 | This articleneeds additional citations forverification. Please helpimprove this article byadding citations to reliable sources. Unsourced material may be challenged and removed. Find sources: "Card reader" – news ·newspapers ·books ·scholar ·JSTOR(October 2010) (Learn how and when to remove this message) |
Acard reader is a datainput device that reads data from a card-shapedstorage medium and provides the data to a computer. Card readers can acquire data from a card via a number of methods, including:optical scanning of printed text orbarcodes or holes onpunched cards, electrical signals from connections made or interrupted by a card's punched holes or embedded circuitry, or electronic devices that can readplastic cards embedded with either amagnetic strip,computer chip,RFID chip, or another storage medium.
Card readers are used for applications includingidentification,access control andbanking,data storage, anddata processing.
Magnetic stripe technology, usually called mag-stripe, is so named because of the stripe of magnetic oxide tape that is laminated on a card. There are three tracks of data on the magnetic stripe. Typically the data on each of the tracks follows a specific encoding standard, but it is possible to encode any format on any track. A mag-stripe card is cheap compared to other card technologies and is easy to program. The magnetic stripe holds more data than a barcode can in the same space. While a mag-stripe is more difficult to generate than a bar code, the technology for reading and encoding data on a mag-stripe is widespread and easy to acquire. Magnetic stripe technology is also susceptible to misreads, card wear, and data corruption. These cards are also susceptible to some forms of skimming where external devices are placed over the reader to intercept the data read.[citation needed]
Smart card readers use an electrical current to read data from embedded circuitry or magnetic features in a card. A contact smart card must physically touch contacts on a reader to connect a circuit between them. A contactless smart card uses radio waves or a magnetic field to transmit information to a reader remotely (though most readers have a range of 20 in (51 cm) or less).[citation needed]
A contact smart card reader is an electronic device that physically connects to an integrated circuit in asmart card, supplies the circuit in the card with electricity, and usescommunications protocols to read data from the card. Smart card readers used for banking or identification may be connected to a keyboard to allow verification with apersonal identification number (PIN).
| Name | Description |
|---|---|
| T=0 | Asynchronous half-duplex byte-level transmission protocol, defined inISO/IEC 7816-3 |
| T=1 | Asynchronous half-duplex block-level transmission protocol, defined in ISO/IEC 7816-3. |
| T=2 | Reserved for future use. |
| T=3 | Reserved for future use. |
| Contactless | APDU transmission via contactless interfaceISO/IEC 14443. |
If the card does not use any standard transmission protocol, but uses a custom/proprietary protocol, it has the communication protocol designation T=14.[1]
The latest[which?]PC/SCCCID specifications define a new smart cardframework. This framework works withUSB devices with the specific device class0x0B. Readers with this class do not needdevice drivers when used with PC/SC-compliant operating systems, because theoperating system supplies the driver by default.[citation needed]
PKCS#11 is anAPI designed to beplatform-independent, defining a genericinterface tocryptographic tokens such as smart cards. This allowsapplications to work without knowledge of the reader details.
Smartcard readers have been targeted successfully by criminals in what is termed asupply chain attack, in which the readers are tampered with during manufacture or in the supply chain before delivery. The rogue devices capture customers' card details before transmitting them to criminals.[2]
A contactless smart card reader uses high-frequency radio waves (13.56 MHz, as opposed to 125 kHz used in low-frequency proximity card readers), enabling faster data transfer rates (up to 848 kbit/s) and communication with multiple cards simultaneously through anti-collision protocols defined in standards likeISO/IEC 14443.[3] This allows contactless smart cards to transmit more data efficiently compared to lower-frequency systems and supports applications such as access control and electronic payments without requiring physical contact with the reader. Contactless smart cards do not require physical contact with the reader and can function through materials like wallets or purses, typically within a range of 20 inches (51 cm) or less, depending on the reader's power and configuration. Most access control systems only read serial numbers of contactless smart cards and do not utilize the available memory. Card memory may be used for storing biometric data (i.e. fingerprint template) of a user. In such case a biometric reader first reads the template on the card and then compares it to the finger (hand, eye, etc.) presented by the user. In this way biometric data of users does not have to be distributed and stored in the memory of controllers or readers, which simplifies the system and reduces memory requirements.[citation needed]
 Proximity reader with keypad | |
| Usage | access control |
|---|---|
A reader radiates a 1" to 20" electrical field around itself. Cards use a simpleLC circuit. When a card is presented to the reader, the reader's electrical field excites a coil in the card. The coil charges acapacitor and in turn powers anintegrated circuit. The integrated circuit outputs the card number to the coil, which transmits it to the reader.
A common proximity format is 26-bit Wiegand. This format uses a facility code, sometimes also called a site code. The facility code is a unique number common to all of the cards in a particular set. The idea is that an organization will have their own facility code and a set of numbered cards incrementing from 1. Another organization has a different facility code and their card set also increments from 1. Thus different organizations can have card sets with the same card numbers but since the facility codes differ, the cards only work at one organization. This idea worked early in the technology, but as there is no governing body controlling card numbers, different manufacturers can supply cards with identical facility codes and identical card numbers to different organizations. Thus there may be duplicate cards that allow access to multiple facilities in one area. To counteract this problem some manufacturers have created formats beyond 26-bit Wiegand that they control and issue to organizations.
