Networked multifunction printers (MFPs) offer unparalleled productivity and convenience, allowing users to print and fax from a desk across the hall or a workstation across the country. Sophisticated managed print service (MPS) software also enables better tracking and cost control.

But convenience and functionality can come with a hidden price. Today’s networked printers are part of an expanding business ecosystem of “Internet of Things” (IoT) devices. As an IoT endpoint, MFPs have security vulnerabilities that can create costly headaches for businesses.

Information security is more important than ever. Companies need to protect sensitive intellectual property (IP), financials, customer data and personnel data. Stronger data privacy regulations, such as the European Union’s General Data Protection Regulation (GDPR), leave businesses vulnerable to fines and lawsuits if certain kinds of data are exposed. Companies in some industries, such as the healthcare industry, may have additional information security requirements.

In addition to putting data at risk, unsecured printers often create cost control problems. Printer output picked up by the wrong person leads to waste if the original user has to resend the job. And without proper controls in place, individuals and departments may not consider costs and material use when making printing decisions. A print management system can track costs by user and department and designate who is allowed to print, how much they can print, and what types of documents (e.g., color vs. black-and-white) they can print.

Most companies have taken steps to secure electronic data. In this environment, printers may be the weakest link. Printers are usually located in easily accessible areas and designed for convenience rather than security. MFPs can expose data in several ways.

Of these threats, the first is by far the most common. According to an industry survey, 59% of companies reported a print-related data loss in 2018, with most of those losses involving accidental or intentional actions of internal users . With more than 90% of businesses still reporting that they rely heavily on paper for daily operations, print security must be taken every bit as seriously as digital information security.

Companies must take steps to secure access to the physical hard drive on the printer and to the network that the printer is connected to. In addition, companies should put security systems in place to prevent unauthorized people from gaining access to printer functions or to materials that have been sent to the printer by another user.

Pull printing is a system that delays printing until an authorized user is physically present at the printer. Users can send materials to the print queue at any time from their workstations, but the documents will not start printing until they release the job at the printer itself. This may be accomplished by:

These security systems must do two things. First, they must be able to accurately identify the individual user who has requested access to the printer (user authentication). Second, they must ensure that only people with the right authorization level are able to access printer functions (access control).

User authentication is the ability to correctly identify an individual user and match their information to the device, equipment or systems they are using.

Access control is the ability to ensure that only authorized users are able to gain access to a device, asset or system.

For print management, user identification and access control must be reliable, cost-effective for deployment on dozens or hundreds of individual print devices, fast and simple for end users, and easy for IT departments to manage. Biometric identification is generally too complex, expensive and unreliable, and puts companies in the position of having to manage sensitive personal data for their users. Password and PIN systems have been widely used for print management but have drawbacks of their own. Employees often share or forget printer passwords and PINs, reducing security and creating IT headaches. Printer user interfaces can also be unwieldy, slowing employees down as they enter their user ID and password multiple times each day.

The best solution for secure printing may be one that most corporate employees already have in their pockets: an ID card or badge with Radio-Frequency Identification (RFID).

RFID cards are widely used for employee identification and building access control across all industries. In most large companies today, employees are issued a card on their first day that they use to get in the front door and wear or carry with them while on the job. The ID cards improve building security by ensuring that only current employees can enter and provide a visual confirmation of employment status. These same cards can be leveraged to enable access and authenticate users for secure printing.

RFID has a number of benefits for printer manufacturers, MPS software providers and the end-user customers they serve.

Each RFID card stores a unique data set—such as a number—that serves to identify the card and, by extension, the person carrying it. When a card with an embedded RFID tag is in close proximity with an RFID reader, the reader transmits a radio signal to interrogate the tag.The radio signal activates the tag, which then uses the power in radio signal to respond to the reader with its unique ID. Although the use of unique identifiers is common, more sophisticated cards utilize more complex data structures for identification and authentication, including encryption and digital signing functions.

+ RFID cards provide a unique identification that can be used to match users with systems or devices. RFID systems not only prevent access by unauthorized users but enable tracking of exactly who has accessed a printer, when, and what they did. In addition to improving security, RFID combined with MPS software enables better cost accounting and control.

RFID cards are generally more secure than other access control measures. Employees are less likely to share a picture ID card than a password or PIN, and cards can be quickly deactivated from a central system if they are lost or compromised or if an employee is terminated. They can also utilize cryptographic keys to further increase security.

The simplest RFID cards store a unique identification number in an unencrypted format. This number identifies the cardholder and tells the reader whether or not they have permission to access the protected asset. These unencrypted RFID cards can be easily read and cloned. Unencrypted signals between the card and reader can also be intercepted and used to create a cloned card or otherwise signal the reader to unlock access to the asset.

Encryption substantially increases the security of RFID technologies for print management. With encryption, the identification number stored on the RFID card is masked using a complex encryption algorithm. The only way to unlock the information and read the number is to have the correct electronic “key.” Because some information is stored on the card and some on the reader itself, it is impossible to decrypt the information on the card or in the signal that passes between the card and the reader. Without the right key, the card cannot be cloned or altered to change permissions.

ELATEC readers support advanced encryption technologies.The readers act as mini computers that can be programmed to meet nearly any encryption scheme, including advanced cryptographic methods requiring a higher computing load.These may include the use of multiple or hierarchical keys and symmetrical cryptographic methods. ELATEC readers can also facilitate multi-factor authentication with the help of Secure Access Modules (SAM).The readers support multiple SAM slots that help in integrating these modules.This enables the readers to perform cryptographic computations using SAM as well as facilitate key management in a secure way. Customized encryption schemes can be programmed in advance by ELATEC. For even higher security, printer manufacturers or MPS software providers can program the readers themselves, so even ELATEC will not possess the encryption key.

