RFID: Radio Frequency Identification
RFID enables contactless authentication that is easy, secure and flexible.
What is RFID?
RFID stands for Radio Frequency Identification. The technology enables contactless identification via alternating magnetic fields. The RFID readers/writers from ELATEC support both the low-frequency range (LF) at 125 or 134.2 kHz and the high-frequency range (HF) at 13.56 MHz. For RFID, you need an information carrier, called the transponder (card, tag or paper label), and a reader/writer (RFID reader). When the transponder is within the (near) field of a reader, they can communicate with each other.
Would you like to know more about RFID?
What are the benefits of RFID?
Compared to other identification methods such as barcodes or magnetic strips, RFID offers many advantages.
How does mutual authentication with Secure Access Modules (SAM) and RFID media work?
A Secure Access Module is a type of smart card that follows a contact-based communication standard to interact with an RFID card reader. These modules ensure the safety of security keys and facilitate cryptographic operations. Typically, SAMs are used to generate application keys based on a specific master key or to generate session keys. They also enable secure messaging between the RFID media, the reader and the host system.
Many contactless credentials hold memory segments/applications that are encrypted with cryptographic keys. These keys are often stored in SAMs and supplied to card reader manufacturers. This not only ensures the security of the keys but adds a step in the authentication process. The card reader in this case should first perform authentication operations with the SAM and then carry out a series of cryptographic and bit manipulation operations between the contactless card and the SAM. This can be further secured by adding a key diversification step. The card reader must be able to support such a scenario both in the hardware as well as in the software. Many end-users require the card reader to natively support such a scenario and have high-level APIs to help in their implementation. In addition to this, high security applications demand transfer of data in an encrypted format. One can ensure end-to-end encryption/security with the help of SAMs. In such an architecture, the reader facilitates mutual authentication with the RFID media and the SAM, thus transferring protected data over a radio link and also ensuring the safety of encryption keys. The reader can also transfer data encrypted by the SAM to the host system, maintaining a high level of security across the system. ELATEC TWN4 RFID readers support mutual authentication with SAMs.
Note: The safety of distributing SAMs, as well as administering the installation process within the reader, should be treated as a separate issue and tackled accordingly. There is also an issue of the readers being stolen or the SAM modules being dismounted from the reader. The security considerations here do not delve into these topics; appropriate physical security precautions must be put in place to improve the overall security of the system.
How secure is the Wiegand communication interface for RFID, and are there more secure alternatives?
The Wiegand card, as well as the Wiegand interface for data transmission, is a 40-year-old technology that originates from the Wiegand effect discovered by John R. Wiegand in the early 1970s. While the Wiegand cards are still in production for RFID applications, they have been largely replaced by newer and cheaper forms of RFID access cards. However, these cards are still based on the Wiegand data format that is susceptible to interception, as the data are available in plain text. Also, the Wiegand interface introduced in the 1980s remains prevalent across both the logical access and the physical access control industries despite various security vulnerabilities. This technology no longer conforms to the current security standards. It is therefore important for integrators to choose a communication interface that can offer higher security from interception and support encrypted data exchange. ELATEC readers support modern, secure communication interfaces such as RS485 and RS232 to enable encrypted data exchange and minimize data interception risks.