Card, mobile credential, payment and security
Reusable container tracking software is elevating sustainability efforts in residential dining at Washington State University (WSU). Topanga’s reusable container solution, ReusePass, is simple and effective: check out, enjoy, and return.
In August of 2023, WSU introduced ReusePass at their mid-sized dining center, Northside Café. The goal was to enable students and dining staff to test the reusable containers and management software prior to a full rollout. The test was successful, and in the spring of 2024 ReusePass launched at all three residential dining locations.
To participate in Topanga’s ReusePass, students setup an account using their WSU credentials. Then they have the option to add their unique QR checkout code to their mobile wallet for easy access.
When a student enters one of WSU’s three participating ReusePass locations, a dining services employee scans the student’s QR code and a reusable container’s unique QR checkout code, labeled on the container. The student pays using their declining balance account and enjoys the meal wherever and whenever they please.
We scan your unique QR code and the QR code on your container, and now we have made that one-to-one connection between person and container.
The container is now marked as “in use” by the system, and its status is tracked until it is returned, sanitized, and prepared for reuse.
“If we see that you are checking out a container, we scan your unique QR code and we scan the QR code on your container, and now, we have made that one-to-one connection between person and container,” said Jason Butcherite, the director of dining services at Washington State University.
To return the container, the student simply drops it off at a return receptacle located in one of the participating dining locations.
At Topanga’s 70-plus dining partnerships, the return rate averages 98%. Butcherite reports the same impressive return rate at WSU.
Topanga created the ReusePass software that powers WSU’s reusables program, but they do not make the containers or endorse a particular manufacturer. Butcherite explains that Topanga is container agnostic, and his team was empowered to choose the containers that best met their environment.
For WSU, selecting the right shape and size for the containers was important. They opted for two reusable containers, different in both shape and color.
The general-use container is an 8x3x3-inch clear clamshell manufactured by Whirley Drink Works. It is broadly available across all three residential dining locations, and it is used when students opt to carry out a meal from a dining facility.
Our grill station operates exclusively off mobile ordering. By default it comes in a green container, so when they come into our check out space we aren’t trying to ring them up for the order.
For to-go orders made online or via the mobile ordering app, they use a 6x9x3-inch green container manufactured by GET Enterprises. This was chosen with intent as the green color signals to staff that the student placed a to-go order online, and they have already paid for it.
“When students place an order for our grill station, for example, it operates exclusively off our mobile ordering and payment solution, and so by default, it comes in a green container,” explains Butcherite. “That way, when they come into our check out space, we aren’t trying to ring them up for the order.”
Staff simply scans the student’s unique QR code from their phone and the QR code from the container holding their order. The container itself serves as the visual indicator to let the cashier know that the person has already paid.
“Green means go,” he jokes.
Assuming the container is returned in WSU’s allotted three-day window, there is no charge to utilize ReusePass. For the 2% of containers that are not returned, the person incurs an $8 fee that is applied to their WSU student account.
Butcherite notes that some of the fee money is used to recoup the cost of the lost container, but a portion of it sponsors future sustainability initiatives.
Many of WSU’s containers have been in use for two years, and 99% of Topanga’s RFID labels have remained intact wash cycle after wash cycle. Butcherite says the Topanga operator dashboard shows the number of uses for each container, and some containers have topped 70 uses.
We added RFID readers into our dish rooms to negate the need for a dining services employee to manually scan the containers back in.
The efficiency of the return process keeps the return rate high.
Receptacles, like those used to collect trash, are stationed at the dining centers to make it easy on users. The receptacles – also from container-provider GET Enterprises – streamline collection processes for dining service employees as well.
When the used container makes it to the washing facility, WSU further automates the check-in process.
“We added RFID readers into our dish rooms to negate the need for a dining services employee to manually scan the containers back in,” says Butcherite. “As they enter the dish washing system, the reader scans and registers them as the cleaning process begins.”
For now, WSU utilizes ReusePass solely in residential dining, but there are bigger plans.
“Right now, it is purely residential, but we have a roadmap of future plans for how it can enhance our retail dining as well,” Butcherite notes.
