Card, mobile credential, payment and security
By Jerry Banks, Co-author of RFID Applied
The issues of privacy and security, although interrelated, are different. With respect to RFID, we define these issues as follows:
Privacy: the ability of the RFID system to keep the meaning of the information transmitted between the tag and the reader secure from non-intended recipients.
Security: the ability of the RFID system to keep the information transmitted between the tag and the reader secure from non-intended recipients.
The issues have very different repercussions and different solutions. In a given environment, an RFID solution may pose security risks without affecting the issue of privacy. An example of this scenario is when a tag broadcasts its unique identification number in a consistent and unencrypted manner. This enables the tag to be detected by any reader that can decode the RF signal. If all that is read is the tag's unique identifier – and no association can be made to what that identifier means without access to the backend database that maintains the relationship between the tag IDs and the objects that they represent – there is no privacy issue. However, issues of traceability and inventorying may remain.
Traceability and inventorying relate to the ability of an unauthorized entity to read the identifiers sent by RFID tags without necessarily being concerned as to what the tag is affixed to or who/what is carrying it. In other words just by capturing the signals emitted by an RFID tag, a third party could trace where the tag is or has been (traceability) as well as to what tags have been detected (inventorying).
A standard EPC tag conveys information associated with a particular item, its model or product class and its manufacturer. Anyone with a standard EPC reader could get close enough to a shopper leaving a store to determine what products and what quantities were purchased. Furthermore, the unauthorized reader could track the shopper from a distance utilizing a high-powered reader.
RFID is an excellent technology for object tracking. In this case, we can define an object as a physical asset that occupies 3-dimensional space. This means that the whereabouts of any physical object (including animals and humans) can potentially be tracked within the scope of the RFID infrastructure. As RFID technology development progresses, this scope can become larger and larger.
This fact has raised many questions and concerns from people because of the potential invasion of privacy that can be attributed to RFID technology. But, before we get deeper into the privacy issues and their repercussions, let's look at a few examples of what privacy advocates and the concerned public claim can go wrong with the use of RFID technology.
Consumer and privacy advocates have closely followed the deployment of RFID enabled solutions in the supply chains of major retailers such as Wal-Mart, Tesco, Target and others. They contend that by using the same technology adopted by the retailers to track individual items through their supply chains, consumers could potentially be tracked after buying the merchandise and leaving the retail stores.
The U.S. government has made a decision to implement contactless chips in U.S. citizen's passports. These chips contain the passport holder's information as well as a digitized picture of the holder. Initially, the U.S. Department of State's proposal did not include any security protocols. The information would be contained unencrypted within the passport's chip. Therefore, anyone with the right reader technology could potentially scan a traveler's passport, perhaps while still in the traveler's possession, and obtain personal information. This, it is argued, could help terrorists, thieves or others to determine the traveler's identity or nationality.
After much negative feedback from the public and different organizations the Department of State changed its proposal and added 3 layers of security:
Security experts still raise a debatable issue relating the fact that the chip's unique identifier can be read by any reader since this falls below the layer of protection provided by the encryption methodology. This could create an issue of passport traceability.
Many libraries, primarily in Europe, have implemented RFID technology in their operation. In the most advanced scenario, the idea is to tag every book in the library with an RFID chip and allow patrons to "automatically" check out the books by means of carrying an RFID tag and making the proper association of books-to-patron as the patrons exit out though the checkout portal. Privacy groups contend that patrons' right of privacy could be violated by someone with the proper technology within close proximity of the patrons. This would allow the malicious person to determine what books have been checked out by the patron.
The most aggressive privacy concern groups claim that governments could potentially gain access to all commercially controlled RFID databases and, therefore, have full access to the consumer, travel, and general habits of its population. Or governments could achieve this by deploying wide-area RFID infrastructures where all the activities of its citizens could be tracked, from what they buy, to what they read, to where they travel, to what they watch on videos.
Initially, commercial applications of RFID did not emphasize security. RFID readers and tags communicated with each other using open, unencrypted messages. Even today, most RFID readers and tags transmit information without any encryption.
There are a few reasons why this has been the case:
The fundamental issue is that in order to create a widespread market for RFID, the cost of its infrastructure must be kept to a minimum. This fact limits the complexity of the tag, thus limiting its capability to process information. So the dilemma of how to create a secure RFID infrastructure remains an elusive target.
