Card reader


A card reader is a data input device that reads data from a card-shaped storage medium and provides the data to a computer. Card readers can acquire data from a card via a number of methods, including: optical scanning of printed text or barcodes or holes on punched cards, electrical signals from connections made or interrupted by a card's punched holes or embedded circuitry, or electronic devices that can read plastic cards embedded with either a magnetic strip, computer chip, RFID chip, or another storage medium.
Card readers are used for applications including identification, access control and banking, data storage, and data processing.

Mechanisms

Magnetic card readers

Magnetic stripe technology, usually called mag-stripe, is so named because of the stripe of magnetic oxide tape that is laminated on a card. There are three tracks of data on the magnetic stripe. Typically the data on each of the tracks follows a specific encoding standard, but it is possible to encode any format on any track. A mag-stripe card is cheap compared to other card technologies and is easy to program. The magnetic stripe holds more data than a barcode can in the same space. While a mag-stripe is more difficult to generate than a bar code, the technology for reading and encoding data on a mag-stripe is widespread and easy to acquire. Magnetic stripe technology is also susceptible to misreads, card wear, and data corruption. These cards are also susceptible to some forms of skimming where external devices are placed over the reader to intercept the data read.

Smart card readers

Smart card readers use an electrical current to read data from embedded circuitry or magnetic features in a card. A contact smart card must physically touch contacts on a reader to connect a circuit between them. A contactless smart card uses radio waves or a magnetic field to transmit information to a reader remotely.

Contact smart card readers

A contact smart card reader is an electronic device that physically connects to an integrated circuit in a smart card, supplies the circuit in the card with electricity, and uses communications protocols to read data from the card. Smart card readers used for banking or identification may be connected to a keyboard to allow verification with a personal identification number.
NameDescription
T=0Asynchronous half-duplex byte-level transmission protocol, defined in ISO/IEC 7816-3
T=1Asynchronous half-duplex block-level transmission protocol, defined in ISO/IEC 7816-3.
T=2Reserved for future use.
T=3Reserved for future use.
ContactlessAPDU transmission via contactless interface ISO/IEC 14443.

If the card does not use any standard transmission protocol, but uses a custom/proprietary protocol, it has the communication protocol designation T=14.
The latest PC/SC CCID specifications define a new smart card framework. This framework works with USB devices with the specific device class 0x0B. Readers with this class do not need device drivers when used with PC/SC-compliant operating systems, because the operating system supplies the driver by default.
PKCS#11 is an API designed to be platform-independent, defining a generic interface to cryptographic tokens such as smart cards. This allows applications to work without knowledge of the reader details.
Smartcard readers have been targeted successfully by criminals in what is termed a supply chain attack, in which the readers are tampered with during manufacture or in the supply chain before delivery. The rogue devices capture customers' card details before transmitting them to criminals.

Contactless smart card readers

A contactless smart card reader uses high-frequency radio waves, enabling faster data transfer rates and communication with multiple cards simultaneously through anti-collision protocols defined in standards like ISO/IEC 14443. This allows contactless smart cards to transmit more data efficiently compared to lower-frequency systems and supports applications such as access control and electronic payments without requiring physical contact with the reader. Contactless smart cards do not require physical contact with the reader and can function through materials like wallets or purses, typically within a range of 20 inches or less, depending on the reader's power and configuration. Most access control systems only read serial numbers of contactless smart cards and do not utilize the available memory. Card memory may be used for storing biometric data of a user. In such case a biometric reader first reads the template on the card and then compares it to the finger presented by the user. In this way biometric data of users does not have to be distributed and stored in the memory of controllers or readers, which simplifies the system and reduces memory requirements.
RFID card readers
Proximity card readers
A reader radiates a 1" to 20" electrical field around itself. Cards use a simple LC circuit. When a card is presented to the reader, the reader's electrical field excites a coil in the card. The coil charges a capacitor and in turn powers an integrated circuit. The integrated circuit outputs the card number to the coil, which transmits it to the reader.
A common proximity format is 26-bit Wiegand. This format uses a facility code, sometimes also called a site code. The facility code is a unique number common to all of the cards in a particular set. The idea is that an organization will have their own facility code and a set of numbered cards incrementing from 1. Another organization has a different facility code and their card set also increments from 1. Thus different organizations can have card sets with the same card numbers but since the facility codes differ, the cards only work at one organization. This idea worked early in the technology, but as there is no governing body controlling card numbers, different manufacturers can supply cards with identical facility codes and identical card numbers to different organizations. Thus there may be duplicate cards that allow access to multiple facilities in one area. To counteract this problem some manufacturers have created formats beyond 26-bit Wiegand that they control and issue to organizations.
In the 26-bit Wiegand format, bit 1 is an even parity bit. Bits 2–9 are a facility code. Bits 10–25 are the card number. Bit 26 is an odd parity bit. 1/8/16/1. Other formats have a similar structure of a leading facility code followed by the card number and including parity bits for error checking, such as the 1/12/12/1 format used by some American access control companies.
1/8/16/1 gives as facility code limit of 255 and 65535 card number
1/12/12/1 gives a facility code limit of 4095 and 4095 card number.
Wiegand was also stretched to 34 bits, 56 bits and a number of others.
Wiegand card readers
card technology is a patented technology using embedded ferromagnetic wires strategically positioned to create a unique pattern that generates the identification number. Like magnetic stripe or barcode technology, this card must be swiped through a reader to be read. Unlike the other technologies, the identification media is embedded in the card and not susceptible to wear. This technology once gained popularity because it is difficult to duplicate, creating a high perception of security. This technology is being replaced by proximity cards, however, because of the limited source of supply, the relatively better tamper resistance of proximity readers, and the convenience of the touch-less functionality in proximity readers.
Proximity card readers are still referred to as "Wiegand output readers", but no longer use the Wiegand effect. Proximity technology retains the Wiegand upstream data so that the new readers are compatible with old systems.

Memory card readers

A memory card reader is a device for accessing the data on a memory card such as a CompactFlash, Secure Digital or MultiMediaCard. Most card readers also offer write capability, and together with the card, this can function as a pen drive. Memory card readers can be built in to laptop computers or computer peripherals, or use a USB interface to transfer data to and from a computer.

Punched card readers

The Jacquard machine

The earliest example of a punched card reader, the Jacquard machine, physically pressed punched cards against rows of mechanical control rods to convert the data on the cards into physical positions of the loom's hooks. A hole in the card would allow the rod to pass through and remain unmoved; if there was no hole the rod would be pushed, moving its hook out of position.

Electrical punched card readers

Beginning with the Tabulating machine in 1890, data was read from punched cards by detecting whether a hole in the card allowed an electrical circuit to connect or an unpunched section of card interrupted that circuit.
The earliest punched card readers used pins that would dip into tiny cups of mercury when passing through a punched hole, completing an electrical circuit; in the late 1920s, IBM developed card readers that used metal brushes to make electrical contact with a roller wherever a hole passed between them.

Optical punched card readers

By 1965, punched cards were read using photoelectric sensors. The IBM 2501 is an example of an early optical punched card reader.
A photoelectric punched card reader patent was issued in 1971.

Other optical card readers

Business card text scanners

A business card reader is a portable image scanner device or mobile app that uses optical character recognition to detect specific data fields on a business card and store that data in a contact database or 'electronic rolodex'.