A proximity card or prox card is a "contactless" smart card which can be read without inserting it into a reader device, as required by earlier magnetic stripe cards such as credit cards and "contact" type smart cards. The proximity cards are part of the contactless card technologies. Held near an electronic reader for a moment they enable the identification of an encoded number; the reader produces a beep or other sound to indicate the card has been read. The term "proximity card" refers to the older 125 kHz devices as distinct from the newer 13.56 MHz contactless smartcards. Second generation prox cards are used for distance reading applications. Proximity cards have a read range up to 50 cm, the main difference from the contactless smartcard with a range of 2 to 10 cm; the card can be left in a wallet or purse, read by holding the wallet or purse near the reader. These early proximity cards can't hold more data than a magnetic stripe card, only cards with smart chips can hold other types of data like electronic funds balance for contactless payment systems, history data for time and attendance or biometric templates.
When used without encoding data, only with the card serial number, contactless smartcards have similar functionalities to proximity cards. Passive 125 kHz cards, the more used type which were described above, are powered by radio frequency signals from the reader device and so have a limited range and must be held close to the reader unit, they are used as keycards for access control doors in office buildings. A version with more memory, contactless smartcards, are used for other applications: library cards, contactless payment systems, public transit fare cards. Active 125 kHz prox cards, sometimes called vicinity cards, are powered by an internal lithium battery, they can have up to 2 meters. Other contactless technologies like UHF smart cards can reach up to 150 meters and are used for applications where the card is read inside a vehicle, such as security gates which open when a vehicle with the access card inside approaches, or automated toll collection; the battery runs down and the card must be replaced after 2 to 7 years.
The card and the reader unit communicate with each other through 125 kHz radio frequency fields by a process called resonant energy transfer. Passive cards have three components which are sealed inside the plastic: an antenna consisting of a coil of wire, a capacitor, an integrated circuit which contains the user's ID number in specific formats and no other data; the reader has its own antenna. When the card is placed within range of the reader, the antenna coil and capacitor, which form a tuned circuit and store energy from the field, resonating at the frequency emitted by the reader; this energy is rectified to direct current. The chip sends its ID number or other data to the antenna coil, which transmits it by radio frequency signals back to the reader unit; the reader checks whether the ID number from the card is correct, performs whatever function it has been programmed to do for that ID number. All the energy to power the card comes from the reader unit, so passive cards must be close to a reader to transmit their data.
An active card contains a flat lithium cell in addition to the above components to power it. The integrated circuit contains a receiver which uses the battery's power to amplify the signal from the reader unit so it is stronger, allowing the card to detect the reader at a greater distance; the battery powers a transmitter circuit in the chip which transmits a stronger return signal to cover the greater distance. Proximity cards are all proprietary; this is the case of the memory-based first generation of contactless smartcards. This means that there is no compatibility between the readers of a specific brand and the cards of another brand. Contactless smartcards are covered by the ISO/IEC 14443 and/or the ISO/IEC 15693 OR ISO/IEC 18000 standards; these standards define two types of card which have a range up to 10 cm. The related ISO/IEC 15693 standard works up to a longer range of 100 cm; the reality is that ISO/IEC 14443 as well as ISO/IEC 15693 can only be implemented on microprocessor-based cards.
