Personal identification number
A Personal Identification Number, pronounced "pin". The personal identification number has been the key to flourishing the exchange of private data between different data-processing centers in computer networks for financial institutions and enterprises. PINs may be used to authenticate banking systems with cardholders, governments with citizens, enterprises with employees, computers with users, among other uses. In common usage, PINs are used in ATM or POS transactions, secure access control, internet transactions or to log into a restricted website; the PIN originated with the introduction of the ATM in 1967, as an efficient way for banks to dispense cash to their customers. The first ATM system was that of Barclays in London, in 1967. 1972, Lloyds Bank issued the first bank card to feature an information-encoding magnetic strip, using a PIN for security. In 2006, James Goodfellow, the inventor who patented the first personal identification number, was awarded an OBE in the Queen's Birthday Honours.
In the context of a financial transaction both a private "PIN code" and public user identifier is required to authenticate a user to the system. In these situations the user is required to provide a non-confidential user identifier or token and a confidential PIN to gain access to the system. Upon receiving the user ID and PIN, the system looks up the PIN based upon the user ID and compares the looked-up PIN with the received PIN; the user is granted access only when the number entered matches with the number stored in the system. Hence, despite the name, a PIN does not identify the user; the PIN is not printed or embedded on the card but is manually entered by the cardholder during automated teller machine and point of sale transactions, in card not present transactions, such as over the Internet or for phone banking. The international standard for financial services PIN management, ISO 9564-1, allows for PINs from four up to twelve digits, but recommends that for usability reasons the card issuer not assign a PIN longer than six digits.
The inventor of the ATM, John Shepherd-Barron, had at first envisioned a six-digit numeric code, but his wife could only remember four digits, that has become the most used length in many places, although banks in Switzerland and many other countries require a six-digit PIN. There are several main methods of validating PINs; the operations discussed below are performed within a hardware security module. One of the earliest ATM models was the IBM 3624, which used the IBM method to generate what is termed a natural PIN; the natural PIN is generated by encrypting the primary account number, using an encryption key generated for the purpose. This key is sometimes referred to as the PIN generation key; this PIN is directly related to the primary account number. To validate the PIN, the issuing bank regenerates the PIN using the above method, compares this with the entered PIN. Natural PINs cannot be user selectable because they are derived from the PAN. If the card is reissued with a new PAN, a new PIN must be generated.
Natural PINs allow banks to issue PIN reminder letters. To allow user selectable PINs it is possible to store a PIN offset value; the offset is found by subtracting natural PIN from the customer selected PIN using modulo 10. For example, if the natural PIN is 1234, the user wishes to have a PIN of 2345, the offset is 1111; the offset can be stored either in a database at the card issuer. To validate the PIN, the issuing bank calculates the natural PIN as in the above method adds the offset and compares this value to the entered PIN; the VISA method is not VISA-specific. The VISA method generates a PIN verification value. Similar to the offset value, it can be stored on the card's track data, or in a database at the card issuer; this is called the reference PVV. The VISA method takes the rightmost eleven digits of the PAN excluding the checksum value, a PIN validation key index and the required PIN value to make a 64 bit number, the PVKI selects a validation key to encrypt this number. From this encrypted value, the PVV is found.
