Card, mobile credential, payment and security
Under the name HID FARGO Connect, HID Global unveiled what it calls the industry’s first cloud-based card issuance solution for the personalization of both ID cards and mobile credentials.
If you present an ID card printer to the Internet it is an unsecured device so you need to protect it ... The HID FARGO Connect Console serves as the secure element between the printer and the network.
By replacing the old paradigm of standalone printers tied to dedicated PC workstations, this new offering enables secure personalization of ID cards from any location and from any web-enabled device. It lets system administrators remotely monitor and manage consumables, as well as introduces greater visibility into the entire credential issuance process.
“HID FARGO Connect is the biggest innovation that the ID card issuance industry has seen in more than a decade, and with it HID is changing the way cards and credentials are issued forever,” says Craig Sandness, Vice President and Managing Director of Secure Issuance with HID Global.
In traditional card printing environments, one ID card printer was typically controlled by one dedicated workstation. In this new environment, ID card printers are connected to the Internet just like networked paper printers commonly are in offices. For secure ID printers, this topology has been largely avoided for its security limitations.
The HID FARGO Connect consoles serves as the secure element between the cloud and the Internet-connected ID card printers
With HID FARGO Connect ID card printers are edge devices on the network, or more accurately on the cloud, and can be communicated with through secure web-enabled devices.
“If you present an ID card printer to the Internet it is an unsecured device so you need to protect it,” says Sandness. “The HID FARGO Connect Console serves as the secure element between the printer and the network.”
This physical piece of equipment, called the HID FARGO Connect Console, functions as a gateway between the cloud and the printers, holding the Identrust digital certificates and ensuring that only trusted instructions are delivered to the printers. According to Sandess, one console can support numerous printers, and he says that they have already driven as many as six printers from a single console with the capacity to run more.
He adds that they never store personally identifiable information (PII) in the cloud environments.
Aligning with the popular Apple Store concept and experience, card office employees outfitted with tablets now meet students proactively. The personalization data and photo can be captured from anywhere in the office or out.
Today, the solution is able to support a couple of key one card and security systems providers, but the intent is to open it up to the entire channel, explains Robin Tandon, Director of Product Marketing of Secure Issuance at HID Global.
The HID Global physical identity and access management platform, Quantum Secure, is an early example of a security solution that supports HID FARGO Connect. In the education vertical, one of the leading providers of campus ID card solutions, CBORD, is already supporting the technology.
Among the first issuers to use HID FARGO Connect is Kent State University, a CBORD campus card client. According to university officials, the issuance of thousands of student IDs during orientation has been streamlined and the student experience improved through its shift to the new cloud-based approach.
Universities across the country issue millions of pieces of plastic every year so that students can make purchases, access facilities and prove identity for applications both on and off campus.
The vast majority of cards issued in higher education are made exclusively from polyvinyl chloride – or PVC. This is the cheapest and most common card material available, and for applications where the use is short term and counterfeiting is of little concern, 100% PVC could be a fine choice.
But when a card needs greater lifespan and increased security, universities may want to consider composite cards made from advanced card materials. These materials can add durability to the card and make them more difficult to counterfeit. The trade off is an increased cost per card, but in virtually every other secure card market, issuers are finding the benefits exceed the added cost.
Many assume the standard CR80-sized plastic card is a single piece of plastic die cut from a large sheet, but the truth is a bit different, says Pierre Scaglia, global segment manager for Secure Credentials at PPG Industries.
A typical card issued by a campus card office includes multiple layers of white plastic made from PVC with a clear PVC layer on top. The clear layer contains the variable information, such as photo and demographic information, he explains. The card can also include an overlay or laminate layer with a security element such as a hologram that is added during the personalization process.
If the card includes electronics – such as a contactless chip and antenna array – those are sealed in a sheet of plastic and placed in between the PVC core layers, Scaglia explains.
“This basic PVC card offers fairly low levels of security,” he says, alluding to the fact that it can be easily and inexpensively counterfeited.
PVC cards are everywhere, likely due to their extremely low cost. They are personalized using readily available desktop printers, which are available online from countless resellers and auction sites along with the PVC cards and printer ribbons required to create extremely passable fakes.
In summary, 100% PVC cards are great for fast, convenient and low cost ID creation, but they are susceptible to fraud and rank low on the durability scale.
Instead of constructing cards only with layers of PVC, composite cards layer different materials to add advanced features and combat counterfeiters. Composites are the go to options in the high-security identity document market and are being used in driver licenses and national ID cards across the U.S. and around the globe.
