Many types but do they play together?
In soft drink business, Coke and Pepsi might look the same, but consumers know that these two colas have different flavors. The market for contactless smart cards isn't much different.
The four players that dominate the industry – HID, NXP, Sony and LEGIC – have subtle differences that create the different contactless flavors.
In addition to these differences, they also have similarities. They are all in the high frequency (HF) category, meaning that they operate in the 13.56 MHz spectrum and comply with either or both the ISO 14443 or ISO 15693 standard. The 14443 standard, however, is the "most dominant standard within the HF technology band used around the world," says Bryan Ichikawa, vice president of Identity Solutions at Unisys.
Ichikawa says that the 14443 standard is broken down into an A and a B standard, basically because one standard was developed by a company that held a patent, and the other was developed by competing companies that also wanted to get into the market. "In readers you embed the ability to read both type A and B readers. That's how you achieve interoperability," explains Ichikawa.
Most contactless readers have the ability to read standard 14443 cards as well as one or more of the proprietary flavors. But, for example, a LEGIC reader typically won't be able to read an HID iCLASS card and vice versa. There are exceptions, however, such as an agreement between HID and NXP that enables some iCLASS readers to read Mifare cards.
These flavors do hamper true interoperability and can complicate end user choice. But they also make contactless solutions usable out of the box, as they come ready made with onboard file structures and applications.
Truly standard 14443 and 15693 cards are available and they can be cheaper since they can be purchased from multiple vendors. But they are truly a blank slate and require applications to be added and or developed, which in turn adds cost.
When choosing what type of technology to deploy it comes down to what the end user wants to do with the card, Ichikawa says. "It comes down to cost and speed," he adds.
NXP's family of Mifare card and reader ICs is built on the ISO 14443 Type A standard. Mifare cards support multiple applications, each capable of operating independently of the others through user definable key sets and access conditions.
Readers are capable of reading any variety of Mifare card, and NXP certifies both cards and readers to ensure compatibility across generations.
According to Martin Gruber, segment director for the Transit Team at NXP, Mifare is the "overall umbrella brand" for a portfolio of products. Mifare Classic is the original NXP product that was introduced in 1995-96 when the 14443 standard was first released. Mifare Plus was launched in 2009 and features higher security than Mifare Classic. DESfire is the newest and most advanced product, providing the highest level of security and flexibility.
HID's iCLASS platform operates at the 13.56 MHz frequency like its fellow contactless providers, but it uses the less common ISO 15693 standard, says David Nichols, director of market strategy at HID Global. The different standard, he says, enables a longer read range and longer keys for enhanced security. "We have a 64-bit key whereas others use a 48-bit key … the longer the key the more secure it will be," he says.
The decision to go with 15693 instead of 14443 centered on usability. It provided a longer read range that was similar to HID's well-established proximity card technology. When an organization switched from prox to iCLASS, we didn't want the usability or performance to decrease, explains Nichols.
The ISO 15693 specification is divided into four parts and HID is compliant with the first two parts of the standard, Nichols says. After that is where iCLASS deviates with a specific access control application on the card and other changes.
HID buys standard 15693 chips for its iCLASS cards, but then makes some changes, Nichols says. HID thoroughly tests the cards and offers a lifetime guarantee. According to Nichols, this testing and reliability separates iCLASS from standardized cards.
While the cards use the 15693 standard, iCLASS readers are also equipped to read Mifare and ISO 14443 standard cards as well, Nichols says.
LEGIC was founded in 1990 in Zurich, Switzerland. Though the company's technology is available and in use in worldwide, it is most prevalent in Europe. LEGIC's original 13.56 MHz contactless technology, LEGIC Prime, predates the development of the ISO standards for contactless. While Prime has been widely used since its launch in 1992, a newer and more secure line called advant is now available.
The LEGIC advant system is a set of products that includes cards, readers and applications, according to Marcel Brand, manager of marketing communications at the company. LEGIC ensures its card readers are compliant with both the ISO 14443 and ISO 15693 standards as well as its own proprietary technology.
LEGIC has designed its system to be flexible so that adding applications and upgrading readers can be done simply, says Brand.
Sony's FeliCa could be the most varied of the contactless flavors, complying with a different ISO standard.
To date it has seen the majority of its use in Asian markets, but the notion that it is only relevant in Asia is an image Sony is trying to correct. FeliCa was introduced in Hong Kong in 1997, says Jun Shionozaki, technical consulting manager for FeliCa Business Division at Sony. It was introduced to the Japanese market in 2001. "It's deployed in other parts of Asia, Europe and the U.S.," says Shionozaki.
FeliCa has an extremely strong presence in Japan because of the maturity of the country's mobile market. As of June 2010, 67 million Japanese handsets embedded with mobile FeliCa chips were in circulation, says Shionozaki.
FeliCa is based on the ISO 18902 standard that defines near field communication. "We decided to focus on the 18092 standard which covers a wide range, including mobile," says Shionozaki.
Some aspects of the FeliCa system are open. "We comply with 18092, in that sense we can be considered open," says Shionozaki. FeliCa uses encryption algorithms that are open standard as well, but it maintains a set of proprietary security elements. Sony says its FeliCa card is the first contactless card to achieve EA4L security. "It's the highest level for consumer products," says Shionozaki.
When it comes to the largest of issuances, such as open system payment cards and electronic passports, banks and countries have gone with purely standard 14443 technologies, says Patrick Hearn, vice president of government and identification markets for the America at Oberthur Technologies.
An open architecture was a necessity for these projects because of the millions of documents that would be produced and the variety of places the information on the credential would have to be read. "It's easier to implement a large scale project using open standards," he adds.
Open standards also tend to have longer lives, says Hearn. He estimates that a credentialing system based on open standards can last up to 10 years whereas proprietary systems may only last three to five years because they will be upgraded or phased out over time.
When someone buys a standard 14443 card they know how it's going to communicate and they can purchase standard applications and personalization tools, Hearn says.
Ultimately it comes down to what a customer wants to do with the system, Heard adds. Though he stresses the importance of truly open standard solutions for large-scale implementations, he notes that proprietary flavors are ideal for other projects. "Closed loop makes sense for some people," he says. "You have a steady supply chain and standardized output and don't need the benchmark testing."