Card, mobile credential, payment and security
Across the board, our editorial team is hearing that tariffs between 3% and 10% are impacting virtually all products used in campus card and access control systems. Suppliers and resellers report increases in PACS readers, cameras, biometric devices, cards, printers, and consumables. It is hard to say what portion of these price increases are being passed on to institutional end users, but it seems almost certain that costs are rising.
In a Security Info Watch article, editor-in-chief Paul Rothman said, “just like the supply chain crisis before it, new price increases are flowing downward in the channel, reaching integrators and, unfortunately, customers.”
Unfortunately, most (increases) we have received are effective immediately which makes it difficult for us and our customers.
Though many or most of the suppliers for campus card programs are U.S.-based companies, their products often contain parts or are assembled overseas. This is where the increased tariffs come into play. It costs more for suppliers to obtain or manufacture the products, and these increases must be covered by one or more parties in the chain.
The unsettling news is that many of the largest proposed or threatened tariffs have been postponed until later in the summer. If they come to fruition, impacts could be far more severe.
Because the timing and scale have been moving targets, it has been difficult for suppliers to plan. Some say they’ve already received multiple price increases for the same part or product.
“Some partners have planned accordingly and given us a 30-day window,” says Todd Brooks, Vice President of Products & Technology at ColorID. “Unfortunately, most (increases) we have received are effective immediately which makes it difficult for us and our customers.”
While prices may be rising, Brooks notes that there haven’t been any extended lead times or delays in product availability.
In some cases, there may be alternative products or solutions available that are less affected by tariffs.
“If you are flexible and your ecosystem allows for alternative products, we can help identify those,” says Brooks. “It’s going to be a case-by-case scenario.”
Are there lessons from the Covid supply chain crisis that can apply here?
“It’s that flexibility and interoperability win,” he says. “Those who have ecosystems that allow for different plug-and-play third-party applications are going to have less stress through all of this.”
Each year, the Student Financial Experience Report commissioned by TouchNet provides a unique glimpse into college students’ payment, ID, and campus service preferences.
The 2025 study includes responses from 3,245 undergraduate students from the U.S., U.K., Canada, and Australia. It explores how students navigate various campus financial systems and leverage technology to enhance their campus experience.
Institutions can use the findings to improve student satisfaction and success in areas from payments to auxiliaries and card programs to security.
For everyday purchases like food and entertainment, 55% of U.S. respondents say they “always” or “frequently” use mobile pay (e.g. Apple Pay, Google Pay) over other forms of payment.
General topic areas include:
For each topic, a series of questions was presented. A sampling of specific findings is included below, and the full report is available for free download.
More than 55% of U.S. students use three or more different sources to pay their tuition. The top reported sources include personal payment, family support, aid/scholarships/grants from the institution, and federal or private student loans. Each of those are used by about 40% of respondents.
Students prefer self-service over contacting a personThe migration from face-to-face service delivery to self-service channels is evident in the findings.
Two-thirds of students use their institution’s online portal to pay their personal portion of tuition using bank transfer or card payment. Just less than 25% pay via the institution’s mobile app using online banking, card, or Apple Pay/Google Pay. Only 8% make in-person payments.
Similarly, the preferred communication methods for accessing student account and tuition payment information are overwhelmingly web portals and mobile apps. Phone and in-person options are far less popular.
For everyday purchases like food and entertainment, 55% of U.S. respondents say they “always” or “frequently” use mobile pay (e.g. Apple Pay, Google Pay) over other forms of payment. For bill payments like rent, utilities, and phone this number drops, but remains strong, at more than 40%.
While these numbers are large, mobile payment usage by students in the U.S. lags U.K., Canada, and Australia.
When asked what type of student ID you currently use, 22% have only a mobile ID while 40% have both a mobile and physical ID. More than one-third of all students have only a physical card.
45% of students say they would prefer a mobile ID while 30% would prefer to have both a mobile ID and physical card. One-quarter still prefer a physical card.
In terms of preference, however, 45% say they would prefer a mobile ID while 30% would prefer to have both. One-quarter still prefer a physical card.
The most requested use for a student ID is mobile identification, with more than 50% of respondents naming that as a key use. Following mobile ID, traditional use cases including building access, meal plans, campus cash accounts, and parking are ranked as important at roughly 35%.
Higher ed is recognizing the potential for data from transaction and access systems to provide insights into student behavior and deliver better services. But do students see this as intrusive or enabling?
When asked, “What is your opinion about your institution actively tracking and using student ID data to improve campus amenities,” most students were on board. Assuming there was transparency and it led to improved services, more than 85% support the efforts.
Another question asked students to specify up to three services that their institution could improve with technology. The top answers related to payments, with “tuition and financial aid processes” topping the list. More than one-third of U.S. respondents place it in their top three.
Academic support services, security/access, dining, campus stores, and course registration also rank high, each making the list for more than 20% of respondents.
There is a wealth of additional information in the study that can provide insight into student preferences for digital solutions, payments, physical and mobile ID, and more. Understanding what your students really want can help you steer product and program offerings in the direction that can increase student retention and satisfaction.
Download Now
In this episode of CampusIDNews Chats, Rasheed Behrooznia and Taran Lent of Transact+CBORD discuss the company’s efforts to continue to advance product offerings.
Behrooznia confirmed increased investment in research and development, with 2025 marking yet another rise. On the product front, a key update is a new release of the CSGold platform—incorporating client-requested features, natural language queries, and improved access control support.