Aside from the advantages it offered in support of WSU’s sustainability initiatives, Topanga’s technology made financial sense for the institution.
We had good pricing on our single-use containers, but when you do the financial pro forma and look at the environmental impact of reusables, it is a win-win.
“When you do a financial analysis and run the numbers, ReusePass made a lot of sense for us,” Butcherite says. “We had pretty good pricing on our single-use containers, but when you do the financial pro forma and look at the environmental impact of reusables, it is a win-win.”
Sustainability is valued across the intuition, and it has become an increasingly important pillar of the dining services’ program.
In addition to the ReusePass program, Butcherite cites other initiatives. These include a Marine Stewardship Council certification for sustainably-sourced seafood; a partnership with the Humane Society to increase plant-based options; and a food waste control mechanism called Streamline – also from Topanga – that will launch this fall at WSU’s largest residential dining center.
As his team continues to pioneer initiatives to meet the institution’s environmental goals, he says he’ll always consider ReusePass a key to leading the way. “It accelerated our sustainability efforts, and it showed that environmental stewardship can also make financial sense.”
Mark McKenna, Director of the CATcard Service Center at the University of Vermont, talks with CampusIDNews about his office’s role managing campus access control. The university uses CBORD’s CS Gold platform with CS Access, and they rely heavily on Allegion locks for door security.
He says Allegion’s Schlage AD series locks are favored for their adaptability to various door types and configurations – both wireless and hardwired. The university’s locksmiths pushed to standardize on the locks due to their reliability and durability.
We run the access control system at the University of Vermont. Our department issues the credentials and the access for different groups.
It can be challenging to select the correct hardware for a particular door or access point. At Vermont, they have developed a strategy by focusing on a limited number of products.
AD-400 wireless locks are commonly used in retrofit situations, because they are easier to install than wired locks. Because they use batteries, however, McKenna says they will use hardwired, powered AD-300s in heavily-trafficked areas.
For building exteriors, the university uses Allegion’s MT series, known for their weather-resistant and long-lasting performance. McKenna shared an example of an AD-400 lock installed on a greenhouse over a decade ago that continues to function reliably despite harsh Vermont weather conditions.
McKenna notes that it has been rewarding to see students transition to using their phone and smartwatch-based credentials throughout the university’s access control infrastructure.
To watch the full interview, click the image at the top of this page.
TRANSCRIPT
We run the access control system at the University of Vermont. Our department issues the credentials and the access for different groups, whether it's students, faculty, staff, visitors, vendors, etc.
We're CS Gold CBORD school, and we're using CS Access. We also use a lot of Allegion products on our campus.
We use Allegion’s AD series particularly, because of their ability to adapt to different types of doors, whether it's wireless, hardwired, that's what I like about it.
The locksmiths like it because they're reliable. They've always liked that they are class one, I think they call it classification, which means they're pretty heavy duty.
So they really like them.
They're the ones that pretty much said, we want to go with the Allegion Schlage AD series locks.
We use Allegion’s MT series on the outside of buildings, but we use the ADs on the inside.
It's so easy with a retrofit – to put a wireless AD-400lock on the door compared to piping wire and setting that kind of thing up.
The wireless locks are battery operated, so we try to use those in scenarios where the traffic isn't quite so heavy. If there's a lot of traffic, we'll use an AD-300, which is the hardwired powered lock.
Exteriors, we'll use the MT series because they're pretty much weather type, lifetime.
We did take an AD-400 and put it on the outside of a greenhouse here in Vermont on the south facing side. We've got the sun, if there was any, snow, etc., and that darn thing is still going and it's now been 10, 11 years. They're pretty robust.
But we'll typically go outside, hardwired, depending upon the usage inside an AD-300.
We can always convert a 300 to a 400, a 200 to a 400, a 400 backwards, but we probably wouldn't do that.
We went with the digital credential years ago, and it's very satisfying when I walk around campus and I see the students either using their watch or their phone to unlock the doors.
That's cool.
And you all hear kids talking about it, you know, how neat it is to be able to use their phone, not have to worry about a piece of plastic.
