Security is a primary concern in today’s colleges and universities. While system and data security should be at the top of any One Card system’s priority list, systems are often unfortunately designed with little or no thought given to possible vulnerabilities. NuVision Networks thinks differently. We tackle the issue of security in two ways. The first is by displaying the cardholder’s picture on all of our peripherals, from our POS terminals, to our Virtual Reader, and even on our new activity readers. The second is with our proprietary token-passing AES (Advanced Encryption Standard) 256-bit encrypted communications, making our system the most secure in the industry.
Protecting the identity of patrons and exposure to cardholder identity theft is an important consideration in choosing a One Card system. It takes only one hacker on campus to create havoc with a one-card system. A disgruntled employee, a student looking for a challenge or a thrill, or someone bent on stealing can move value between accounts, change values, disrupt data and shut down a system rendering it fundamentally useless. Recently, the national press documented numerous incidences of violated campus systems.
As the first One Card system to convert to TCP/IP, we recognized this potential problem and decided to design a solution. We looked at various encoding systems and chose the Advanced Encryption Standard (AES) as thebest option. This is a Federal Information Processing Standard (FIPS) that specifies a cryptographic algorithm for use by U.S. Government organizations to protect sensitive information that was newly adopted by the National Institute for Standards and Technology.
AES is so secure that assuming one could build a machine that could recover in one second an AES master key (255 individual keys comprise a master key), then it would take that machine approximately 149 trillion (149,000,000,000,000) years to crack a 128-bit AES key. To put that into perspective, the universe is believed to be less than 20 billion years old. To make our system even more secure, NuVision Networks uses the even more powerful AES-256 bit encryption.
However, encryption is not the total answer in securing your transactions from abuse. Encrypted packets are still vulnerable to attack. All a hacker must to do is capture one packet. Even if he has no knowledge of what the packet contains, he can simply retransmit the packet causing the same transaction to be executed over and over again. To circumvent this limitation, we use a proprietary “token-passing” scheme called Packet-Lok™. Every response from a server contains a nearly unique encrypted token. The next transaction from the device must contain the token. If the token is different or the token has been used before, the packet is discarded. CampusONE is the only One Card system to use 256-bit AES encryption and Packet-Lok™ making NuVision Networks the market leader in security and safety for your campus.