We have double the ideas and our R&D investments are going twice as far because we're not duplicating efforts on the same thing.
The company is also expanding AI and machine learning applications to enhance mobile ordering with more accurate wait time predictions. New tools for managing student event check-ins and entitlement systems – including new mobile hardware options – are also in the pipeline.
Lent emphasized the company's long-standing experience with cloud solutions, dating back to 2004. He cited that moving to the cloud remains critical to reducing total cost of ownership, increasing agility, and improving system reliability.
We just fundamentally believe products that are built to work well for people with challenges work better for everyone.
We just fundamentally believe products that are built to work well for people with challenges work better for everyone.
Transact+CBORD’s IDX platform—a cloud-native system currently used by over 100 institutions—is central to this strategy.
The upcoming summer release will introduce features such as embedded data visualizations, expanded security integrations, and mobile credential support.
To listen to the full conversation, click the image at the top of this page.
TRANSCRIPT:
Hello and welcome to Campus ID News Chats.
Today we're going to talk about what's new with the Transact plus CBORD product offering. I'm your host Chris Corum, publisher of Campus ID News, and joining me today are probably the two people who know more about the vision for the company's products than anybody else.
We've got Chief Technology Officer Taran Lent and EVP and GM for Campus ID and Commerce Rasheed Behrooznia aro.
So guys, appreciate you joining me today.
Thank you Chris for having us.
So I'm going to direct my questions at one of you individually, but don't feel like you're like trapped in a box. You know, the other one can come over the top or wait till the end and respond or something like that, but you can add in as you wish.
So with that, Rasheed, I'm going to direct the first one to you, okay?
Q: We spoke a while ago, shortly after the acquisition kind of blending of the companies began, and you mentioned that in addition to all the work that would go on there, there was going to be some significant investment put into the product offerings.
So it was a little early to talk about it back then, but can you share some of the details on that?
Behrooznia: Yeah, definitely. Just to kind of step back, you know, a couple kind of thoughts that we have, I mean, one, you know, in kind of the previous times we spoke, I've shared a lot of passion that we have, especially for our higher ed, and a lot of the individuals have been working kind of in this domain for a long time.
So we're very excited to kind of dig in and see what we can bring to market.
Kind of on top of that, you know, the company for the last five plus years has increased the R&D spend every year, and for 2025 in private state, we did that once again.
So some specific that I'm excited about, for our gold clients, we're releasing a new version of gold that's going to be coming out later this fall, had some exciting new features built into it, including some, you know, a lot of client ideas that have been requested into the product, which is always exciting for those clients, natural language queries and some other advancements with the product.
We also sat down and said, okay, how can we support our clients that are leveraging the CS Access solution?
So largely that security solution that many of our Gold and other clients use, and we're excited to share that we're going to be supporting that out into the future.
So that will, of course, be supported out with existing solutions today, but also integrated with our access control layer and supportive of ideas down to the future as well.
We're also integrating our point of sale system, so our commerce solution with the commerce API that supports our Odyssey and Gold clients.
You know, one of the things that I'm excited about, kind of on that commerce side, is we've invested in some AI and machine learning, and we're bringing to market some improved wait time predictions using that AI to help those mobile ordering clients with their mobile ordering prediction wait time and leveraging that AI and machine learning, which is very specific for the solutions and the university that is leveraging that solution as well.
Our data insights platform, which brings together some insights and analytics around the leverage of the system, we've released that out into our commerce platform, so that's available for our clients today.
And then we have a number of things also going in on the ID side, including we're re-imagining how entitlements work and bringing out solutions there, including a new verified terminal to manage activities and events with mobile solutions for check-in.
So a number of things that we're doing to kind of really bring some advanced new innovations out into our market space, both on our commerce platform and our ID platform for all of our clients.
Lent: Hey, by the way, just to add a little call to that, what I love about what Rasheed was talking about, our combination, is we have double the ideas, and then our R&D investments are going twice as far because we're not duplicating efforts on the same thing.
So it's pretty exciting, you know, to be in the product world from that respect.
What we're trying to do at our core is we want to help schools simplify their operations and elevate the end-user experience in a meaningful way.
And so, you know, I think what we can do that's unique is we're using our scale to build what we call enterprise grade, and enterprise grade for me means we do the hard things, and the hard things for us are going kind of next level with security and compliance, really going the extra mile on kind of design and user experience, including that is, you know, built into our DNA is accessibility.
We just fundamentally believe products that are built to work well for people with challenges work better for everyone.
You know, and all that's built on the foundation leveraging the latest most modern technologies and kind of obviously a cloud focus, but we're really framing the conversation of, you know, who are you going to trust for the next decade with your mission critical business, with your data, with your innovation, and we just think that we're in a really unique position to do that.
And, you know, at the end of the day, what we care about is when we demo our products that we're proud to demo them, and then when clients use the products or expose them to their end users, that they love it and that the experience is, you know, exceeds expectations.
Q: A couple of comments already about the cloud migration and things. So, sticking with that, Taran, we know the basic advantages of moving a system to the cloud. We use it every day with almost everything we do now, but in your world and in the world of these traditionally on-prem campus card and ID transaction system solutions, give us a summary of the advantages and the benefits you see from migrating those systems.
Lent: I was hoping you would ask a question along those lines, Chris. The first thing I have to say is the cloud is not new to transact. I think you were one of the very first people I talked to back in 2004 when I pioneered taking campus ID to the cloud, you know, with CardSmith.
