This document describes how to configure off box authentication to a Solution Partner Authentication
server with a USB card reader using the new open USB standard. The USB card reader is connected
directly to the USB port on the Xerox machine. When the USB card reader is connected to the machine,
an external card reading controller is no longer required.
This feature is used to control access to the MFP via employee badge to a partner authentication server.
Once the server is setup to communicate with the device and selected Services are locked at the LUI,
access to those 'locked' services will only be granted to walk up users with valid cards and/or System
Supported Reader Technology
Employee badges can contain one or multiple technologies for storing user identity information. The 4
prominent methods in use today are Wireless which is also known as Proximity, Magnetic Stripe, Visual
Barcode and Smart Cards. This document addresses support for Proximity, Magnetic Stripe and Visual
Barcode readers. There are two classes of proximity readers, those which can read the Card Serial
Number (CSN) and those which can read from secure memory segments contained on specific card
types. This solution will only support proximity readers which send the CSN.
Smart Card Authentication (CAC / PIV / .NET etc) are addressed in the Smart Card feature
This feature is designed to read data from an employee badge and to package that data into a message
which is sent to the server running software from a solution provider. This requires that the solution
provider has developed their software to be compatible with this feature using the Convenience
This feature enables solution providers to provide authentication, pull printing and accounting which is
tied the user associated with the employee's badge. This feature is configured using most of the Xerox
Secure Access set up screens but is not compatible with the Xerox Secure Access feature itself. It is not
compatible with the white card readers supplied as part of Xerox Secure Access.
Each of the currently approved badge readers has internal intelligence to read a card and to acknowledge
success by blinking the LED or creating sound with the beeper on the reader itself. Note that this
behavior is different than with the Xerox Secure Access (XSA) solution. With XSA, the authentication
server is in control of the LED on the reader. This means users will observe faster acknowledgement that
their card has been recognized because that recognition does not require communication with a server.
A side effect is that the LED indications will not be consistent with those of the XSA solution.
The card readers will have power applied when the MFP is awake and while it is in Sleep mode. A card
swipe will take the MFP out of Sleep mode and will initiate an authentication sequence. To meet EPA
USB Card Reader Configuration Guide 2