The university model is most probably the best implementation example of smartcard-based multi-application.
Key drivers and benefits for a university to deploy identity solutions are often:
Identification/authentication - student ID, physical access control, PC logon, Internet/intranet access.
Retail services - payment to vending machines, meal quota, discount rights, tuition fees, copy and printing, transportation.
Automation of core processes - registration renewal, exam enrolment, attendance monitoring, tuition fees payment, library management, e-management of academic tasks (exams results publishing, push information).
From a technology point of view the closest competitor to smartcards is magnetic stripe, however the magnetic stripe technology falls short in providing answers to the following challenges:
* Universities are naturally prone to fraud given its educated and fast moving population, hence they are in need for high level security.
* Though universities want to start with identity and authentication solutions, they usually tend to widen the scope to other applications like payment, involving often other business players.
* The diversity of applications requires larger memory to host more data. Applications need also to be managed separately by the card.
* Standalone terminals in use on campuses and requirements for off-line transactions require on-board card strong authentication and secure authorisation capabilities.
* The need to authenticate to the university's IT infrastructure positions the card as one of the two communication ends, both need to be microprocessor based.
To be adopted, solutions need to be secure, simple and convenient; hence the smartcard-based university ID design needs to consider the ranking of user preferences in order to optimise the adoption process.
These implementations included two-factor and mutual authentications, e-purse management, and other dedicated applications as per the requirements of the universities. Gemalto has delivered many identity projects related to electronic documents whether national e-IDs or e-passports, hence monitoring the security at all levels:
* Logical security by providing key management solutions, high-level certifications such as EAL and FIPS.
* Visual security by providing security printing features, making the card verifiable visually.
Below, a selection of few delivered projects showing a high plan description to avoid disclosing the security methodologies used by the customers.
This is a national project involving 65 universities; smartcards are issued to students and staff. The project was initiated in 2004 and so far over 100s of thousands of contact and contactless cards have been delivered along with associated software products and services, as part of the Gemalto SafesITe offering.
The University of Ilmenau in 2005 wanted to implement a stronger security ID card; the project delivered from our SafesITe offer features personal secure devices such as smartcards with proximity capability, USB readers and related software and services. This e-ID is meant for students and staff.
This student card project is operated by universities and offers identification and authentication functionalities along with payment application. Some specific features to the customer have been added in order to automate core processes. The solution is based also on the SafesITe package and allowed the universities to reduce the operating costs. Tens of thousands of users benefited from the services offered by this solution.
Over 50 000 students are using a smartcard ID card with strong mutual and two-factor authentication based on Gemalto SafesITe offering, main applications are logical and physical access control.
|Tel:||+27 87 940 9322|
|Fax:||086 551 4422|
|Articles:||More information and articles about G2 Security|
© Technews Publishing (Pty) Ltd | All Rights Reserved