If you look at our portfolio, payments have been in the cloud for a long time. You know, around 2018, we moved our cloud point of sale to the cloud. So, the cloud is not new to us, and we've been mastering and perfecting it, you know, for a couple of decades now.
You know, but what people need to understand is, to me, the first thing is just total cost of ownership. I think you get more capability at a lower cost when you do things in the cloud.
There's kind of what I would call modern business agility, you know, so technologies that are built to change in the future. For us as a software developer, we're just able to deliver value continuously and much faster than we can with legacy on-premise systems. There are economies of scale, which mostly translate into just better infrastructure for reliability, availability.
Availability is a big one for us.
And then it's just, you know, one of our themes is we want our clients to be more strategic and less tactical. So, it's about where you spend your time. And so, with cloud solutions, there's just less IT burden and overhead. There's a lot of studies out there that show it's a decrease of 30%. The pressure is on us to monitor the system, upgrade it, patch it, secure it, respond to whatever happens.
And so, you know, those are the obvious cloud things.
I think specific for our industry, there's also kind of the system interoperability.
So there's school networks, you know, like school systems or even like the College of the Fenway program we have in Boston, if you want schools to interop. So, I think there's just a lot of advantages when you get the technology in the cloud. And that's why so many industries are there or moving there quickly.
Q: Rasheed, so your cloud platform is the IDX platform. So, give us an update. Obviously, we're steering new clients and existing clients as they're ready to the IDX platform because of the cloud nature of it. How many are there? What's the growth look like? Kind of a general update on IDX.
Behrooznia: Yeah, absolutely.
I just want to touch on something that I really loved, which is, it's not just about moving clients to the cloud, it's about optimizing that experience, supporting them in their journey in a number of ways and looking for opportunities that leverage the best of these solutions, but bringing together optimizing, streamlining their operations, meeting them and the clients and the students where they work.
And of course, all the “illities.”
But to give you kind of some hard facts on where we are on IDX, we're over a hundred clients that are on the platform, hundreds of thousands of cardholders that are propped up, a million transactions.
We're exceptionally proud of the performance, which has exceeded our reliability desires, which has a hundred percent uptime, which is spectacular.
We focused very much on being thoughtful on how we wanted to approach this and, you know, not go too fast for the sake of going fast, but really focusing on a solid foundation built on the latest cloud technology, ensuring that we're, you know, have a thoughtful approach to supporting the clients there, which is why I think we have that success in that platform.
But yeah, 100 plus clients live, there's, you know, millions of clients back from process and very excited, kind of what we're going to bring to market.
We've got a few hundred more planned for this year and going into early of next year.
So quite a lot of work is going into that platform and some great results.
Lent: Something I just would add to that is it's a big endeavor, but we talked about that. We've been doing cloud solutions, going all the way back to 2004, there were kind of some other models that came out after Cardsmith that were kind of imitations of that. We could have kept riding in that direction, but we just think because of our leadership position, at some point you'd have to have life cycle discipline. 20 years is a pretty good run for technology and software.
And you know, we feel like we have a responsibility to reinvent and disrupt and take advantage of all the technology change. But like Rasheed said, we're doing that in a careful, thoughtful way. We're giving our customers lots of transparency. We're giving them lots of timeframe with our new platform. It's a proven model. We don't want anybody moving to it until they want to because of all the new features and capabilities.
And so it's, it's a journey, but great companies know when it's time to invest in the future. It's a tough decision to make, but we're pretty excited about kind of what lies ahead for us and our clients.
Q: We're, we're close to the end of our time here. So, I got one more question, Taran, this one's for you. I know last summer you had a big back to school release, maybe the summer before I can't remember, but, and there's another one planned coming up if I'm, if I'm right. So if so, can you, can you kind of tell us what the features are that people can look forward to?
Lent: The first thing is we're releasing all the time, you know, this is an agile continuous delivery, but we obviously know that schools need to have an understanding of what features are available for going into the next season.
We spent a lot of time on what we call data presentment. We intentionally don't use the word reporting because it goes beyond that, but you know, data that's embedded in context, where you are in the application, visualization of data, insights to help you make better decisions. Some of the table stakes things, like being able to schedule and deliver reports and data to the people that need it.
We're launching our first mobile credential IDX clients this summer.
So we did a lot of work just to make sure mobile credential is supported at the same level it was with our on-premise systems, you know, including our eAccounts mobile app, which by the way, I encourage people to check out the ratings.
You know, we're really proud of the, the ratings there because it's easy to say we care about user experience, but it's another thing to back it up with really high quality apps. We did a lot of work on this backwards compatibility, and we have hundreds of partners integrations with our legacy systems.
So we've added support for a lot of those legacy protocols just to bring those integrations forward.
We're doing a lot of stuff with security. So, we've done what I would call modern security integration with CS access, S2, Netbox, and Genia, so lots of security options for schools.
We've reimagined guest deposits, you know, Rasheed talked about entitlements, we've reimagined entitlements and privileges and that's coming out.
We have a cool feature around virtual card numbers. There is a lot of use cases for it, but one is working with mobile apps and apps where we don't want people to be able to pay with, you know, a single sign on or username and password.
And then we've done some modernization on our off-campus programs and the tech stack around that so that the off-camp campus programs will be renewed for the schools that have them and are continuing those going forward.
But that's just some of the big features, but a lot going on and wait two more weeks and there'll be more, more features we can tell you about just because that's how quickly the team is adding new capabilities and delivering value.
Q: Guys, I appreciate the time. Taran, Rasheed, have a great day. Thanks for, thanks for joining us and everybody out there. Thanks for, thanks for tuning in.
