26-Bit Wiegand Format & Work

26-Bit Wiegand Format & Work? 

The name “Wiegand” comes from its creator, the German-born engineer, John R. Wiegand, who in the 1970’s discovered that wires made of a cobalt, iron and vanadium alloy will switch polarity when run through strong magnetic fields. Placing a sensor coil nearby will be capable of picking up the change in polarity as a high-voltage pulse, and then translate that pulse into data. He used these discoveries to create what became known as Wiegand wires and Wiegand cards.

A Wiegand card uses two short wires, which store data magnetically in the card; these two wires are known as Data low, or Data0 and Data high, or Data1. When the card is pulled through the reader, the wires transmit the either high or low voltage signal as 1 and 0’s, respectively, creating a binary data line for authenticating the swipe card’s credentials. (There actually is a third wire, as well, providing common ground).

There are a few different variations of the Wiegand protocol in existence, but the original is the most common, known as the 26-bit Wiegand format, or often just the 26-bit format. This is a very common open format, meaning that virtually anyone can buy compatible cards and readers and program them to work using the 26-bit Format. It uses one parity bit, followed by 8 bits of facility code, 16 bits of ID code, and another trailing parity bit, for a total of 26 bits. This was the standard for a long time and remains in use in many systems, though a variety of different extensions have now been built off it.

Card readers and other components of access control systems need to speak a common language to function and work properly. Like most other forms of technology, access control systems use a binary number system to communicate. One of the most common formats for access systems is the 26-bit Wiegand format. It was first developed over 50 years ago, and because it’s so simple and accessible, it’s still used today.

What is the 26 bit Wiegand format, how does it work, and where is it used? Learn more below. 

What is 26-Bit Wiegand Format? 

The 26-bit Wiegand format is a format for binary encoded data used mainly on access control devices. It’s an extremely common open format, and most access control systems are automatically designed to be able to read 26-bit Wiegand. Because it’s an open format, anybody can buy and use cards in this format, and it is possible for duplicate cards to exist.

Although various companies make access control systems, one of the most popular brands is HID. The brand is so popular that people often refer to any access control system as an HID system. However, various brands and manufacturers make 26-bit Wiegand format access cards, not just HID. If you buy or use any basic access system, it’s highly likely that the system runs using the 26-bit Wiegand format.

Key Features of the 26-Bit Wiegand Format

1. 26-Bit Data: The format consists of 26 bits, divided into three parts: 8 bits for the facility code, 16 bits for the card number, and 2 bits for parity.
2. Facility Code: The first 8 bits represent the facility code, which identifies the site or organization.
3. Card Number: The next 16 bits represent the card number, which is unique to each cardholder.
4. Parity Bits: The last 2 bits are parity bits, used for error detection.
5. Even/Odd Parity: The parity bits use even/odd parity, where the first parity bit is the even parity of the first 12 bits, and the second parity bit is the odd parity of the last 12 bits.

This format is an industry standard known as H10301. The term “bit” refers to the numbers in the code, so each code consists of 26 numbers. Wiegand refers to the Wiegand protocol, which is the name for the wiring standard. It’s named after John R. Wiegand, whose discoveries in the 1970s laid the basis for the standard 26 bit format. 

The first and last numbers in the 26-bit Wiegand format are beginning and ending bits known as parity bits. They are not part of the unique identification laid out in the code. Bits two through nine make up the facility code. The facility code consists of eight bits. Bits 10 through 25 make up the ID number. The ID number consists of 16 bits. 

Here is how the code in 26-bit Wiegand appears when P stands for parity bit, F stands for facility code bit, and I stands for ID number bit: 

PFFFFFFFFIIIIIIIIIIIIIIIIP

The 26-bit Wiegand format allows for 256 possible facility codes and 65,535 possible ID numbers. When combining both unique identifiers, this allows for 16,711,425 unique access cards.

The 26-bit Wiegand format consists of a sequence of 26 bits, divided into three main parts:

·        Facility Code (FC): The first 8 bits (bits 1-8) represent the facility code, which identifies the specific facility or organization issuing the card.

·        Card Number (CN): The next 16 bits (bits 9-24) represent the card number, which is unique to each cardholder.