In the 26-bit Wiegand format, bit 1 is an even parity bit. Bits 2–9 are a facility code. Bits 10–25 are the card number. Bit 26 is an odd parity bit. 1/8/16/1. Other formats have a similar structure of a leading facility code followed by the card number and including parity bits for error checking, such as the 1/12/12/1 format used by some American access control companies.
1/8/16/1 gives as facility code limit of 255 and 65535 card number
1/12/12/1 gives a facility code limit of 4095 and 4095 card number.
Wiegand was also stretched to 34 bits, 56 bits and a number of others.
Wiegand card technology is a patented technology using embeddedferromagnetic wires strategically positioned to create a unique pattern that generates the identification number. Likemagnetic stripe orbarcode technology, this card must be swiped through a reader to be read. Unlike the other technologies, the identification media is embedded in the card and not susceptible to wear. This technology once gained popularity because it is difficult to duplicate, creating a high perception of security. This technology is being replaced by proximity cards, however, because of the limited source of supply, the relatively bettertamper resistance of proximity readers, and the convenience of the touch-less functionality in proximity readers.
Proximity card readers are still referred to as "Wiegand output readers", but no longer use the Wiegand effect. Proximity technology retains theWiegand upstream data so that the new readers are compatible with old systems.[citation needed]
Amemory card reader is a device for accessing the data on amemory card such as aCompactFlash (CF),Secure Digital (SD) orMultiMediaCard (MMC). Most card readers also offer write capability, and together with the card, this can function as apen drive. Memory card readers can be built in to laptop computers or computer peripherals, or use aUSB interface to transfer data to and from a computer.
The earliest example of a punched card reader, theJacquard machine, physically pressedpunched cards against rows of mechanical control rods to convert the data on the cards into physical positions of the loom's hooks. A hole in the card would allow the rod to pass through and remain unmoved; if there was no hole the rod would be pushed, moving its hook out of position.
Beginning with theTabulating machine in 1890, data was read from punched cards by detecting whether a hole in the card allowed an electrical circuit to connect or an unpunched section of card interrupted that circuit.
The earliest punched card readers used pins that would dip into tiny cups of mercury when passing through a punched hole, completing an electrical circuit; in the late 1920s, IBM developed card readers that used metal brushes to make electrical contact with a roller wherever a hole passed between them.[4]
By 1965, punched cards were read usingphotoelectric sensors. TheIBM 2501 is an example of an early optical punched card reader.
A photoelectric punched card reader patent was issued in 1971.[5]
A business card reader is a portableimage scanner device ormobile app that usesoptical character recognition to detect specific data fields on abusiness card and store that data in a contact database or 'electronicrolodex'.[6]
Simple data, such as an ID number, name, or address, can be encoded onto a card with abarcode and read from the card with an opticalbarcode reader.
Card readers are often used to read identification cards for the purposes of physical or electronicaccess control or to read data from anidentity card.
Access control card readers are used inphysical security systems to read acredential that allows physical access through access control points, typically a locked door. They can also be used ininformation security systems to control access to data. An access control reader can be amagnetic stripe reader, abar code reader, a proximity reader, or asmart card reader.
 IP fingerprint reader | |
| Media type | Internet Protocol |
|---|---|
| Capacity | 10000 templates |
| Usage | fingerprint identification, access control |
Readers may compare the data collected from the card, or data stored in the reader, to abiometric identification:fingerprint,hand geometry,iris, Voice Recognition, andfacial recognition.[citation needed]
A card reader with a biometric system compares thetemplate stored in memory to the scan obtained during the process of identification. If there is a high enough degree ofprobability that the template in the memory is compatible with the live scan (the scan belongs to the authorized person), the ID number of that person is sent to acontrol panel. The control panel then checks the permission level of the user and determines whether access should be allowed. The communication between the reader and the control panel is usually transmitted using the industry standardWiegand interface. The only exception is the intelligent biometric reader, which does not require any panels and directly controls alldoor hardware.
Biometric templates may be stored in the memory of readers, limiting the number of users by the reader memory size (there are reader models that have been manufactured with a storage capacity of up to 50,000 templates). User templates may also be stored in the memory of the smart card, thereby removing all limits to the number of system users (finger-only identification is not possible with this technology), or a centralserver PC can act as the template host. For systems where a central server is employed, known as "server-basedverification", readers first read the biometric data of the user and then forward it to the main computer forprocessing. Server-based systems support a large number of users but are dependent on the reliability of the central server, as well ascommunication lines.
1-to-1 and 1-to-many are the two possible modes of operation of a biometric reader:
Some banks have issued hand-held smartcard readers to their customers to support different electronic payment applications:
Throughout the 20th century, punched card readers were used to tabulate and process data including census data, financial data, and government contracts.[7]Punched card voting was widely used in the United States from 1965 until it was effectively banned by theHelp America Vote Act of 2002.
| Main articles | .svg) | |
|---|---|---|
| Types |
| |