High security RFID systems should have the ability to guard against the following categorized security and privacy threats:
Eavesdropping
RFID tags are designed to transmit stored information to an inquiring reader. This allows unauthorized users to scan tags by eavesdropping on the wireless RFID channel. The unrestricted access to tag data might reveal private information if it is stored on the tag.
If the security protocol used in the RFID channel is revealed, attackers can write blank RFID tags with the same formatted data that has been collected. For instance, dishonest persons could replace the RFID tag on an item to get a cheaper price when checking out from a supermarket.
Relay devices can intercept and retransmit RFID queries. With this kind of device, offenders can abuse various RFID applications by replaying the data in order to imitate a genuine data carrier.
There have been many proposals put forth that aim to create a secure RFID environment. Some of these rely on encryption algorithms, some on cleverly designed communications schemes, and others on taking advantage of the basic physical properties of RFID communication.
This is a relatively low-tech approach to the issue of RFID security. Faraday cages are based on the principle that meshes made of certain metals provide a natural barrier to radio waves. It is the same principle that creates one of the challenges for the application of RFID. While extremely effective, this solution requires a conscious, manual action in which the user must cover and uncover the tag every time he or she wants the tag to function. This method does not offer any protection when the tag is not within the Faraday cage.
There are, however, some applications where a Faraday cage may make sense. The use of a Faraday cover on a passport is one that probably works well for most users since passports are usually only open when they need to be presented. For product RFID, however, a Faraday cage is likely cost prohibitive.
This method relies on the attenuation of the RF signal so that it can only travel a few centimeters. The assumption is that an unintended reader would have to be in close proximity to the tag and therefore probably easily identifiable. Actually, this is a very weak method for security protection. Imagine a person carrying products with limited range transmission RFID tags at rush hour in a subway. It is probably next to impossible to avoid potentially malicious persons with readers getting very close.
The KILL command renders the tag unreadable. This is a command built into the chip that can be activated from a reader at the point of sale. In order to execute the KILL command, the reader must transmit a PIN to the tag to ensure that it has the right control access.
Although extremely effective once the command has been successfully executed, it presents two major limitations:
It is not effective until the command has been executed. This means that it must be combined with some other solution to provide protection during the lifecycle of the tag.
It prevents use of the tag for future applications after the item has been sold.
To illustrate this, imagine the following scenario. Richard, a techno-savvy consumer, chooses to buy the latest model of a washing machine which incorporates RFID functionality. The great thing about the washing machine is that it can use its embedded RFID reader to detect what garments have been placed in it by reading the RFID tags embedded in the garments. This information enables the washing machine to automatically control the temperature settings and washing mode so that the delicate garments are not damaged. However, if the articles that Richard bought at his favorite clothing store implemented the KILL commands, Richard would certainly complain about the inconvenience presented by the washing machine not being able to identify the garments.
Albeit, this is not the most tragic scenario that one could devise, but it portrays the issue at hand. The KILL command can severely limit the functionality and applications of RFID downstream from the point of sale.
The use of SLEEP commands on tags is an attempt to answer the shortcomings cited in the KILL command proposal. The SLEEP command, a more commerce-friendly proposal, has been put forth. Instead of killing the tag at the point of sale, this proposal renders the tag temporarily inactive, until the consumer physically reactivates the tag. The fact that the tag must provide a way to allow a consumer to reactivate the tag creates problems. For instance, imagine when Richard (from the previous example) returns to his home after an afternoon of clothes shopping. In order to achieve the benefits of his RFID-enabled washer, he would have to physically reactivate each tag.
This approach, introduced by IBM, provides a seemly simple, yet effective solution to minimize tag recognition from standard read distances. The procedure uses a tag with a full antenna that can be clipped at the point of sale by the consumer in order to reduce the span of the antenna and therefore reduce its readable range from a few meters to only one or two centimeters.
As you can see, there are many challenges to creating a secure and privacy-enabling RFID solution. There are, however, a variety of technologies and mechanisms in place to assist issuers and consumers. Certainly, we are only beginning to understand the challenges and the solutions to this complex technological and societal question.
This article is part of an ongoing series that explains the principles of RFID. It was created for RFIDNews by Jerry Banks, Tecnologico de Monterrey, Monterrey, Mexico, one of four co-authors of RFID Applied, John Wiley, 2007, ISBN-10:0471793655; ISBN-13:978-0471793656.