·        Parity Bit (PB): The last 2 bits (bits 25-26) are parity bits, used for error detection.

Rather than being written out with numbers or letters as in the example above, the code is represented in an access card or other access device with a series of wires. We’ll explain more about how that works below.

How Does 26-Bit Wiegand Format Work? 

Back in the 1970s, Weigand discovered that cobalt, iron, and vanadium alloy wires switch polarity when they enter a magnetic field. He also found that sensor coils can pick up the change in polarity. This laid the groundwork for the modern Weigand protocol where access card readers are able to translate and read the code that lies hidden in the wires inside access devices. 

26-bit Wiegand access cards have three wires inside: data low (data0), data high (data1), and a ground wire. Because binary numbers are expressed as 0 or 1, data0 and data1 are used to create those binary numbers that the access control system can read. When the data0 wire transmits a signal, the computer reads it as 0, and when the data1 wire transmits a signal, the computer reads it as 1. The wires are uniquely designed to create a different code for each cardholder.

When a device that’s encoded with the format passes through the field of a card reader, it picks up on the unique sequence of bits contained in the device. Then, it grants access if the facility code and ID number in the device are allowed access. Of course, the system can also deny access if the code in the card or other access device does not match an approved code.

Here's a step-by-step explanation:

1.   Card Swipe: A user swipes their access control card through a reader.

2.   Data Extraction: The reader extracts the 26-bit Wiegand code from the card's magnetic stripe or RFID chip.

3.   Bit Transmission: The reader transmits the 26-bit code, one bit at a time, to the access control panel or secure authentication device.

4.   Bit Representation: Each bit is represented by a specific voltage or signal level, with 0 volts typically representing a binary 0 and 5 volts representing a binary 1.

5.   Data Format: The 26-bit code consists of:

·        Facility Code (8 bits): Identifies the facility or organization issuing the card.

·        Card Number (16 bits): Unique to each cardholder.

·        Parity Bits (2 bits): Used for error detection.

6.   Authentication: The access control panel or secure authentication device verifies the received 26-bit code against stored data, ensuring the facility code, card number, and parity bits match.

7.   Access Decision: If the verification is successful, the device grants access or performs the desired action.

Where Is the 26-Bit Wiegand Format Used?

The 26-bit Wiegand format is most often used in standard access control systems. You’ll find wires corresponding to the 26 bits in access cards, key fobs, fingerprint readers, and other access control devices. 

The data on a standard Wiegand-formatted device is not encrypted. This, of course, presents a vulnerability and is one of the reasons this format has lost some of the popularity it previously held. It’s also possible for duplicate 26-bit Weigand access devices to exist, which is a major concern for industries that highly value security. 

You’ll often find access control systems that use the 26-bit Wiegand format in older buildings because it was once the gold standard. Unless there is a malfunction in the equipment, there isn’t often an immediate need for companies to upgrade to a different format even though the 26-bit Wiegand format is becoming a bit outdated. It still works very well for most use cases. 

However, newer buildings and newer access control systems are beginning to favor different formats, such as Open Supervised Device Protocol (OSDP). This can increase security because it is encrypted. For this reason, you’re also less likely to find 26-bit Wiegand formats in buildings and campuses where security is of utmost importance.

Nonetheless, the 26-bit Wiegand format is still used today for many reasons. It’s easy to use, it’s readily available, and most card reader door locks and access control systems are equipped to read the format. If you purchase or install an access control system and you don’t specify or request a particular format, it’s likely your system uses the 26-bit Wiegand format.

Advantages of the 26-Bit Wiegand Format

1. Wide Compatibility: The 26-bit Wiegand format is widely supported by access control systems and RFID readers.
2. High Security: The use of parity bits and a large data format provides high security against data tampering and unauthorized access.
3. Easy Implementation: The 26-bit Wiegand format is easy to implement and integrate with existing access control systems.
4. Scalability: The 26-bit format provides a large address space, allowing for a high number of unique card numbers and facility codes.

Limitations of the 26-Bit Wiegand Format

1. Limited Data Capacity: The 26-bit Wiegand format has limited data capacity, which can make it difficult to store additional data, such as biometric information.
2. No Encryption: The 26-bit Wiegand format does not provide encryption, which can make it vulnerable to eavesdropping and data interception.

