Organizations today have a rapidly expanding universe of choices for issuing secure credentials across a wide variety of applications.   Advancements in issuance solutions including printers, card materials and software are making it easier to meet the highest security requirements by incorporating critical visual and encoding technologies for multi-layered validation, and by using multi-layered management procedures that further improve security while enhancing issuance system efficiency.  Additionally, organizations can choose from a broad range of printer/encoder cost and performance options, from entry-level monochrome solutions to the most robust, high-throughput printers/encoders.

Choice is important given the wide range of credential needs.  The most common form of ID in the U.S. is the driver’s license, and the U.S. Green Card is also widely used to identify foreign-born residents living in the U.S. as permanent residents.  The Department of Defense (DoD) uses the Common Access Card (CAC), and Federal agency employees and their contractors use the Personal Identity Verification (PIV) card.  Beyond these cards and licenses, there are ID cards and badges used by Corporate America, academic institutions, healthcare facilities, and many other organizations.  Secure issuance solutions must be tailored to each application and environment while optimizing card, cardholder and system issuance security.    

Enhancing Security Through Multi-Layered Credential Validation

Most of today’s card issuance and licensing systems rely on two-dimensional identity validation.  The person presenting his or her credentials is compared with identifying data that is displayed on the ID card.  This identifying data was originally a simple photo. Since then, credentials have evolved to include sophisticated elements that enable more trustworthy visual authentication and also serve as deterrents to tampering and forgery.  Among these visual elements are higher-resolution images, holographic card over-laminates, and permanent and unalterable, laser-engraved personalization attributes.  These elements make forgery and alteration virtually impossible. 

Digital components, including smart card chips or magnetic stripes, give ID card and license issuance systems a third security dimension.  The use of smart cards with expanded data storage enables robust multi-factor authentication (i.e., something you have, such as a card, plus something you know, such as a password, plus something you are, such as biometric data), which increases the probability that the person presenting a card to a reader was actually issued that card.  Smart cards also leverage cryptography and keys to ensure that the user possesses the correct keys at that specific moment.

 

Enhancing Security through Multi-Layered System Management

In addition to protecting the integrity of credentials and cardholders through multiple layers of visual and digital security, it is also critical to protect the integrity of the overall issuance system through a multi-layered security approach.

The first layer is to limit unauthorized operator access to physical components. Mechanical locks should be used to control access to printers, including the card input and output hoppers as well as the rejected cards. Physical locks should be placed on all access points to protect consumables including ribbon and film.

The second layer is electronic security. This includes controlling operator access to each printer through the use of personal identification numbers (PINs). Make sure that print job data packets meet or exceed advanced encryption standards.  This will ensure system privacy, integrity and authentication all the way through to the final issuance endpoint.

The third layer is to ensure automatic elimination of personal data on used print ribbon panels. Some card printers increase security by including integrated sensors that only permit the use of custom print ribbons and holographic card over-laminates in authorized printers.

Picking the Right Printer/Encoder

Small, medium and large businesses have different needs that need to be considered when choosing to choosing a printer/encoder.

A key requirement for small businesses is a printer/encoder’s ease of use, since few of these organizations have extensive IT resources.  The solution should include features such as easy loading of card ribbon consumables, as well as integrated card design software templates within the printer. For small organizations that have few employees and require basic “one-off” card design, embedded card templates located within the printer browser can eliminate the need for separate software installation.  Alternatively, there are cost-effective, entry-level photo capture and card design solutions that work well for businesses with small databases.  

Mid-size organizations typically need intuitive solutions that are not only easy to use but also scalable, so they can meet evolving requirements.   Choosing a modular printer solution enables companies to, for instance, add dual-side printing functionality so they can scale with the organization's growth and more information-rich card requirements.   Mid-size companies often require electronic personalization/encoding that supports their technology migration needs.  An ideal printer/encode personalization solution for this type of organization would be capable of simultaneously accommodating both magnetic stripe as well as more robust, high-frequency technologies on a card so that the organization can migrate from one technology to another.

Large organizations have different needs.  They typically must be able to handle high card throughput to support growing requirements for staff, contractors and visitors.  These enterprise and government organizations are also increasingly looking for risk-appropriate solutions.  They need their card personalization system to address diverse requirements, from basic ID badges to highly secure credentials.  The latter might require hardware lamination modules for adding secure visual personalization elements, such as holographic overlaminates.  Additionally, large businesses invariably have offices co-located worldwide that also require an integrated card personalization software solution with the flexibility to link disparate databases.

Regardless of company size, there are other printer/encoder feature sets to consider, depending on the application requirement and the user profile for the organization. 

For organizations deploying contactless or contact smart cards, high definition print (HDP) retransfer technology is the best printer/encoder choice.  Retransfer technology doesn't print directly to the card's surface, which eliminates the risk of misprints of expensive cards due to surface or sub-surface irregularities or abnormalities.  Instead, it transfers the printed image to a special film, fusing it smoothly to the cards surface.  This approach yields higher quality print than traditional direct to card printing, with lower risk of misprints and waste.   

For extremely high throughput printing/encoding environments, organizations should opt for an ID printer solution that focuses on overall performance and productivity.  Printing/encoding jobs of 10,000 cards and above require hardware that is designed for continuous and seamless throughput.

On the opposite end of the spectrum, the latest generation of monochrome direct-to-card (DTC) printers offers an economical way to print higher-quality badges than can be created with thermal printers.  Monochrome DTC printers combine quality, reliability and ease of use, while providing organizations with a solution that is cost-effective to operate and offers a low total cost of ownership.

Generally, businesses should choose ID card printers that are designed to simultaneously support multiple types of electronic personalization in order to ensure their solution can meet their current needs and scale to support future requirements.  Businesses of any size should use an adaptable card personalization solution that can handle multiple card types (including magnetic stripe as well as contactless and contact encoding solutions that are becoming more common), plus new encoding options as security requirements increase within an organization.

Finally, organizations also must consider the costs for initial deployment, maintenance and consumables.  The cost for initial deployment varies based on a number of factors including: the number of employees in an organization; the type of card to be used (i.e., standard blank, or electronic/contactless smart card); the level of personalization to be applied (i.e., single- or dual-side printing); and the risk-appropriate level of security or card durability and life expectancy that is desired.  Adding security features through personalization rarely increases card costs by more than USD$1.00 per unit, even when using optional laminates.  And card printer maintenance is an inexpensive yet valuable habit to adopt.  This includes regularly cleaning printheads and the card feeding mechanism, which limits the risk of more expensive service and replacement. 

Today’s secure issuance technologies offer broad options for enabling virtually any organization to cost-effectively raise the security of its credentials, cardholders, and issuance system to the highest, multi-layered security standards.  Organizations can significantly reduce the potential for fraud while improving efficiency and enhancing convenience for cardholders.