“The importance of Level 1 document security features cannot be understated … they are the front door locks in any design…” This comment from the UK National Document Fraud Unit succinctly states the importance of Level 1, overt security features to the overall documents security.
We classify embedded card security features – or document security features – into three levels: Level 1, Overt; Level 2, Covert; and Level 3, Forensic.
In a nutshell, Level 1 features are overt and visible to the naked eye. This makes them easy to authenticate by inspectors in the field. Level 2 features are covert, which means they cannot be seen by the naked eye and are only discernable by trained examiners using under magnification or via some other technique tool. Finally, Level 3 features are described as forensic in nature and require trained examiners and complex laboratory equipment for authentication.
ITW Security Division’s white paper on card security features, Level 1 Security – Long Live the King!, focuses on the importance of Level 1 overt features in document security.
An exploration of the specific embedded security features – from holograms and microtext to UV inks and nanotext – for each level is presented in the document. While each feature and each level is important and should be pursued, the crucial nature of solid Level 1 features emerges.
The emergence follows a series of interviews carried out by ITW with leading companies in the security market. These companies spanned 3 continents and included manufacturers, integrators and security printers. Of those interviewed, 100% reported that Level 1 features are in highest demand.
But just as these quickly visible features are becoming more necessary, fraudsters are getting better at counterfeiting traditional Level 1 options. Thus, there is an increasing need for new, advanced document security features that meet Level 1 criteria.
Learn more about document security features in general and explore new options for advanced Level 1 security features in this white paper. It is part of a series of resources on advanced card materials and embedded security features available from ITW. Check it out online.
At the annual National Association of Campus Card Users (NACCU) conference, Bill Norwood was presented with the inaugural award for Lifetime Achievement in the Campus Card Industry.
He spent the first half of his career with Florida State University leading the campus' information technology and computing departments. Norwood launched the pioneering FSUCard program helping to create the framework for the campus card industry and the card model that institutions nationwide would later adopt.
For three decades he assisted many, if not most, of the card programs across the country through his work with the FSUCard, the university's Card Application Technology Center, CyberMark and later Heartland Payment Systems.
Norwood is responsible for a number of firsts in the campus card industry – from ISO numbers and color images on cards, to bank partnerships and financial aid delivery to student IDs. He was one of the five original founders of NACCU, and he enjoyed a long career that spanned both the university and vendor sides of the industry before retiring in early 2017.
For his many contributions, incredible spirit and personal friendship, the CR80News team is extremely proud to honor Norwood with this inaugural award. Hereafter, the award will be presented and named in his honor as The Bill Norwood Lifetime Achievement Award.
Check out the video from the award presentation for more highlights of Bill Norwood’s career.
Hidden below Northeastern University in Boston is a network of tunnels that serve as a passageway for students traversing between key buildings on campus. Unlike the famous tunnels in other cities, these don’t hold catacombs and no Phantom lurks within. Instead Northeastern’s tunnels house one of the world's leading deployments of advanced contactless lockers.
On winter days or rainy evenings, the 16,000 square-foot underground network is particularly appreciated by students. It links 11 major locations above ground, including academic buildings, residence halls, gyms and libraries.
As a part of a facelift that included new energy efficient lighting and colorful directional signage to facilitate travel, the popular – and sometimes hard to obtain – student lockers were upgraded and expanded.
The networked contactless lockers from Gantner Technologies are used around the world at athletic clubs and spas, ski resorts, corporate centers and universities. And in the summer of 2016, Gantner added another university to its user base with the installation of more than 1,200 new lockers at Northeastern.
All 1,286 of the tunnel’s lockers are larger than their predecessors – now 3 foot by 2 foot. Each locker is marked with a letter and number code, identifying its location within the tunnel system.
Students rent the lockers through the university’s myNEU portal and use their student ID – the Husky Card – as the contactless key for locking and unlocking. The lockers are rented on a per-semester basis, and thanks to the Gantner locker management software no staff interaction is required to sign up for or operate a locker.
At the myNEU student portal, all available lockers can be viewed. The student selects the locker of their choice, and the locker is linked to the unique ID number of the individual’s Husky Card. For the remainder of the semester, only that contactless card can provide access to the locker.
The Gantner locking system guarantees the safety of belongings by delivering networked alarms to maintenance and security staff if vandalism is detected. The software also provides locker usage reports, remote locker control and occupancy monitoring.
Today at the National Association of Campus Card Users meeting, CBORD and HID Global announced a new secure issuance service called HID Fargo Connect.
In essence it is a SaaS or outsourced alternative to traditional ID card production. Pulling student data from CBORD’s Odyssey PCS or CS Gold system, the solution prints over the web to Fargo printers located on campus and/or at HID’s service bureau.
