I'm attempting to build a simple authentication system built around RFID. Basically I have an old computer and I'd like to buy a USB RFID scanner. However, I have no experience in this area and so I'm unsure what I'd be looking to buy.
Basically I'm looking for something that hopefully comes with an API of some sorts that allows me to log users in with RFID cards. Could anyone recommend me a good device / resource for accomplishing this?
Haven't tested it, but you might want to check this: Java-RFID Programming library.
It's supposed to be a:
RFID kit-agnostic API [...] tested with Texas Instruments and Microchip RFID kits.
If nothing else, code is available on SourceForge, so you can check it out.
A better approach might be to come up with a specific scanner, and then check what support is available around (they may offer their own libraries, manuals, etc.). A google search finds this article, for example: RFID Reader for Samsung VLAC-G1/VLAC-Alpha readers (written in C++, but porting it should not be a problem).
RFID authentication is a complex field and I hope that your "simple" RFID system will not be used to secure real or important assets/locations. If you want to get into the real thing, try the MX5C-RFID. It seems to be a good choice for less than $100 and you could buy a couple ID Cards from ebay (Mifare Plus or Mifare DesFire).
If you want to secure something seriously, do not use UHF RFID cards because they are easily readable from long range and do not offer data encryption as MiFare do.
If you go for Mifare plus cards, DO NOT USE Mifare classic retro compatibility. Mifare classic is easier to implement but is verry weak and easily cloneable.
To ensure maximum security, when you create a new card :
When authenticating, do the following:
You can bypass any of those advices to make your implementation as simple as possible. But keep in mind that you should do incremental development steps to implements all the features I've mentioned above if you want to do serious authentication. Most modern RFID identification systems are week because of developer's lazyness, taking simple prototypes into production use.
I have only dabbled in RFID but from what I've seen, most RFID systems are very expensive (especially fixed RFID systems). You would probably be better off going with either a standard MSR or Barcode type of system. RFID certainly has its benefits in that it can be touchless. But since you mention using an "old computer" it sounds like you are doing this on the side as a hobby project. If so, my recommendation is go with something simpler to start with and encapsulate the device interfacing logic so that you can support various types of devices rather than requiring the user to invest in RFID.
If you are determined to use RFID, you might try looking for an RFID reader that supports either returning data as keyboard input (HID interface) or supports UnifiedPOS standards. My understanding is that UnifiedPOS support for RFID is fairly new so you may not find a lot of models out there that support it yet.
At my workplace we've done some research about RFID hardwares recently. We found out that most of the devices have their own APIs and SDKs. You should check the vendor's site if they are supporting your programming language or not. Because we are also programming in Java it was suprising that not all device manufacturers support Java. I've done some work with fix-installed readers. Most of them use a vendor specific protocol on top of Ethernet so you can communicate with them through sockets directly (the hard way) or with the vendor made SDK (this is easier). These fix installed devices are much more bigger than a login card, however it's possible to hide them beneath a furniture.
We haven't come across with USB RFID readers yet. One of my work partners have done some work with a RFID reader made especially for login cards. As far as i remember it used USB and he had to write a small software which translates card read to keyboard strokes so it works actually like a barcode reader with softwares not knowing RFID at all.
There's also an option to buy a portable mobile computer equipped with RFID reader. These devices run stripped down Windows Mobile/CE so you can install your own software on them. Sadly you can't use Java on these devices directly. There are third party JVM implementations for mobile Windows versions however they are not free. Your best bet is .NET and Visual C++ most of the times.
Sadly i can say that RFID devices are expensive. Also maybe you don't know but there are two competing RFID radio standards on the market: HF and UHF. These RFID technologies have different advantages/disadvantages. I think you should check these out too.
There's also the NFC technology which gets built into some Android phones recently. I guess this technology has cheaper devices considering that they are now built into cell phones as well. Although they are not RFID compatible as far as i know.