Upcoming Trends in security & surveillance for 2021

Upcoming Trends in Security & Surveillance for 2021 

It’s fair to say 2020 has not been the year any of us were expecting. It has been challenging, we have all made sacrifices, and there are still further obstacles in our path as we try to get back to “normal”. SARS-CoV-2, the coronavirus strain that causes COVID-19, is a highly contagious respiratory illness that is affecting lives worldwide. Epidemics and pandemics have been threatening the human race time and again. SARS, H1N1, Ebola, and more have shown their teeth in the past, but with each such outbreak, we are learning new ways of fighting and managing such unexpected diseases that can potentially kill millions of people. Technology cannot prevent the onset of the pandemics; however, it can help prevent the spread, educate, warn, and empower those on the ground to be aware of the situation, and noticeably lessen the impact. The pandemic of 2020 has certainly changed the landscape for us all, not just the security industry. It has made us a lot more aware of touch points, crowded gatherings and personal space. It is inevitable that technology will adapt as our lives do. We have already seen manufacturers race to bring us solutions such as body temperature management, face mask detection and crowd control etc. It’s time to change. It’s time to get better. It’s time to learn more and sharpen our skills.’

During pandemic Webinar is boom through Zoom. Google meet, Gotowebiner etc in security safety automation industry. System Integrator, End Users, professionals are learn many things through OEM direct Webinar. US already ban China made surveillance product. In india Atmanirbhar Bharat (self-reliant India) is the vision of the Prime Minister of India Narendra Modi of making India a self-reliant nation. The first mention of this came in the form of the 'Atmanirbhar Bharat Abhiyan' or 'Self-Reliant India Mission' during the announcement of the coronavirus pandemic related economic package on 12 May 2020. Known china CCTV OEM are thrown out. Yes, it’s true, India don’t have much infrastructure to generate Camera manufacturing plant, it will take time at list 5 year. Within this time, we can follow BIS website to get information about selected camera / NVR model are china factory make or not. Low cost and high cost both option camera you can found. If you found that model belongs to china factory immediately change with Closest or Alternative Substitute. Now we check what will be next in 2021 for Security Safety & Automation.

OSHA new Policy:

The COVID-19 outbreak has caused almost all firms to deploy the work from home practice for employees. While some may be used to this, others may feel lost in the exercise. While not all Indian are able or fortunate enough to work from home, many have transitioned to telecommuting and virtual work over the last week or two.

While employers’ responsibilities for the safety and health of their at-home workers is less than those in the office or onsite, some do still exist. OSHA distinguishes between home offices and other home workplaces.

OSHA’s compliance directive on home offices is pretty clear:

·     “OSHA will not conduct inspections of employees’ home offices.

·     “OSHA will not hold employers liable for employees’ home offices, and does not expect employers to inspect the home offices of their employees.

·   “If OSHA receives a complaint about a home office, the complainant will be advised of OSHA’s policy. If an employee makes a specific request, OSHA may informally let employers know of complaints about home office conditions, but will not follow-up with the employer or employee.”

What about recording injuries while working at home? If an employee is working at home, when could the injury be considered work-related? OSHA answers the question:

How do I decide if a case is work-related when the employee is working at home? Injuries and illnesses that occur while an employee is working at home, including work in a home office, will be considered work-related if the injury or illness occurs while the employee is performing work for pay or compensation in the home, and the injury or illness is directly related to the performance of work rather than to the general home environment or setting.

Video Intercoms:

One of the newer phenomena we’ve faced in the world has been the concept of physical distancing, brought to light by the global coronavirus pandemic. This has created challenges not only socially, but for technologies that were not designed to accommodate what may be the new norm. Video intercoms are really going to be playing a bigger part in the way facilities are organized and processes are organized. We’re seeing some customers that are using this to limit having to actually go inside a room in a healthcare facility, for example, to limit the chances of transmitting something all while maintaining that frequency of checking. One of the main benefits of door intercoms is, simply put, the ability to limit — or even eliminate — human contact at the door. In this pandemic, an immediate need is providing [the customer with] a way to create physical distancing upon entry. This can also be applied to healthcare workers. Integrators have to understand this greater demand for security at the door and deliver solutions to their customers. Everybody is having food, groceries and other things delivered to their door. Demand for that is very high right now. Additional security at the door or the gate is something people want and need.