The best way to check if a technology meets ISO standard is to ask the manufacturer if it can be emulated on other devices without any proprietary hardware. The card readers communicate in various protocols, for example the Wiegand protocol that consists of a data 0 and a data 1 circuit. Other known protocols are mono directional Clock and Data or bidirectional OSDP, RS 232 or UART; the earliest card formats were up to 64 bits long. As demand has increased, bit size has increased to continue to provide unique numbers; the first several bits can be made identical. The idea is that company A has a facility code of xn and a card set of 0001 through 1000 and company B has a facility code of yn and a card set of 0001 through 1000. For smartcards, a numbering system is internationally harmonized and allocated by Netherlands-based NEN according to ISO/IEC 6523 and ISO/IEC 15459 standards. Access badge Access control CharlieCard Common Access Card Credential Identity document Keycard Magnetic stripe card Photo identification Physical security Security Smart card Wiegand inter
Security is freedom from, or resilience against, potential harm caused by others. Beneficiaries of security may be of persons and social groups and institutions, ecosystems or any other entity or phenomenon vulnerable to unwanted change by its environment. Security refers to protection from hostile forces, but it has a wide range of other senses: for example, as the absence of harm; the term is used to refer to acts and systems whose purpose may be to provide security. The word'secure' entered the English language in the 16th century, it is derived from Latin securus, meaning freedom from anxiety: se + cura. A security referent is the focus of a security discourse. Security referents may be persons or social groups, institutions, ecosystems, or any other phenomenon vulnerable to unwanted change by the forces of its environment; the referent in question may combine many referents, in the same way that, for example, a nation state is composed of many individual citizens. The security context is the relationships between its environment.
From this perspective and insecurity depend first on whether the environment is beneficial or hostile to the referent, how capable is the referent of responding to its/their environment in order to survive and thrive. The means by which a referent provides for security vary widely, they include, for example: Coercive capabilities, including the capacity to project coercive power into the environment. Any action intended to provide security may have multiple effects. For example, an action may have wide benefit, enhancing security for several or all security referents in the context. Approaches to security are the subject of debate. For example, in debate about national security strategies, some argue that security depends principally on developing protective and coercive capabilities in order to protect the security referent in a hostile environment. Others argue that security depends principally on building the conditions in which equitable relationships can develop by reducing antagonism between actors, ensuring that fundamental needs can be met, that differences of interest can be negotiated effectively.
The table shows some of the main domains. The range of security contexts is illustrated by the following examples: Computer security known as cybersecurity or IT security, refers to the security of computing devices such as computers and smartphones, as well as computer networks such as private and public networks, the Internet; the field has growing importance due to the increasing reliance on computer systems in most societies. It concerns the protection of hardware, data and the procedures by which systems are accessed; the means of computer security include the physical security of systems and security of information held on them. Corporate security refers to the resilience of corporations against espionage, theft and other threats; the security of corporations has become more complex as reliance on IT systems has increased, their physical presence has become more distributed across several countries, including environments that are, or may become, hostile to them. Ecological security known as environmental security, refers to the integrity of ecosystems and the biosphere in relation to their capacity to sustain a diversity of life-forms.
The security of ecosystems has attracted greater attention as the impact of ecological damage by humans has grown. Food security refers to the ready supply of, access to, safe and nutritious food. Food security is gaining in importance as the world's population has grown and productive land has diminished through overuse and climate change. Home security refers to the security systems used on a property used as a dwelling; the concept is supported by the United Nations General Assembly, which has stressed "the right of people to live in freedom and dignity" and recognized "t
An identity document is any document which may be used to prove a person's identity. If issued in a small, standard credit card size form, it is called an identity card, or passport card; some countries issue formal identity documents, as national identification cards which may be compulsory or non-compulsory, while others may require identity verification using regional identification or informal documents. When the identity document incorporates a person's photograph, it may be called photo ID. In the absence of a formal identity document, a driver's license may be accepted in many countries for identity verification; some countries do not accept driver's licenses for identification because in those countries they do not expire as documents and can be old or forged. Most countries accept passports as a form of identification; some countries require all people to have an identity document available at any time. Many countries require all foreigners to have a passport or a national identity card from their country available at any time if they do not have a residence permit in the country.
The identity document is used to connect a person to information about the person in a database. The photo and the possession of it is used to connect the person with the document; the connection between the identity document and information database is based on personal information present on the document, such as the bearer's full name, birth date, address, an identification number, card number, gender and more. A unique national identification number is the most secure way, but some countries lack such numbers or don't write them on identity documents. A version of the passport considered to be the earliest identity document inscribed into law was introduced by King Henry V of England with the Safe Conducts Act 1414. For the next 500 years and before World War I, most people did not have or need an identity document. Photographic identification appeared in 1876 but it did not become used until the early 20th century when photographs became part of passports and other ID documents such as driver's licenses, all of which came to be referred to as "photo IDs".