At Cal Poly Pomona, autonomous checkout systems are transforming the retail experience by removing staff from the checkout process.
In an interview with CampusIDNews, Al Padilla, Cal Poly Pomona’s Senior Manager for Retail IT, explained these frictionless systems. He says the AI-driven checkout solution from Mashgin allows students to enter a store, grab items, and leave without physically scanning products or handing over a card.
Overall, they have achieved a 75% reduction in staffing, a 30% increase in profits, and a 10–15% rise in transaction volume.
At Pomona, these stations have slashed checkout times from 90-seconds or more to just 12.5 seconds. This has virtually eliminated lines, and without lines students are less likely to pass the stores if time is tight.
Padilla says the integration with the Bronco OneCard and mobile credentials through Atrium Campus enables versatile payment options, including card swipes, taps, and QR code scans from mobile devices.
Though these systems minimize the need for checkout staff, some personnel remain to handle restocking, assist customers, and serve as concierges. Overall, they have achieved a 75% reduction in staffing, a 30% increase in profits, and a 10–15% rise in transaction volume.
To listen to the full interview, click the image at the top of this page.
Transcript
The autonomous systems that a lot of people are talking about today are systems that don't generally need staff involved in a transaction.
They are frictionless so you're not really handing over a card, you're not taking items and scanning them. The systems are doing all that for you.
So what's happening is students are walking into an area or an environment, picking up products, either setting them on a platform with a system and checking them out, or they're just grabbing a stuff, putting it in a bag, putting it in a pocket and just walking out.
So some people use that terminology, just walk out, as the name of the product, as Amazon does.
You have AiFi, which is another system, and Mashgin, which we use on campus at Cal Poly Pomona to help our students get in and out of the store quickly.
So when you talk about not having staff, we're talking about checkout staff.
They’re not scanning the items for you, or taking your card and taking payment or cash from you. Instead, that's where the systems come in and play, and they take that particular job.
So naturally, we do have someone there to still stock the store, or they also have other tasks that they'll do. They'll go out and they'll work at another store, then come over, do restocking, play concierge for a little while, do some upselling from the floor – instead of from behind the counter, and then of course, they're there also to make sure the students are able to run their transactions smoothly.
So any questions on product or anything like that, or different options for what they're looking for. We'll have someone to talk to.
We went from initially going 95% person-less to about 75%. We decided we want to make sure we have somebody there as a concierge, so we're 75% less staff than we were before.
The Bronco OneCard is used everywhere on campus.
So in a frictionless environment with Mashgin, what we're doing is we're using all the different types of credentials that you can.
You can tap a card, you can swipe a card, you can also use our mobile ID to scan a QR code, and all that's made possible with Atrium Campus and their integration with Mashgin.
Mashgin has been extremely successful for us in quite a few ways.
Number one, we've lowered the cost of our employee costs, 75% is where we ended up landing. We've increased our profit by 30% over the years. We have about 10% to 15% increase in transaction counts, and about 400% decrease in transaction times.
Checkout used to be upwards of a minute and a half to two minutes, now it's 12 and a half seconds.
So if you have 12 and a half second transactions, you have no lines, you have nobody walking by because they see that it's crowded, there's long lines, so they keep going, now they're coming in grabbing what they want and going.
So we're very conscious of people's time and trying to get to their next class.
One thing we want to think about moving into dining or food service is going to be like the concept, and we're just talking about trying to put it together right now, but kind of where we would have an area that would have three or four different concepts feeding food in from the back into warmers where people can do a lot of grab and go.
So if you came into an area, grab what you want to say you want, subway sandwich or a burrito, or a coffee or pastry.
You can go through, grab what you want on any of them, take all of those items to one central checkout, and go to a checkout from there, so you're able to visit three different concepts, four different concepts, and you should have one checkout process.
There's other autonomous systems out there, but I would say they're more expensive.
For us in our use case, being able to stand them up quickly and at a smaller cost, and still get AI technology and autonomous technology that works really, really well and super-fast.
I think that was the biggest thing for us, we were able to get them in, no construction costs, and have them stood up within five or six hours.
In August of 2024, news hit that Roper Technologies had acquired Transact. Roper already owned CBORD, and it was announced that the Transact would be combined with the CBORD business.
In October of that year Langer, who had served as Transact’s CEO since 2021, was named CEO of the combined company.
Days ago, via LinkedIn, Langer announced that she would be leaving the company.
“After much reflection, I’ve made the difficult decision to leave my position as the CEO of @Transact + @CBORD,” she says. “It has been by far the most difficult career decision given the incredible team and clients that have become a family to me over the last nearly 4 years.”
We’re conducting a thorough and thoughtful search to identify our next CEO, and we’ll share that information when we can.
Roper Technologies SVP and Group Executive, Harold Flynn, will step in as Interim CEO.
“Nancy has done a tremendous job leading our organization, and we wish her the very best in her new opportunity,” says Flynn. “Our commitment to delivering integrated, innovative solutions for clients across higher education, K-12, healthcare, and corporate sectors remains steadfast, and we’re committed to ensuring a smooth and seamless transition with uninterrupted support.”
Langer expressed her appreciation to her team and clients.
“Leading this organization has been the greatest honor of my career,” she says. “I’m beyond proud of what we’ve accomplished together – the challenges we’ve tackled, the milestones we’ve reached, and most of all, the culture of integrity, inclusion, and innovation we’ve built.”
The work to fill Langer’s position is underway.