Home Over IP:

Amazon, Apple, Google and the Zigbee Alliance announced a new working group that plans to develop and promote the adoption of a new, royalty-free connectivity standard to increase compatibility among smart home products, with security as a fundamental design tenet. Zigbee Alliance board member companies such as IKEA, Legrand, NXP Semiconductors, Resideo, Samsung SmartThings, Schneider Electric, Signify (formerly Philips Lighting), Silicon Labs, Somfy and Wulian are also on board to join the working group and contribute to the project. The goal of the Connected Home over IP project is to simplify development for manufacturers and increase compatibility for consumers. The project is built around a shared belief that smart home devices should be secure, reliable and seamless to use. By building upon IP, the project aims to enable communication across smart home devices, mobile apps and cloud services, and to define a specific set of IP-based networking technologies for device certification.

Video Surveillance:

The global CCTV camera market is anticipated to generate substantial revenue of more than to USD 38 billion till 2021. Asia Pacific and America holds the largest share of the global market and act as one of the main driver for the market. According to “India CCTV Camera Market Outlook, 2021”, the India CCTV Camera market is expected to grow with a CAGR of more than 26 % in the period from 2016 to 2021. Technology wise non-IP dominates the Indian market but in the coming years IP is expected to take the lead soon. Non -IP technology constitutes of analog and HD CCTV cameras. Analog is technology which is in a depleting stage and it share is expected to be taken by the IP technology and the HD type CCTV camera. Dome typed cameras are the most widely used cameras in any sectors. Commercial segment is the driver of the CCTV market in India with the increasing count of SOHO’s and SME’s. With the increasing security concerns, residential sector would also be one of the factors for the increasing market. As criminal activities are more in the northern region of India, North dominates the market in terms of revenue.

Facial Recognition:

Facial recognition is the common theme of the week’s top digital identity news with retail applications, new edge servers, and biometric border control deployments around the world. A new software partnership on biometric cryptography has also been announced, a report shows the importance of selfie biometrics in fraud reduction published, and the industry, as well as society more broadly, continues to contend with the issue of algorithmic bias. Facial recognition solutions identify a person by forming a unique code built on algorithms from multiple points on a person’s face, including nose, chin, lips, eyes and jaw. However, when a person wears a mask, many of these key points are not visible. Faces were often completely missed, and unsuccessful or false identifications were high. Those are know this wearing masks can reduce the accuracy they avoid to take Facial recognition

Video Verification:

The city currently has over 1,000 video surveillance cameras deployed across the metropolitan area and is expected to reach over 1,700 security devices. Now it’s very difficult to watch every moment on comment control center. It’s very important to see what camera saw. Through Video Auditing software the task are easy. Day by day its increase.

Rise of Mobile Credentials:

There has been a tremendous uptick in the popularity of mobile credentials. Research firm IHS Markit has reported that mobile-based credentials are the fastest-growing access control product. Globally they have experienced nearly a 150 percent growth between 2017 and 2018. Estimates show that more than 120 million mobile credentials will be downloaded in 2023 by end users. A 2019 survey by HID estimated that 54% of businesses had upgraded or would upgrade to a mobile access control system in the next three years. Though access cards still play a powerful role in the access control market, we are seeing a strong shift towards mobile access control like various companies. The use of mobile-based credentials is the logical next step for the physical security and access control industry. The fact that people are always with their smartphone helps popularise this trend. Phones aren’t just phones anymore. They play a bigger role in day-to-day life and this also includes access control. Mobile credentials can revolutionise the industry, eliminating the need to carry and wipe a card. Instead, a phone’s technology can be used to authenticate identity and grant entry. This gives greater flexibility, improves privacy and can also lower the maintenance costs of credential management for end users. Additionally, a clear advantage is that employees are more likely to carry their smartphone with them and less likely to lose them compared to NFC transponders.