According to Lance Johnson, Segment Marketing Manager, HID Global, this does a few key things to ease financial and labor strains on campus card programs. It eliminates the need for a PC to control the printers as this control is handled instead over the web. It also eliminates the need for card issuance software as both card design and production is managed via a SaaS solution.
Multiple printers can also be controlled and managed in a print farm style for large volume on site issuance. As well, large batches can be sent to the HID service bureau and cards will be mailed back to campus when complete.
Much of the control of required components from both the CBORD and HID Fargo sides is handled via mobile and tablets, enabling flexibility in photo capture, card printing and management.
According to Johnson, the solution will be available as via a monthly service fee, encompassing all card stock and consumables, printer replacements, maintenance and even service bureau printing. He says the fees will be very comparable to those spent for traditional issuance environments.
There is one test site now running at MIT, but CBORD and HID are currently looking for additional test sites to rollout this year. Campuses must be CBORD users in the US to apply.
CR80News will cover the project in more detail as information becomes available. Learn more at Hidglobal.com/fargo-connect
A mobile app, some golf carts and a renowned burrito are proving that campus food services can change with the times. Many argue that the traditional model of institutional food service -- student ID cards, board plans with declining balance, on-campus locations and limited availability – can no longer compete in the modern marketplace. But at the University of Arizona, it is not just competing it’s thriving.
Arizona Student Unions partnered with mobile ordering provider Tapingo three years ago in the fall of 2013. “We were responding to the lines,” explains Todd Millay, interim director for UA Student Unions, referring to the campus’ ever-growing food queues.
Millay oversees 30 retail outlets on the Tucson campus and serves between 25,000 and 30,000 meals per day. “Everyone still eats at the same time, so with mobile ordering, we were trying to be responsive to lines,” he says.
It’s a sensible strategy, because if you can increase throughput at the moment when lines normally become problematic, then students won’t walk away and go to your competition.
“How do we maximize the same six registers at the Chick-fil-a?” he asked. It was the kind of question that led to the mobile ordering trial.
Since that successful trial three years back, mobile ordering has expanded to 80% of the university’s retail outlets. As Millay explains, the solution is best suited to declining balance users and locations that service them. Board plan users and more traditional dining hall locations don’t benefit from mobile ordering to the same degree, as they tend to be eat-in and self-service in nature.
Enter the Highlands Market breakfast burrito, a staple of any Wildcat’s life.
“The ticker machine never stops,” says Millay, referring to the printer that pushes out Tapingo orders in the Highlands Market kitchen.
This hints to the advantage of mobile ordering. The receipt ticker tells the kitchen that someone wants to pick up a burrito soon, and while they’re not standing at the counter right that second, they will be in a specified number of minutes. These minutes are the key to reducing the lines Millay mentioned, increasing throughput and enticing customers to come back for more.
“We call it the anticipation throttle,” he says. “Getting the order to the staff 14 minutes earlier gives us time to prepare.”
It seems to be working. Across the university’s outlets, mobile ordering already accounts for 15% of all orders.
Ultra-violet (UV) inks let passport and card issuers embed strong security features into the identity document itself. UV printing is considered a Level 2 – or covert security feature -- because the images are not visible to the naked eye. Instead, they only emerge when a UV light source is present.
ITW Security Division recently released a new embedded security feature that uses UV ink and is uniquely designed to deter counterfeiting of passports, ID cards and other secure documents.
Called Imaprotek, it is a multi-color photographic image that is printed using special UV inks. The detailed, vibrantly colored image is completely invisible under normal light but is vivid when viewed under either UV-A or UV-C light.
“UV prints are an integral part of today’s security documents … that help international law enforcement and border authorities establish their authenticity,” Says Bob Carey, ITW Security Division’s Business Unit Manager.
Here is an example. Take a picture of a country’s national bird, print it using UV ink and embed it into the passport page or card. It adds a strong feature that makes counterfeiting difficult but is still readily detectable to document verification officials in the field.
ITW makes UV printed images even more secure by fusing the Imaprotek image into its Fasprotek security laminate.
Fasprotek is an ultra-thin laminate that can applied onto passport pages or cards to protect the underlying data and add additional embedded security features including OVDs, UV printing, metallic printing, tactile features and many other options.
The combination of the image and laminate adds key security advantages for issuers. First, because the image is built into the laminate it is virtually impossible to alter. Such attempts are immediately obvious thanks to the product’s frangible layers.
Second, because the Fasprotek layer does not block UV light from passing through, the Imaprotek images can be layered on top of other UV printed security elements below the laminate.