“We’re conducting a thorough and thoughtful search to identify our next CEO, and we’ll share that information when we can,” says Flynn.
In April, Dan Park, former CBORD CEO and most recently COO of the combined Transact + CBORD organization, stepped away from his role for personal reasons following a period of helping integrate the two teams.
In this episode of CampusIDNews Chats, Emily Dieker, Director of the GWorld Card Program at George Washington University, discussed the critical role her team plays in campus emergency response and lockdowns.
When she assumed the director role in 2019, she realized that despite having system capabilities to initiate lockdowns, the university lacked coordination among emergency personnel, her office, and other key departments. This gap motivated her to strengthen cross-departmental relationships and advocate for expanded system capabilities.
Initially, the card system controlled only 40% of external doors, but she helped get card readers installed on all external entrances, making rapid lockdowns a reality.
One of Dieker’s early successes was convincing leadership of the card system’s potential to make campuswide lockdowns possible. At the time, the system controlled only 40% of external doors, but she helped get card readers installed on all external entrances, making rapid lockdowns a reality.
She says that lockdown protocols are nuanced and situation dependent. Rather than locking down the entire campus during emergencies, GWU uses targeted lockdowns to isolate affected buildings while allowing others to remain accessible. This approach avoids trapping individuals outside and promotes safer sheltering strategies.
GWU uses CBORD’s CS Gold platform, which enables Dieker’s team to assign different privileges to different roles. This allows customized access so that police and emergency teams can initiate lockdowns but not unlock doors – ensuring security remains tightly controlled.
To listen to the full interview, click the image at the top of this page.
Transcript:
I would say my journey on this started when I became director of the card office in 2019.
We had lockdown capabilities for many years, but we didn't have the proper relationship with our campus emergency personnel, our police department, our emergency management team to really utilize it.
I'd been in the office in lower roles previously, but when I became director, it suddenly became my problem. And I became very nervous. This is what kept me up at night because I was like, what if there's an emergency?
If we need to lock down campus, you know, active shooter, violent situation on campus. Fortunately, we haven't had anything terrible like that happen, but we had some close calls.
And my concern was, am I making that decision?
Does anyone know that my system has the power, our card system has the power to respond to this and to help with this? So, when I became director in 2019, I tried to get people's attention on this.
I was very fortunate. I benefited from a new boss who I reported to who also oversaw campus safety, including police department and emergency operations team.
I raised it to that person's attention that said, hey, we can lock down. But by the way, we only control 40% of external doors on campus. If we controlled all the doors on campus, we could lock down the campus with a click of a mouse, a push of a button.
And that was the right person to tell that story to because a year later, we had readers on every single exterior entrance door to campus.
We didn't put readers on exit doors, but we put readers on every external entrance to campus so that we could lock it down.
And it started with that conversation and me having a scary talk with that person and saying, do you understand this risk?
I could talk also about the decision of what is a lockdown? So, you know, people think that, okay, are you locking all the doors? Or are you locking everybody out?
My leadership over the past few years, we've worked together closely to say that we don't want to lock down and lock everybody out unless there is a direct emergency in that place.
Say we have an active shooter on campus, we're not going to put, and again, we're a CBORD school, so the terminology for us is emergency mode, but the terminology for the general public, you know, is lockdown, right?
We don't want to put the entire campus into emergency mode because suddenly people who are outside are stuck outside and they can't get in. So, making everybody who's making these decisions and who works in emergency understand if there's an emergency, we're going to lock campus.
We're going to take every single door and we're going to push the button, which for us is the system button. We're going to go log in and say lock, and then we can lock in seconds.
And then if it's identified that, you know, building XYZ has a direct threat inside the building or directly outside the building, then we'll put building XYZ into emergency mode and we'll send out alerts saying don't go to building XYZ, seek shelter elsewhere.
So we work really closely on that protocol and helping our campus understand what that means.
There's been a big campaign from our emergency management team to say this is what we do in this scenario, this is what evacuate means, this is what shelter-in-place means, this is what run-hide-fight means.
So I'm getting them to define that all for the community and to give it out in safety trainings, in signage in the classrooms, in other places on social media.
They get it out wherever they can so that we can really make this common sense for our customers, our students, our faculty and staff, so that when that emergency happens, they're not having another freak out of okay, what do I do now?
We're giving them instructions that are clear and concise and they know the drill, they know what to do.
To get buy-in from other peers on campus via the police department, emergency management, maybe facilities that separate and does card access, I would recommend really trying to scare them, not in a bad way, but being realistic about if we don't work together and if we don't have a policy on how to lock down campus and we don't have a set procedure on how to do this, these are the consequences.
In an emergency, seconds matter and having the person properly trained so that when there is an emergency, you're not relying on one person. So have those upfront conversations with people, even if you don't have the existing relationship. I didn't have those relationships when I first came into my role, but I had to find the path to them.
But like I said, that's what was keeping me up at night and now it's other stuff keeping me up at night.
So, CBORD has been great for that. I can do it from my phone. I log into the VPN, I log into CS Gold. It takes 30 seconds at the most, but it shouldn't even take that long. I can do it from a desktop computer, but CS Gold, you can build it so that colleagues in other departments can have limited capabilities.
And so that was an important thing for us. Our emergency management team does not have full access to CS Gold, but they have full access to the lockdown module. Same thing with our police department. And when we were building that out, we said we want these people who help us in an emergency, we want them to be able to do emergency mode and we want them to be able to do lock mode.
