Don't be limited with functionality and don't pay for empty databases. Introducing our Cloud Based Enterprise ID Enrollment Solution starting at $80.00 per month!
CardExchange® Cloud Suite is the first one of its kind to offer ID card management allowing you all the features and functionality and only pay for what you use. We offer fully dedicated enterprise ID enrollment solution that scalable to fit any type or size organization. It is the first offering an easy online subscription based solution where you are not paying for an empty database, you simple pay for the records you need...that's it!
What would it mean to your organization if you could streamline all your business rules and card management into one centralized application? Take away the manual checklists and automate your process to enhance your card production application.
CardExchange® Cloud Suite brings centralized ID card management availability to everybody with three powerful products:
1. Controller CMS: The heart of the system that manages and controls all your card holders in your organization while keeping all your back office systems up to date with real time updates.
2. The Stand: A self-service portal connected to the Controller CMS that can be accessed online from any devices such as a mobile phone or tablet. Add your students and/or your employees are part of your ID card and credential management system and reduce your backup lines during high volume enrollments, allow users to activate card, upload photos, and more.
3. The Press: A customized version of our popular CardExchange® Producer ID card production software, The Press allows you to take your ID card production to the next level with a complete inline and manageable enrollment system. Central or de-central enrollment, local or network printing, it can all be done with just one click of a button!
Our CardExchange® Cloud Suite is offering powerful tools for secure ID management processes within your organization, serving multiple verticals and provided as a Software as a Service (SaaS) solution, built on the trusted Microsoft’s Azure™ infrastructure, using proven technologies offering the highest security standards.
No difficult installations, configurations, project management, etc. Just sign up today for your FREE trial and start today!
The unique component in our system is what we call the Active ID. The Active ID is a record in our application that represents and is associated to a person in your organization. You only pay for this person when it has an active. For example, you can have 10,000 Active ID records but only 1,000 are active. Therefore you only pay your subscription based on your Active IDs. With our scalable solution we offer any size company enterprise functionality. With subscription plans starting at $ 80.00 dollar per month you get features and functionality such as:
Hosted and built on Microsoft Azure™ we use their proven technologies to guarantee high level security, speed and productivity. With the ultimately flexibility in choice where your data is hosted, we offer hosting locations throughout the world for you to choose from when signing up.
Our suite can communicate with any database system you have available in your organization. Easy scheduling importing information into our suite back office, as well as reporting information back to connected databases including defined business logic at no additional cost!
ID card management and enrollment solutions are know to be expensive and complex. Our suite works with the unique Active ID approach that offers you perfect control of your cost, the less you need, the less you pay but still have access to all enterprise features.
Our powerful REST-API offers you the opportunity to develop your own integrations and connectors towards our suite back office. This unique product, the Bridge, is easy to integrate and follows the latest standards. Of course we are also happy to assist with specific integrations needed for your situation. We are constantly developing new integrations for our cloud product based on our REST-API.
Following the highest standards in data protection, our suite solution is based on GDPR, currently known as the highest protection in regard to personal data. Our hosting options are enclosed instances, no data travels to other hosting locations.
To offer the highest user authentification but at the same time flexibility for your users, our suite uses authentication based in IdentityServer4 for managing access to all our applications and offers authentication with your Microsoft, Google, Facebook, or any Open ID Connect supporting system.
CardExchange® Cloud Suite is hosted on Microsoft Azure™ and is based on the structure as you can see in the presented diagram. The processes of authentication and data are running at your hosting location of your choice and all these services are offered via a single point of access called the Application Gateway.
The Application Gateway receives the client request and directs them through the Web Application Firewall (WAF) to the correct service on Azure™. The Web Application Firewall analyzes the content and takes care that suspicious requests are being blocked, to avoid attaches that could compromise the system.
