uhsc

What is UHSC or Ultra High Security Credential?

Introduction

All credentials have an inherent risk, third party manufacturers make and distribute credentials. Is this process secure, are credentials duplicated, are virtual credentials tracked, is the storage of virtual credentials vulnerable to outside hackers? All of these questions point to no control over credentials for the end user. The UHSC technology is designed to eliminate this risk.

 

Problem Description

Since the beginning, the access control industry has relied on credential manufacturers to make and supply secure credentials for our use. This accepted system has created a ‘Trust’ between Manufacturers, Security Dealers, Administrators and Users.
As users we are ‘Trusting’ that the process will not duplicate credentials. How can we be sure? For example we know that there are a limited number of 26 bit numbers possible (65535 numbers with 256 facility codes). We also know that we can order any 26 bit sequence and it will be shipped to us. Therefore this means that duplication of a credential is not an issue, and if a 26 bit can be duplicated then any credential can be duplicated. So the question becomes, not if a credential can be duplicated but rather “how many times has it been duplicated?”
Specialized credentials have an added concern in the established ‘Trust’. Companies register their information with the manufacturer. The manufacturer now has all the key personnel of an end user and the credential numbers assigned for that company. Is this information secure at the manufacturer? , what are their IT security protocols for securing information? Again we must ‘Trust’ that it is a secure process.

 

Virtual Credentials

The latest trend is for manufacturers to supply ‘virtual credentials’. End users download the App and request the credential. The manufacturer’s computer generates the credential, stores the record and sends the credential to the end user. At first this seems convenient however the convenience has a cost. Every credential for every company is now tracked and this information is inherently exposed to the outside world through the electronic delivery system. We know that even recently, the most diligent companies have had their databases hacked and information held for ransom. Is this a risk that end users are willing to accept or has the established Trust been taken too far? Since the manufacturer is recording individual’s information does this violate any privacy laws or expose companies to liability of information? These are all great questions that need to be answered.

 

Biometrics

An answer to this trust has been available for years, biometrics. Biometrics does a good job at removing manufacturers and dealers from the trust and returns control to where it should be, the end user. However Biometrics has its own drawbacks which has hindered its growth in our industry and hence not a perfect solution.
Biometrics require individuals be present at enrollment stations and this is not always convenient. If fingerprint is the desired technology not everyone has a readable fingerprint necessitating the need for a backup technology which is generally a card credential. This takes us back to the initial problem.
Biometrics are expensive, there are no two ways about it. Every company has a budget and even though credentials are not purchased it is more expensive to install and maintain. Biometrics cannot be placed everywhere, they have trouble with outside environments where cold, rain heat and sun become determining factors for usage. Biometric readers are much bulkier than traditional readers and therefore not ergonomically desired.

 

The UHSC Solution

Introducing UHSC or Ultra High Security Credential. UHSC is an App that creates a virtual credential on your device automatically using advanced algorithm technology when the App is installed. The user simply downloads the App and sends the Credential number to their System Administrator. Simple, easy, and a process that can be Trusted!

 

The difference

No manufacturer is involved with the making of a credential, therefore there is no record stored at a manufacturer of the credential. Credentials are not vulnerable to cyber-attacks to a manufacturer. There is no end user personal information given out to any manufacturer keeping the end users identity safe and secure.

 

Comments are closed.