Higher One has added two more colleges to its growing roster of schools that are using the financial services provider to distribute refunds to its students. Although Higher One works with more than 110 colleges and universities in the U.S., Kansas City Kansas Community College is the company’s first client in Kansas. Both it and Texas-based Laredo Community College intend to distribute financial aid refunds electronically to students starting this fall.
Since the start of this year, Higher One, recently ranked No. 85 on the 2007 Inc. magazine list of the 500 Fastest Growing Companies in the U.S., has reached financial aid refund agreements with 18 institutions around the country.
“Providing quality and innovative student services is a top priority at Laredo Community College,” LCC President Juan L. Maldonado said. “With OneDisburse Refund Management, LCC is looking forward to enhancing services associated with the distribution of student financial aid refunds electronically, thus creating another unique benefit for our students.”
“LCC’s goal is to streamline the current process of disbursing financial aid refunds. This program will eliminate the need for students to stand in line for their financial aid refund checks and make the process more convenient and efficient for our students,” LCC Bursar Norma Cano said.
“The cost and time burden of manual refund checks was becoming too much,” said Brian Bode, KCKCC’s dean of financial and administrative services. “Higher One contacted us and we started looking into the program. We took it to our Student Senate and they were enthusiastic about the program so we made the decision.”
Higher One enables institutions to streamline the refund distribution process by offering students up to three ways to receive their refunds: direct deposit to the OneAccount, a no minimum balance, no monthly fee, FDIC-Insured checking account provided by Higher One, direct deposit to another bank account of the student’s choice, or a paper check mailed to the address on file.
Higher One collects and maintains all student bank account numbers, routing numbers, and refund preferences, provides marketing material to the institution to educate students on the process, distributes the refunds based on each student’s preference, and handles any customer service related to the distribution of refunds.
“The quality of the program, its history of success, and the willingness to work with us in some unique areas we needed to address set Higher One’s services apart from other options we considered,” said Bode.
Access control provider Salto Systems has launched its Advanced Panic Bar Solution, or SAPS, for exit doors with panic bars. It allows users to add the control of exit doors to an access control system without the extra cost of wiring.
Certified to EN1125 standard, SAPS’ modern styling and clean lines make it an integral part of the SALTO access control platform allowing users to achieve a consistency of style on every door throughout their buildings.
It can be fully integrated with SALTO Virtual Network Technology, allowing users to include SAPS in the management of their access control system without any loss of any functionality, flexibility, control or security.
SVN allows the SAPS panic bar to read, receive and write information via normal smart card operation, providing 90% of the benefits of a fully on line access control system at the cost of a stand alone system. Future versions of SAPS will also be capable of integration with fully featured RFID solutions.
Salto is based in Oiartzun, Spain.
Another computer breach, this one at Oklahoma State Universitiy, has potentially exposed the names, addresses and Social Security numbers of some 70,000 students, faculty and staff who bought parking and transit services permits in the past six years, a newspaper reports.
The Oklahoman notes that the university didn’t let students know until this week, even though the breach was discovered in March. “Officials said they first wanted to do an investigation to see if any Social Securities numbers had been accessed. They were not able to make a determination,” the newspaper says.
Since then, Social Security numbers have been removed from the site and the server shut down. While the university doesn’t think ID theft was the reason for the breach, it can’t rule that out.
Read more here.
Student ID cards today mean more than meal tickets or the ability to buy books on campus. They mean wireless hotdog carts. That’s just one of the examples highlighted by CreditCards.com in its report on the new breed of student ID cards.
The “cashless campus” at many universities now allows students to gain access to their dorms or use their campus cards for off campus purchases or to do their laundry, and much, much more. Students expect it because many of them have been using credit cards since middle school. Read more here.
Campus card banking partners step up to educate student cardholders
Get a bunch of students, mostly freshmen, away from home for the first time. Stick them all in a dorm, many of them are armed checks, a credit card, a student ID, their driver license and Social Security card. It’s a recipe for ID theft.
With that in mind many colleges and universities, with the help of their banking partners, have incorporated ID theft prevention into their financial seminars.
“We’ve done these seminars for years–how to manage credit – how to make a budget and now we have created ID theft prevention as an extension to financial wellness,” says Whitney Bright, vice president of campus cards for Minneapolis-based U.S. Bank. “The seminar is popular, not only with students but faculty and staff.”
That’s a sentiment echoed by Randy Hedge, director of university dining and Reeve Dining at University of Wisconsin Oshkosh. “When the university, with the help of U.S. Bank, held our ID theft program it was absolutely overflowing and at least 60-70 percent of those present were faculty and staff. People are very sensitive to the ID theft problem. It was an excellent program and U.S. Bank had several of their staff there that day.”
