Legic basic knowledge
LEGIC is a standard for contactless data exchange (RFID) between media equipped with an appropriate chip and various forms of readers. The LEGIC standard was developed by the Swiss LEGIC Identbase AG. This company grants licenses for the use of the standard to different manufacturers, who in turn develop and distribute hardware and software related to the standard.
What is special about LEGIC?
The LEGIC system uses an encryption method for secure communication between the chips and the read/write devices (i.F. readers), in which the key is written to a special fixed memory area of the respective readers. The same key is then applied to the chips to be used. Readers can only use chips that have the same key. Since the key cannot be read from the readers, they cannot be duplicated without further ado.
In addition, both the chips and the readers are prepared for the use of defined data structures. Data structures define the available data fields and their structure within a segment of a LEGIC chip. Segments are memory areas that can be read and, if necessary, modified - i.e. written to - by readers. Each segment can contain its own data structure. The data structures may differ depending on the intended use of the readers or chips. For example, chips intended for access control may have segments with a different data structure than chips used for a payment system.
As a rule, data structures and encryption are created for each project. This means that the operator of a system with LEGIC readers (access system, cash register system, vending machine park) receives a data structure or encryption developed only for his application purposes from the manufacturer of the readers. This unique combination of data structure and encryption is used by both the readers and the chips to be used. This ensures that chips cannot be used in an undesirable way across operators.
Readers and chips are able to process several keys and data structures simultaneously. This means that a reader can read and process different segments of a chip, provided it has been prepared for this. In turn, chips can store data structures from different manufacturers and applications in their individual segments, each of which can serve very different functions. For example, a chip card can be used simultaneously for access control applications and as a means of payment.
In order to prepare readers for the use of data structures and encryptions of a certain project, these must be programmed into the memory of the readers provided for this purpose. This process is called "christening" the readers. Each reader of each project must be prepared in this way. Special chip cards - so-called baptism cards - are used for this purpose. They are specified within the LEGIC standard and are specifically designed for this task. These baptismal maps must be created specifically for each project, or more precisely for each data structure and each key. They are usually issued by the reader manufacturer.
It is therefore necessary for each project to have christening cards created by the manufacturer of the readers. This eliminates costs that can vary depending on the manufacturer and type of baptismal chart.
Here is a difference to the standard MIFARE system. The creation of baptismal maps is not necessary here. The key is programmed into the readers by Hypersoft with the help of software].
There are different types of baptismal cards. Among others:
- Type 1 (SAM): Baptism cards that enable readers to read a specific segment of a chip, or its data structure, and to change its contents.
-
Type 2 (XAM): Baptism cards, which enable readers to read a specific segment of a chip, or its data structure, and to change its contents. In addition, readers baptized with this card can create (encode) data structures in free segments of a chip.
-
Type 3 (IAM): Same as Type 2, but this capability expires when the power supply to the reader is interrupted.
The owner of the baptismal cards is the master of the project. It is able to create any number of readers and chips. Christening cards must therefore always remain with the customer or Hypersoft. If they remain with the customer, this should be documented.
Since chips can only be used on readers with the same encryption and corresponding data structure, the individual chips must also be prepared for each project. This is referred to as initializing or coding (i.F. coding). Often the manufacturer of the readers is not the manufacturer of the chips. If chips are ordered from a manufacturer, they must be coded for use within a specific project during or after their manufacture. For this it is necessary to apply both the encryption and the data structure to the chips. For this 2 ways are available.
- The chip manufacturer receives an IAM or XAM christening card temporarily or permanently. He can then use these to encode the chips for each order. As a rule, there are no additional costs for coding.
- The reader operator has at least one reader that is capable of transferring the appropriate data structure and encryption to unprepared cards. These are readers that were baptized with an XAM card. This is usually a USB reader which is connected to a PC, which in turn has special software. The software for transferring data structures to LEGIC chips is usually a product that is neither offered by the manufacturer of the readers nor by the manufacturer of the chip cards. It is usually produced by a third-party supplier and must be licensed for a fee. This eliminates costs for the software itself, as well as for each chip that is coded.
What do I need to consider when using LEGIC readers at a checkout?
There are two main types of readers, among others. These are on the one hand self-sufficient, i.e. independently executable reading devices and on the other hand reading devices, which require a further higher-level device, e.g. a PC, for operation.
Devices that can run independently usually have a programmable microprocessor. This controls many functions that are desired when RFID systems are used, without the need for external intervention. Devices of this type are often used when no PC is available to control the desired functions. This is the case with most automated systems.
Devices that require external control are usually connected to a PC via USB. This then takes over the control of the reader. Readers of this type are usually less complex and have no to few functions that do not emanate from the PC or its software. The software for controlling the readers takes over the functions for which the programmable microprocessor is required for autonomous readers and also serves as an interface for any further application on the PC.
Software for controlling readers is usually not offered by the reader manufacturer or chip manufacturer. It is manufactured by third parties and must be integrated into an application system accordingly. There are no costs for the use of such software per PC on which it is installed. These costs may vary depending on the manufacturer.
Here is a difference to the standard MIFARE system. The use of a chargeable DLL is omitted.]
The integration of software to control readers can be quite complex, which means that manufacturers of PC applications usually concentrate on the readers of one manufacturer. This is particularly true if the respective manufacturer is to be able to supply both readers for PC applications and self-sufficient readers, e.g. for vending machine applications.