The advantages of using virtual access control cards, which are stored on smartphones, are obvious: less logistics when distributing, revoking or replacing cards and many more ways to integrate with technology on the phone or other hosts and devices in the network. Often also the user experience of mentioned as a benefit of mobile access: users do not have to fill up their wallets with a pile of RFID cards but can conveniently carry them around in their phone. The networking capacity of smartphones would even be a great way to overcome the limitations of offline access control installations where access rights would be stored on smartphones instead of cards.

Security in the cloud:

After the entrance of IP-networking in security around twenty years ago, it is one of the major current trends in our industry: cloud based security systems. In the context of physical security one could define cloud based systems as those systems with a topology that looks like this:

·       A server that is ‘in the cloud’ and can be accessed from virtually anywhere;

·       Devices that connect over an IP-network to that central server;

·       Web based administration of the system;

·       Commercially based on a service or transaction model with recurring fees.

Variations exist. But in general this pretty much sums up what to expect when reviewing a cloud based system.

We see this set-up currently already in several categories:

·               Video Intercom Systems, like the systems from Akuvox, which are based on video intercom stations that connect to a cloud based server, which also enables use of apps as virtual door phones.

·   Mobile access systems that enable the use of virtual credentials on smartphones. and that are managed from a cloud based server.

·               Video management software now also is offered by several vendors as a cloud service, for example: 3dEYE, Open Eye, and VIVOTEK.

IoT security topologies:

The Internet of Things idea has been around for ages. It was predicted over a decade ago that billions of device will connect to the Internet. Sensors all around us will deliver data to the cloud. Feeding data into ‘big data’ processing applications that will give us access to a wealth of information. Devices also connect the cloud. To be part of applications that can be used and managed from virtually any location. For security it would mean that it very much is related to cloud based security applications. The additional step here would be that camera’s, readers, intercoms, intrusion detection sensors and biometric stations would connect directly to the cloud based service. Installations would be easier and more scalable. Access control systems could be deployed at any door and still be real online access control systems. Video surveillance would be available at any location that would require security monitoring. Security sensors and devices can be rolled out everywhere.

Smartphones and wearables

Using smartphones or other wearable devices in security has been a popular idea for many years. Smartphones and tablets often can be used to access the administration Interface (GUI) of the access control, video management or PSIM systems. That hardly is considered an innovation. Smartphones can also be used as virtual access control and identity cards in mobile acess systems. In addition it appears that also biometrics like facial recognition and fingerprint identification are now available on smartphones. It appears logical that smartphones with their native connectivity features are an interesting extension of security systems.

Mobile credentials enable both multimodal and multi-factor authentication. Multimodal means proving identity and/or gaining access using at least two separate biometrics, or permitting access through any one of various credentials, such as a smartcard or PIN. Multi-factor authentication involves proving identity and/or obtaining access via at least two methods or credentials. Multi-factor authentication is widely used in digital access. For example, when an employee logs onto a company’s system, he or she must use a secondary method to verify identity via a one-time token via SMS or other app. It is also burgeoning in physical access applications. Although two-factor authentication has been mandated in regulated industries, it is emerging in unregulated verticals as well. The development of multimodal readers will continue to fuel this trend.

Believers say that people prefer carrying around their smartphone over additional cards. They refer to the technical possibilities that smartphones offer in areas like user convenience and integration of systems.

Identity analytics and AI

A relatively new field in security is identity analytics. Seeing through identity and security related data in an automated way. To monitor use of access priviliges and consequently alter those access rights. The idea comes from the IT industry and that is where you will see it deployed mostly now. Recent research indicates that this is an emerging market with high anticipated growth potential. It would make sense to include physical security into these applications.

Believers will say that, like with video analytics, many more security related events can be actively monitored, more incidents can be detected and a tighter security regime can be implemented without hindering users unnecessarily.

It remains to be seen what the future will bring exactly. But intelligent security related data analytics certainly will have a place in modern enterprise security management applications.

Centralized Control of Fire Detection:

The principle of networking involves connecting several panels together to form a system. Inputs on one panel may activate outputs on another, for example, or the network may allow monitoring of many systems. Networking is often used in situations where one panel is not large enough, or in multiple-building situations. Networking is also an effective way to decouple systems to reduce the risk of a large portion of a facility going offline at any time due to system failure or maintenance requirements. Sub-Networks can be created using either hardware or software architectures. Networked systems normally are more costly and involve additional training and system configuration for successful implementation.

