Thales Gemalto Intelligent Document Reader AT10Ki

Reading Capability

The Gemalto Intelligent Document Reader AT10Ki reads the following documents:

• ICAO compliant documents in near infrared (IR) per ICAO 9303 specification
• One line Driving Licenses in near infrared (IR) per ISO18013 part 2 specification
• 1D barcodes (2 of 5 interleaved, 2 of 5 industrial, Code 128, code 39, EAN-8 and EAN-13)
• 2D barcodes used on BCBP and other documents (PDF 417, QR Code®, DataMatrixTM and Aztec formats) from paper documents and many mobile devices
  Reads using optional RFID antenna from contactless chips like eMRTD and eID according to:
• Contactless IC reading for ePassports (LDS 1.7 & 1.8) including basic access control (BAC), passive/active authentication (PA/ AA), Chip Authentication (CA), Terminal Authentication (TA), extended access control (EAC v1/v2) supplementary access control (SAC) and PACE-CAM are supported
• Contactless IC reading for eDL & iDL (electronic driving licenses to ISO18013 parts 2 &3 and ISO/CEI TR 19446) up to DG14 including basic access control (BAP v1), Password Authenticated Connection Establishment (PACE), passive/ active authentication (PA/AA), Chip Authentication (CA), Terminal Authentication (TA), supplementary access control (SAC) and extended access control (EAC v1) are supported

Reader Physical Interfaces

• USB 3.1 with USB Type-CTM connector, SuperSpeed up to 5 Gbps Gen 1 Specification Revision 1.0 ®®
• 10/100/1000 Mbps Ethernet to IEEE 802 .3
• WiFi IEEE 802.11b/g/n standards up to 150Mbps with WPA/ WPA2/WEP
• Bluetooth® v2.1, v3.0 and v4.0 (classic/Low Energy)
• Optional ISO 14443 (13.56MHz) Type-A and Type-B RFID eMRTD reader. All standardized rates, up to 848 Kbps, read-out times depend on RFID tag, operating system and amount of data stored in the chip
• Integrated USB 2.0 Hub in USB mode – 2 ports for external peripherals connected to upstream USB3 port via the hub1
• Integrated USB 2.0 Hub in Networked mode – 4 ports for external peripherals

Software Upgrade

• Software updates can be pushed to the reader via the Web-API over the network or locally using the browser interface
• Reader can check in for updates with a customer hosted update server, either automatically or in when prompted via Web-API
• All updates are digitally signed by Thales ensuring integrity & security

Identity Document Verification Option

Additional software provides Identity Document Verification including direct connection options with IDV and authentication back-end SaaS

Network Interface
The Web-API enables data and management of the reader over the Ethernet/WiFi network. It provides a similar feature set to the Gemalto Document Reader High Level API:

• The Web-API uses encrypted JSON messages to configure the
  read sequence and retrieve data and events from the reader. The on-board SDK provides image processing, OCR decode, barcode and eID chip protocols.
• Device discovery shows all the readers on the network and allows selection of a specific reader
• Typical programming languages include SwiftTM, Java, WebAssembly (for JavaScript), C# and C++

Browser Management Console
Just like any network device the iSeries readers have a management console which can be accessed using a browser which provides:

• Reader management including network parameter configuration • Manual reader provisioning
• Test and diagnostics

Device Management
The Gemalto AT10Ki family provides:

• Device provisioning capability for on-site & off-site network setup including network parameters, credentials, local descriptions, etc
• Any iSeries reader can be provisioned straight out of the box from a barcode that contains all the parameters
• Enterprise Services Framework for centralised fleet management
• Browser interface to manage the device, networks, certificates and keys
• Web-API interface to manage keys and certificates and show/select available readers
• mDNS device discovery (Bonjour)

Device Security
Security has been designed into the Gemalto Intelligent Document Reader AT10Ki so that you don’t have to implement it which leads to faster and cheaper PII compliance:

• Software updates are protected by digital signatures and secure server preventing unauthorized applications from being loaded
• Data is protected in flight using AES-256 with Diffie-Hellman key exchange and server authentication (customer installed shared
  secrets)
• WiFi protected by WPA/WPA2 protocols
• Only authorized connections can be made to the reader via proprietary protocols
• Personal data is not stored in the reader
• Slot for Kensington® Security Lock

Illumination
The reader illuminates documents in multiple wavelengths:

• Near IR B900: 880nm, +/-5%
• White visible: 400-700nm
• Ultraviolet (UVA): 365nm
• Co-axial (retroreflective) white light (400-700nm) for Thales ConfirmTM laminate (optional)

Resolution

• Sensor: 10 Megapixels, CMOS, RGB 36 bit color system for enhanced dynamic range
• High resolution 700 DPI imaging with in-camera scalable images

Regulatory

• FCC Part 15 Class A
• CB report
• US & CA ETL Listed
• CE – RED, LVD & EMC
• EU WEEE, REACH & RoHS Directive

Status Indicators

• The reader provides user feedback status indicators:
• Unique yellow Progress Bar
• Red Cross and Green Tick
• The readers perform a power-up self-test and indicate failure using status LEDs.

Power

• Powered from USB port, Power over Ethernet or via universal input external power supply1:
• External PSU:
  Input voltage 100 – 240 VAC plus/minus 10%, Frequency 47 – 63
  Hz Detachable IEC320 AC mains power cable
• Power Interface to IEEE® 802®.3af for a Powered Device (PD)
  typically 36-48V. Only for networked mode operation
• From a single USB 3 (900mA) or USB 2.0 (500mA). Requires at least 1.5A using USB-C for optimum performance. Only for USB mode operation

Service & Maintenance

• Two-year warranty
• Annual maintenance agreement available
• User changeable glass

Mechanical

• Length: 18.7 cm (7.4”)
• Width: 16.0 cm (6.3”)
• Height: 6.5 cm (2.6”) without hood, 10.3 cm (4.0”) with hood
• Weight: 1.1 kg (2.4 lbs)
• Low scratch, low-iron glass with oleophobic coating for low maintenance & easy cleaning
• Optional Chemically Strengthened glass to improve durability

Environment²

• Humidity: 20 to 95% (R.H. non-condensing)
• Temperature: -10o to 50o C operating; -20o to 50o C storage
• IP54 rating for dust ingress protection

Minimum host Specification in Net-worked mode

In Networked mode Thales provides a thin Messaging API which can run on any device, OS and language that supports JSON, WebSockets and ECDH key exchange, typically:

• Windows® 7, Windows® 8.1 or Windows® 10 operating systems, 32 or 64 bit
• Ubuntu and CentOS LTS, 32 & 64 bit
• iOS and macOS for iPhone and iPads, etc
• AndroidTMformobilephonesandtabletswithnetworkconnectivity
• Java JVM

USB Mode Operation

Legacy compatibility is provided through USB mode for users who want to manage a migration to networked operation:

• Compatible USB interface with AT10K reader using the same API interface provided by the Gemalto Document Reader SDK
• Not possible to use USB mode and Networked mode concurrently
• In USB mode the on-board processing is not used
• For specifications of the AT10Ki USB mode please see the AT10K Technical Data Sheet and user manual