Transparant Data Encryption (TDE) is used to encrypt SQL Server, Azure™ SQL Database, and Azure SQL Data Warehouse data files in real time, using a Database Encryption Key (DEK), which is stored in the database boot record for availability during recovery. TDE protects data and log files, using AES and Triple Data Encryption Standard (3DES) encryption algorithms. Encryption of the database file is performed at the page level. The pages in an encrypted database are encrypted before they are written to disk and are decrypted when they’re read into memory.
Microsoft® uses the Transport Layer Security (TLS) protocol to protect data when it’s traveling between the cloud services and customers. Microsoft datacenters negotiate a TLS connection with client systems that connect to Azure services. TLS provides strong authentication, message privacy, and integrity (enabling detection of message tampering, interception, and forgery), interoperability, algorithm flexibility, and ease of deployment and use.
CardExchange® Cloud Suite only supports Https connections using TLS1.2 or higher.
One of the most important aspects of an ID enrollment is the communication with the back offices inside your organization. Think about HR systems or Student Registration system that contain valid information needed for the enrollment. The business logic will determine when an ID can be enrolled to a employee or student, but when it is enrolled, the back offices need to be informed when the ID becomes active. Connectors are a key element in this as they inform the back offices about the status of the ID. Is it active, cancelled, lost, or stolen, etc. In any of these situations, back offices like access control, vending, library, etc., need to be properly informed.
Our cloud connectors are also generally a .NET Core web API that will run in Azure, although these can run locally as well if needed using IIS or as a Windows service for example. We have available Hangfire for scheduling, queueing jobs and monitoring. CardExchange® Cloud Suite offers two types of connectors: Incoming and Outgoing connectors. New connectors are constantly being developed and made available via our CardExchange® Cloud Portal.
The incoming connector can communicate directly with other systems using their API, preferably this would be a REST API made available by the system vendor. Incoming connectors can also communicate directly with a database hosted in the cloud, or local databases.
The incoming connector initiates the communication and reads from the source system, it then adds or updates the records in Controller based on the business logic defined.
All communication with the incoming connector goes through the Web Application Firewall.
Azure™ Key Vault helps safeguard cryptographic keys and secrets that cloud applications and services use.
Without proper protection and management of the keys, encryption is rendered useless. Key Vault is the Microsoft-recommended solution for managing and controlling access to encryption keys used by cloud services. Permissions to access keys can be assigned to services or to users through Azure™ Active Directory accounts.
Key Vault relieves organizations of the need to configure, patch, and maintain hardware security modules (HSMs) and key management software. When you use Key Vault, you maintain control. Microsoft never sees your keys, and applications don’t have direct access to them. You can also import or generate keys in HSMs.
To be able to respond quickly to specific customer needs and offer high speed, secure applications, the development platforms for CardExchange® Cloud Suite have been specifically choosen to do the job.
If it comes the front end development, the Controller CMS and The Stand are built in Angular. As Angular is a JavaScript framework and Controller CMS and The Stand are single-page applications, the client computer downloads the front-end code to the browser when initially accessing Controller CMS or Stand. From then on, the browser communicates directly with the back end.
The CardExchange® Cloud Suite back end The back end is a .NET Core web API. It translates requests from the client into SQL queries and sends them to the database, after which the results are sent back to the client in an appropriate format.
Our outgoing connectors are connections between the back end and external systems that send data to those systems in reaction on actions performed by the end user.
Outgoing connectors should preferably use web hooks, these can be configured based on a change to the persons ID card status in Controller CMS. This means that the webhook can be sent, for example, when a ID or card is activated or blocked. The connector can then send a request via the API to get the full data for that specific record or action which greatly reduces network traffic and offers a real-time experience.
Imagine an ID card management solution with no compromise in functionality, controlling your ID's from any device!
Imagine an self service portal that allows student or employees to manage their ID's request and photos on any device!
Imagine an card production solution offering inline smart card encoding at service desks, including card service bureau functionality!
Imagine an ID card management solution with no compromise in functionality, controlling your ID's from any device!
Imagine an self service portal that allows student or employees to manage their ID's request and photos on any device!
Imagine an card production solution offering inline smart card encoding at service desks, including card service bureau functionality!