Lunch in the Microsoft cafeteria

By Ellen Messmer, NetworkWorld.com, 01/20/06

While much has been made of Microsoft's adoption of public-key-infrastructure (PKI) smart cards following a hacker break-in a number of years back, Microsoft has found that the chip-based cards are good for more than just an identity check. In the Microsoft cafeteria, you can use them to pay for lunch.

"I can put money on my card in the cashless cafeteria at Microsoft," said Candy Stark, Microsoft's security group manager when recently discussing how Microsoft makes use of its multi-purpose identity badge.

The cafeteria at Microsoft is wired so that the cashier can then scan the card to subtract the money to pay for food if the employee chooses to do that instead of paying in cash or other means.

The cards are 32K Windows-based smart cards manufactured by Indala. Microsoft is also slowly migrating over to the Axalto 128K chip.

The smart cards have an antenna inside them so they can be read in a "contactless" manner without having to directly pull them through a reader. Microsoft distributes its identity smart cards to employees for building entry and computer access. That's in addition to letting them use them to pay for lunch.

The biggest pain associated with PKI-based smart cards, says Stark, is the annual revocation of old digital certificates and issuing of new ones. And the biggest problem with PKI is that there's not a standard way yet to clear old certificates off the card. Whether it's Entrust or VeriSign or GTE, it's not automatic, Stark points out.

Back to Security Notes

Comments

Post a comment

Name:


E-mail address:


URL:


Comments:


Remember info?