Those are the stories that kind of make it worthwhile at the end of it all.
In 1998, Wells Fargo first linked their banking services to campus cards at Texas A&M and the University of Northern Colorado. By 2014, the bank had grown to support 37 institutions and their card programs.
But change was in the air.
A 2012 report from the U.S. Public Interest Research Group raised concerns about some of practices of these programs and the fees charged to students. Scrutiny from Congress, the Department of Education, and the Consumer Financial Protection Board followed.
Bank partnerships from Wells Fargo, U.S. Bank, SunTrust, TCF Bank, Commerce Bank and others provided a great service to students and a much-needed revenue stream to card programs.
Growth in the number of bank partnerships stalled, and many programs shifted to affinity debit cards rather than adding the functionality to the actual student ID.
Fast forward to Spring 2025 as the Wells Fargo Campus Card Program announced it was shutting down.
A note on the company’s website read, “Effective May 1, 2025, customers will no longer be able to open or link a new Wells Fargo Campus Card to checking and savings accounts. Customers with open Campus Cards will be sent information regarding their Campus Card closure and next steps.”
At the time of the program’s termination, Wells Fargo listed 17 remaining institutions:
From its inception, the program offered optional banking services to students at participating institutions.
Company literature described it as a convenient means of accessing cash at ATMs and making purchases on- and off-campus by linking a Wells Fargo checking account to a student ID card or a dedicated affinity bank card.
Florida International University provides a good example of what these campuses faced.
On Feb. 18, 2025, a letter was sent to FIU students, faculty, and staff from the institution’s Office of Business Services.
The subject line read: “Closure of Wells Fargo at FIU; Retail Banking Transition.” It detailed the program’s shutdown and how it would impact services.
Wells Fargo accounts linked to their FIU OneCards would “remain active” for an undefined period following the closure of the on-campus branch, but only for time.
The on-campus Wells Fargo branch and ATMs ceased operations on May 21, 2025.
Wells Fargo accounts linked to their FIU OneCards would “remain active” for an undefined period following the closure of the on-campus branch, but only for time.
“Wells Fargo will provide further communication to account holders beginning in March and running through this transition period,” the letter said.
It emphasized that OneCard functionality for access control and other campus services would not be impacted in any way.
FIU intends to replace Wells Fargo with another financial partner. “The Office of Business Services is actively working on a competitive solicitation to identify a financial institution to provide similar on-campus retail banking and ATM services with a goal of a summer 2025 opening,” they report.
While the proverbial writing on the wall started a decade ago, the end of Wells Fargo’s trail blazing campus card program marks a somber occasion.
For 15 years, bank partnerships from Wells Fargo, U.S. Bank, SunTrust, TCF Bank, Commerce Bank and others provided a great service to students and a much-needed revenue stream to card programs.
Bank partnerships are not dead, but Wells Fargo’s departure highlights the changes in the environment in recent years.
In a recent CampusIDNews Chats interview, Danny Anthes, Director of Business Services Technology and Applications at the University of Virginia, discussed how the school leverages ELATEC reader technology across campus.
UVA uses USB-connected and embedded reader modules to enable students to interact with various systems including dining, bookstores, and printing services. These readers connect directly to devices like cash registers and copiers, allowing students to tap their ID cards – and soon-to-be-released mobile credentials – without handing them over.
For financial transactions, we send the entire stream up to our one card system, but for the library we will parse out a shorter string of data so students can tap their cards or mobile devices at the self-checkout kiosk.
This summer, UVA is introducing biometric readers from Princeton Identity, integrated with ELATEC embedded module to provide easier access for athletes returning from practice. These readers will also be configured for use with mobile credentials and UVA’s forthcoming custom key, ensuring future compatibility.
Anthes emphasized the flexibility of the ELATEC readers, which can be customized to send different data strings depending on departmental needs. For example, dining services require full data streams for processing transactions through the one-card system, while the library will use shorter data strings for self-checkout kiosks.
To hear the full interview, click the image at the top of the page.
TRANSCRIPT
I'm Danny Anthes, Director of Technology and Applications at University of Virginia. I work for business services there, IT operations for all the business services.
We use ELATEC readers to help facilitate students' interaction with our systems in dining, the bookstores, as well as our print and copy services – allowing students to tap a card there, allow that card to go up to our one-card system, do its checks it needs to do, return back to those systems, whether they're allowed to get in or not.
For us, those readers face the students, hopefully allowing them to self-service in almost all cases where they can just tap the card themselves or when we go to mobile credential this summer, tap their phone and get an access to those facilities.
We use the USB ELATEC readers. Typically they are plugged into the cash registers or directly to the copier or to the registers at the bookstore as well.
We plug those directly in, so it allows us to take those readers and place them out in front of the students so the ID card doesn't have to leave the student's possession.
This summer, we are also planning to deploy biometrics readers from Princeton Identity that allow students to use their biometrics to gain access to facilities.
We're doing this primarily for athletics, to allow athletes easier access when they don't have their credential with them after a practice. So they can get back into their facilities or locker rooms.
These biometric readers have the ELATEC embedded module in them, so when we get them this summer, we anticipate being able to reprogram and then it get them ready for mobile credential as well as our custom key when we migrate to that.
We are planning to deploy these all across campus.
As a part of that, different applications will get different data depending on what they need.
In the case of dining and point of sale transactions, we're looking to send the entire stream up to our one card system to allow it to do the full processes it needs to do.
We're also working with the library, hopefully giving them a solution as well, so students can tap their cards or mobile devices at their self-checkout kiosk. We'll probably send shorter strings to them so they won't have to worry about the rest of the string data.
So we can customize the output for departments as they might need it, whether it's the library or other departments we have within the university.
We are also using the ELATEC readers to move our path forward to mobile credential as well as our new custom key. I'm hoping there's more we can do after our mobile deployment to really extend the use of our IDs.
These readers are a great tool to allow us to use our IDs in ways that we might not have thought of before, integrating with more systems across campus and working with more departments and making a better experience for both students and staff.
Appointment scheduling and queue management software provided, Waitwhile, is now part of Allegion.
Waitwhile’s platform enables virtual wait list and scheduling to facilitate access to physical locations, services, appointments and events. The cloud-based SaaS solution can be used for both online and in-person scenarios.
Clients include U.S. and multinational customers in education, healthcare, commercial, government, and retail markets.
Students receive real-time status updates to reduce time spent waiting in line, and institutions benefit from better analytics and improved operational efficiency.
According to Waitwhile, it supports 10,000 businesses across 50,000+ locations, and it has facilitated more than 300 million customer visits.
Students and other end users receive real-time status updates and instant messages to reduce time spent waiting in line. Institutions benefit from new analytics, improved operational efficiency, reduced wait times, and crowd management.
“[Waitwhile enables us] to deliver value by connecting the virtual queue to secure and seamless physical access at the door,” says John H. Stone, President and CEO, Allegion. “Together, Waitwhile and Allegion can provide the right access to the right people at the right time, all while streamlining operations.”
The company highlights applications for its platform across campus sectors.
In academics, services like advising, office hours, career counseling, and registrar inquiries are highlighted. Scheduling and queue management make better use of faculty time and improve the student experience.
On the admin side, the same benefits hold true for things like financial aid inquiries, IT support, and counseling.
Sign-up, check-in, and attendance tracking for campus events – student events, club meetings, performances, and lectures – can also be streamlined.
Penn Engineering Online, part of the University of Pennsylvania system, deployed Waitwhile to manage virtual office hours. It relies on a distributed team of teaching assistants for its 22 online courses, and long wait times were a major inconvenience for students.
Each course has a dedicated queue, and TAs open and manage their queues when their office hours begin. Students join the waitlist through their Canvas calendar and via a Zoom link.
Once in queue, students can see how many people are ahead of them and how long others have waited. They receive SMS or email alerts when they’re up next.
According to Waitwhile co-founder and CEO Christoffer Klemming, people spend more than a trillion hours waiting in lines.
“Waitwhile was born from a belief that this kind of friction is solvable — and that technology, when done right, can make physical experiences just as elegant as digital ones,” he says. “That mission now enters a new chapter with Allegion.”