What are LEGIC systems currently used for at Hypersoft?
At Hypersoft, LEGIC systems are currently used exclusively to establish cashless cash cycles in the offline prepaid process. This means that readers and chips are used to keep credit within the memory area of the chips. This credit can be used to pay at cash registers and/or machines and may be increased or paid out by another machine. There is no need for a network interface between the cash registers and/or the vending machines. There is no reconciliation with any Mobile PEOPLE customer accounts.
The chips used are not used to identify customers within Mobile People.
When is a LEGIC system used and when a MIFARE system?
MIFARE systems are usually simpler and cheaper to set up and manage. The MIFARE system also offers more options for the procurement of chips. Today, 70% of all new RFID applications used for personal identification are based on the MIFARE standard. Nevertheless, many manufacturers still use the LEGIC standard. Especially in the area of access control, systems that work with the LEGIC standard are still very common today. Not least because in many circles this is considered to be safer, although this is not always the case. In addition, until a few years ago there were far more LEGIC systems than MIFARE systems to be found in all areas until the MIFARE system took over its current leading position over the years. As a result, systems based on the LEGIC standard have been maintained in many building complexes for years. The reason for this is that on the one hand an exchange of all readers, e.g. at all doors, and on the other hand an exchange of all issued chips would simply no longer be possible.
Whenever a customer insists on the use of existing LEGIC chips in order to set up a cashless cash cycle, e.g. because it is not possible to exchange already issued chips, the use of a LEGIC system on the part of Hypersoft is also necessary.
What is to be considered if existing LEGIC chips are to be used?
If existing chips in a project (e.g. employee cards on a company premises) are used to set up a cashless cash cycle, they must first be checked by Hypersoft.
It must be ensured that the existing maps are built in a way that allows Hypersoft to access free data segments and provide them with our keys and data structures. This is not the case in some cases. Cards may have been set up by manufacturers of other systems who originally issued the cards in such a way that either segments are no longer available or access to them is completely impossible. Therefore, Hypersoft requires sample cards from production operations to verify the appropriate chips before issuing an offer to a potential customer. It is important that these are cards which have all the data structures and keys necessary for the customer's current operation. Otherwise, Hypersoft may test cards that do not comply with local operating conditions and the owners of existing chips may not be able to use a cashless cash cycle.
In order to provide existing chips with the necessary data structures and keys, these must be coded once in each case. This is relatively easy if the maps are stored in a central location and are available for this purpose. As a rule, however, the individual chips are in the possession of their respective owners and these are often several thousand. Therefore it is necessary to encode these cards successively. In order to encode chips, it is necessary to hold them on a reader that has been enabled to do so with the help of a baptism card. It is important to ensure that these readers are placed in a certain number and location so that it is realistically possible for the owners of the chips to encode their chips with reasonable effort.
Readers baptized with an XAM card are basically able to write data structures into segments of a chip. In addition, software is required to write the desired data structures into the segments of the chips via such a reader. The number of chips that can be encoded in this way is limited by the software. It must be released with the help of so-called license cards. Within the Hypersoft solution, two coding licence quotas are available per enabled reader. 500 codings are included in the basic capability of a reader to encode data structures. Further coding licence quotas can be obtained in lots of 1000. It should be noted that a comparison of the individual readers within a system does not take place. The individual readers do not know how many chips the other reader has already coded. If, for example, it is necessary to encode 1000 chips, two readers could be enabled to encode 500 chips each or one could be enabled to encode 1000 chips each. If more than one reader is capable of coding, it should be ensured that these readers are used uniformly, since a subsequent transfer of coding licenses from one reader to the other is no longer possible.
What licenses are required to build a cashless cash cycle with LEGIC systems?
Regardless of the number and types of hardware used, the following licenses must be considered.
Basically...
Mobile PEOPLE Basis (MP_Basis) - Basic license for customer base and cashless functions.
Mobile PEOPLE Cashless Option (MP_Cashless) - Extension for the basic license to use the cashless functions.
Mobile PEOPLE Base Device (MP_CASHLESS_LEGIC_SETUP) - Unique setup of the project. Creation for projects with LEGIC media of baptismal maps.
Coding of existing chips...
MOBILE PEOPLE (MP_CASHLESS_CODINGSTATION) - Software for setting up a station that can write data structures for data structures to existing LEGIC chips.
MOBILE PEOPLE Coding License (MP_CASHLESS_LEGIC_SETUP2) - for enabling ONE reader to encode existing chips. Incl. 500 codings.
MOBILE PEOPLE encoding license (MP_CASHLESS_LEGIC_SETUP3) - for 1000 additional encodings of an existing LEGIC media.
Licences per cash register...
IF 82: LEGIC/POS licence for the use of read/write systems according to the LEGIC standard(IF_82-LEGICPOS) - interface for connecting a DIVA USB reader to a Hypersoft cash register. Is required for every cash register that is to use such a reader.
Networking of stand-alone readers (vending machines)...
MOBILE PEOPLE Data concentrator for networked vending machines(MP_CASHLESS_DATACRAWLER) - Software module for networking vending machines and transferring their transaction data to the cash register journal.
Compatibility of card schemes Back to the parent page: