Published April 2021
Simply stated, interoperability keeps you in control. It enables various technology systems to communicate and exchange and interpret information. This flexibility is what protects your freedom to choose best-in-class solutions that fit the specific needs of your campus.
Jeff Koziol spoke on this during the 2021 NACCU Annual Conference. Flexibility and security were the themes of his presentation, which also featured Mike Henderson from University of Tennessee, Knoxville, and Mike Hovestol from University of Notre Dame. Here’s a recap of the session, “Don't Fall into the Trap: How Custom Encryption Keys Keep Credential Control in Your Hands.”
What makes smart cards secure? It’s a triple threat of mutual authentication, encryption and key diversification. It’s like a covert game of cyber-telephone. The campus card sends an encrypted message based on its unique diversified key to the reader, asking for the message to be decoded. The reader decodes that message and sends its answer in another encrypted message to the card. After deciphering that response, the card sends one final encrypted answer and the encrypted card data back to the reader. Once the reader translates the final message, it sends the card data to the panel and access control software for its decision to grant access. All of this happens in less than a second.
For this process to happen securely, algorithms are used to protect the encryption. Without encryption, it would be as if this digital conversation was happening in public for others to hear, exposing the card data to potential risks. Encryption turns the data into an unrecognizable form of communication.
The Advanced Encryption Standard, or AES, is the most popular form of encryption and what Allegion uses. The National Institute of Standards and Technology (NIST) started developing AES more than two decades ago as an alternative to the Data Encryption Standard (DES). About five years later, it became the U.S. government’s choice encryption algorithm for protecting classified information.
AES is also trusted because it’s peer-reviewed. At first it might seem like that would make it less secure. Why would you want an encryption method that has been publicly tested? Conversely, without peer review, how would people know whether or not there are holes in it? Information is still secure because everything except for the key is public knowledge—but the customer encryption key remains private.
Most manufacturers use the same encryption keys in all their cards and readers. Small colleges with 500 students or less might choose manufacturer keys because they have fewer systems that need to be integrated into the credential platform. Larger institutions with more systems are going to want something interoperable, and they’re going to want to own that key, according to Koziol.
Custom encryption keys, or site-owned keys, are unique for each institution. The readers on campus and credentials have custom part numbers from the manufacturer. The secured element on the cards cannot be read by other readers unless that encryption key is shared. Learn more.
Moving to a more secure, encrypted credential was the goal for the University of Notre Dame after it faced a security breach with its legacy credential technology, according to Mike Hovestol, program director of the Irish1Card at the University of Notre Dame. In 2016 his team made the switch to a site-owned encryption key.
He said, “The benefits that we saw when we went through and switched over to the DESFire EV1 card is that there was a massive increase in our overall security.”
“Having our own keys has been super beneficial,” said Mike Henderson, VolCard technology supervisor at University of Tennessee. He said that when his team was evaluating the campus for mobile, they found a lot of different readers they weren’t aware of. Being able to handle collaboration themselves made it easier.
Before your institution makes the switch to a custom-owned encryption key, it’s important to note that if you don’t have insight into the way the keys are programmed, ownership doesn’t add much value. Koziol’s advice is to make sure you have chosen an open platform. This allows your institution to “shop around” for alternative vendors and securely share your keys with them. Or you can do your own programming. Closed, proprietary access solutions often only integrate with select manufacturers, which means your options of hardware and software providers have been pre-selected for you.
Consider smart card data storage like file cabinets and each drawer is a sector or application. Each can be locked with its own key. Each can also accept encoding for various applications beyond door access, like meal plans, vending and transit.
As Koziol described, when credential manufacturers create interoperable cards, they develop an access control application and drop it on a card, then lock that file cabinet. But they leave the other drawers unlocked for these applications. This gives users the freedom to pave their own path with the remainder of the card’s storage options. If the entire card is locked down, universities often must select from vendors that are pre-approved or developed by the manufacturer’s partners, which limits choices.
More on interoperability: Five reasons your campus cards should be interoperable.
“Don’t settle for security by obscurity,” said Koziol during the NACCU presentation. The bottom line is that flexible solutions can still be secure. But to get there, it’s important to ensure solutions are not just open but peer-reviewed, tested and certified.
Colleges and universities can take control of their futures with campus-owned credentials. To get started, Koziol recommended finding a card producer that you like and work with them to develop site-specific keys that you can share across vendors of your choice. Not sure where to start? This article lists three questions to ask before selecting a new campus card. And Allegion’s consultants are well versed in interoperability and available to talk with you about your options. Contact the team today.