Both Australia and Great Britain, for example, introduced the requirement for a photographic passport in 1915 after the so-called Lody spy scandal. The shape and size of identity cards were standardized in 1985 by ISO/IEC 7810; some modern identity documents are smart cards including a difficult-to-forge embedded integrated circuit that were standardized in 1988 by ISO/IEC 7816. New technologies allow identity cards to contain biometric information, such as a photograph. Electronic identity cards are available in countries including Belgium, Chile, Finland, Hong Kong, Morocco, Portugal and Slovakia. Law enforcement officials claim that identity cards make surveillance and the search for criminals easier and therefore support the universal adoption of identity cards. In countries that don't have a national identity card, there is, concern about the projected large costs and potential abuse of high-tech smartcards. In many countries – English-speaking countries such as Australia, Ireland, New Zealand, the United Kingdom, the United States – there are no government-issued compulsory identity cards for all citizens.
Ireland's Public Services Card is not considered a national identity card by the Department of Employment Affairs and Social Protection, but many say it is in fact becoming that, without public debate or a legislative foundation. There is debate in these countries about whether such cards and their centralised database constitute an infringement of privacy and civil liberties. Most criticism is directed towards the enhanced possibilities of extensive abuse of centralised and comprehensive databases storing sensitive data. A 2006 survey of UK Open University students concluded that the planned compulsory identity card under the Identity Cards Act 2006 coupled with a central government database generated the most negative response among several alternative configurations. None of the countries listed above mandate possession of identity documents, but they have de facto equivalents since these countries still require proof of identity in many situations. For example, all vehicle drivers must have a driving licence, young people may need to use specially issued "proof of age cards" when purchasing alcohol.
In addition, uniquely amongst native English speaking countries without ID cards, the USA requires all its male residents between the ages of 18 and 25, including foreigners, to register for military conscription. Arguments for identity documents as such: In order to avoid mismatching people, to fight fraud, there should be a way, as securely as possible, to prove a person's identity; every human being carries their own personal identification in the form of DNA, hard to falsify or to discard. For non-state commercial and private interactions, this may shortly become the preferred identifier, rendering a state-issued identity card a lesser evil than the extensive privacy risks associated with everyday use of a person's genetic profile for identification purposes. Arguments for national identity documents: If using only private alternatives, such as id cards issued by banks, the inherent lack of consistency regarding issuance policies can lead to downstream problems. For example, in Sweden private companies such as banks refused to issue ID cards to individuals without a Swedish card.
This forced the government
Common Access Card
The Common Access Card commonly referred to as the CAC or CAC card, is a smart card about the size of a credit card. It is the standard identification for Active Duty United States Defense personnel, to include the Selected Reserve and National Guard, United States Department of Defense civilian employees, United States Coast Guard civilian employees and eligible DoD and USCG contractor personnel, it is the principal card used to enable physical access to buildings and controlled spaces, it provides access to defense computer networks and systems. This card is used by most law enforcement agencies as an official photo identification card for law enforcement officers to carry; these photo identification cards authorize law enforcement officers to carry their handgun off duty. It serves as an identification card under the Geneva Conventions. In combination with a personal identification number, a CAC satisfies the requirement for two-factor authentication: something the user knows combined with something the user has.