As of July 15, 2025, University of Pittsburgh students, faculty and staff began downloading mobile credentials to phones and smartwatches via Apple Wallet, Google Wallet, and Samsung Wallet.
Pitt launched the new credentials with the help of Transact, the institution’s partner for campus card, transaction system, mobile ordering, and related services. Pitt has been a flagship client for the company since the early 2000s.
Once we are certain that the mobile credential is working as intended, you will need to choose either the mobile Panther ID OR keep your plastic card, but you must choose only one option.
Users will ultimately choose between the new Mobile Panther ID and the current physical contactless Panther Card.
For the initial phase – with an unspecified duration – both the mobile and physical cards will work.
According to the Panther Card office, “Once we are certain that the mobile credential is working as intended, you will need to choose either the mobile Panther ID OR keep your plastic card, but you must choose only one option. Stay tuned throughout the summer for additional information regarding next steps.”
The university says that the mobile ID is part of a larger effort to modernize campus life, enhance security, and reduce plastic waste.
Once activated, it functions everywhere the physical card does.
The one exception is that mobile ID users will have to use the Pittsburgh Regional Transit app to access public transit.
An FAQ on the Panther Card site addresses the common concern related to use of the credential if the phone battery dies.
It depends on your device, explains the response.
Existing students, staff, and faculty who choose the mobile credential will be allowed to keep their physical Panther Card as a souvenir, but it will be deactivated and not work on campus readers, locks, or PRT vehicles.
In a recent interview with CampusIDNews, David McQuillin, Atrium Campus co-founder, discussed his company’s cloud-native campus card platform that supports mobile credentials, meal plans, and one card services.
He highlighted what he views as the industry’s shift, as many schools face end-of-life for their current systems. It is a perfect time, he suggests, to focus on enhancing the student experience through mobile technology and autonomous services that drive satisfaction and revenue.
Clients are looking to elevate the student experience both through mobile credentials and autonomous, 24x7 dining and retail tech.
Atrium has grown significantly, adding more than 170 new clients in the past two years.
They have also continually expanded their partner network.
Partners are key to what McQuillin calls Atrium’s “one size fits one” philosophy, offering clients flexibility to integrate with existing systems for access control, POS, laundry, and parking, avoiding costly rip-and-replace scenarios.
Atrium introduced enhancements at the conference, including New Connect, an upgraded mobile platform and Atrium Admin for streamlined management.
Enhancements enable clients to select their preferred payment processors like NelNet or TouchNet. A new AI-powered photo upload tool, developed with CloudCard, further enhances user and administrative experiences.
Mobile credentials remain a key focus, as Atrium now supports HID Mobile, WaveLynx, and Allegion Schlage, ensuring clients aren’t locked into proprietary solutions.
To listen to the full interview, click the image at the top of this page.
TRANSCRIPT
Hi, I'm David McQuillin, co-founder and VP of Sales and Marketing for Atrium Campus.
Atrium is an a la carte cloud native campus card program that supports mobile credentials, meal plan management, and the full suite of one card offerings.
We are here at the NACU show 2025 here in beautiful Henderson, Nevada. We've had a great show.
Some of the things that we've been talking to clients about include the changes that are happening in the industry. Those include large end-of-life notices for many providers with their campus card systems. Many of them are looking at similar end-of-life with point of sale and access control.
A lot of clients looking to elevate the student experience both through mobile credential and elevating the dining and retail experience to be more autonomous and 24x7, which is a double win for the universities. It leads to happier students and increased revenue.
In fact, we did a presentation with Bill McGee from UGA and Al Padilla from Cal Poly Pomona where we showcased a couple of these different solutions.
Atrium has benefited from significant growth over the past couple of years, onboarding over 170 new clients over the past two years.
We have now just eclipsed 280 partners. The reason partners are so important to us and to our clients is that we believe in a one size fits one model for campus card where each client gets to decide what's best for them.
Many clients have existing systems they don't want to have to rip and replace. Others want the freedom to choose what's best whether it's access control or point of sale or laundry or parking.
So, our partner model allows them to do that.
