An RFID card reader installed in a vending machine authenticates data over a proprietary Intranet in real time at Bob Jones University in Greensville, S.C.
Lexan covers allowed the RFID readers to be mounted externally on the beverage machines. The beverage machines were retrofitted after the snack machines, which did not have the Lexan covers.
The RFID reader and an LCD unit were mounted behind the glass for added security on candy/snack machines.
A pair of engineering faculty members at Bob Jones University in Greensville, S.C. were able to develop a cashless vending program for the campus that has been reliable, secure, and has increased vending sales by about 25 percent. The faculty members used the radio frequency identification (RFID) technology in the campus security system to develop the cashless vending system. The college vending program is self operated.
Many institutions and campuses use RFID cards for door access. The Bob Jones University faculty members, who have no background in vending, demonstrated that the same technology being used in the campus security system can be used to facilitate purchases in various venues on the campus.
Several years ago, after the decision was made to make all campus buildings accessible via RFID, another decision was made to use RFID for vending candy and pastry.
The first system developed was implemented on a 1980s vintage candy and pastry machine called a Snackshop 7000®.
The developers of the cashless vending have come to the conclusion that RFID is more secure and easier to use than the technology used in other cashless systems, such as those that use bar codes or magnetic stripes.
Unlike a bar code, RFID is not easily duplicated. Unlike a magnetic stripe card, RFID is not easily deprogrammed or erased. Magnetic stripe readers also have mechanical reliability issues due to dirt build up.
The RFID card is read, then authenticated over a proprietary Intranet in real time. When authentication is acknowledged, the machine activates a purchase. Purchase information is then securely delivered to the database.
Candy, pastry, drink and laundry (wash and dry) machines are all available. New and recent Coke and Pepsi vending machines from various manufacturers are operational under this system, along with 1980s vintage technology and Maytag® serial communications from various manufacturers. All transactions are available online for users to view and for easy bookkeeping.
RFID TECHNOLOGY EVOLVES, OFFERING MANY USES
RFID technology has proliferated over the past few years. Wal-Mart and the U.S. Department of Defense have both mandated RFID technology implementation from product suppliers in order to maintain accurate supply chain control. This technology is much like the bar-coded UPC label consumers are used to seeing on packaging at the store, except it is invisible.
The UPC code has no security and is freely accessible by anyone with the technology to read, or even write, to it. RFID is much more, however.
RFID offers better security, which is why it is currently being implemented in passports, drivers’ licenses and credit cards. These usages need to be carefully secured.
Identity theft, travel information and tracking, as well as financial data are all at risk. Furthermore, an important use that may have a lower necessity for security than the previously mentioned, is RFID access to buildings, homes and vehicles.
As is typical of all new technology, the scope of usage creeps to new applications as a need arises. This was the case with vending and laundry service in a campus environment.
A campus RFID card that gives access to buildings can also be used to provide access to food and beverage vending, along with laundry machines and other sales venues where the ID holder has access to the facilities. The same card can also be used to pay for meals in the cafeteria.
SECURITY FEATURES DRIVE RFID IMPLEMENTATION
Many organizations are using RFID today on account of its security benefits. Security of RFID devices is very complex. To simplify, some devices can be read at a fairly long distance, such as 30 feet, or even more. There is usually no security at this distance.
The typical RFID used for building access has a short read distance of two or three inches.
An RFID badge is at least as secure as an ID badge with a magnetic stripe, and significantly more secure than an ID badge with bar codes.
When an organization has a large investment in RFID for building access, it makes sense to use the technology wherever it may find usage. Other possibilities are cafeteria purchases, company store purchases, vending, laundry services and more. There are various ways to make this possible.
One common method is to use an RFID card that can store data and save electronic cash.
The main problem with this approach is that if the card is lost, its value is lost. These systems are fairly expensive at the card level. It is also necessary to have a way to write value to the card.
CREDIT AND DEBIT SYSTEM: A VIABLE OPTION
A more versatile method is to assign no dollar value to the card, but have the purchase points connected to a network database where purchases can either operate as a credit or debit system. The advantages to this are many.
The cards have no cash value. So if lost, the card is simply removed from the database and a new card is issued.
The cards are not expensive. Even the lowest level of RFID can be used to implement this system.
The expense of this system is in the need to have network connections wherever purchases are made and a secure database server. However, if an organization has already made the commitment to provide card access to buildings, the network will probably be available for other purposes, too. Wireless implementation is also possible.
UNIVERSITY USED AN OFF-THE-SHELF RFID DEVICE
At Bob Jones University, off-the-shelf RFID devices were used to read RFID cards that students use to access buildings. These devices are installed at most doors on the campus. Custom software was developed for a device from Microchip’s PIC® line.
The device that reads the ID card outputs data in a secure Weigand format. This had to be interpreted and converted to regular ASCII data to incorporate the vending application.