To validate the PIN, the issuing bank calculates a PVV value from the entered PIN and PAN and compares this value to the reference PVV. If the reference PVV and the calculated PVV match, the correct PIN was entered. Unlike the IBM method, the VISA method doesn't derive a PIN; the PVV value is used to confirm the PIN entered at the terminal, was used to generate the reference PVV. The PIN used to generate a PVV can be randomly generated or user selected or derived using the IBM method. Financial PINs are four-digit numbers in the range 0000–9999, resulting in 10,000 possible combinations. Switzerland issues six-digit PINs by default; some systems set up default PINs and most allow the customer to set up a PIN or to change the default one, on some a change of PIN on first access is mandatory. Customers are advised not to set up a PIN based on their or their spouse's birthdays, on driver license numbers, consecutive or repetitive numbers, or some other schemes; some financial institutions do not give out or permit PINs where all digits are identical, numbers that start with one or more zeroes, or the
EMV is a payment method based upon a technical standard for smart payment cards and for payment terminals and automated teller machines that can accept them. EMV cards are smart cards that store their data on integrated circuits in addition to magnetic stripes; these include cards that must be physically inserted into a reader, as well as contactless cards that can be read over a short distance using near-field communication technology. Payment cards that comply with the EMV standard are called Chip and PIN or Chip and Signature cards, depending on the authentication methods employed by the card issuer. There are standards based on ISO/IEC 7816 for contact cards, standards based on ISO/IEC 14443 for contactless cards. EMV stood for "Europay and Visa", the three companies that created the standard; the standard is now managed by a consortium of financial companies. The most known chips of the EMV standard are VIS – Visa Mastercard chip – Mastercard AEIPS – American Express UICS – China Union Pay J Smart – JCB D-PAS – Discover/Diners Club International.
Rupay – NPCIVisa and Mastercard have developed standards for using EMV cards in devices to support card not present transactions over the telephone and Internet. Mastercard has the Chip Authentication Program for secure e-commerce, its implementation supports a number of modes. Visa has the Dynamic Passcode Authentication scheme, their implementation of CAP using different default values. In February 2010, computer scientists from Cambridge University demonstrated that an implementation of EMV PIN entry is vulnerable to a man-in-the-middle attack but only implementations where the PIN was validated offline were vulnerable; until the introduction of Chip & PIN, all face-to-face credit or debit card transactions involved the use of a magnetic stripe or mechanical imprint to read and record account data, a signature for purposes of identity verification. The customer hands their card to the cashier at the point of sale who passes the card through a magnetic reader or makes an imprint from the raised text of the card.
In the former case, the system prints a slip for the customer to sign. In the case of a mechanical imprint, the transaction details are filled in, a list of stolen numbers is consulted, the customer signs the imprinted slip. In both cases the cashier must verify that the customer's signature matches that on the back of the card to authenticate the transaction. Using the signature on the card as a verification method has a number of security flaws, the most obvious being the relative ease with which cards may go missing before their legitimate owners can sign them. Another involves the erasure and replacement of legitimate signature, yet another involves the forgery of the correct signature on the card. More technology has become available on the black market for both reading and writing the magnetic stripes, making cards easy to clone and use without the owner's knowledge; the first standard for smart payment cards was the Carte Bancaire M4 from Bull-CP8 deployed in France in 1986, followed by the B4B0' deployed in 1989.
Geldkarte in Germany predates EMV. EMV was designed to allow terminals to be backwardly compatible with these standards. France has since migrated all its card and terminal infrastructure to EMV. EMV stood for Europay and Visa, the three companies that created the standard; the standard is now managed by EMVCo, a consortium with control split among Visa, Mastercard, JCB, American Express, China UnionPay, Discover. The EMV standard was written in 1993 and 1994. JCB joined the consortium in February 2009, China UnionPay in May 2013, Discover in September 2013. There are two major benefits to moving to smart-card-based credit card payment systems: improved security, the possibility for finer control of "offline" credit-card transaction approvals. One of the original goals of EMV was to provide for multiple applications on a card: for a credit and debit card application or an e-purse. With current processing regulations in the United States, new issue debit cards contain two applications — a card association application, a common debit application.
The common debit application ID is somewhat of a misnomer as each "common" debit application uses the resident card association application. EMV chip card transactions improve security against fraud compared to magnetic stripe card transactions that rely on the holder's signature and visual inspection of the card to check for features such as hologram; the use of a PIN and cryptographic algorithms such as Triple DES, RSA and SHA provide authentication of the card to the processing terminal and the card issuer's host system. The processing time is comparable to online transactions, in which communications delay accounts for the majority of the time, while cryptographic operations at the terminal take comparatively little time; the supposed increased protection from fraud has allowed banks and credit card issuers to push through a "liability shift", such that merchants are now liable for any fraud that results from transactions on systems that are not EMV-capable. Although not the only possible method, the majority of implementations of EMV cards and terminals confirm the identity of the cardholder by requiring the entry of a personal identification number rather than signing a paper receipt.