The CAC satisfies the requirements for digital signature and data encryption technologies: authentication and non-repudiation. The CAC is a controlled item; as of 2008, DoD has issued over 17 million smart cards. This number includes reissues to accommodate changes in name, rank, or status and to replace lost or stolen cards; as of the same date 3.5 million unterminated or active CACs are in circulation. DoD has deployed an issuance infrastructure at over 1,000 sites in more than 25 countries around the world and is rolling out more than one million card readers and associated middleware; the CAC is issued to Active United States Armed Forces in the Department of Defense and the U. S. Coast Guard. S. Armed Forces Reserve members of the U. S. Armed Forces National Guard members of the U. S. Armed Forces National Oceanic and Atmospheric Administration United States Public Health Service Emergency-Essential Employees Contingency Contractor Employees Contracted college & university ROTC Cadets and Midshipmen Deployed Overseas Civilians Non-Combatant Personnel DoD/Uniformed Service Civilians residing on military installations in CONUS, Alaska, Puerto Rico, or Guam DoD/Uniformed Service Civilians or Contracted Civilian residing in a foreign country for at least 365 days Presidential Appointees approved by the United States Senate DoD Civilian employees, United States Military veterans with a Veterans Affairs Disability rating of 100% P&T Eligible DoD and USCG Contractor Employees Non-DoD/other government and state employees of the National GuardFuture plans include the ability to store additional information through the incorporation of RFID chips or other contactless technology to allow seamless access to DoD facilities.
The program, used to issue CAC IDs is called the Real-Time Automated Personnel Identification System. RAPIDS interfaces with the Joint Personnel Adjudication System, uses this system to verify that the candidate has passed a background investigation and FBI fingerprint check. Applying for a CAC requires DoD form 1172-2 to be filled out and filed with RAPIDS; the system monitored by the DoD at all times. Different RAPIDS sites have been set up throughout military installations in and out of combat theater to issue new cards. On the front of the card, the background shows the phrase "U. S. DEPARTMENT OF DEFENSE" repeated across the card. A color photo of the owner is placed on the top left corner. Below the photo is the name of the owner; the top right corner displays the expiration date. Other information on the front include the owner's pay grade and federal identifier. A PDF417 stacked two-dimensional barcode is displayed on the bottom left corner. And, an integrated circuit chip is placed near the bottom-middle of the card.
There are three color code schemes used on the front of the CAC. A blue bar across the owner's name shows that the owner is a non-U. S. Citizen. A green bar shows. No bar is for all other personnel -- among others; the back of the card has a ghost image of the owner. And if applicable, the card contains the date of birth, blood type, DoD benefits number, Geneva Convention category, DoD Identification Number; the DoD number is known as the Electronic Data Interchange Personal Identifier. A Code 39 linear barcode, as well as a magnetic strip is placed on the bottom of the card; the DoD ID/EDIPI number stays with the owner throughout his or her career with the DoD or USCG when he or she changes armed services or other departments within the DoD or the USCG. For retired U. S. military personnel who subsequently become DoD or USCG civilians or DoD or USCG contractors, the DoD ID/EDIPI Number on their CAC will be the same as on their DD Form 2 Retired ID Card. For non-military spouses, unremarried former spouses, widows/widowers of active, Reserve or Retired U.
S. military personnel who themselves become DoD or USCG civilians or DoD or USCG contractors, the DoD ID/EDIPI Number on their CAC will be the same as on their DD 1173 Uniformed Services Privilege and Identification Card. The front of the CAC is
Photo identification or photo ID is an identity document that includes a photograph of the holder only his or her face. The most accepted forms of photo ID are those issued by government authorities, such as driver's licenses, identity cards and passports, but special-purpose photo IDs may be produced, such as internal security or access control cards. Photo identification may be used for face-to-face authentication of identity of a party who either is unknown to the person in authority or because that person does not have access to a file, a directory, a registry or an information service that contains or that can render a photograph of somebody on account of that person's name and other personal information; some countries – including all developed nations – use a single, government-issued type of card as a proof of age or citizenship. The United States, United Kingdom, New Zealand, Ireland do not have such a single type of card. Types of photo ID used in the US include: Passports, or Passport cards Driver's licenses, or state ID cards for non-drivers, issued by a state's Department of Motor Vehicles Company-issued ID cards Native tribal cardsAustralian photo ID includes: Australian Passport Australian state and territory issued identity photo cards Driving licence in Australia Australia Post Keypass identity card Photo identification cards appear to have been first used at the 1876 Centennial Exposition in Philadelphia, Pennsylvania.