From this year many customer implement centralised monitoring & controlling of Fire Panel through creating WLAN communication with Graphic software. Due to cost effective graphical monitoring control software only industrial & Enterprise business implement the same. Also it will possible if same brand panel is there in all location.

BMS Workforce:

The growth of IBMS market is observing hindrance due to lack of availability of skilled workforce. The Intelligent building management systems are usually complex and require skilled personals to operate. The cost of training operators to handle complex equipment such as HVAC control, outdoor controls, security and access control, energy management systems and smart meters is quite high. Owing to which, small scale companies cannot afford to invest large capital to train their operators. This factor is likely to affect the growth of the IBMS market in the country.

But due to COVID-19 many OEM & society presence webinar program to educate more. This will be effect in this 2021-22. The region segmentation for the IBMS market has been done by South India, West India, North India, East India. Which include general lighting controls, communication systems, security controls, HVAC controls, access controls, outdoor controls entertainment controls and others. The India IBMS market is segmented by application into: hospitality, residential and retail, life science, office space, manufacturing, and energy and infrastructure. All these segments have also been estimated on the basis of geography in terms of revenue (USD Million).

The goal of building management systems was—and still is—to help optimize building performance by

·       Providing data on core building operational systems, specifically HVAC. 

·       Enabling the automatic control of a building’s main operating functions. 

IoT for buildings has the same goal of performance optimization (and by extension, saving money) through data and automatic control, but advanced technology takes these aspects many steps further than a traditional BMS system can. 

We wish you all the very best for 2021 and we look forward to working with you for many years to come.

Contactless Access Credentials & Egress

Contactless Access Credentials & Egress 

THE business landscape changing so dramatically over the past few months — possibly irrevocably — the task for many in security, including for consultants, integrators, dealers and manufacturers. As businesses and organizations begin to reopen, many are rethinking the way they budget for security, including access control, video surveillance and intrusion Alarm.

It’s amazing that a microscopic virus from China could virtually bring the world to a standstill. The 2020 global pandemic has reshaped the way people work, learn and play on every conceivable level. In addition to the devastating impact on global health and safety, COVID-19 has infected the health of the global economy.

The growing call to return to work will surely accelerate many of the physical (not social) distancing, sterilization and occupancy issues that we are currently facing. Hopefully, modern medicine will rise to the challenge sooner than later with a COVID-19 vaccine, but this may take some time even with accelerated testing and approvals.

Commonly touched items that can cause the spread of coronavirus (and other infectious disease) can include things like elevator buttons, ATM and checkout keypads, door knobs and handles, keyboards and mice, and door/entry access control panels — just to name a few. When you think about all of the “touchable” items that you interact with each day it becomes a daunting task to stay away from them and feel safe, clean and virus-free. Well, it's no surprise that right now, businesses are feeling the need to provide solutions and upgrade their safety and security as the workforce begins to come back to the office or plan for that to happen soon.

Contactless credentials are the most common component used in an access control system and while many look alike externally, important differences exist. “Contactless credentials and touchless access control can help reduce the number of surfaces that people touch on campus and can help reduce contact transmission” said Arindam Bhadra founder SSA Integrate.

Credentials Overview

While other credential options exist, the most common choice is RFID 'contactless' types. Nearly 90% of systems use contactless cards or fobs built as unpowered devices that are excited and read when brought close to a reader unit. This 'wireless power' process is called resonant energy transfer.

In Proximity Reader technology the reader itself emits a field collected by the card, eventually reaching enough of a charge that temporarily powers a wireless data transfer between the two. The image below details typical internal components of the type, where the wire antenna collects energy, the capacitor stores it, and when full discharges ICC chip (credential) data back through the antenna to the reader:

In general, all contactless credentials work this way but the exact parameters like operating frequency, size of credential data, encryption, and format of the data greatly vary in the field. In the sections that follow, we examine these parameters in depth.

Contactless Credentials Dominated by Giants

One of the biggest differences in contactless credentials is the format of the data it contains, typically determined by the manufacturer. Upwards of three-quarters of contactless credentials use formats developed or licensed by HID Global and NXP Semiconductor.