Whether or not PIN authentication takes pl
Telecommunication is the transmission of signs, messages, writings and sounds or information of any nature by wire, optical or other electromagnetic systems. Telecommunication occurs when the exchange of information between communication participants includes the use of technology, it is transmitted either electrically over physical media, such as cables, or via electromagnetic radiation. Such transmission paths are divided into communication channels which afford the advantages of multiplexing. Since the Latin term communicatio is considered the social process of information exchange, the term telecommunications is used in its plural form because it involves many different technologies. Early means of communicating over a distance included visual signals, such as beacons, smoke signals, semaphore telegraphs, signal flags, optical heliographs. Other examples of pre-modern long-distance communication included audio messages such as coded drumbeats, lung-blown horns, loud whistles. 20th- and 21st-century technologies for long-distance communication involve electrical and electromagnetic technologies, such as telegraph and teleprinter, radio, microwave transmission, fiber optics, communications satellites.
A revolution in wireless communication began in the first decade of the 20th century with the pioneering developments in radio communications by Guglielmo Marconi, who won the Nobel Prize in Physics in 1909, other notable pioneering inventors and developers in the field of electrical and electronic telecommunications. These included Charles Wheatstone and Samuel Morse, Alexander Graham Bell, Edwin Armstrong and Lee de Forest, as well as Vladimir K. Zworykin, John Logie Baird and Philo Farnsworth; the word telecommunication is a compound of the Greek prefix tele, meaning distant, far off, or afar, the Latin communicare, meaning to share. Its modern use is adapted from the French, because its written use was recorded in 1904 by the French engineer and novelist Édouard Estaunié. Communication was first used as an English word in the late 14th century, it comes from Old French comunicacion, from Latin communicationem, noun of action from past participle stem of communicare "to share, divide out.
Homing pigeons have been used throughout history by different cultures. Pigeon post had Persian roots, was used by the Romans to aid their military. Frontinus said; the Greeks conveyed the names of the victors at the Olympic Games to various cities using homing pigeons. In the early 19th century, the Dutch government used the system in Sumatra, and in 1849, Paul Julius Reuter started a pigeon service to fly stock prices between Aachen and Brussels, a service that operated for a year until the gap in the telegraph link was closed. In the Middle Ages, chains of beacons were used on hilltops as a means of relaying a signal. Beacon chains suffered the drawback that they could only pass a single bit of information, so the meaning of the message such as "the enemy has been sighted" had to be agreed upon in advance. One notable instance of their use was during the Spanish Armada, when a beacon chain relayed a signal from Plymouth to London. In 1792, Claude Chappe, a French engineer, built the first fixed visual telegraphy system between Lille and Paris.
However semaphore suffered from the need for skilled operators and expensive towers at intervals of ten to thirty kilometres. As a result of competition from the electrical telegraph, the last commercial line was abandoned in 1880. On 25 July 1837 the first commercial electrical telegraph was demonstrated by English inventor Sir William Fothergill Cooke, English scientist Sir Charles Wheatstone. Both inventors viewed their device as "an improvement to the electromagnetic telegraph" not as a new device. Samuel Morse independently developed a version of the electrical telegraph that he unsuccessfully demonstrated on 2 September 1837, his code was an important advance over Wheatstone's signaling method. The first transatlantic telegraph cable was completed on 27 July 1866, allowing transatlantic telecommunication for the first time; the conventional telephone was invented independently by Alexander Bell and Elisha Gray in 1876. Antonio Meucci invented the first device that allowed the electrical transmission of voice over a line in 1849.
