Executive Director's Letter

Dear members and friends of the Alliance,

The new photo of me in this month's newsletter is a good reflection of my mental state when the picture was taken (during the 2007 Annual Conference in Boston) and disposition since my return.  Being immersed in another successful Alliance conference event is an exhilarating experience! (If you look closely, you might also notice a few fewer hairs in this one as well – one of the unfortunate side effects of putting together these conferences.)

What had me grinning widely when the photographer snapped this picture was the satisfaction I felt after the great response that we received from members and individuals who follow the smart card industry to our 15th anniversary and “final” Annual Conference this month.  We had over 400 people attend the conference, an increase of more than 100 people from last year’s event in San Diego.  Maybe it was Boston, and all the history and excitement (Red Sox fans are wild) that surrounds this city.  Maybe it was the assembly of industry experts and smart card end user customers who delivered outstanding presentations on a broad range of topics -- including government identity, contactless payments, mobile payments and NFC, healthcare, transportation, and emerging technologies.  Maybe it was the expectation held by people from different industry backgrounds and interests that they would learn something new and meet interesting new business contacts when the Smart Card Alliance brings together so many disparate industry segments and technologies in one place.  I suspect that it is all of these reasons, plus a few unknowns that I will learn about when I complete my review of the on-line survey responses.  As always, the credit really should go to the individuals and organizations who make up the smart card industry and who come out and support the Smart Card Alliance and to the financial issuer, merchant, health care provider, transportation operator, and government agency end users who are the reason we are all still in this business together and growing stronger.

Member Profile: SMART Association

This month, Smart Card Talk spoke with David Batchelor, President of SMART Association. Mr. Batchelor oversees the company from an executive level and oversees sales and new business development. Over the last 21 years, Mr. Batchelor has applied his education and experience in marketing, business development and consulting to the development, implementation and delivery of unique consumer relationship marketing programs in banks, credit unions and healthcare providers. 

SMART Association has grown to become the nationwide healthcare industry leader in HIPAA compliant, permission-based membership marketing strategies for the past 17 years.

Mr. Batchelor received his Bachelor of Science in Business Administration and majored in marketing from San Francisco State University.

Feature of the Month 

Physical Access Control System Migration Options for Using FIPS 201-1 Compliant Credentials

All federal government employees and contractors are now transitioning to FIPS 201-1 compliant credentials (the Personal Identity Verification card, known as the PIV card).  This presents unique challenges to security directors with currently-deployed ID badges and existing systems for building access management and control.  Key questions that may be asked by all security directors and those responsible for physical access control systems are: 

• Will what I have today work with the new directives and requirements?  If not, what can I do to comply? 
• How do I take advantage of the enhanced security technology in a FIPS 201-1 credential to improve my organization's security profile?

The answers to these common questions depend on many factors.  Compliance methods range from visual presentation and validation of the new PIV card (a minimal process with high risk), to the trusted process using the PIV card for fast, electronic authentication through the public key infrastructure (PKI) and a multi-factor reader or handheld device.  Beyond reading the PIV card, field devices, the associated network and cabling, intermediary hardware or control equipment, host computers, and processes may be affected by new technologies used by the PIV card.

Given the scope of an enterprise, federated and converged security system, it is thus very important for a security director, facilities manager or systems manager to understand the changes introduced by PIV cards and determine how to manage change for success.  Understanding what will maximize the return on investment and mitigate the risks going forward of “failure of operation” or “failure to comply” is critical to success.  It is expected that corollary questions are “how much of my existing system can I reuse” -- i.e., how can I mitigate costs, permitting a migration strategy to be implemented -- and optionally “how can I use the same method of authentication for physical access and logical access?”

Smart Card Talk is the monthly electronic newsletter of the world's largest smart card industry organization, providing members with the latest news and information about what's happening within the Smart Card Alliance. If you have news you would like to share, please send it to info@smartcardalliance.org. If you know someone who does not receive this newsletter and would like to be added to the list, please send an email here.

Copyright 2006-2007· Smart Card Alliance · 191 Clarksville Rd. · Princeton Junction, NJ 08550
Phone: (800) 556-6828 info@smartcardalliance.org · www.smartcardalliance.org