When the university signed with U.S. Bank three years ago, “they told us they wanted to do as many educational programs as we were interested in.” ID theft will be just one of programs, “but probably something we’ll do every year along with Banking 101,” he added.
Hedge learned many different techniques to prevent ID theft during the seminar. ” I know one in particular is you shouldn’t use your mailbox on the street to mail your bills.”
Bright recommends using a standard mailbox. “If you’re paying a bill, put it directly into the post office box instead of a college box. It’s very easy to get account numbers off those documents.”
U.S. Bank can incorporate ID theft into its other seminars or run it on its own. “It depends on who the audience is–students, faculty and staff–and how much time we have,” said Bright.
Seminar topics include protecting your Social Security number and phishing. Seminar participants are also given tips, such as shredding documents – particularly bank statements when you’re done with them – not responding to emails and the fact that “banks will never ask you to verify your pin numbers,” she adds.
Of particular useful tip for students living in a dorm is to secure or lock up any extra checks. The same measure should be taken for any credit or debit cards that aren’t in your wallets. “Why tempt someone?” asks Bright.
Credit card offers are another sources of ID theft. “Hopefully students are throwing most of those away,” she added.
Getting rid of a credit card? Don’t just throw it away, cut it in several pieces and deposit the pieces in different trashcans, Bright says.
She also suggests paying bills online rather than with a paper check. Internet payment sites are more secure, as designated by the “https” at the beginning of the address rather than the normal “http.”
And always go directly to the bank’s Web site. “Start from a fresh Web site and don’t link off another site or off another email. “I have my U.S. Bank site in my favorites so I know it’s going to the right site.”
Another tip: “Don’t carry your Social Security card around with you and don’t have it printed on your check. Most schools today have moved away from having a Social Security number tied to the ID card.”
Higher One educates cardholders online
Sean Glass, Higher One’s chief marketing officer, said the number one protection against ID theft is knowledge.
Higher One provides ID theft information online, Glass says. For example, the Web site of one of Higher One’s clients, the University of Houston, includes a box students can click on to learn how to protect against ID theft. “Most students are pretty savvy but preventing ID theft involves understanding how criminals work.”
One of the biggest threats is phishing, attempting, usually via email, to get the recipient to click on a link that looks like it came from the bank. A related scam involves “attempts to get information through social engineering. You get a phone call from someone saying their attempting to clean up their records.” In essence, such calls are attempts to get ID information that can help the scam artists steal identities. Social Security numbers are key, but they may also ask for dates of birth, mother’s maiden name and other demographic data.
“We tell our customers that if you get an email that doesn’t look like it came from us, don’t click on the information.”
Since Higher One is an Internet-based financial services provider, it’s important that students, faculty and staff be careful when dealing with any emails from the company. “Don’t assume it comes from us. Go to the URL on the back of your card to log in.”
He said Higher One has not “had many people reporting cases of ID theft.” Regardless, most banks and Higher One follow a zero liability policy “and we’ll work with the student to get his money back in any event.”
But ID theft, he says, isn’t as important as protecting your documents, especially the credit cards. “The number one way a card gets stolen is when it’s skimmed.” That usually happens when your credit card is out of your sight for a few minutes, such as when you’re paying for a meal at a restaurant. The waiter could capture that credit card number and later use it or sell the number. “The number one thing is awareness. When something doesn’t seem quite right, it probably isn’t,” he added.
Wells Fargo goes interactive
Wells Fargo’s Julia S. Tunis, assistant vice president of corporate communications, says the bank uses its web site not only for financial management training but other areas as well, including ID theft.
The bank’s Hands on Banking program (www.handsonbanking.org) “is a free, fun, interactive money management program that teaches the money skills needed for all stages of life. It covers ID theft, fraud, phishing/online scams and protecting your credit. In addition, we have published articles in the Student Wells Wire online newsletter about protecting yourself about identity theft.”
She said that Wells Fargo, for all customers, has online content about ID theft at www.wellsfargo.com/privacy_security/fraud/operate/idtheft.
Working closely with local merchants and students, Off-Campus Advantage and Millersville University in Pennsylvania have launched the school’s first off-campus payment program, Marauder Gold. Students even got to design signs to be placed in participating merchants’ establishments.