However Meucci's device was of little practical value because it relied upon the electrophonic effect and thus required users to place the receiver in their mouth to "hear" what was being said. The first commercial telephone services were set-up in 1878 and 1879 on both sides of the Atlantic in the cities of New Haven and London. Starting in 1894, Italian inventor Guglielmo Marconi began developing a wireless communication using the newly discovered phenomenon of radio waves, showing by 1901 that they could be transmitted across the Atlantic Ocean; this was the start of wireless telegraphy by radio. Voice and music had little early success. World War I accelerated the development of radio for military communications. After the war, commercial radio AM broadcasting began in the 1920s and became an important mass medium for entertainment and news. World War II again accelerated development of radio for the wartime purposes of aircraft and land communication, radio navigation and radar. Development of stereo FM broadcasting of radio
A computer is a device that can be instructed to carry out sequences of arithmetic or logical operations automatically via computer programming. Modern computers have the ability to follow generalized sets of called programs; these programs enable computers to perform an wide range of tasks. A "complete" computer including the hardware, the operating system, peripheral equipment required and used for "full" operation can be referred to as a computer system; this term may as well be used for a group of computers that are connected and work together, in particular a computer network or computer cluster. Computers are used as control systems for a wide variety of industrial and consumer devices; this includes simple special purpose devices like microwave ovens and remote controls, factory devices such as industrial robots and computer-aided design, general purpose devices like personal computers and mobile devices such as smartphones. The Internet is run on computers and it connects hundreds of millions of other computers and their users.
Early computers were only conceived as calculating devices. Since ancient times, simple manual devices like the abacus aided people in doing calculations. Early in the Industrial Revolution, some mechanical devices were built to automate long tedious tasks, such as guiding patterns for looms. More sophisticated electrical machines did specialized analog calculations in the early 20th century; the first digital electronic calculating machines were developed during World War II. The speed and versatility of computers have been increasing ever since then. Conventionally, a modern computer consists of at least one processing element a central processing unit, some form of memory; the processing element carries out arithmetic and logical operations, a sequencing and control unit can change the order of operations in response to stored information. Peripheral devices include input devices, output devices, input/output devices that perform both functions. Peripheral devices allow information to be retrieved from an external source and they enable the result of operations to be saved and retrieved.
According to the Oxford English Dictionary, the first known use of the word "computer" was in 1613 in a book called The Yong Mans Gleanings by English writer Richard Braithwait: "I haue read the truest computer of Times, the best Arithmetician that euer breathed, he reduceth thy dayes into a short number." This usage of the term referred to a human computer, a person who carried out calculations or computations. The word continued with the same meaning until the middle of the 20th century. During the latter part of this period women were hired as computers because they could be paid less than their male counterparts. By 1943, most human computers were women. From the end of the 19th century the word began to take on its more familiar meaning, a machine that carries out computations; the Online Etymology Dictionary gives the first attested use of "computer" in the 1640s, meaning "one who calculates". The Online Etymology Dictionary states that the use of the term to mean "'calculating machine' is from 1897."
The Online Etymology Dictionary indicates that the "modern use" of the term, to mean "programmable digital electronic computer" dates from "1945 under this name. Devices have been used to aid computation for thousands of years using one-to-one correspondence with fingers; the earliest counting device was a form of tally stick. Record keeping aids throughout the Fertile Crescent included calculi which represented counts of items livestock or grains, sealed in hollow unbaked clay containers; the use of counting rods is one example. The abacus was used for arithmetic tasks; the Roman abacus was developed from devices used in Babylonia as early as 2400 BC. Since many other forms of reckoning boards or tables have been invented. In a medieval European counting house, a checkered cloth would be placed on a table, markers moved around on it according to certain rules, as an aid to calculating sums of money; the Antikythera mechanism is believed to be the earliest mechanical analog "computer", according to Derek J. de Solla Price.
