NEWS: XceedID Partners with DRAMS for South America Distribution
NEWS: XceedID Relocates Headquarters
NEWS: Sino Security Notified of XceedID Selection by Beijing Olympic Committee
NEWS: XceedID Sees Significant Growth and Plans Corporate Office Expansion
NEWS: RS2 Technologies Announces Agreement with XceedID
NEWS: XceedID Multi-Technology Card Readers Receive FIPS201 Approval

More News...

Main | FAQ | Links | Glossary

Frequently Asked Questions (FAQ)

Does XceedID plan to support new U.S. Government Smart Card (Contactless) Interoperability Standards?

Yes. As of October 2006, 3 models (XF1100-PIV, XF2100-PIV, and XF2110-PIV) of XceedID readers are on the GSA Approved Products List as compliant with FIPS 201 for PIV II credentials. Click here to learn more about XceedID's FIPS 201/PIV II smart card readers.

When you indicate that XceedID readers are compatible with GE/CASI ProxLite proximity and will be compatible with HID proximity, what does that really mean?

Compatibility with GE/CASI ProxLite cards means that XceedID readers can read CASI ProxLite cards. Unlike one of our competitors, claiming to offer GE/CASI ProxLite compatibility, XceedID offers TRUE compatibility. This means that the card number output by the XceedID reader will match the number output by a GE or CASI manufactured reader. This is possible because of our agreement directly with GE/CASI. Compatibility with HID proximity cards and credentials means that our products offer compatibility with HID Corporate 1000 cards and most standard HID card formats (contact us for specifics).

Are customers with ISOX readers able to control which technologies their readers will read?

For added security, customers can choose to disable proximity functionality once the transition from proximity to contactless smart cards is complete.

Are your readers always a drop in replacement for existing HID or GE/CASI proximity readers with wiegand outputs?

Yes and no. The XceedID readers will normally install without any additional requirements. However, it is important to check the existing power supplies (12V vs. 5V) are of the proper voltage and that they are adequate to support the additional current requirements of the XceedID Multi-technology readers.

How does XceedID sell product?

XceedID sells products to security industry OEM’s. More info.

What is the best way to migrate or transition from old proximity card technology to newer contactless technology?

XceedID believes that the easiest and most cost effective plan for migration involves the use of multi-technology readers. Rather than replacing entire card populations immediately (typically administratively intense), customers can replace readers and migrate at their own pace. Once multi-technology readers have been installed the user can begin distributing secure contactless smart cards. A security office may choose to administer these new cards according to established policy. However, XceedID now offers patent pending automatic upgrade capability using XACTT. XACTT means XceedID Automated Credential Transition Technology (learn more). XACTT was developed with the goal of streamlining the process of upgrading from old proximity cards to newer contactless smart cards by eliminating the time consuming and error prone step of manual data entry.

What is the difference between Prox and Contactless card/reader technologies?

In using the two technologies purely for access control, there really are no visible differences. With either technology you simply present a card to a reader and rather quickly access is either granted or denied, usually through both audible and visual means (beeper and LED). However, what you cannot see may be of significant importance.

The transaction between a typical prox card and reader is a “license plate” transaction, meaning that as a card is presented to a reader, the card transmits a static number “in the clear” (through radio frequency communication a number is sent to and received by the reader). The number is the same every time the same card is presented. Conceivably, with the proper equipment, this number could be captured by someone skilled in RFID technologies and then replayed to the reader at a later time to gain unauthorized access.

In comparison, a secure contactless smart card and reader transaction generally contains a much higher level of security. When a card is presented to the reader there is a question and answer session between the card and reader in order for each to authenticate the other. In very simple terms, the reader asks the card for its secret number, the card then asks the reader its mother’s maiden name and so on. After this occurs (in less than 1/4 second) the card and reader have “mutually authenticated” each other as belonging to one another. Access is either granted or denied.

During the transaction just described, the information actually transmitted between card and reader is encrypted or sent as a coded message. This is important in the event that someone or some device was illicitly attempting to capture the transmission of data. In that event encrypted data will be much more difficult to use than the “license plate” unprotected data transmitted by a traditional prox reader.

I have heard for several years that “smart-card” technology will replace current card technologies and yet it hasn't happened. What, if anything, is changing this trend to smart cards?

