Identiv, Inc. has announced its first open source software release. The company is releasing the code used to program and personalise its uTrust TS Card line and is publishing the Open Access Card Format (OACF) that describes the data written to the cards. Identiv’s uTrust TS Cards are secure credentials for physical access control, based on NXP®’s MIFARE DESFire EV1/EV2 high frequency (HF) 13.56 MHz technology, and are compatible with 125 kHz low frequency (LF) proximity card systems. Raising physical access security standards The use of proprietary encryption schemes and measures — or “security through obscurity” — has proven to be inadequate against modern attack methods. By publishing and sharing its Open Access Card Format, Identiv raises the standard of physical access security by encouraging others to use, review, or extend its implementation. This tool will allow users to program and encode their own physical access cards with secure DESFire EV1/EV2 encryption keys and credential identification data. Customers get the benefit of Common Criteria-certified security without being locked into a single card source. Initially, Identiv will be releasing the OACF specification publicly while the source code will available on request. The code will include a simple tool for reading and writing uTrust TS-compatible cards. All code will be shared via GitHub. Benefits of open ecosystem “Identiv believes an open ecosystem benefits everyone from customers to vendors. We’re releasing the OACF specification and uTrust TS Card source code under the Apache License,” said Matthew Herscovitch, Identiv General Manager, Access Readers and Credentials. “We’re really excited about this release and we welcome contributions ? if you develop applications with our code, we’d love to see what you do.” Visit the Identiv website to find out more about Identiv’s uTrust TS Cards or to place an order. The OACF specification is available on GitHub. Identiv’s code library can be used to interact and program DESFire EV1 and DESFire EV2 cards. Though the company has implemented a subset of the commands available on DESFire cards, the code may be easily extended to support additional commands and Identiv will accept pull requests.
The MIFARE DESFire EV1 platform used in the cards carries the Common Criteria EAL4+ certification Identiv announced the launch of its uTrust TS Cards, a new high-frequency 13.56 MHz access card product line delivering increased security at a much lower cost with the excellent compatibility, service, and quality standards that have made Identiv’s card offerings so popular. Identity management and authentication Despite the security weaknesses of 125 kHz proximity card systems, adoption of more secure replacements has been hampered by the lack of alternatives that meet all of the customer requirements for such a solution—low cost, seamless support of existing systems, easy migration, simple ordering and enrolment of cards, and a high level of security certified by independent third-party organisations. The uTrust TS Card line meets all of these requirements and delivers high-assurance identity and access card authenticity to both newly deployed and existing physical access control systems. uTrust TS Cards are priced to be significantly less expensive than both proximity and smart card solutions from other vendors. Identiv is able to provide these substantial cost savings to customers by being the first to utilise the latest NXP MIFARE DESFire EV1 256B technology, specifically developed for physical access cards. Seamless compatibility To make ordering as simple as possible, uTrust TS Cards come in just two models: TS Standard Cards, for new installations, and TS Migration Cards, which include 125 kHz proximity technology that interoperates seamlessly with existing 125 kHz proximity readers. uTrust TS Cards further simplify the migration process by supporting the commonly used Wiegand card data formats used on proximity cards currently. "The uTrust TS card provides a simple, cost-effective path to mitigating emerging security and compliance challenges" In addition to low cost and seamless compatibility with proximity systems, uTrust TS Cards feature very high security. The MIFARE DESFire EV1 platform used in the cards carries the Common Criteria EAL4+ certification, trusted by governments and organisations worldwide as the benchmark in external security validation. This recognises the robust design and open specification of the platform, and contrasts sharply with alternative solutions that do not carry certifications, do not make their protocols available for review, and lock their customers into proprietary, unscalable security schemes. uTrust TS Universal Enrolment Station To simplify the enrolment process, Identiv also provides the uTrust TS Universal Enrolment Station, a USB-connected device that automates the process of reading card numbers and entering them into the physical access control system software. The uTrust TS Universal Enrolment Station is compatible with Identiv’s uTrust TS Reader family. “When used with Identiv’s uTrust TS Readers, the uTrust TS card provides a simple, cost-effective path to mitigating emerging security and compliance challenges, while maintaining compatibility with existing access control systems,” said Matt Herscovitch, Identiv General Manager, Access Readers and Credentials. “In contrast with other high-frequency access cards that increase costs and fail to reduce the complexity of ordering and usage, uTrust TS Cards are priced to be less expensive than all alternatives, even typical low-frequency 125 kHz proximity cards from leading vendors.”
The U.S. patents validate Identiv’s NFC, mobile and security inventions Identiv, Inc. has been awarded four U.S. patents by the United States Patent and Trademark Office (USPTO) for its NFC, mobile and security inventions. Identiv has a strong intellectual property (IP) portfolio of more than 75 patents, granted and pending. “Google and Apple are continuing to drive Near Field Communication (NFC) and Bluetooth Low Energy (BLE) compatibility within mobile handsets targeted at the payment and advertising markets. This nearly universal technology furthers Identiv’s objective of allowing people to use their mobile devices to interact with physical objects and sensors with touch or presence,” said Matthew Herscovitch, CTO of Identiv. “These patents validate our innovative approach to solving the problems of privacy and security in the connected world, especially for mobile NFC devices as they interact with the Internet of Things (IoT).” New patents awarded by the USPTO include: 13/774,490 - Method and System for Providing Identity, Authentication, and Access Services: A bring your own device (BYOD) system that grants simple and low-cost physical access by enabling employees and other authorised users to use their NFC mobile devices to open building doors and authenticate to IoT devices, reducing costs and improving security. 13/327,824 - Developing and Executing Workflow Processes Associated with Data-Encoded Tags: The invention leverages NFC/BLE mobile devices to enable content owners and advertisers greater analytics and end-users with more relevant dynamic content that is based on presence, touch and other characteristics, improving user experience and content owner productivity. 8,991,709 - Tamper-Proof RFID Label: The invention allows product owners to make their products tamper-proof to verify safety and authenticity of a product using NFC/BLE enabled mobile devices. Companies can protect their brand from the rapidly proliferating fake goods markets. 9,053,313 - Method and System for Providing Continued Access to Authentication and Encryption Services: The invention leverages derived virtual secure elements to enable continued secure access and privacy of information, improving customer experience and productivity. Identiv Labs is the company’s research and design hub that supports next generation products built on the foundation of identity, security, connectivity, and mobility. The goal of Identiv Labs is to partner with customers to accelerate their products into the connected world of the Internet of Things (IoT).