It was designed to calculate astronomical positions. It was discovered in 1901 in the Antikythera wreck off the Greek island of Antikythera, between Kythera and Crete, has been dated to c. 100 BC. Devices of a level of complexity comparable to that of the Antikythera mechanism would not reappear until a thousand years later. Many mechanical aids to calculation and measurement were constructed for astronomical and navigation use; the planisphere was a star chart invented by Abū Rayhān al-Bīrūnī in the early 11th century. The astrolabe was invented in the Hellenistic world in either the 1st or 2nd centuries BC and is attributed to Hipparchus. A combination of the planisphere and dioptra, the astrolabe was an analog computer capable of working out several different kinds of problems in spherical astronomy. An astrolabe incorporating a mechanical calendar computer and gear-wheels was invented by Abi Bakr of Isfahan, Persia in 1235. Abū Rayhān al-Bīrūnī invented the first mechanical geared lunisolar calendar astrolabe, an early fixed-wired knowledge processing machine with a gear train and gear-wheels, c. 1000 AD.
The sector, a calculating instrument used for solving problems in proportion, trigonometry and division, for various functions, such as squares and cube roots, was developed in
A database is an organized collection of data stored and accessed electronically from a computer system. Where databases are more complex they are developed using formal design and modeling techniques; the database management system is the software that interacts with end users and the database itself to capture and analyze the data. The DBMS software additionally encompasses; the sum total of the database, the DBMS and the associated applications can be referred to as a "database system". The term "database" is used to loosely refer to any of the DBMS, the database system or an application associated with the database. Computer scientists may classify database-management systems according to the database models that they support. Relational databases became dominant in the 1980s; these model data as rows and columns in a series of tables, the vast majority use SQL for writing and querying data. In the 2000s, non-relational databases became popular, referred to as NoSQL because they use different query languages.
Formally, a "database" refers to the way it is organized. Access to this data is provided by a "database management system" consisting of an integrated set of computer software that allows users to interact with one or more databases and provides access to all of the data contained in the database; the DBMS provides various functions that allow entry and retrieval of large quantities of information and provides ways to manage how that information is organized. Because of the close relationship between them, the term "database" is used casually to refer to both a database and the DBMS used to manipulate it. Outside the world of professional information technology, the term database is used to refer to any collection of related data as size and usage requirements necessitate use of a database management system. Existing DBMSs provide various functions that allow management of a database and its data which can be classified into four main functional groups: Data definition – Creation and removal of definitions that define the organization of the data.
Update – Insertion and deletion of the actual data. Retrieval – Providing information in a form directly usable or for further processing by other applications; the retrieved data may be made available in a form the same as it is stored in the database or in a new form obtained by altering or combining existing data from the database. Administration – Registering and monitoring users, enforcing data security, monitoring performance, maintaining data integrity, dealing with concurrency control, recovering information, corrupted by some event such as an unexpected system failure. Both a database and its DBMS conform to the principles of a particular database model. "Database system" refers collectively to the database model, database management system, database. Physically, database servers are dedicated computers that hold the actual databases and run only the DBMS and related software. Database servers are multiprocessor computers, with generous memory and RAID disk arrays used for stable storage.
RAID is used for recovery of data. Hardware database accelerators, connected to one or more servers via a high-speed channel, are used in large volume transaction processing environments. DBMSs are found at the heart of most database applications. DBMSs may be built around a custom multitasking kernel with built-in networking support, but modern DBMSs rely on a standard operating system to provide these functions. Since DBMSs comprise a significant market and storage vendors take into account DBMS requirements in their own development plans. Databases and DBMSs can be categorized according to the database model that they support, the type of computer they run on, the query language used to access the database, their internal engineering, which affects performance, scalability and security; the sizes and performance of databases and their respective DBMSs have grown in orders of magnitude. These performance increases were enabled by the technology progress in the areas of processors, computer memory, computer storage, computer networks.