A lot of clients are talking to us about innovation, and we feel like we're leading the way in that regard.
Some of the new things we announced here at the show include New Connect, which is our mobile experience.
Atrium Connect really is where we got started as a company in 1998 at Harvard and MIT. We invented that technology, it was called StudentLink.
What we've done now is to completely rewrite that technology to improve the student experience, particularly around mobile credentials, to unify the administration of the system into a single back office we call Atrium Admin, and we are adding the ability for clients to use different payment processors.
Many of our clients have committed to a particular payment processor, an NelNet or a TouchNet and we want to offer them the ability to use that in our portal.
We're also as part of that rollout launching a new photo upload which is powered by CloudCard. It offers a superior user and administrative experience with heavy use of AI to auto crop, auto rotate, auto change the background, even auto approve the photo if the client wants to set the threshold limits to a level where they would allow that.
Mobile credentials continue to be very popular in the industry. Our message to clients is to build a roadmap to mobile.
Some schools are going to take multiple years, some may never deploy it, but our message is you have a plan however long it takes so that along the way you're buying the right hardware and not having to rip and replace at the end.
As an open platform we believe clients should have multiple choices when it comes to the mobile credential provider, so we support HID Mobile, WaveLynx Mobile and recently – through a partnership with Allegion – we're onboarding Allegion Schlage as a mobile credential provider.
This gives our clients three different options, all of them are really non-proprietary in the sense that if they go with those providers they're not locked into a single vendor.
As we've discussed there's a lot of change in the air.
Clients are looking at end of life with their campus card system or their point of sale or their access control, they're looking to elevate the student experience.
What we would like is to have a conversation with those clients. Give us a call, give us an opportunity to talk with you. I think you'll find that Atrium could be a very good fit for your campus.
Collectors love trading cards, but there is no shortage of individual cards for modern players. Not so though for a player’s campus card. If it still exists – and isn’t tucked away in his or her personal possessions – there is likely just one.
That is why Shaquille O'Neal’s Louisiana State University ID card is expected to fetch thousands at auction.
A card office staff member in Baton Rouge printed the card and personally gave it to Shaq when he was an 18-year-old freshman.
Goldin, an online auction website owned by eBay, is selling the signed card. It has been authenticated by the industry standard Professional Sports Authenticator service (PSA).
Think about it.
A card office staff member in Baton Rouge printed the card and personally gave it to Shaq when he was an 18-year-old freshman. Many of our offices have done the same, creating cards for now-famous alums.
The starting bid for the campus card was $5,000, but it is expected to go far higher.
According to an article at k945, a previous owner of the card offered it on eBay for $29,999. “It seems the item was delisted so the real purchase price remains a mystery,” the writer says.
Shaq played college basketball at LSU from 1989 to 1992. He was a two-time All-American, SEC Player of the Year, and the recipient of the 1991 Adolph Rupp Trophy as the NCAA’s top men’s basketball player. He left LSU early for the NBA but remains one of the school’s most celebrated athletes. Selected first overall in the 1992 NBA Draft by the Orlando Magic, he went on to have a Hall of Fame career.
If you’d like to own this piece of basketball – and campus card – history, the bidding goes until August 9 at the Goldin site.
In a recent CampusIDNews Chats interview, Brista Hurst-Kent, Business Technology Services Manager at the University of Texas at Tyler, shared her experience attending the NACCU Data Summit.
This two-day workshop focused on empowering participants to use common reporting tools – specifically Microsoft Excel with Power Pivot and Power Query – to create interactive dashboards that provide actionable insights into campus card transaction data.
At the end, I've got this perfect dashboard with charts, and as new files come in, it's super easy to just drop them into a location and refresh.
She highlighted how the training broke down complex functions into manageable steps, helping attendees feel more confident in working with new Excel features.
Throughout the summit, participants learned to set up templates that could be easily refreshed with new data files, enabling automatic updates to charts and dashboards.
One major takeaway was the ability to implement key performance indicators (KPIs) with customizable color codes, offering quick visual cues to identify issues without the need for time-consuming data sorting or filtering.
