HID Identity 300x iCLASS SE 3003PGGNN User Manual
Product codes
3003PGGNN
iCLASS SE How To Order Guide – D00545, C.8
February 2014
© 2007-2014 HID Global Corporation/ASSA ABLOY AB. All rights reserved.
Page 3 of 48
iCLASS SE Credential and Reader System Introduction
Building upon the success of HID iCLASS
®
13.56 MHz contactless smart card technology, HID Global has created iCLASS SE
®
, the
next-generation access control platform and open ecosystem. This new platform is based on the HID Trusted Identity Platform
®
(TIP) architecture for a new era of advanced applications, mobility and heightened security threats. iCLASS SE enables a new class
of portable identity credentials for securely provisioning and safely embedding into both fixed and mobile devices. iCLASS SE,
provides advanced security and performance functionality while enabling the use of portable and virtual credentials on Secure
Element-based devices (such as mobile devices). iCLASS SE also enables users to add security levels, customize security
protection, and extend system capabilities without having to overhaul the device infrastructure and applications.
iCLASS SE goes beyond the traditional smart card model to introduce a more secure, standards-based, technology-independent
iCLASS SE goes beyond the traditional smart card model to introduce a more secure, standards-based, technology-independent
and flexible identity data structure based on a new portable credential and virtual methodology called the Secure Identity Object™
(SIO
®
).
In November 2011, HID introduced iCLASS SE credentials and readers as the first products with SIO support. These products
support interpretation and authentication of this data structure and is HID Global’s iCLASS SIO-Enabled (SE) reader and credential
family.
In October 2012, HID Global introduced the next generation of credentials with iCLASS Seos
In October 2012, HID Global introduced the next generation of credentials with iCLASS Seos
®.
This product provides a highly
secure, standards-based system for the generation, delivery, and revocation of digital keys to open doors and verify identities.
The iCLASS SE credential and reader ecosystem is designed to raise the bar for overall system security while supporting key
The iCLASS SE credential and reader ecosystem is designed to raise the bar for overall system security while supporting key
emerging technologies that deliver superior performance, enhanced usability, and increased environmental sustainability. In
addition, iCLASS SE readers and credentials are the first access control products to operate under the HID TIP framework creating
a secure and trusted boundary in which all cryptographic keys governing system security are delivered with end-to-end privacy and
integrity.
iCLASS SE Platform Overview
The first endpoints based on the Secure Identity Object platform are iCLASS SE readers and credentials. The family includes the
following:
iCLASS Seos
•
iCLASS SE and SIO-Ready (SR) both belong to iCLASS SE family
•
SIO-Enabled Technology for MIFARE
®
•
SIO-Enabled Technology for MIFARE DESFire
®
EV1
Readers
•
iCLASS SE
•
multiCLASS SE
®
Support and Accessories
•
Configuration cards
•
Firmware update cards
Credentials
iCLASS Seos credentials deliver enhanced security, data confidentiality and stronger authentication for user data. Seos comprises a
generic card edge (card command interface) to meet the growing demand for interoperability; a secure messaging protocol to
protect data transmission. In addition, Seos provides an open software architecture that is portable to a range of mobile devices and
micro processors. The credential offers enhanced privacy protection by delivering data confidentiality and integrity between the
smart card and the reader to prevent sensitive/personal data from being intercepted or cloned. Seos credentials are only delivered
with SIO objects and are not backwards compatible with standard iCLASS offerings (one or several according to your requirements).
iCLASS SE Credentials are available in either SIO-Enabled (SE) or SIO-Ready (SR) configurations:
SE credentials come with a single access control data payload, the SIO. iCLASS SE credentials provide the highest level of data
iCLASS SE Credentials are available in either SIO-Enabled (SE) or SIO-Ready (SR) configurations:
SE credentials come with a single access control data payload, the SIO. iCLASS SE credentials provide the highest level of data
integrity and privacy, this type of card maximizes security.
SR credentials come with at least two access control data payloads, the SIO and a legacy access control data payload. SR
SR credentials come with at least two access control data payloads, the SIO and a legacy access control data payload. SR
credentials provide backward compatibility with currently deployed systems, this type of card maximizes compatibility. SR
credentials should be purchased when the site needs legacy application support, or when the site plans to eventually migrate to SIO
security.
iCLASS SE and SR credentials are available in all standard card bodies and form factors offered by HID.
iCLASS SE credentials are designed to work in a
iCLASS SE and SR credentials are available in all standard card bodies and form factors offered by HID.
iCLASS SE credentials are designed to work in a
new installation of iCLASS SE readers and are not compatible with standard
iCLASS readers.