“Opening the on-campus discretionary account to off-campus merchants is a win for the students, the local merchants and the university,” said Ken Dearstyne, associate vice president of finance and administration for Millersville University. “We worked closely with the merchants in Millersville and our students to create a blueprint for a successful program.”
Partnering with OCA, Millersville gave locally owned businesses the opportunity to participate in the program before inviting merchants in neighboring communities and national chains to join. “The Millersville focus in launching Marauder Gold was to strengthen town relations,” said Shawn McCarthy, vice president of wide-area commerce for The CBORD Group, OCA’s parent company. “The local businesses in Millersville participated in the discussions about going off campus, enabling the university to launch Marauder Gold quickly, with a solid base of participating merchants.”
The program’s swift launch was also facilitated by Millersville University’s ability to fully integrate the off-campus payment program into its CS Gold card system by creating an addendum to its service provider’s contract. CBORD supplies Millersville University with a variety of compatible front- and back-of-house management solutions, which also includes Foodservice Suite® food service management software.
Millersville further personalized the off-campus program by inviting its 8,000 students to brand the discretionary account and create signage for participating merchants, as well as posters and mailers for the entire student body, educating them about the new Marauder Gold off-campus program.
“By including student ideas and designs in our marketing plan, we tapped into a valuable resource to help drive the awareness and usage of Marauder Gold,” said Elizabeth Braungard, marketing director for Millersville University. “From the beginning, this program has been a model of students, administrators, and the local business community working together.”
As universities move away from the Social Security number to identify students, how will those new student ID numbers be handled? For example, can they be publicly posted instead of the student’s name? Is that an invasion of privacy?
This was just one of the issues discussed at the recent Educause annual policy conference. Focus of the discussion was the U.S. Department of Education’s proposed changes to regulations governing the Family Educational Rights and Privacy Act, or FERPA.
Until now, the rules haven’t specified whether students’ Social Security numbers, and the proprietary ID numbers many colleges now assign to students, fall into the “directory information” category, items that normally aren’t considered harmful or an invasion of privacy. The proposed changes would ban the use of both numbers from that designation, but as this article points out, that could result in unintended effects.
Read more here.
Issuing combined student IDs and bank cards on campus reduces the time it takes to get these multifunction cards into students’ hands, and it enables them to begin using the card the moment they exit the campus card office. But if that card was a branded Visa or MasterCard product, this hasn’t been possible for most issuers.
Visa and MasterCard rules made it all but impossible to issue branded products from a campus card office or bank branch. The rules were put in place to curb fraud and counterfeiting and they did so by requiring that cards be produced only in secure, approved facilities. A campus ID could be a Visa or MasterCard product, but it would have to be produced offsite at a secure printing facility.
This presented a major challenge to campuses. The student ID card is needed immediately for dining, access, library and privilege control – so it was not practical to tell a student that they would receive their card by mail in the coming weeks.
Adding to the challenge, the rules also required that the cards be embossed. Embossing of the numbers and name are a legacy requirement from the days of the manual “zip zap” machines used by merchants prior to electronic point of sale devices. Even after the new POS devices became mainstream, some small merchants continued to use the manual technology and others relied on the embossed characters when the POS was down. Though the technology to create embossed cards is available in desktop machines, it is not a common item in campus card offices.
So, most campuses opted to instantly issue a non-branded product that works as a debit card but in the more limited ATM networks or with merchants specifically signed by the bank partner.
Such was the tale of instant issuance. But as Bob Dylan says: the times, they are a-changin.’
MasterCard and Visa have loosened some of these rules and opened up the ability to produce cards onsite. The rules outlining secure facilities have become less stringent, making it possible for cards to be issued at bank branches and other locations that have reasonable security and good inventory controls. The associations are also considering doing away with the embossing requirement.
So how would instant issuance work in a campus card environment? In most cases, the campus’ bank partner would receive a supply of blank card stock with the Visa or MasterCard brand already imprinted. These cards would then be run through the card printer in the bank branch on campus.
Printer manufacturers rise to the occasion
Seeking to support this emerging opportunity for instant issuance, HID-owned Fargo Electronics developed a new card printer geared primarily for the banking, credit union and retail industries. But it’s a printer that can just as easily be installed in a university campus card center, says Steve Blake, HID Global’s director of business development. In one printer, a campus can produce a card that is both the student ID and the Visa or MasterCard branded debit card.