A database was created to read the data from the vending machine and give a signal to allow the machine to vend or not vend.
A device from Lantronix®, called an Xport®, was used to convert serial data from the vending machine to encrypted TCP/IP for transmission across a secure Intranet in real time to the database.
The conversion of a machine to operate on the system involves several steps.
A custom circuit card is the heart of the conversion. It contains the microcontroller, the Xport®, and other necessary electronics to communicate with the vending machine.
A display with an LCD unit and an HID® RFID card reader was mounted behind the machine’s front glass panel for added security. The devices needed to be secure in some manner.
BULLET-PROOF COVERS ADDED FOR CARD READERS
After the snack machines were retrofitted with the readers, I came across a local company, APCO Plastics, that could make these boxes out of bullet-proof Lexan. As a result, the Coke and Pepsi machines, which were retrofitted after the snack machines, were made with these Lexan covers and were mounted externally.
Each successive summer brought several more candy/pastry machines online, as well as further research and development of more ways to bring more modern machines online.
A cashless system for the Multiple Drop Bus (MDB) vending technology was developed. This allows all modern vending machines employing the MDB standard to access the same database as the candy/pastry machines.
Prototypes were built and employed. Thankfully, a very helpful engineer at a vending machine manufacturer helped work through known firmware issues with cashless devices.
More than 50 Coke and Pepsi machines are currently online as cash and cashless devices. All are MDB capable.
Sales have increased by thousands of dollars, each month, over cash-alone systems. Overall, there has been about a 25 percent sales increase.
The hardware includes the Lantronix® device, called an Xport® and the RFID device (Microchip’s PIC® line).
Each conversion paid for itself in about six months or less.
The cost to convert a machine is about $400. This does not include the research and development costs, but I believe these costs have been recovered.
We order the parts, circuit cards and displays. We then assemble each unit individually. This takes about an hour. It takes about 30 minutes to put the device in the machine. The IT department has to get cabling and network to the machine locations.
LAUNDRY MACHINES ALSO GO ONLINE
A third part to the system is laundry. Maytag Neptune® washers with their proprietary serial port is the key to this system. Again, PIC® microcontrollers and a custom RS485 network that begins at a touchscreen control computer with an HID® RFID card reader is employed.
A small circuit card is installed in each washer and connected to the RS485 network. The control computer runs proprietary custom written software as its shell on Windows XP®. A student loads laundry into a machine, noting the address printed on it, then scans his or her card at the touchscreen control computer, mounted on the wall. If it is authenticated, the address of the desired washer must be keyed into the touchscreen.
The student must then choose the desired cycle on the washing machine. The machine’s status can be viewed via the campus Intranet. There are around 100 washers on this system in various laundry rooms.
A COMPLETE FINANCIAL SYSTEM
RFID systems can be employed for much more than building access and security. When employed in vending, a complete financial system is created to allow purchases through credit or debit.
Making the RFID card of no cash value and keeping all transactions on a live database allow for online review of purchases and easy bookkeeping for the institution.
The adaptation of RFID from the campus security system to vending and laundry service has improved the school’s income. It demonstrates the benefits of cashless vending, and it also shows that the emerging RFID technology has numerous benefits.
RFID OFFERS THREE OPERATIONAL LEVELS
According to Wikipedia.org, RFID concepts have been in use since World War II. It was not until around 1970 that the current vision for the technology emerged. It has taken 20 to 30 years for this vision to begin to permeate our lives.
There are various “standards” for RFID implementation as well as various frequency bands and security levels. It can be confusing.
To simplify, there are basically three levels of RFID, in terms of operation. There are cards and tags that have a number encoded into the device. This may be done at the time of manufacture. The user purchases these devices and enters the RFID number encoded in the device into the local database.
Various other devices, such as a door, have an RFID reader that reads a card in close proximity.
The reader transmits a radio frequency that the card receives, then transmits its RFID number back to the reader. At that point, the reader transmits the data to a database that will either authenticate the user or deny access.
The next level is a card or tag that comes as a “blank.” It has the ability to be programmed with a unique code to identify whatever it is associated with. This is typically the kind of device that may be used in supply chain operations, or even retail sales or shipping.
The code is typically called and EPC or Electronic Product Code, like the UPC, Uniform Product Code, bar code, that consumers are more familiar with.
The reader typically does not write to the tag, even though there usually needs to be a writing station associated with this operation.
The third level of operation is similar to the second except that the reading devices may also write updated information back to the tag.
There are three modes of RFID tag power
operation as well:
• Passive, which means the tag has no power source. It is powered by the reader’s radio frequency transmission.
• Powered, which has a battery that runs the device completely.
• There is also battery assist, which has a battery to operate the microprocessor, but not the transmission of the signal back to the reader. That is accomplished in the same way as the passive.