How to Use Simplified Smartcard Credentialing for a More Scalable Solution

Here’s how the adoption of the open supervised device protocol has helped spur the deployment of high security encryption solutions.

How to Use Simplified Smartcard Credentialing for a More Scalable Solution

Simplified smartcard credentialing and encrypted reader communications are now becoming a reality and a more scalable solution. While a reasonably secure method of providing security badges has existed for years, it was usually too cumbersome to deploy in large enterprise environments.

Today, a handful of manufacturers are offering high security encryption (OSDP, or open supervised device protocol, Secure Channel) solutions that are logistically feasible in configuration and maintenance.

In recent years, many security organizations have warned physical access control teams that not only are magnetic stripe card technologies becoming outdated, but proximity readers as well are not a reliable solution to deploy within new high security endeavors.

An all-too familiar scenario reminds us that anyone using a small homemade transceiver in a backpack or static location can result in rapidly harvesting security credentials and allowing full access to a facility with the copied ID badge, rendering most facilities compromised to surreptitious intrusion.

Knowing this, the physical security industry has anticipated a reasonable, cost-effective and scalable technology to fill this security gap for some time now. While a number of manufacturers created subscription-based key frameworks to provide initial smartcard functionality, they often radiated a sense of proprietary technology, carried a high price tag and took on an unwieldy design — enough so that market adoption of the solution reached only a fraction of its potential.

Mobile Technology, Biometrics Gaining Real Traction

Today’s market sees a culmination of technology factors that promise to break open the watershed moment for physical security credentialing. Mobile technology and biometrics have begun to manifest legitimate options for deployment.

However, many high security customers still steer clear of porous personal smartphone devices having any bridge to their production security environment by way of Bluetooth, near-field communication (NFC) or WiFi. In many cases, having these wireless avenues open to their facilities invites unnoticed breaches.

Regardless, the recent achievements in utilizing fingerprint and facial recognition biometrics within smart devices and single sign-on equipment brings hope to securing access transactions with mobile devices in the coming years.

In the interim, some manufacturers have looked at “re-stacking” how smartcard credentialing can work in a freshly scalable design. The ability to read smartcards via OSDP and/or OSDP Secure Channel (485 encrypted) configuration has become far less problematic.

Previously, it was a fairly difficult endeavor that required technical specialists to deploy an ongoing subscription for guaranteed, unique private encryption keys. For massive multicampus enterprise environments, for example, the hurdle, and often the deal-breaker, was the need to visit each of thousands of card readers to update the configuration through a master programming card.

Upending that activity, new products recently unveiled at the 2017 ASIS Conference in Dallas demonstrated that changing the programming on smartcard readers by publishing firmware updates through the software and the network eliminates the need to address each reader individually.

Alternatively, some manufacturers are looking at mobile technology to allow secure sign-on mobile apps to configure the readers for specific local security managers, allowing them to quickly reconfigure them without needing to burn and ship updated programming cards each time.

For customers with hundreds or thousands of card readers, the labor savings alone is staggering.

Simplification Significant for OSDP Secure Channel

Resistance to market adoption for high security smartcard configurations has often stymied procurement and specification processes with erratic nomenclature subtleties and myriad feature caveats.

The only way to be certain that the correct part numbers, features and firmware are being used is to insist on micro-pilot deployments to ensure all programming kinks and cost overrun surprises are known before full-scale adoption.

Simplification of these sorely needed security features will influence rapid market share for any manufacturers willing and able to turn the process around. It will also draw in most of the nonscientific, OSDP Secure Channel expert customers who have eagerly awaited this evolution in credential technology.

While this simplification has arrived, it remains new and relatively unheralded. Next year will be critical for the no-nonsense OSDP Secure Channel offerings to gain a significant foothold before the mobile device and biometric renaissance arrives.

Word is spreading about this timely solution. Newer code-base access control companies have an advantage both in SDK readiness and their forward-thinking business culture, while older systems will face some challenges porting their firmware and code to handle these features.

With many Fortune 500 customers currently turning over their access control system brands and researching best technology solutions, rapid adoption of simplified OSDP will allow the market leaders to stand out.

About the Author

Contact:

Lance Holloway is Director Vertical Technology for Stanley Security.

Security Is Our Business, Too

For professionals who recommend, buy and install all types of electronic security equipment, a free subscription to Security Sales & Integration is like having a consultant on call. You’ll find an ideal balance of technology and business coverage, with installation tips and techniques for products and updates on how to add sales to your bottom line.

A free subscription to the #1 resource for the residential and commercial security industry will prove to be invaluable. Subscribe today!

Subscribe Today!

Leave a Reply

Your email address will not be published. Required fields are marked *

Get Our Newsletters