“Many campuses that have bank card relationships offer students a variety of financial services during the registration or orientation process,”he says. “But issuance of a branded debit card is different from issuance of an ID card.”
However, more banks and credit unions are doing instant issuance at their branches, he adds. “Customers can apply for a debit card and get it immediately. What we have is a bank card printer based upon the HDP5000 platform, which utilizes reverse transfer printing to produce a card that has brilliant and true high definition colors, similar to the pre-printing process,” says Blake. Called the Fargo HDPii – for instant issuance – the new printer will eliminate the need to preprint batches of cards since that can all be accomplished onsite.
The printer was launched earlier this year following a large pilot at TD Banknorth. That trial involved “46 of our printers. We’re anticipating roll-outs in the U.S. and then Canada,” says Blake. The printer will produce a flat card as opposed to the traditional embossed debit card with raised letters. “It can be customized at the branch, starting with a blank white card,” he adds.
While no branch bank on a college campus is using HDPii right now, “our next step is to approach banks and colleges that have campus card programs. They can kill two birds with one stone: do student issuance
and a branded debit card all in one step. From the bank side, it’s a tremendous opportunity. If you can get cards into the users’ hands faster, they’ll start using them sooner.”
Blake says the industry term for this is “shift and lift.” The shift part comes in moving the initial transaction up sooner. “If a card is sent in the mail, you might get it anywhere from five days to two weeks after application. If you’re instantly issued a card, you can use it right away.” The lift part describes the activation, or non-activation of the card itself. “When a debit card is ordered, probably 40% of the time it won’t be activated,” he adds.
The printer will produce debit, credit, gift and prepaid cards. Fargo is seeking Visa and MasterCard certification, with initial focus on debit cards. He says several banks “have approached us and our software partners about moving forward with major pilots involving instant issuance. Many of these already have great relationships with schools.”
Prices start at $6,995 for the HDPii with magnetic stripe encoding, dual-sided printing as well as the physical and data security additions to meet Visa and MasterCard regulations. There is also an optional dual contact and contactless smart card encoder. “Reaction to the HDPii has been fantastic,” he says. “Customers are delighted because they’re getting a card immediately.” It’s instant gratification in the purest sense. Banks also like the idea of this shift and lift. They’ll generate more revenue, and that’s resonating extremely well.”
He also believes colleges will like this new breed of printer. “They’re always looking for ways to better take care of students and the instant issuance of a branded debit card will further separate colleges”.
To emboss, or not to emboss
Datacard Group is also involved in instant issuance of MasterCard/Visa-approved cards.
Mark Andersen, head of Desktop Product and Industry Marketing for Datacard Group, says the company has several varieties of instant issuance solutions. “We offer technology options for personalizing embossed, indented and flat credit/debit/prepaid cards. The Datacard150i desktop card personalization system embosses and indents preprinted credit/debit/prepaid cards. The new Datacard FP65 financial card printer personalizes flat debit cards or pre-embossed cards via direct-to-card printing technology. And the Datacard RP90 Plus card printer also personalizes flat cards via retransfer printing technology.”
The Datacard 150i system is MasterCard- and Visa-certified to personalize credit/debit/prepaid cards, he adds. Still, he says, the instant issuance market has primarily involved embossed and indented cards. “There is a trend toward issuing flat debit cards, though MasterCard and Visa credit cards are generally still requiring embossing and/or indenting. Many believe the additional security provided by indenting will remain a requirement of branch issuance card programs (even if the embossing goes away).”
In the 2007 Banking Survey conducted by CR80News, instant issuance was mentioned as something more and more banks are considering. U.S. Bank has is instantly issuing a Visa-branded ID card at the University
of Wisconsin Eau Claire, says Whitney Bright, vice president, campus
banking.
And, Wachovia reports that colleges and universities continue to express interest in Wachovia’s Visa Check instant issuance program in association with its ID Cards, says William Caldwell, assistant vice president, campus card relationship manager for Wachovia. “Many of these programs want the benefits of a card with added flexibility for its cardholders which handles their financial needs, not only on campus, but anywhere Visa is accepted,” Caldwell adds.
ID cards similar to those used on college campuses are making their way into the K-12 environment. The latest pilot, at a Florida elementary school on the state’s west coast, involves a badge students wear that can be swiped to pay for lunches or to check out books. As this story points out, the ID badges can also help substitute teachers familiarize themselves easily with students’ names.
However, looming budget cuts statewide could force postponement of this project, originally intended to be fully implemented next year. Read more here.