Hurst-Kent emphasized the practical value of the summit, calling it a “dream come true” and noting how it fulfilled a two-year goal of hers. She believes the skills gained will greatly enhance her ability to communicate data trends to campus leadership and colleagues. She strongly recommends the NACCU Data Summit to anyone interested in learning how to use data more effectively to inform decisions and streamline reporting processes.
Transcript
The NACCU Data Summit was the topic of a conversation with Brista Hurst-Kent, Business Technology Services Manager, University of Texas at Tyler. In this episode of CampusIDNews Chats, she describes what she learned and how it will increase insight into her transaction system data.
According to Hurst-Kent:
The data summit is a class that allows us to take tools that we already use and build skills that will allow us to go back to our campuses and use the common reports that we get every day to generate a dashboard. It will help us to communicate directly about what's going on in the campus card office to our administration or people who maybe just want to be able to glance at something and get an idea of what's going on.
During the two-day event, we got there each morning and started on our own laptops, and we were given files that would allow us to load data in once we got everything set up.
We opened up Excel, and the teacher taught us how to use Power Pivot and Power Query to set up a template that would allow us to load in files of a similar setup every single day or weekly or monthly as we get them and refresh that to give us insights about our transactional data, but on a higher level.
It was really great because they gave us the opportunity to knock it down into bite-size pieces so you weren't so overwhelmed with the new functionality that you were using in Excel, and it just made you feel a lot more confident about your ability to pull this off.
At the end of everything, I've got this perfect dashboard set up that has charts that as new files come in, it's super easy to just drop those files into a location and refresh.
Refresh your workbook, and it will change the chart based on the new transactional data that came in.
It is honestly, I know it's a little hyperbolic to say it's a dream come true. But for me, I have been wanting to take the data summit for two years now, and so finally having the opportunity to do it, see those dashboards, to see the pivot tables around it, just absolutely a dream come true.
One of the great things that we're going to be able to take advantage of on campus now is key performance indicators (KPIs).
We learned how to set the pivot tables up in a way with the KPIs enabled on them.
Doing that gives you an immediate understanding of the status of something.
You can set red, yellow, green statuses, and it's customizable so you can set the different levels to trigger the different colors. Immediately just looking at something, you know this thing is way out of range, and it's a problem.
Not having to dig through and sort and filter and conditional format all of that – you can still do that, but in this scenario once you get this template set up, you're just dropping the new data, refreshing it, and then there's the exact detail that you're looking for without having to search for it.
The one thing that I think that people really need to know is that the NACCU Data Summit is worth your time, it is worth your money.
I just got finished with it, so I can't prove the return on investment yet, but I am sure that when I get back to campus and I'm able to teach my boss to do this as well, it'll be like a two for one. So, if you're a person who likes to learn, who likes to work with data, this is the exact class that you need to be taking and sharing the knowledge with your colleagues.
Three main components underlie modern credential technology – chips, formats, and encryption. Each are applicable to both cards and mobile credentials and understanding them is key to making informed decisions for your campus card program.
Each concept is applicable to both cards and mobile credentials, and understanding them is key to making informed decisions for your campus card program.
In this series of articles, we will dive into each component, but first a brief preview.
Chips are the core of the credential equation. Like the chips that power almost everything we use in our modern lives, they both store and process the data required for identity transactions.
A format – also known as a card format or data format – is the standardized pattern used to store data on a chip. The format holds information such as ID numbers that allow access control and other systems to make decisions about the cardholder. Because data formats are just patterns or structures, they can be used on different chips. This enables different chip types to be used in the same system.
Encryption is the primary method used to secure data on the chip and in transit between the chip, reader, and system. Encryption levels in credentials vary greatly, from none-at-all to best-in-class, and everywhere in between.
In this first of these three articles, we’ll dive into chips.
Most chips on ID cards are either proximity chips that operate at the 125 kHz frequency or contactless smart chips that operate at the higher 13.56 MHz frequency.
The chips used in proximity or prox cards are older, non-secure technology. They do not support encryption and are really a storage mechanism to hold data such as an ID number. Because they lack security, they are extremely easy to clone and thus have fallen out of favor for secure applications like campus credentials.
