Trusting Identities On Connected Campuses

Trusting Identities On Connected Campuses

Improving campus security without compromising accessibility

As their enrollments grow, university administrators must struggle to expand facilities and services while often using obsolete and vulnerable campus id card systems without the necessary features, functions and flexibility. at the same time, an increase in school violence and fraudulent id card usage is challenging administrators to improve security without compromising campus accessibility or the overall quality of the campus experience.

Administrators must also meet growing demand for securely provisioning connected services while protecting user privacy in today’s increasingly digital world, and they also must navigate a shift in the use of identities that is fueling broader adoption of mobile and advanced smart card technology while putting greater emphasis on the cloud and emerging IoT use cases. More than ever, they need to trust user identities in both the physical and digital worlds, and employ these trusted identities via a combination of both new and existing technologies to create a secure and convenient user experience across all facets of university life.

CHARTING A COURSE

The best path forward for today’s universities is to systematically replace legacy technology with the latest “One Card” solutions that deliver improved the end-to-end card issuance capabilities and a path to new capabilities and ROI value. A successful One Card implementation must deliver flexible student and faculty accessibility through visual security, while also enabling cards to be used for many applications from opening dorm room doors to making cashless transit system payments or checking out media center materials. These systems are dependent on physical cards so implementation must also support campus “green” initiatives through features like wasteless ID card lamination and eco-friendly card printers.

To make the upgrade to contactless smart card technology, universities must evaluate the time, cost and logistics associated with replacing existing card infrastructure and then re-badging tens of thousands of campus card holders. What is required is a comprehensive, end-toend ID solution and multi-year, phased process for upgrading an existing card system. This enables incremental deployment of new contactless smart cards while still using legacy student ID cards and the existing campus hardware.

Key solution features include an integrated ID card system with the power to issue new cards, multi-technology readers, card technology, and a combination of ID card printers and encoders with card personalization software. Some universities will need their readers to support both new contactless smart cards and legacy magnetic stripe cards, as well as wireless locks with built-in encryption and enhanced security. Choosing the right card technology will deliver advanced security and interoperability between locks, readers, and multiple card applications. The cards, readers, and software technology should be flexible enough for physical access control (i.e., opening doors) as well as logical access control (i.e., used with desktop readers to pay for cafeteria meals, or checking out library materials).

Also important is the choice of ID card printers and encoders, and associated card personalization software. A big time-saver for universities at registration time is the use of in-line personalization technology. This enables the card office staff to print student information to the card at the same time they are encoding and programming both the magnetic stripe and contactless smart card technology, all in a single, in-line issuance process. This approach significantly reduces total issuance time, and eliminates mistakes that are often made when data is entered manually. Additionally, some card production solutions are offering the flexibility to print and encode through a commercial print bureau, further easing the burden of time and errors. Advances in print quality, lamination and visual security features mean today’s cards are more secure and durable than those produced by legacy printers.

Card issuance choices can also affect sustainability. Two key developments include adopting “wasteless” lamination, and reducing carbon footprints as defined through the GreenCircle® certification program. With wasteless lamination, the lamination patches that are applied to cards for increased durability are attached to one another in a continuous stream of material on a single roll. Through technology that ensure precise placement the need for an underlying carrier film is eliminated so that, once the supply roll has been depleted, all that remains is a single empty core. GreenCircle certification delivers further cost savings through advancements in card lamination technologies that have reduced the significant energy required to heat up and maintain optimal operating temperature.

In addition to these latest smart card advancements, there are other developments underway as the industry changes how it uses trusted identities.

PREPARING FOR A SHIFT IN THE USE OF TRUSTED IDENTITIES

The more identities are used to access a growing variety of campus facilities and services, the more important it is that they can be trusted. New technology is driving new forms of digital connected trusted identities, and a shift in how we use these trusted identities is leading to increased adoption of mobile devices and the latest smart card technology, a greater emphasis and reliance on the cloud, and a new way of thinking about trust in the smart campus and Internet of Things (IoT).

For instance, credential issuance for physical ID cards will soon experience a digital transformation, as the use of cloud technologies will enable service-focused models for badge printing and encoding. Cloud -based models for delivering network-based ID badge issuance management will feature the security of end-to-end encryption and eliminate the need for stand-alone card printers attached to dedicated PC workstations. This will transform the user experience and operational management of ID badge printing, reduce costs, increase administrative visibility, simplify system maintenance, and improve security as compared to on-premises solutions.

Administrators are also increasingly aware that cell phones, which seem to be permanently in their students’ hands, can provide a very convenient and quite natural way to carry trusted campus IDs for opening doors and performing other tasks that require presentation of a secure credential. In addition to improving convenience, adding mobile access to their campuses will enable universities to reap the benefit of cost savings on credentials. Plus, students lose their cell phones less often than they lose their cards so, ultimately, the cost for replacement credentials will be reduced. University employees also benefit from carrying credentials on their phones. They aren’t required to wear their ID cards, so they may arrive at a facility without one and have trouble gaining access. But since most carry their cell phone everywhere, the ability to gain access is a given if these phones also carry their credentials.

Rather than acting as competitive forms of ID, traditional physical ID cards and mobile IDs that have been securely provisioned onto mobile devices will function most effectively in harmony, multiplying each other’s benefits. Digital identities in the form of smart cards have been successfully used in business and for a variety of governmentissued, card-based programs for over 10 years, including employee IDs, national IDs, healthcare cards, government employee credentials and even “smart” driver licenses.

The concept of mobile IDs is particularly compelling in the university environment where trusted identities are already used for everything from accessing physical areas, like dorms and research labs, to conducting digital transactions, such as checking into a class using a time-and-attendance system, making cafeteria purchases and cashless transit system payments, and checking out media center resources. New cloudbased systems will issue both physical and mobile IDs simultaneously in a one-step process that make issuance easy for both the organization and recipient.

Mobile IDs on the university campus should be viewed as an extension of authentic, university-issued credentials. In fact, having both a physical and a mobile credential can help to:

  • Provide better, faster, more efficient access to campus services.
  • Safeguard privacy by protecting access to personal data.
  • Improve mobility by using widely interoperable credentials across both the physical domain and for accessing university computers and cloud-based services and applications.
  • Establish trust between the cardholder and the university issuing the digital identity.

There will also be new ways to use trusted identities for more than access control on today’s increasingly connected campus. For instance, trusted identities can be used to connect people, places and things in applications like automating campus guard tours. By combining NFC trusted tag technology with a cloud-based authentication platform, security check points can be accurately tracked and guards can be instantly dispatched for incident response and to investigate and report fraudulent activities throughout the campus. This approach enables security guards to patrol areas more easily and efficiently, automating patrol stops and replacing manual sign-in processes. With a simple tap of their mobile phone to a secure trusted tag, a guard can digitally prove that a security patrol took place at the proper location, at the proper time.

Universities need to secure their facilities and assets without restricting students, staff and visitors from enjoying campus offerings. As universities move from legacy to “One Card” solutions and new mobile options and managed service models, they will make accessing their campuses more flexible and secure, extend the value of their cards to enable more capabilities, reduce costs while improving efficiency, and support campus “green” initiatives. At the same time, they will be paving the way for additional capabilities down the road, as trusted identities play more integral roles across a wider range of applications in an increasingly connected campus environment.

This article originally appeared in the April 2017 issue of CSLS.