HID Overview

Since the market began migrating away from 'magstripe' credentials in the early 1990's, HID Global gained marketshare with its 125 kHz "Prox" offerings. Now part of ASSA ABLOY, HID has become the most common security market credential provider, and OEM of products for access brands including Lenel, Honeywell, and Siemens. The company's best-known formats include:

·     "Proximity": an older 125 kHz format, but still regularly used and specified even in new systems

·      iClass: an HID Global specific 13.56 MHz 'smartcard'

HID is the most common choice for credentials in the US. Because of commanding market share, HID is able to license the use of its credential formats to a variety of credential and reader manufacturers. Even when marketing general 'ISO 14443 compliant' offerings, HID strictly follows "Part B" standards (vs Part "A" - described in more detail later).

NXP Overview

Formerly Phillips Semiconductor, Europe-based NXP offers a number of 'contactless' credential components used in a number of markets - security, finance, and industrial. With widespread adoption of ISO standards in credential specifications, NXP offers a catalog of types built to spec, including:

·    MIFARE PROX: NXP's 125 kHz format built on early drafts of ISO standards, but not as widely adopted as HID's "Proximity" lines

·  MIFARE/DESFire: an ISO Standards-based NXP 'smartcard' format, also operating on 13.56 MHz the 'DESFire' moniker was introduced in the early 2000s to distinguish the format from 'MIFARE Classic' credentials. DESFire credentials feature stronger encryption that required higher performing chips. The 'Classic' format fell under scrutiny for being vulnerable to snoop attacks, and DESFire countered this threat. Because these improvements were made only to credentials, and existing MIFARE readers could still be used, the new format became known as 'MIFARE/DESFire'.

Unlike HID, NXP's credential formats are 'license-free' and the according standards are available for production use for no cost. NXP manufacturers all ISO 14443 product to "Part A" standards. NXP's market share is largest outside the US, mostly attributed to the early (starting in ~1990's) adoption of HID Global formats inside the US, but the brand's formats are often the primary ones used in Europe and Asia for physical access control.

US vs the World

Because of NXP Semiconductor’s strength in EMEA and the lack of licensing, MIFARE, DESFire, and the associated derivatives are popular outside the US.

However, HID Global's strongest markets are in the Americas, especially in the US. Despite the additional cost of licensing compliant credentials and readers, the company also produces products that use the unlicensed NXP formats and has equal or greater operability as a result.

125 kHz vs 13.56 MHz

The credential's RF frequency factors a key role in its performance. Because readers can only scan credentials operating at specific matching frequencies, this attribute is the first to consider. If frequency and format do not match, credentials are simply not read. The chart below shows the frequency of popular formats:

Perhaps the biggest difference between 125 kHz and 13.56 MHz frequencies is credential security. 125 kHz formats do not support encryption and are easily snooped or spoofed. However, 13.56 MHz formats are encrypted (usually 128 bit AES or greater) and credential data can only be read by a device that is specifically given the key to do so. 

Deciphering Credential Types

One of the most challenging jobs for integrators and end users alike is simply identifying which credential a system is using. The market is crowded with hundreds of options with no guarantees of compatibility for items that all appear to be a blank white card. The image below details four different credential types with dramatically different performance and security characteristics, yet they all look the same to the untrained eye:

For contactless types, you must know three attributes that are not typically clearly printed or overtly labeled on the credential:

·     Format Name: This designates how and how much data the credential transmits, usually defined by an ISO standard for Wiegand formats. For example H10301 is the typical 26 bit format, H10304 is HID's Wiegand 37 bit, and so on. The best way to confirm the format used by a card is to locate a box label of existing cards (See image below 'Card Format Details') to interpret the raw hexadecimal output as a specific format. If card boxes are not available, researching the credential type used by checking the format used in the Access Control Management Software application, typically in the cardholder and reader configuration settings.

·       Facility Code: This attribute is NOT printed on the card in most cases. This piece of information is also typically found on box labels but can be decoded using the same online calculators for format name. In certain cases, access systems must be configured to accept specific facility codes and some low-end systems may limit acceptable codes to one specific number. Without knowing this code, credentials are not sure to work.