Returning to our example, the national bird could be visible using UV-A light in the laminate layer, while another embedded UV image or UV security text could be visible directly beneath it using UV-C light. This layering of covert security features is extremely difficult to fake yet still very easy to verify.
Often protective laminates obscure UV printing below them, and thus negate the value of these security features on variable data pages.
“We have been able to combine the UV security of Imaprotek and protection of Fasprotek to provide an integrated security solution that ensures UV-C is clearly and vibrantly visible across the security document,” says Carey.
In a free on-demand webinar, campus card vendor Blackboard Transact explores the move to student attendance tracking in higher ed and demos its new automated attendance application.
Automated, card-based solutions for attendance tracking are becoming more common in higher education. Financial aid and other reporting requirements are pushing campuses to track attendance and institutions are striving for ways to increase student success, retention and matriculation.
Blackboard Attendance uses your existing student ID card -- from any campus card vendor – as the tool to track attendance. A small mobile card reader syncs with iOS or Android handsets and tablets to make attendance data available in real time for instructor viewing and future reporting.
It’s cloud-based, SaaS architected and easy to setup and deploy. In this informative webinar, hear Blackboard representatives how institutions and students alike can benefit from automated attendance tracking.
Watch the free, on-demand webinar by clicking here.
It was more than three years ago that US PIRG released its report damning the relationships between financial providers and academic institutions that provided payment card products to students. In its wake, other reports from the agencies like the Government Accountability Office, Congressional hearings and consumer protection efforts followed. Then came the Department of Education's efforts to revamp financial aid disbursement.
The DOE convened a 2014 Negotiated Rulemaking Process to gather input from a cross section of concerned groups. After months of meetings and drafts, negotiators reported that they thought they had successfully re-crafted the rules. But representatives from industry and the consumer advocacy groups failed to reach total consensus, leaving the DOE free to draft the rules as they saw fit.
In mid-May, the DOE’s final proposed rules were released, and they are not favorable for industry, campus administration or even students. They appear to be a win only for the consumer advocacy groups that have been pushing to have banks and payment cards completely removed from the process.
Since the Negotiated Rulemaking began, both the service providers and the campuses relying on them to disburse financial aid to students have been on proverbial pins and needles. The future of this line of business and peripheral services -- such as campus card and bank partnerships that deliver accounts and debit cards to students -- have been up in the air.
I have written about this many times before and have worked with associations, providers and campuses attempting to plan for the future. The goal has been to help the DOE develop productive regulations that protect students and grow these services. But from the beginning, the car has been driven by consumer advocacy bodies that seemed devoted to the banishment of these relationships from higher education.
Still I always believed that cooler heads and data-driven decision making would prevail. After all, I know that the vast majority of these services are beneficial for campuses and students alike – better in most cases because the campus is involved on the student’s behalf.
I kept this cautious optimism throughout the negotiated rulemaking process, loads of phone briefings, several years of conference sessions and a series of draft proposals and comment periods.
I am no longer optimistic.
I fear that the draft regulations released by the DOE in May are likely to pass without significant changes. I have heard no insider intel to suggest that the comment period that ends on July 2 will produce substantive change.
For the first time, this has me thinking about worst-case scenarios. What if the consumer groups get their wish and some or all of these relationships that both campuses and students rely on actually do go away?
As both a student and a university employee, I remember the “net check” process where everyone receiving aid had to get it via paper check. It was painful on both sides. Are we destined to relive it? As other federal programs from Social Security to Veterans Affairs totally eliminate checks, is the DOE pushing campuses backward?
Do they think forcing campuses to manage ACH processes in-house, increase the use of paper checks and push students to use their existing bank accounts really solves a problem students are facing? Many paper checks will be cashed at rip-off payday loan shops. The students’ preexisting bank accounts all charge non-sufficient fund and other traditional fees the DOE is trying to eliminate.
Sadly, many of the products the new regulations will curtail actually are better, as they offer low- or no-fee alternatives that help students access Title IV funds. In the rush to appease the consumer advocates, it seems the DOE has overlooked this reality.
NACUBO created a flowchart to enable a campus to determine whether or not they have a T1 or T2 relationship. In the interest of getting down to layman terminology and simplifying the subject, we have abridged that flowchart to a more basic version.
Do you have a T1 provider?
Do you have a T2 provider?
Lets make some assumptions and head down the path of worst-case scenarios. Assume that the proposed rules pass without substantive change or perhaps get even more punitive toward T1 and/or T2 entities. What might the implication be for your campus?
To state the question another way, “what if my provider goes away?”