The development of database technology can be divided into three eras based on data model or structure: navigational, SQL/relational, post-relational. The two main early navigational data models were the hierarchical model and the CODASYL model The relational model, first proposed in 1970 by Edgar F. Codd, departed from this tradition by insisting that applications should search for data by content, rather than by following links; the relational model employs sets of ledger-style tables, each used for a different type of entity. Only in the mid-1980s did computing hardware become powerful enough to allow the wide deployment of relational systems. By the early 1990s, relational systems dominated in all large-scale data processing applications, as of 2018 they remain dominant: IBM DB2, Oracle, MySQL, Microsoft SQL Server are the most searched DBMS; the dominant database language, standardised SQL for the relational model, has influenced database languages for other data models. Object databases were developed in the 1980s to overcome the inconvenience of object-relational impedance mismatch, which led to the coining of the term "post-relational" and the development of hybrid object-relational databas
A card reader is a data input device that reads data from a card-shaped storage medium. The first were punched card readers, which read the paper or cardboard punched cards that were used during the first several decades of the computer industry to store information and programs for computer systems. Modern card readers are electronic devices that can read plastic cards embedded with either a barcode, magnetic strip, computer chip or another storage medium. A memory card reader is a device used for communication with a memory card. A magnetic card reader is a device used to read magnetic stripe cards, such as credit cards. A business card reader is a device used to electronically save printed business cards. See also: Contact smart card and Contactless smart card. A smart card reader is an electronic device that reads smart cards and can be found in the following form: Some keyboards have a built-in card reader. External devices and internal drive bay card reader devices exist for personal computers.
Some laptop models utilize flash upgradeable firmware. External devices that can read a Personal identification number or other information may be connected to a keyboard; this model works by supplying the integrated circuit on the smart card with electricity and communicating via protocols, thereby enabling the user to read and write to a fixed address on the card. If the card does not use any standard transmission protocol, but uses a custom/proprietary protocol, it has the communication protocol designation T=14; the latest PC/SC CCID specifications define a new smart card framework. This framework works with USB devices with the specific device class 0x0B. Readers with this class do not need device drivers when used with PC/SC-compliant operating systems, because the operating system supplies the driver by default. PKCS#11 is an API designed to be platform-independent, defining a generic interface to cryptographic tokens such as smart cards; this allows applications to work without knowledge of the reader details.
A memory card reader is a device having a USB interface, for accessing the data on a memory card such as a CompactFlash, Secure Digital or MultiMediaCard. Most card readers offer write capability, together with the card, this can function as a pen drive. Access control card readers are used in physical security systems to read a credential that allows access through access control points a locked door. An access control reader can be a magnetic stripe reader, a bar code reader, a proximity reader, a smart card reader, or a biometric reader. Access control readers are classified by functions they are able to perform and by identification technology: A barcode is a series of alternating dark and light stripes that are read by an optical scanner; the organization and width of the lines is determined by the bar code protocol selected. There are many different protocols, such as the prevalent Code 39. Sometimes the digits represented by the dark and light bars are printed to allow people to read the number without an optical reader.
The advantage of using barcode technology is that it is cheap and easy to generate the credential and it can be applied to cards or other items. However the same affordability and simplicity makes the technology susceptible to fraud, because fake barcodes can be created cheaply and for example by photocopying real ones. One attempt to reduce fraud is to print the barcode using carbon-based ink, cover the bar code with a dark red overlay; the barcode can be read with an optical reader tuned to the infrared spectrum, but can not be copied by a copy machine. This does not address the ease with which barcode numbers can be generated from a computer using any printer. There are several forms of biometric identification employed in access control: fingerprint, hand geometry, Voice Recognition, facial recognition. Biometric technology has been promoted for its ability to increase the security level of systems. Proponents claim that the technology eliminates such problems as lost, stolen or loaned ID cards and forgotten PINs.
All biometric readers work by comparing the template stored in memory to the scan obtained during the process of identification. If there is a high enough degree of probability that the template in the memory is compatible with the live scan, the ID number of that person is sent to a control panel; the control panel checks the permission level of the user and determines whether access should be allowed. The communication between the reader and the control panel is transmitted using the industry standard Wiegand interface; the only exception is the intelligent biometric reader, which does not require any panels and directly controls all door hardware. Biometric templates may be stored in the memory of readers, limiting the number of users by the reader memory size. User templates may be stored in the memory of the smart card, thereby removing all limits to the number of system users, or a central server PC can act as the template host. For systems where a central server is employed, known as "server-based verification", readers first read the biometric data of the user and forward it to the main computer for processing.