·       Card ID/Serial Number (CSN/UID): In many cases, the ID number is embossed or printed on the card. This number is the 'unique ID' that ties a user to a specific badge. While concurrent numbers are not an issue, redundant numbers are, and the same Card ID and Facility Coded credential cannot be issued twice in the same system. The image below shows.

Interestingly, the Sales Order/Batch Number information printed on the card is often not used by the access system at all and is only printed to assist in researching the origin of the card as shipped to a specific distributor, end user, or dealer.

In some cases, a card vendor or distributor will 'read' an unknown card for a fee, but turn around times may take several business days.

Often, the box for cards currently in production is often the quickest, easiest way to gather all three pieces of this information, if not a reordering part number, as shown below:

The ISO/IEC 14443 Division

Very little separates HID's iClass from NXP's MIFARE offerings, and if not for ambiguous interpretation of an ISO standard, they would 'look' the same to most readers. However, because early versions of the standard left room for differentiation, HID and NXP designed their 'compliant' standards with a different encryption structure.

The end result is both versions of credential claim 'ISO 14443 Compliance', but are not entirely interchangeable. To reconcile this difference, ISO revised 14443 to include parts 'A and/or B' to segregate the two offerings. The default, basic serial number of cards is readable in both A & B parts, but any encoded data on the card is unreadable between the two because the original standard left room for implementation ambiguity.

In general, because there is no licensing cost in using 'Part A' standards, many low-cost, non-US target market, and new reader products start here. However, readers marketed specifically in the US or from vendors with a broader global market license use 'Part B' compliance common to HID.

For example, this TSDi reader supports 14443-A, but not 14443-B, meaning in practical terms in does not support HID's 13.56 MHz iClass formats, but does support NXP's 13.56 MHz MIFARE/DESFire formats:

In contrast, HID iClass readers support both 'A' and 'B' along with the non-ISO specific 'CSN' such that either type of credentials will work with these readers:

13.56 MHz Smartcard Interoperability

While the 'Part A & B' division in ISO 14443 separates formats from being the same, it does not always mean they are unusable with each other. Portions of ISO 14443 are the same in both parts, including the 'Card Serial Number'. For some access systems, this is the unique number that identifies unique users, and because this number is not encoded, it will register in 'non-standard' readers:

·    CSN/UID String: Essentially the card's unique identifier is readable because it is not stored in the deep 'encrypted' media. Many simple EAC platforms use only this number to define a user, and instead use the internal database to assign rights, schedules, and privileges.

·    Encoded Read/Write: However, the vast majority of storage within the card is encrypted and unreadable unless compliant readers are used. Especially for access systems using the credential itself for storage (e.g.: Salto, Hotel Systems) and for multi-factor authentication (e.g.: biometrics) high security deployments, the simple CSN is not sufficient.

The CSN Loophole

In terms of security, not all credential details are encrypted. The 'Card Serial Number' (defined by ISO standards) for 13.56 MHz cards can often be read regardless of underlying format, modulation method, or encryption. The CSN may be usable as a unique ID by the system, but the full data set of the credential will not be available.

For smaller systems with only a few doors and a hundred or fewer cardholders, using the CSN as the primary ID is common due to the ease of enrollment in using CSNs as unique badge numbers. However, for high-security sites where access identity encryption is required by standard or when credentials are used for multiple integrated systems, using CSNs to identify issued cardholders is often not approved. Rather, the card's encrypted data is required instead.

Form Factor

Credential shapes are not just limited to cards or fobs. The size and method of hosting a credential can include stickers, tokens, cell-phone cases, or even jewellery.

The form factor of the credential often is an important consideration in overall durability and service life. For example, while a white PVC card may be ideal to print an ID badge on and hang from a lanyard, it can easily be bent or broken in a rough environment. A key fob, while unsuitable for printing a picture on, is designed to be durable enough to withstand abuse, harsh environment exposures, and even submersion in water.

The right form factor choice should be dictated by the user and the user's environment, and generally, all major credential types have numerous form factor options to suit.

Touchless Switches

Touchless wall switch makes opening a door simple and germ free. Blue LED back-lighting highlights the switch at all times, other than during activation. This provides a visual reference of the switch’s location in low light conditions. Its low-profile design makes it blend into your wall.