The three pillars of a secure ID: card materials, personalization and Issuance models
04 November, 2015
category: Corporate, Financial, Government, Smart Cards
There is more than one way to produce a secure identity card. Dye sublimation, retransfer, inkjet, laser printing and laser engraving are all commonly used personalization technologies. And then there is the issuance model. Will card production be centralized or distributed to numerous over-the-counter locations?
The choice of card materials impacts both the personalization technology and issuance model. Thus it is crucial that an issuer understand the capabilities of the card materials when evaluating personalization technologies and issuance models. In a very real sense, the three decisions go hand in hand forming the three pillars of secure ID issuance.
The majority of high security ID cards are composites, meaning that they are made of more then one type of material. Though 100% PVC cards are common for low security uses, it would not be a choice for government-issued IDs or other mission-critical documents.
“A straight PVC card would crack like a saltine in the Sahara,” says Robert Jones, chief scientist at MorphoTrust.
Jones explains that secure issuers rely on layered card materials to create composite cards that meet the application’s desired goals. Consider these examples:
Straight PVC may be prone to cracking, but layering it with other specialized materials can add flexibility, durability, security and lifespan to the finished product.
Polycarbonate adds unique personalization-level security options but is often brittle if used alone, a problem that commonly arises when chips are embedded.
Synthetic materials like Teslin substrate can deliver durability and anti-fraud capabilities, but they need to be bonded to another substrate to create a finished card.
“The key is to carefully select individual materials to deliver a composite credential that performs optimally,” says Pierre Scaglia, global segment manager for Secure Credentials at PPG Industries. “In this way, you capitalize on the best characteristics of various material components.”
As Jones points out and these examples show, composites make the secure ID world go round.
Myth: Laser engraving is only for central issuance
Laser engraving and polycarbonate cards are a popular combo, but it’s not the only pairing. PVC and Teslin can also be laser engraved, says Robert Jones, chief scientist at MorphoTrust.
“There’s probably a half dozen states or more using a combination of laser engraving and laser printing for their driver licenses,” he explains. “When you have these two modes of personalization it enhances the security of the card substantially.”
And if you don’t want to use laser engraving, polycarbonate can still be an option. There are some issuers using a polycarbonate and Teslin composite card for over the counter issuance, Jones says. “You have a combination of materials that lend themself to a nice, secure, durable card architecture with materials that support a broad range of personalization technologies and security features,” he adds.
The marriage of materials and model
For many secure ID programs, the first decision is the choice of issuance model. Will the cards be issued from one or more central production facilities or will they be produced in the field via an over-the-counter, decentralized issuance model?
There a commonly accepted pros and cons to each model.
Central issuance affords an element of additional vetting time that can enable stronger background checks and breeder document checks.
It can also give an organization more control over document security features. A central facility that produces cards in bulk can focus resources on a small number of powerful issuance stations. Thus, it often has the luxury to embed more advanced security technologies and forensic features into IDs.
Security features such as laser engraving and high-end holography are more readily available at centralized facilities than via smaller-scale desktop printing environments. Protection of the card stock and production equipment can also be more tightly controlled when confined to a single or small number of central facilities.
All of these factors can be key in efforts to deter counterfeiting, card alteration or illicit production of fraudulent IDs using real materials and technologies.
Finally, agencies only need to replenish consumables such as printer ribbons and card stock, store spare equipment and maintain repair services in the single location.
But over-the-counter issuance has advantages as well.
Customer service is one of the main reasons some issuers choose over-the-counter issuance. Modern printers and personalization systems can enable rapid and secure creation of cards on the spot, and this instant issuance makes customers happy.
With centralized issuance, on the other hand, the credential must be produced and then distributed to the cardholder at a later date. For security reasons, programs often prohibit mailing the card directly to home addresses, instead shipping them back to the local issuing office. This forces the individual to yet again visit the agency or office to prove identity and then claim the ID.
Because of the time lag between enrollment and receipt of the credential, a temporary document may need to be issued, adding cost and complexity to the process.
So is one model better than the other?
“It has been our experience that central issuance security beats local issuance hands down,” says Scaglia. “These are highly secure facilities that can use the most sophisticated security technologies.”
He poses the following question: “If you are printing a card via local issuance, how hard do you think it is for a counterfeiter to do the same?”
Still, proponents of over-the-counter issuance argue that, if properly designed and operated, either model can accomplish the goal of secure issuance.