We don't want them to do unlock mode because we don't want them to accidentally unlock anything. That's not their responsibility. Unlocking, we don't ever want somebody to just accidentally unlock them. We want unlocking to be a very thoughtful process.
And so having the ability to cut pieces of our system and say you can log into this part and you can't log into the other part.
We've actually worked with our police department and IT to have these are parts of CS Gold that the police department security operations center is supposed to be locked into at all times so that if there is an emergency, they can click these couple of clicks and it does what they need to do.
That has been a super powerful tool that I wouldn't be comfortable giving them if CBORD didn't give us the ability to limit their access and really customize what we wanted them to do.
In terms of who makes a decision in an emergency, we do have a matrix that our emergency operations team put together. I don't have that in front of me today, but it's basically, you know, for a lower-level emergency, it's like a police sergeant and higher. For a higher-level emergency, it is like a police chief or the VP who oversees both police and our team.
That's all documented so that I don't have the issue of someone calling and asking me to do this and then wait, do you have the authority to do that?
The idea is we give the people who have the authority to do this also the tools to do it themselves so that they can do this and they don't have to rely on me or another team member to answer the phone and do it for them.
We have an EMTF. Emergency Management folks love their acronyms, but EMTF stands for Emergency Management Task Force and that is a group of people leaders across all of campus.
From a student experience side, from an academic side, we'll have representatives from every school in that. We'll have representatives from athletics, law, representatives from facilities, and my team, and all of these other teams that keep campus running on a day-to-day basis.
If there's an emergency, if there's a power outage, a data center outage, a network outage, any of these smaller things or if there's a protest kind of effecting buildings or it's effecting students. Then we have a process to quickly pull together this team and say, hey, we're getting on a call in 25 minutes.
Everybody gets on. We've got an established e-room to meet in. And we all get on that and we all talk about, hey, what are the issues keeping operations going for your unit?
What about card access? What about dining? How can we still feed our students in that situation?
And so having the ability to pull together that group of leaders on campus and have a conversation and know that we have our time here at the table.
A new study by the Cybernews research team examined a dataset containing more than 19 billion passwords made public in recent breaches. The goal was to determine the number of weak vs. strong and unique vs. reused passwords.
The results were far from encouraging.
Researchers looked at exposed credentials from about 200 breaches that occured between April 2024 and April 2025.
Passwords containing ultra-common terms like “password”, “admin”, and “123456” remain the most common.
One researcher called it an epidemic of weak password reuse, with just 6% of passwords being unique. For the other 94% of weak or reused passwords, the only defense against dictionary attacks is two-factor authentication.
Despite a decade-long effort to educate users about password security, there has been little progress.
Users included “1234” in 4% of all passwords. “Password” and “123456” have been the most common passwords throughout the 2010s and 2020s.
People's names were the second most prevalent component. The 100 most popular names of 2025 were included in 8% of all passwords. Common words like “love” and pop culture terms like “batman” were also extremely reused.
42% of all passwords are between 8 and 10 characters, but experts say 12-characters is the minimum to ensure security.
Most people use eight-to-ten-character passwords (42%), with eight the most popular.
One-third (27%) contain only lowercase letters and digits, significantly increasing vulnerability.
But this is changing.
Research from 2022 found that only 1% of passwords used a mix of lowercase, uppercase, numbers, and symbols. This 2025 study found that number has grown dramatically to 19%, likely due to stricter platform requirements.
In addition to researchers, attackers have access to these password lists and many others. As new breaches occur, they add to their lists and continually refine attacks.
Weak, reused, and obvious passwords increase your chance to fall victim to an attack. If you reuse passwords across multiple services and accounts, a breach in one system can compromise other accounts.
More than one-quarter of the passwords contain only lowercase letters and digits, rather than the recommended mix of uppercase, lowercase, digits, and special characters.
All users should take steps to improve their password habits.
CampusIDNews caught up with Detrios’ Amanda Imperial to discuss the company’s DAX product and its applications in higher ed. DAX is an off-the-shelf middleware solution that connects event management systems and housing systems to an institution’s access control system.
It automates door access based on scheduling data, assigning entry permissions in real-time for students and faculty.
For academic events, DAX can configure pre- and post-event access time windows, unlocking doors slightly before and locking them slightly after scheduled events.
For academic events, DAX can configure pre- and post-event access time windows, unlocking doors slightly before and locking them slightly after scheduled events.
In housing scenarios, it creates dynamic access maps to manage student access to dorms, common areas, and exterior doors.
It integrates with scheduling systems like 25Live, EMS, Mazevo, and Ad Astra, and housing systems such as StarRez and Adirondack.
Detrios supports more than 90 institutions – 50 using custom integrations and 40 using the off-the-shelf DAX product.
Listen in to hear how Auburn and Wake Forest have used DAX to streamline access operations and reduce manual workloads.
To watch the full interview, click the image at the top of this page.
Transcript:
My name is Amanda. I'm team lead for integrations at Detrios, and I'm going to talk a little bit about our DAX product.
It's an off-the-shelf integration middleware piece that sits between event management systems, housing systems, and an access control system.
So the way that it works is it automates those schedules from that system, and it unlocks and locks doors real time and assigns access to students or faculty as they need them based on their reservation system.
And the way that it works is that using for scheduling the event profiles that we build in DAX, you can say that for an academic class, you might want to assign a pre and post role, you know, 15 minutes or five minutes at the end.
And say when a reservation comes in from 25Live, EMS, Mazevo, Ad Astra, any number of those scheduling systems that based on that reservation time and it's an academic class and the pre and post role you set up, I want those doors to unlock a little bit ahead of that reservation and then relock at the end of that reservation.