There are many different RFID reader technologies to choose from. Printer manufacturers and MPS software providers wishing to integrate RFID into their secure printing solutions need to understand the differences and select a reader technology that meets the needs of their clients and end users. In particular, developers should ask:

There are dozens of RFID card transponder technologies in use around the world, each with their own data formats, communication frequencies and security capabilities. Cards can be broadly separated into high frequency (HF) and low frequency (LF), depending on the radio frequency band range they use to communicate. However, within these categories, cards by different manufacturers have their own unique formats.

Printer manufacturers and software developers intending to sell to a diverse market may need to be able to accommodate 60 or more unique card technologies. End users often do not know what kind of card technology they are using and may have little choice in the matter; if companies lease building space, they generally must use the card technology put in place by the building owner. Fortune 500 companies with multiple locations, or that have expanded through mergers and acquisitions, may end up with multiple card technologies used within a single network. Most organizations are not willing or able to change their existing ID card technology to accommodate user authentication and access control for print management, and do not want to make employees carry multiple cards.

Most RFID readers can only read a few different card technologies, and some are created by card manufacturers to read only their own technologies. This means that manufacturers wishing to expand their market opportunities may have to stock different readers for different customers. This creates both sales and inventory management challenges. Salespeople must discover the card types being used by prospects before placing an order to determine which part to use or whether their card technology can be accommodated at all. For large companies using more than one card technology, there may not be a single reader in inventory that can read all of their card types. Printer manufacturers and MPS developers intending to sell internationally or to multinational customers face additional challenges, since most RFID readers are only certified for use in a few countries or regions.

ELATEC RFID readers are “universal”; some can read more than 60 card technologies, including HF and LF RFID as well Near Field Communication (NFC) and Bluetooth Low Energy (BLE) technologies increasingly used with mobile devices.They are also certified for use in as many as 110 countries.This means they can accommodate virtually any card technology an end user may have in place, providing a single part number solution that simplifies sales and inventory management. Sales or customer support staff can simply scan an example card from the end user to identify the technologies they are using. Final configuration can be completed on installed readers, so MFP manufacturers can usually stock one version of their system for all potential customers.

A large company may have dozens or hundreds of printers distributed throughout their organization. This makes it extremely difficult to update or reconfigure the RFID readers and ensure that none of them have been missed.

There are several reasons why RFID readers may need to be updated or reconfigured. End users may adopt a new card technology. Emerging security threats may require manufacturers to enable advanced encryption or other security features for identity management. Or software developers may want to add new functionality to their print management solutions.

Field reconfiguration of most RFID readers is time-consuming and expensive. Technicians must physically access each reader, in some cases removing it from the printer in which it has been installed. If the installed reader cannot be configured to meet the new requirements, it must be removed and replaced. For IT managers, this means that every single RFID-enabled printer throughout the building or campus must be tracked down and updated. Missing a reader may result in an unexpected device failure. Printer manufacturers may also face significant expenses if they have unsold inventory in stock that must be replaced or reconfigured.

The business ecosystem has become increasingly sophisticated and complex with the growth of networked IT solutions and the proliferation of connected printers and other IoT devices. Businesses want to be able to take advantage of the benefits of networked systems and devices while maintaining privacy, confidentiality

ELATEC readers support remote configuration for fast, easy updates. Manufacturers or end-user IT managers can push updates out to all installed readers at once without tracking down individual printers or requiring extensive technician time and expense.This increases customer satisfaction and provides a significant competitive advantage for printer manufacturers and MPS providers.

and security. Some companies are also moving towards emerging identification systems enabled by Bluetooth Low Energy (BLE) or Near Field Communications (NFC) through smartphones or other mobile devices. RFID readers will need to adapt to support these evolving functionality requirements.

Most readers are limited in both their current functionality and potential upgradability. Printer manufacturers and software developers may find themselves “locked-in” to current functionality and security capabilities around user identification, authorization and access control by their RFID reader solution. Addressing emerging market opportunities, in this case, would require physically replacing the RFID readers in their systems. This limits the shelf life of their products and their ability to respond to customer needs.

ELATEC readers have a robust open API that makes them highly adaptable and practically “future proof.”The readers can be programmed to enable unique functionality for sophisticated IT solutions and support mobile access control technologies such as BLE and NFC. The API is powerful and flexible, so manufacturers will be able to reconfigure their existing readers to address new opportunities and requirements in the future that have not yet been imagined.This vastly increases the shelf life of both installed systems and inventory. And since they can be easily reconfigured after installation, manufacturers will be able to respond to new customer requirements and maintain customer loyalty.

ELATEC’s powerful, flexible reader technology gives printer manufacturers and MPS providers a real competitive advantage, both now and in the future. ELATEC can help companies creating secure printing solutions:

Blank Card With Chip

An international multifunction Printer (MFP) manufacturer needed a solution that would enable rapid reconfiguration of RFID readers in their devices to meet emerging security and functionality demands. Most card readers must be physically removed from the printer and connected to a computer to update firmware using a configuration tool.This was costly and time consuming for end users, resulting in increased IT expenses and lost operational time. ELATEC worked with the manufacturer to develop the Remote Firmware UpdateTool. This tool allows the manufacturer to send updates to their customers’ IT centers, where they can be distributed remotely to all printers on the network. The Remote Firmware UpdateTool allowed them to meet the demands of one of their largest customers and increase satisfaction and brand loyalty for all of their clients.

Rfid Card, Smart Card, Ic Card, Contact Card, Contactless Card, Pvc Card - Xinye,