifies identification, calls for an appropriate authorization and produces their visitor badges. The visitor management software should also be checking internal or external “do not allow” lists during this process.
Organizations with extensive card access control system implementations usually need to grant some basic access privileges to at least some authorized visitors. To accomplish this task, the visitor pass will have to be created on a card with access control features, and the secure visitor management system should be tightly integrated with the card access control system in order to grant temporary access levels.
As with previous applications, the secure visitor management system will normally accept video images from almost any source and should include a function to scan existing photo IDs, such as a driver’s license or passport photo.
Careful consideration must be given to the card production process. In low- to medium-security applications, low-cost inkjet printers can be used to create nonlaminated temporary cards. However, in higher security applications, the visitor pass must be more resistant to tampering or counterfeiting. Thus, a more sophisticated card production process must be used, including lamination or tamper-resistant overlaminates, which, of course, raise the production cost.
Applications for a secure visitor management system include — but are certainly not limited to — schools, government offices, manufacturing facilities, health-care centers, correctional facilities and military bases. Systems integrators should work with current clients to review their security management plan regarding visitor management.
Tampering, Counterfeiting Among High-Security Card Concerns
The proliferation of inexpensive software programs and printers has resulted in the ability for almost anyone to produce an authentic-looking ID badge, representing a real or fictitious organization. While the majority of card access control systems rely on electronically verifying data encoded in the card technology, increased security awareness is placing greater emphasis on visual verification of identity at locations where it would be impractical to control access and identify persons with a card reader.
As with all aspects of security, risk assessment results in selecting a level of protection balanced against cost to implement and reduction of risk. However, systems integrators assisting end users with this process should thoroughly review Homeland Security Presidential Directive (HSPD) 12 and Federal Information Processing Standards Publication (FIPS PUB) 201 for additional guidance in designing a system to meet guidelines applicable to ID cards issued to federal government employees and contractors.
Page 1 of 2 pages 1
Access Control ·
ID cards ·