You can go to a kiosk at Bed Bath & Beyond, insert your prox card or key fob, and they'll give you a duplicate of it.
According to Todd Brooks, Vice President of Products and Technology at ColorID, prox card cloning is easy and inexpensive due to the lack of encryption. There are vending machines and online devices that facilitate cloning.
“You can go to a kiosk at Bed Bath & Beyond, insert your prox card or key fob, and they'll give you a duplicate of it,” says Brooks. “Or you can buy a $25 device on Amazon that can clone cards very easily.”
For these reasons, higher education and most other security-conscious organizations have moved on to high-frequency 13.56 MHz contactless or Near Field Communication (NFC) technology.
But just because these chips operate at a higher frequency doesn't make them inherently more secure. It's what you do with it.
“A lot of people think, oh, it's contactless or NFC, so it's secure,” says David Stallsmith, Director of Product Management for ColorID. “But NFC only defines the communication frequency and a couple other very simple parameters. If it's not encrypted, it's still not much better than prox.”
In practice, however, most implementations of contactless chips do incorporate encryption. Of course, some do it better than others.
Common 13.56 MHz chips include MIFARE Classic and MIFARE DESFire from NXP, iCLASS from HID, and FeliCa from Sony.
Encryption for MIFARE Classic was compromised years ago, so that chip is not used often in secure applications, though it is still common in low-security situations.
For campus cards in the U.S., FeliCa and the initial versions of iCLASS were popular options, but they are not used much for new implementations. Many institutions that deployed them in the past, however, continue to use them.
There have been four versions of DESFire since its introduction in 2002. Today’s gold standard for security is EV3.
iCLASS Seos – the latest version of HID’s iCLASS – is extremely secure, and its usage is rising rapidly, says Stallsmith. While in this case Seos is the name of a specific chip, it can also be a secure identity object that can be used on other chips.
In recent years, DESFire has been the go-to for campuses and other markets seeking a secure credential.
There have been four versions of DESFire since its introduction in 2002. DESFire, DESFire EV1, DESFire EV2, and DESFire EV3.
According to Brooks, today’s gold standard for security is EV3.
The original DESFire product was phased out by NXP years ago, and EV2 was phased out more recently as NXP released the successor EV3 chip.
Because of its widespread use, EV1 is still available, though its phase out is also starting.
“EV1 still uses high-end AES encryption,” says Brooks. “It hasn't been broken, but we're just seeing NXP starting to phase it out.”
That leaves EV3 as the clear leader for new implementations.
“Many of our campus clients opt for EV3, and that is what we’ve been recommending for some time now,” says Stallsmith. “Because it was designed for backwards compatibility, it can even be blended into existing implementations that utilize prior DESFire versions.”
The other key component with chips is memory size. The larger the non-volatile memory, the more data and applications the chip can hold. DESFire EV3 chips are available in 2k, 4k, 8k, an 16k sizes.
iCLASS Seos chips are available in 8K and 16K.
Often you will hear the terms like 26-bit and 32-bit discussed when talking about contactless cards, but don’t confuse this with a chip’s memory size. These terms refer to data formats, the topic for the next article in this series.
Obviously, older less secure technology is going to be less expensive, but there are also large variances in the quality of a card’s manufacture.
It follows then that low-quality prox and MIFARE Classic cards are typically the least expensive, often just a couple bucks. But high-quality cards with the same chip can be significantly more expensive.
With any card, however, when it comes to longevity, durability, and good-looking printing, you get what you pay for.
Because of their low cost, many organizations still use non-secure prox and MIFARE Classic cards. Some are not aware of the security vulnerabilities and others choose to take the risk. If the use cases for the card are not high risk in nature, it can be a sensible decision.
With any card, however, when it comes to longevity, durability, and good-looking printing, Brooks says you get what you pay for.
“You can find inexpensive high-frequency cards, but you can also get cards – depending on what you've done with them – that are $10,” he adds. “So, there's a huge range in what you can get from high frequency.”
Here’s what campus card and security personnel should remember about chips for ID cards.