The Scottish-born Canadian photographer William Notman, through his affiliated business, Centennial Photographic Co. which had exclusive photographic concession at the exhibition, introduced a photo identification system, required for all exhibitors and employees of the exhibition. The innovation was known as a "photographic ticket". Access badge Access control Common Access Card Credential
A smart card, chip card, or integrated circuit card is a physical electronic authorization device, used to control access to a resource. It is a plastic credit card sized card with an embedded integrated circuit. Many smart cards include a pattern of metal contacts to electrically connect to the internal chip. Others are contactless, some are both. Smart cards can provide personal identification, data storage, application processing. Applications include identification, mobile phones, public transit, computer security and healthcare. Smart cards may provide strong security authentication for single sign-on within organizations. Several nations have deployed smart cards throughout their populations. In 1968 and 1969 Helmut Gröttrup and Jürgen Dethloff jointly filed patents for the automated chip card. Roland Moreno patented the memory card concept in 1974. An important patent for smart cards with a microprocessor and memory as used today was filed by Jürgen Dethloff in 1976 and granted as USP 4105156 in 1978.
In 1977, Michel Ugon from Honeywell Bull invented the first microprocessor smart card with two chips: one microprocessor and one memory, in 1978, he patented the self-programmable one-chip microcomputer that defines the necessary architecture to program the chip. Three years Motorola used this patent in its "CP8". At that time, Bull had 1,200 patents related to smart cards. In 2001, Bull sold its CP8 division together with its patents to Schlumberger, who subsequently combined its own internal smart card department and CP8 to create Axalto. In 2006, Axalto and Gemplus, at the time the world's top two smart-card manufacturers and became Gemalto. In 2008, Dexa Systems spun off from Schlumberger and acquired Enterprise Security Services business, which included the smart-card solutions division responsible for deploying the first large-scale smart-card management systems based on public key infrastructure; the first mass use of the cards was as a telephone card for payment in French payphones, starting in 1983.
After the Télécarte, microchips were integrated into all French Carte Bleue debit cards in 1992. Customers inserted the card into the merchant's point-of-sale terminal typed the personal identification number, before the transaction was accepted. Only limited transactions are processed without a PIN. Smart-card-based "electronic purse" systems store funds on the card, so that readers do not need network connectivity, they entered European service in the mid-1990s. They have been common in Germany, Belgium, the Netherlands, Norway, Sweden, Finland, UK, Denmark and Portugal. Private electronic purse systems have been deployed such as the Marines corps at Parris Island allowing small amount payments at the cafeteria. Since the 1990s, smart cards have been the subscriber identity modules used in GSM mobile-phone equipment. Mobile phones are used across the world, so smart cards have become common. Europay MasterCard Visa -compliant cards and equipment are widespread with the deployment led by European countries.
The United States started deploying the EMV technology in 2014, with the deployment still in progress in 2018. A country's national payment association, in coordination with MasterCard International, Visa International, American Express and Japan Credit Bureau, jointly plan and implement EMV systems. In 1993 several international payment companies agreed to develop smart-card specifications for debit and credit cards; the original brands were MasterCard and Europay. The first version of the EMV system was released in 1994. In 1998 the specifications became stable. EMVCo maintains these specifications. EMVco's purpose is to assure the various financial institutions and retailers that the specifications retain backward compatibility with the 1998 version. EMVco upgraded the specifications in 2000 and 2004. EMV compliant cards were first accepted into Malaysia in 2005 and into United States in 2014. MasterCard was the first company, allowed to use the technology in the United States; the United States has felt pushed to use the technology because of the increase in identity theft.
The credit card information stolen from Target in late 2013 was one of the largest indicators that American credit card information is not safe. Target made the decision on April 30, 2014 that it would try to implement the smart chip technology in order to protect itself from future credit card identity theft. Before 2014, the consensus in America was that there were enough security measures to avoid credit card theft and that the smart chip was not necessary; the cost of the smart chip technology was significant, why most of the corporations did not want to pay for it in the United States. The debate came when online credit theft was insecure enough for the United States to invest in the technology; the adaptation of EMV's increased in 2015 when the liability shifts occurred in October by the credit card companies. Contactless smart cards do not require physical contact between a reader, they are becoming more popular for ticketing. Typical uses include mass motorway tolls. Visa and MasterCard implemented a version deployed in 2004–2006 in the U.
