Campus ID News
Card, mobile credential, payment and security
FEATURED
PARTNERS
iso number graphic 1

Is Your ID Card Really ISO Compliant? A 16-digit number doesn’t suffice, you must encode in a specified way

Chris Corum   ||   Jul 27, 2005  ||   , ,

Editor’s Note: In a recent Banking Corner article, we asked the question “should your campus use the 16-digit ISO numbering scheme.” As a followup to this article, we look at part two of being ISO compliant. Special thanks to Taran Lent of CardSmith for the preparation of this important article.

By Taran Lent, CardSmith

A lot of attention has been given in recent years to the 16 digit ISO standard numbering scheme (ISO 7812) in connection with identification cards. This is particularly true in light of the migration away from using Social Security numbers for identification, which has obvious security concerns. There are many benefits to this long established internationally accepted card numbering standard. As a result, many campuses have already registered for their own unique IIN (Issuer Identification Number) and implemented card numbering schemes with 16 digit ISO numbers.

However, some campuses may be disappointed to learn that their campus card is only 50% ISO compliant. While registering and implementing a 16 digit ISO number is a step in the right direction, it is in fact only step 1 of 2 primary steps required for full compliance with ISO standards.

The all-important Step #2

The second and equally important step to a fully ISO Compliant card is to comply with the lesser known standard, ISO 7811, which specifies how data is encoded on the magnetic stripe of the card. This standard is clearly defined and commonly used by hardware and software developers creating solutions that rely crucially on reading the magnetic stripe data according to exact specifications.

By strictly implementing encoding standard ISO 7811 in addition to numbering standard ISO 7812, card program administrators can ensure compatibility with a virtually unlimited range of current and future card technologies and eliminate the risk of being limited to using proprietary and more expensive terminal hardware and software. This will also give the card program complete flexibility to work with multiple solution providers and systems while keeping the door open to change technologies over time without needing to either change the card or re-card the campus.

What Exactly is ISO 7811?

The good news is that understanding and complying with ISO 7811 is not particularly difficult. The most critical aspect to the standard is the exact data field layout on Tracks 1 and 2 of the magnetic stripe, as described in the tables below.

Valid Examples

Below are examples of valid Track 1 and 2 data given the following cardholder information:

Card Number: 6039 6044 4555 1057
Cardholder Name: Jane Doe
Expiration Date: 12/2008

Common Implementation Mistakes

ISO 7811 is not as well understood as ISO 7812 and is therefore routinely implemented incorrectly or ignored entirely. While following the standard is straightforward, there are some common pitfalls such as applying the standard to only Track 2 but not Track 1 (or vice versa), not using a valid expiration date, and/or omitting required fields altogether.

The primary problem for cards with these deviations is that they do not work properly with applications designed for use with ISO 7811 standard cards. Therefore, every application used by the card will require expensive custom development, driving up cost and reducing flexibility. Campuses with multiple card systems competing for magnetic stripe real estate are especially prone to non-compliant encoding mistakes. Below are the most common examples of track data schemes that do not comply with ISO 7811.

If you are curious or concerned about whether or not your card is ISO compliant, you can determine this easily by reading the track data on your card using a standard USB card reader. Once installed on your desktop computer simply open up a text application such as Notepad.exe or Wordpad.exe and swipe the card. The track data will print out on the screen and you can compare the result to the examples above and the ISO 7811 specification. If you are not currently ISO Compliant but are planning a project to become so, it is highly recommended that you purchase a copy of both the ISO 7811 and ISO 7812 specifications for your card implementation team to use as reference.

Remember, ‘almost’ only counts in horseshoes and hand grenades. You can’t ‘almost’ graduate, you can’t ‘almost’ be in love and you can’t ‘almost’ be ISO compliant. You either are or are not, and to be in the “are” camp, you have to implement to both standards – numbering and encoding. If you decide to implement ISO for your campus card, be sure to do it 100%.


Additional resources:

To purchase a copy of ISO 7811 or ISO 7812 from ISO, click here.
To register for a unique IIN number ($600) with ANSI, click here.

Subscribe to our weekly newsletter

RECENT POSTS

ColorID blog: Maximizing visitor management solutions

The third installment of ColorID's "Looking up to the Cloud" series examines the topic of visitor management solutions. Specifically, the role that cloud-based visitor management systems can play in creating a welcoming, convenient experience for campus visitors.
Mar 16, 23 / ,

Entrust report: Young consumers favor digital ID, seamless experience

In a recent entry to the Entrust blog, Jenn Markey, VP Product Marketing, Payments & Identity at Entrust, discussed the findings from the company's recent "Future of Identity" report. The report was compiled by the Entrust Cybersecurity Institute and sought to characterize consumer thoughts on passwordless authentication, hybrid identities, and ownership over personal identity information.

Expanding access control despite limited funds

There's never a shortage of desire to upgrade campus security and access control infrastructure, but securing the funding for such projects can be tricky business. In the third installment of his "Top Tips" series, ASSA ABLOY's Tyler Webb discusses some creative ways that universities source funding and pay for access control technology on campus.
CIDN logo reversed
The only publication dedicated to the use of campus cards, mobile credentials, identity and security technology in the education market. CampusIDNews – formerly CR80News – has served more than 6,500 subscribers for more than two decades.
Twitter

Join us, @NACCUorg, and @TouchNet to explore how campus card programs can successfully navigate the sales and procurement process. Join the webinar on June 6, 2 pm EDT. https://go.touchnet.com/l/652093/2022-05-18/lsndq

Webinar: Learn how the University of Arizona uses campus cards, mobile ordering, kiosks, lockers, and robots to revolutionize campus dining. April 7, 2-2:30 EDT. Register Now at https://register.gotowebinar.com/register/7821245544009488910?source=campus-id

As supply chain issues in 2021 persist, identity solutions provider @ColorID discusses ways campuses can to overcome potentially troublesome delays until the situation eases.

https://www.cr80news.com/news-item/protecting-your-campus-card-program-from-supply-chain-issues/

A dining services push at the @UBuffalo is reinforcing the utility of self-service checkout. @CBORD is improving the food service experience using the GET app, as well as Nextep kiosks and Oracle’s Micros Simphony POS.

https://www.cr80news.com/news-item/kiosks-self-service-tech-streamline-campus-food-service-u-buffalo/

Did you miss our recent webinar? No worries - watch it on-demand. Leaders from @NAU and the @UAlberta joined Ryan Audus, Touchnet, and Andrew Hudson, @CR80News, to discuss innovative mobile services and the future of mobile tech in higher ed. Watch now: https://bit.ly/31RFyLn

Load More...
Contact
CampusIDNews is published by AVISIAN Publishing
315 E. Georgia St.
Tallahassee, FL 32301
www.AVISIAN.com[email protected]
Use our contact form to submit tips, corrections, or questions to our team.
©2023 CampusIDNews. All rights reserved.