NCJ Number
87538
Journal
Government Data Systems Dated: (November/December 1982) Pages: 12-14,16,18
Date Published
1982
Length
5 pages
Annotation
Following descriptions of the primary technologies used in card transaction systems, the discussion covers common features in such systems and principles that should be followed in selection of a secure system.
Abstract
Primary technologies of card transaction systems include 13 types of cards used to encode, store, and retrieve data in a transaction. All types of card transaction systems have some common features: (1) some type of machine-readable transaction card, (2) some type of microprocessor to assist in the transactions, and (3) central data bases in which are recorded the identities of authorized users and records of their transactions. Secure electronic transaction systems can be categorized as personal ID systems (ID cards, drivers licenses, work authorization systems), financial services systems (bank cards, credit cards, etc.), fare card systems (bus fare cards), entry control systems (parking, entry control), and history card systems (medical history cards, personnel record cards). In increasing depth of security, there are basically three ways to identify someone: (1) what one carries, (2) what one knows, and (3) what one is (physiological indicators). In practice, most physiological indicators are unreliable, but an effective one must meet the criteria of reliability, transaction speed, user acceptability, associated costs, and data base volatility. A risk assessment study of the total projected system should be made before system technologies are selected. Further, it should be recognized that complex technology and manufacturing of a transaction card system does not necessarily produce overall system integrity and security; integrity and security have much more to do with how the card is actually used. Also, overall system integrity and security should not depend primarily on the card itself. Other factors include administrative procedures, supervisory controls, card issuing procedures, and applicant processing. Serious problems arise from the use of large central data bases, such as the cost of keeping individual files current, the unreliability of data communications circuits, and susceptibility to large-scale fraud.