S. with Visa's current offering called Visa Contactless. Most contactless fare collection systems are incompatible, though the MIFARE Standard card from NXP Semiconductors has a considerable mark
Physical security describes security measures that are designed to deny unauthorized access to facilities and resources and to protect personnel and property from damage or harm. Physical security involves the use of multiple layers of interdependent systems which include CCTV surveillance, security guards, protective barriers, access control protocols, many other techniques. Physical security systems for protected facilities are intended to: deter potential intruders, it is up to security designers and analysts to balance security controls against risks, taking into account the costs of specifying, testing, using, managing and maintaining the controls, along with broader issues such as aesthetics, human rights and safety, societal norms or conventions. Physical access security measures that are appropriate for a high security prison or a military site may be inappropriate in an office, a home or a vehicle, although the principles are similar; the goal of deterrence methods is to convince potential attackers that a successful attack is unlikely due to strong defenses.
The initial layer of security for a campus, office, or other physical space uses crime prevention through environmental design to deter threats. Some of the most common examples are the most basic: warning signs or window stickers, vehicle barriers, vehicle height-restrictors, restricted access points, security lighting and trenches. Physical barriers such as fences and vehicle barriers act as the outermost layer of security, they serve to prevent, or at least delay and act as a psychological deterrent by defining the perimeter of the facility and making intrusions seem more difficult. Tall fencing, topped with barbed wire, razor wire or metal spikes are emplaced on the perimeter of a property with some type of signage that warns people not to attempt to enter. However, in some facilities imposing perimeter walls/fencing will not be possible or it may be aesthetically unacceptable. Barriers are designed to defeat defined threats; this is part of building codes as well as fire codes. Apart from external threats, there are internal threats of fire, smoke migration as well as sabotage.
The National Building Code of Canada, as an example, indicates the need to defeat external explosions with the building envelope, where they are possible, such as where large electrical transformers are located close to a building. High-voltage transformer fire barriers can be examples of walls designed to defeat fire and fragmentation as a result of transformer ruptures, as well as incoming small weapons fire. Buildings may have internal barriers to defeat weapons as well as fire and heat. An example would be a counter at a police station or embassy, where the public may access a room but talk through security glass to employees in behind. If such a barrier aligns with a fire compartment as part of building code compliance multiple threats must be defeated which must be considered in the design. Another major form of deterrence that can be incorporated into the design of facilities is natural surveillance, whereby architects seek to build spaces that are more open and visible to security personnel and authorized users, so that intruders/attackers are unable to perform unauthorized activity without being seen.
An example would be decreasing the amount of dense, tall vegetation in the landscaping so that attackers cannot conceal themselves within it, or placing critical resources in areas where intruders would have to cross over a wide, open space to reach them. Security lighting is another effective form of deterrence. Intruders are less to enter well-lit areas for fear of being seen. Doors and other entrances, in particular, should be well lit to allow close observation of people entering and exiting; when lighting the grounds of a facility distributed low-intensity lighting is superior to small patches of high-intensity lighting, because the latter can have a tendency to create blind spots for security personnel and CCTV cameras. It is important to place lighting in a manner that makes it difficult to tamper with, to ensure that there is a backup power supply so that security lights will not go out if the electricity is cut off. Alarm systems can be installed to alert security personnel. Alarm systems work in tandem with physical barriers, mechanical systems, security guards, serving to trigger a response when these other forms of security have been breached.
They consist of sensors including motion sensors, contact sensors, glass break detectors. However, alarms are only useful. In the reconnaissance phase prior to an actual attack, some intruders will test the response time of security personnel to a deliberately tripped alarm system. By measuring the length of time it takes for a security team to arrive, the attacker can determine if an attack could succeed before authorities arrive to neutralize the threat. Loud audible alarms can act as a psycholo