And then for housing, for example for StarRez or Adirondack, those are the systems we currently support, we'll take those reservations that you put in at the beginning of the semester, between semesters, and it will assign access based on a dynamic housing access map that we create in DAX based on, say, the building and the room and the floor, giving students access to common areas, to their dorm room that they need access to, and maybe to any exterior readers that they need access to.
So Detrios has worked with higher education customers for a number of years, we have about 50 plus now, with a handful of different custom integrations, and then we have about 40 with our DAX product.
And we have lots of use cases for different ways that they use DAX or different ways that they've maybe used custom integrations that we wrote for them to help streamline their processes and automate and remove human error from those processes.
So a great example, you know, my co-presenter recently with Auburn University, we talked about our DAX product and how Auburn University uses DAX, as well as a Detrios cardholder import feed to automate their process for a student start to finish so that it's a seamless integration.
And then another use case, our pilot customer for DAX, Wake Forest University, they were seeking a solution for, you know, we've got event schedules, and we've got tons and tons and tons of rooms and readers, and it's a manual process. There's a lot of, you know, calling security at 8 p.m. after hours, and it's, you know, it's not supportable.
It's a lot of man hours.
So Detrios was founded about eight now. We were acquired in 2022 by Swift Connect as our parent company now and obviously their focus is in mobile credentialing.
And so Detrios' focus and the reason that the partnership and that relationship came to be is that, you know, Swift works with access control systems and mobile credentialing, and Detrios' expertise is in decades of working with access control systems.
So they found that, you know, putting that relationship together, taking our experts at Detrios that make certified integrations with access control systems, we have a good relationship with those manufacturers and those vendors, and utilizing that to create solutions that are well supported.
They're designed well from the get-go. They're meant for long-term; it’s not put it in place and then never hear from us again. They're long-term supported integrations and solutions.
If you want to learn more about what Detrios does, you can reach out, email us at [email protected] or [email protected].
We can talk about custom integrations, access control solutions, and most importantly our DAX product.
In today’s digital world, QR codes have become a pervasive tool for sharing information quickly and conveniently. From restaurant menus to concert tickets and campus mobile apps to marketing campaigns, QR codes offer a contactless, efficient method of bridging the physical and digital worlds. But what exactly are QR codes, how do they work, and where did they come from?
QR code stands for "Quick Response" code. It was invented in 1994 by a Japanese engineer named Masahiro Hara, who was working for Denso Wave, a subsidiary of the Toyota Group. The company was looking for a more efficient way to track automotive parts during manufacturing.
They were experiencing two major problems with traditional one-dimensional linear barcodes. First, they were limited in the amount of information they could store. But more importantly, they required precise alignment for scanning, which slowed down production processes.
Hara and his team developed a two-dimensional barcode that could hold much more information than standard barcodes and be read at high speed from any angle. Inspired by the black and white patterns of the board game Go, the QR code was born. Denso Wave decided not to patent the QR code, which allowed for its free and widespread adoption – a decision that proved critical to its global success.
Though they were developed in 1994, they did not take off globally until smartphones equipped with cameras and internet connectivity became mainstream.
Initially used in industrial settings, QR codes gained popularity in the early 2000s in Japan for commercial and marketing purposes. They took off globally when smartphones equipped with cameras and internet connectivity became mainstream. By the 2010s, QR codes were being used for a wide range of applications, from advertising and payments to ticketing and identity verification.
The Covid pandemic gave the tech another significant boost as the world sought contactless ways to share information.
At its core, a QR code is a type of matrix barcode made up of black squares arranged on a white background. Unlike traditional linear barcodes that store data horizontally in just one direction, QR codes store information both horizontally and vertically. This allows them to hold hundreds of times more data than a traditional barcode.
Here’s a breakdown of how they work:
(1) Data Encoding: The information – such as a URL, text, or student ID number – is first encoded into a series of zeros and ones known as binary format. This binary data is then mapped onto a two-dimensional grid of black and white squares.
(2) Structure: A typical QR code includes several key components:
(3) Scanning and Decoding: A QR code scanner – typically a smartphone camera with the right software – reads the pattern, processes the encoded binary data, corrects for any errors, and then displays the decoded information.
The first QR codes could store up to 41 numeric characters or 25 alphanumeric characters. If you consider a product number, student ID number, or a short URL, this was sufficient. Even the very first codes could store enough data to link to a website like campusIDnews.com.
QR Code with link to CampusIDNews.com
These numbers have grown massively over the past two decades.
Currently, the maximum symbol size can contain more than 31,000 squares and store 7,089 numeric characters or 4,269 alphanumeric ones.
Currently, the maximum symbol size can contain 177x177 squares. This totals more than 31,000 squares, or 3KB of data. A QR code of that size can store 7,089 numeric characters or 4,269 alphanumeric ones.
The ability of QR codes to be scanned from various angles and still function even if partially damaged makes them particularly useful in real-world conditions. Over the years, they have evolved from a manufacturing tool to a versatile medium for information sharing across many industries. Some of the most common uses include:
On college campuses, QR codes have become a versatile tool for enhancing communication, streamlining services, and improving student engagement.
Dining services often use QR codes for contactless menu and mobile ordering, making the dining experience faster and more convenient. In some cases, they are also used for access to dining halls and meal plan utilization.