Server-based systems support a large number of users but are dependent on the reliability of the central server, as well as communication lines. 1-to-1 and 1-to-many are the two possible modes of operation of a biometric reader: In th
In the fields of physical security and information security, access control is the selective restriction of access to a place or other resource. The act of accessing may mean entering, or using. Permission to access a resource is called authorization. Locks and login credentials are two analogous mechanisms of access control. Geographical access control may be enforced with a device such as a turnstile. There may be fences to avoid circumventing this access control. An alternative of access control in the strict sense is a system of checking authorized presence, see e.g. Ticket controller. A variant is e.g. of a shop or a country. The term access control refers to the practice of restricting entrance to a property, a building, or a room to authorized persons. Physical access control can be achieved by a human, through mechanical means such as locks and keys, or through technological means such as access control systems like the mantrap. Within these environments, physical key management may be employed as a means of further managing and monitoring access to mechanically keyed areas or access to certain small assets.
Physical access control is a matter of who and when. An access control system determines, allowed to enter or exit, where they are allowed to exit or enter, when they are allowed to enter or exit; this was accomplished through keys and locks. When a door is locked, only someone with a key can enter through the door, depending on how the lock is configured. Mechanical locks and keys do not allow restriction of the key holder to specific dates. Mechanical locks and keys do not provide records of the key used on any specific door, the keys can be copied or transferred to an unauthorized person; when a mechanical key is lost or the key holder is no longer authorized to use the protected area, the locks must be re-keyed. Electronic access control uses computers to solve the limitations of mechanical keys. A wide range of credentials can be used to replace mechanical keys; the electronic access control system grants access based on the credential presented. When access is granted, the door is unlocked for a predetermined time and the transaction is recorded.
When access is refused, the door remains locked and the attempted access is recorded. The system will monitor the door and alarm if the door is forced open or held open too long after being unlocked; when a credential is presented to a reader, the reader sends the credential's information a number, to a control panel, a reliable processor. The control panel compares the credential's number to an access control list, grants or denies the presented request, sends a transaction log to a database; when access is denied based on the access control list, the door remains locked. If there is a match between the credential and the access control list, the control panel operates a relay that in turn unlocks the door; the control panel ignores a door open signal to prevent an alarm. The reader provides feedback, such as a flashing red LED for an access denied and a flashing green LED for an access granted; the above description illustrates a single factor transaction. Credentials can be passed around. For example, Alice has access rights to the server room.
Alice either gives Bob her credential. To prevent this, two-factor authentication can be used. In a two factor transaction, the presented credential and a second factor are needed for access to be granted. There are three types of authenticating information: something the user knows, e.g. a password, pass-phrase or PIN something the user has, such as smart card or a key fob something the user is, such as fingerprint, verified by biometric measurementPasswords are a common means of verifying a user's identity before access is given to information systems. In addition, a fourth factor of authentication is now recognized: someone you know, whereby another person who knows you can provide a human element of authentication in situations where systems have been set up to allow for such scenarios. For example, a user have forgotten their smart card. In such a scenario, if the user is known to designated cohorts, the cohorts may provide their smart card and password, in combination with the extant factor of the user in question, thus provide two factors for the user with the missing credential, giving three factors overall to allow access.
A credential is a physical/tangible object, a piece of knowledge, or a facet of a person's physical being that enables an individual access to a given physical facility or computer-based information system. Credentials can be something a person knows, something they have, something they are, or some combination of these items; this is known as multi-factor authentication. The typical credential is an access card or key-fob, newer software can turn users' smartphones into access devices. There are many card technologies including magnetic stripe, bar code, Wiegand, 125 kHz proximity, 26-bit card-swipe, contact smart cards, contactless smart cards. Available are key-fobs, which are more compact than ID cards, attach to a key ring. Biometric technologies include fingerprint, facial recognition, iris recognition, retinal scan and hand geometry; the built-in biometric technologies found o