Several years ago, smart cards were touted as the future of card technology. Unfortunately, most of the cards being offered were “contact” smart cards that required insertion into a reader. For security access control this was a significant step backward in technology, as most companies had recently upgraded to proximity cards and readers from magnetic stripe technology or another technology. The ease of use and convenience of a prox transaction was not something end users were willing to give up. In addition, for the first several years, contact smart cards were significantly more expensive than proximity cards. Still another issue was the wear factor of a contact reader and card in terms of maintenance and durability. Over the past few years contactless technology has evolved and semiconductor manufacturers are delivering much more competitive price points. Today you can purchase a high level of security in a contactless smart chip technology that is comparable to that of a standard proximity chip.

Another very important reason that smart card adoption is taking hold is that during the summer of 2003 the U.S. government adopted standards for interoperability (some of this is still in process). The government is driving toward inter-department interoperability of secure credentials. This significant event is already spilling over into commercial security and will move the security industry toward open architecture systems, driving the adoption of standards for contactless technologies.

In essence customers can now purchase the convenience of proximity with security comparable to that in contact smart cards. Much as computers and TV’s have dropped in price as technology has dramatically improved, a similar development has occurred in card technology development.

I am confused about the reason and differences in ISO standards regarding contactless smart card technologies. What are the standards and the differences in standards?

The most widely used contactless smart card standards are ISO 14443 and ISO 15693. Without going into too much technical detail, the significant differences include the data transmission rates and the read ranges allowed by the respective standards. In short, ISO 14443 provides significantly higher data rates and ISO 15693 provides superior read range.

For traditional access control either standard is usually adequate but there may be a leaning toward ISO 15693 if greater than 4” range is required. Conversely, if large biometric templates or other data intense applications are expected, the higher data rates provided by 14443 may be required.

ISO standards were developed to provide standardization and encourage interoperability between products. Unfortunately, some vendors claim ISO compatibility with products that may not strictly adhere to ISO specifications. This can make things difficult for customers that purchase products from multiple vendors that claim ISO compatibility but ultimately are not interoperable.

Now that Walmart® is requiring their vendors to switch to contactless RFID, understanding more about this technology seems to be the talk of our industry (retail merchandising). What would you recommend as the best way to stay current with the trends in contactless technology and how it will affect my business?

First, there are several segments within the RFID industry. There are also several frequency ranges including some familiar ones such as 13.56 MHz, 900 MHz, 2.4 GHz, etc. Some great general sources for RFID updates include Contactlessnews.com and cr80news.com.

For contactless smart cards in the security industry, one industry group that is a good source of information is the Smart Card Alliance. Some sources for retail and logistics include the RFIDJournal.com, rfidnews.org, aimglobal.org, IDTechex.com, abiresearch.com. Some sources offer free email newsletters while others charge you for a subscription or sell industry statistics and research. XceedID is in tune to industry technologies and trends. If your inquiry requires additional discussion or research please consider consulting with XceedID for further information.

How does contactless smart card technology compare in price to traditional proximity systems?

You will probably be surprised to learn that a 13.56 MHz contactless smart card with 10k bits of memory is approximately the same price as a traditional ISO prox card. This powerful 10k bit smart card also has read/write communication with the reader, the ability to store multiple biometric templates or applications, and carry on much higher security (encrypted) communication with the reader. It is easy to see why proximity is transitioning to contactless technology.

How can I be certain that the information or communication between the card and reader is not intercepted in a contactless application?

While you may never be able to be absolutely certain of this you can certainly provide a high level of security by utilizing the encryption capabilities of the respective contactless provider. If you are concerned about the data integrity and security of a particular application you will want to require that the data be encrypted, or that the reader employs the use of digital signatures or message authorization coding (MAC).

What contactless technologies do XceedID products support?

XceedID supports several contactless technologies in the 13.56 MHz arena as well as traditional proximity technology. See compatibility chart.

Is it possible to store a biometric template on XceedID’s credentials?

Yes. As long as the contactless smart card employed has adequate memory for the specific biometric application. Some biometric templates, such as hand geometry, require very little data. Others such as iris templates, are more data intensive and may require a card with larger memory. XceedID will offer card memory sizes (10k bit and 20k bit) that support small or large biometric templates and in some cases multiple templates on the same card.

Will I be able to use one XceedID card to perform more than one application such as access control, food service payment, and cashless vending?

Yes, absolutely. XceedID will promote and support the use of multi-application smart cards. It’s conceivable that you could employ up to 15 applications on a single card. In reality, a system might utilize one application for general access control, another for a biometric, and another for cashless vending.

XceedID will be working closely with application partners and providers to ensure that a suite of products is available to XceedID customers.

Copyright © 2005-2008 XceedID Corporation. All rights reserved. Trademark information. Contact Us. Site Map.