Posters and bulletin boards across campus frequently include QR codes linking to more information, sign-up forms, or social media pages, allowing students to engage with campus life instantly. Campus organizations use them for event check-in and campus safety links to emergency contact information, safety apps, and anonymous reporting tools.
Additionally, QR-coded ID cards support library services, exam check-ins, and package pickups, providing a contactless way to confirm identity and streamline processes.
With the rapid digitization of services and the ongoing need for contactless solutions, QR codes are likely to remain a staple of our everyday lives. They are now integrated into digital IDs, business cards, smart packaging, and even augmented reality experiences.
As technology advances, QR codes may become more dynamic and secure. Newer variations like dynamic QR codes can be updated with new information without changing the code itself. Innovations in visual design are also making QR codes more aesthetically appealing and brand specific.
From their humble beginnings in a Japanese factory to their current role in global commerce and communication, QR codes have proven to be a remarkably adaptable and powerful tool. Their ability to store information in a compact, scannable format has made them an essential bridge between the physical and digital realms.
In a move to modernize campus access, University of California at Irvine trialed Amazon One, a contactless biometric system that uses palm vein recognition for identity verification.
Wayne Fields, UC Irvine’s Assistant Director for Student Affairs IT, says he was inspired by a visit to Whole Foods where he saw the biometric devices in action. He’d been looking for a way to streamline access on campus, and he thought this might be the answer.
His goal was to find a faster, more secure way for students to access campus services – especially dining halls – without needing to present a card or phone.
The university already partnered with Amazon Web Services (AWS), so acquiring the necessary hardware was a straightforward process. Over the summer, the pilot was launched in campus dining facilities, and the response from students was overwhelmingly positive.
UC Irvine has 9,000 new students each year and 17,000 residents on campus, most of which have a meal plan. Enrollment of all those people will be a challenge so a self-enrollment option is key.
Amazon One's contactless palm vein technology offered a quick, secure, and hygienic alternative to ID cards. Students were eager to try the new system, while Amazon welcomed the opportunity to gather real-world feedback.
He says the biometric project aligns with broader institutional goals of sustainability and cloud-based solutions. As part of the University of California’s sustainability initiative, the campus is transitioning from on-prem servers to cloud-based infrastructure.
“I think that folks should keep their eye on the cloud-based technologies and where they're evolving,” he says. “That's really where we need to get to.”
Transcript:
I first learned about Amazon One by going to the Whole Foods store and at the time Amazon was trying to do their Amazon Go grocery stores and they've kind of stopped that effort.
But what interested me was that they had this hardware that I saw was contactless and in my mind I was like, okay, fingerprint readers are very, you know, they're everywhere, right?
They're pretty across the board, but you have to still touch it. And coming out of the pandemic I was like, what type of contactless technology similar to mobile can we use but is going beyond mobile credential?
Because I see biometrics as the next logical step where students don't actually have to present anything other than themselves to verify their identity.
And so that's really what started me thinking about, well, can I get some type of this hardware? Our campus has an agreement with AWS and I reached out to our representative and said, hey, can you get me some terminals, I'd like to test this in dining.
And so that's how we got the ball rolling.
So last summer we partnered with Amazon One to bring in their hardware to our dining halls to do a pilot program to see the adoption among students and whether we could get them into the dining hall faster than is currently happening with their cards or their phones, scanning the QR code.
So what we found is that students were really excited about this and Amazon was very excited to learn, you know, what it is that students are looking for, what could they do better.
Over the course of the summer we came up with a list of lessons learned to try to give Amazon some ideas for their future roadmap.
Well, I think what we're seeing now is you're starting to see everyone really rushing the gold rush of mobile credentials, right?
We've moved away from plastic, we've moved away from mag stripes, we're moving away from barcodes and mobile credentials is where everybody's going.
But I'm already thinking past that, right? I'm thinking like beyond mobile credential, biometric is the next thing.
Now, facial is problematic. A lot of campuses tried facial, but there's been a lot of pushback because of privacy and security reasons.
And so I thought, you know, the palm vein technology is more accurate.
And it's not as problematic in that students will have full control through Amazon to delete their template at any time or to share their template between our campus and let's say the local Whole Foods.
So if they want to go shopping, they can basically go into Amazon one app and say share my template.
And when they walk into Whole Foods, if they've got a credit card tied to their account, they can make purchases there.
So this is where I see things are really going to progress to. It's much easier, less friction.
On our campus, I see a very definite digital divide between the students and the staff and the faculty.
And it's really funny because the students during the Amazon One pilot, they were jazzed, they were excited. They were like, this is new, this is cool, we want to try this. And when we told HR, we want to bring this for staff and the faculty, we're pushing back. The faculty are already like, we need a physical ID, we have to visually verify students based on their photo.
And I'm like, but you have a biometric that's literally been verified.
So this digital divide, it's kind of funny for me to see the students are all embracing the technology, but the staff and the faculty are not there yet, they're not in that place.
So it's a constant education process.
I guess one of the points that really sold us is that it is all cloud based.
Our campus is really, we just entered into a contract with Amazon to literally forklift all of our on premise servers into the cloud.
And so over the course of the next year, we're really pushing from a sustainability point.
The University of California has sustainability goals that they're trying to meet.
And part of it is moving servers into the cloud, reducing energy costs.
And I think that products that speak to cloud based are really where people should be heading.
There are some vendors out there that are still doing some on prem things, but I don't agree that that's the right pathway.
So I think that folks should keep their eye on really the cloud based technologies and where they're evolving and they're getting more security because that's really where we need to get to.
So I think that's the right pathway.
