hid proprietary & confidential hid technologies nathan cummings director of product line...

HID Proprietary & Confidential

HIDTechnologies

Nathan CummingsDirector of Product Line Management

HID Corporation03/14/06


Legacy Technologies


Swipe Magstripe

644 230/544

240/584780


Swipe Wiegand


125kHz Prox


New 13.56MHz Technologies


iCLASS


Readers


Multi-Technology Readers and Writers

R10/RW100

R30/RW300

R40/RW400

RK40/RWK400

OEM Modules

OEM100/OEM300

OEM50RWKL550

RWKLB575

Keypads and BiometricsReader/Writers Mifare Reader(/Writer)

6055

OEM150

6074

Exp. Module


iCLASS Evolution Original iCLASS

12-16VDC @ 225ma avg current15693 OnlyFixed TuningTamper MagnetNon-config 57.6kbps max serialNo expansion capabilities

Generation II iCLASS5-16VDC @ <100ma max current15693, 14443A and B compatibilitiesAuto-tuningTamper SwitchConfigurable 115kbps max serialExpansion board upgrades


Other readers

ISO 15693 ONLY.


Part Numbers6100AKN0000

ModelRevisionColorHardware OptionsLED and Beeper ConfigurationSecurityMifare Output


ISO Compliant Technologies Inside

PicoTag / PicoPass (14443A, 14443B, 15693)Since 2001256 or 2kbytes64bit diversified keys

iCLASSBased on Inside with

enhancementsExpanded to include

other technologies

PhilipsMifare (14443A 1-3)

Since 19951 or 4kbyte48bit keys

DESFire (14443A 1-4)Since 20034kbytes3-DESCurrently the only

GSC compliant chip ICODE (15693)

Asset Tracking

TI / GE (15693)Asset tracking and

access control market

Mifare and DESFire are not the same technology and can require different readers!


Non-ISO Compliant Technologies Others

Sony (Felica)Asian transit market (Octopus)4kbytes (only 1.5 available for other

apps)3-DES

LegicEuropean multi-application marketExpensive licensing fees

Cubic (Go Card)US transit market

The US Government will not consider using non-ISO compliant technologies!

iCLASS


iCLASS VS Mifare iCLASS

Since 2001Designed for access

controlMultiple ISO protocols64 bit diversified keysDynamic memoryKey management

optionsISO 7816 based serial

protocolHID has lifetime

warranty on all cards and readers

MifareSince 1994Designed for transitSingle ISO protocol48 bit static keysFixed memoryUser defined key

managementProprietary serial

protocol Quality is

manufacturer dependent


Other Standards Concerns

Things not covered in ISO•Memory Allocation•Keys & Mutual Auth. (no ref. to ISO 9798)•Security Algorithms•Reader Serial Protocol

Other Standards•NIST (National Institute of Standards and Technology)•FIPS (Federal Information Publications)

•FIPS-46 Data Encryption Standard (DES)•FIPS-180 Secure Hash Algorithm (SHA)

•PIV II/GSC-IS •FIPS-201 Interoperability Standard


Cards


Multi-Technology Credentials

iCLASS TagiCLASS KeyiCLASS

embeddableiCLASS/Prox

embeddable iCLASS/Wiegand

Mifare embeddable

Mifare /Prox embeddable

Mifare / Wiegand embeddable

DESFire embeddable

Other 13.56MHz technologies could be used in place of ISO standard technologies.


Part Numbers2002PGGMN

ModelProgrammingFront PackagingBack PackagingInkjetSlot Punch


Memory MappingBlock # Data

0 Card Serial Number1 Configuration Data2 Stored Value Area3 Key 14 Key 25 Application Issuer Data

6789

101112131415161718

19202122232425262728293031

2K/2 Memory

HID Application

Application Area 2

Block # Data0 Card Serial Number1 Configuration Data2 Stored Value Area3 Key 14 Key 25 Application Issuer Data6789

10111213141516171819202122232425262728293031323334353637383940.................

16K/2 Memory

HID Application

Application Area 2

Block # Data0 Card Serial Number1 Configuration Data2 Stored Value Area3 Key 14 Key 25 Application Issuer Data6789

101112131415161718192021222324252627282930310 Card Serial Number1 Configuration Data2 Stored Value Area3 Key 34 Key 45 Application Issuer Data6789

10111213141516171819202122232425

Application Area 3

Application Area 4

Page 1

16K/16 Memory

HID Application

Application Area 2

Page 0

HID App Format Info


Memory Mapping

8 Bytes per block

Card Serial Num.

Cnfg. Block

Store Value Area

Key 1

Key 2

App. Issuer Area

Block

0

1

2

3

4

5


Multi-Technology Credential

13.56 MHz “Contactless Smart”

125 kHz “Proximity”

Magnetic Stripe

Contact Smart Chip

ModulePhoto ID

Anti-Counterfeiting: Hologram, UV Ink, Micro Printing

Optional Polyester

Layers

Optional Wiegand Load (not shown)


Security


Security - Format

• Existing infrastructure can be utilized by encoding current wiegand format into contactless smartcards for access control. • Alternate formats, like Corporate 1000, can be encoded into credentials and still ensure compatibility with the existing access control panels.

Certain formats are designated as proprietary to a specific OEM which may limit their distribution!


Security – Mutual Authentication

• Secure communications between the credential and reader using mutual authentication (iCLASS, Mifare and DESFire) •Random number generation during mutual authentication ensures no two transactions are alike. The transmission cannot be recorded and played back to the reader.

TI, GE , and ICODE (15693) technologies do not use mutual authentication!


Security - iCLASS Key Management

Advanced key management systems to reduce the risk of compromised data or duplicated cards.

• Standard Security•Programmed by HID with any format.•All Standard cards work with all standard readers.

• iCLASS Elite •Programmed by HID with any format and a custom site-specific key.•Only your cards work with your readers.

• Field Programmer •Cards and readers are programmed by you.•Either Standard or Custom key security can be used.

Other key management schemes are possible depending on the selected technology.


Development


Application Development

How else can a contactless smartcard increase employee productivity or improve the workplace experience?

Completely OpenDeveloper defined key

managementFull access to all unused

areas of the credential

Easy to Use ProtocolISO compatible (7816-4)Reduced development timeWorld class support


Flexibility


Proven FlexibilityUnited States Navy

• Deployed since 7/03Pearl Harbor, Hawaii

• SEIWG ContainerGSC-IS 2.1

• US Government Standards

• FIPS/PACS Level 1/2 CompliantLevel 3 under review

• FASC-N Container• DESFire Compatibility

Minimum 32bit (max 200bits) format output is not compatible with most access control panels available today!

Flash Upgradable


DESFire

GSC-ISiCLASS

Mifare

TI / GE

Sony

The Open and Interoperable 13.56MHz TechnologyiCLASS


?Questions

hid proprietary & confidential hid technologies nathan cummings director of product line...

Documents