TachoSync Company Card Authenticator: Difference between revisions
No edit summary |
|||
| (27 intermediate revisions by 3 users not shown) | |||
| Line 6: | Line 6: | ||
The '''Company Card Authenticator (CCA)''' is a software bridge that makes a tachograph company card accessible for remote downloads. | The '''Company Card Authenticator (CCA)''' is a software bridge that makes a tachograph company card accessible for remote downloads. | ||
*Tachograph files can only be | *Tachograph files can only be downloaded if the company card is periodically present during the authentication process. | ||
*CCA ensures that the tachograph server can “see” the card over the internet, even though the card itself is physically inserted into a card reader somewhere (either at the provider or the end-client). | *CCA ensures that the tachograph server can “see” the card over the internet, even though the card itself is physically inserted into a card reader somewhere (either at the provider or the end-client). [[TachoSync Company Card Authenticator#Smart Card Readers|Read below about company card readers]]. | ||
*CCA does not store tachograph files themselves. It only provides the “live presence” of the company card to the system. | *CCA does not store tachograph files themselves. It only provides the “live presence” of the company card to the system. | ||
==PC Requirements for CCA== | ==PC Requirements for CCA== | ||
Download availability depends on the '''machine hosting CCA being online and actively connected to TachoSync'''. | |||
PC Requirements for CCA: | PC Requirements for CCA: | ||
* OS: Windows 10; Windows 11. | * '''OS:''' Windows 10; Windows 11. | ||
* CPU: Intel or AMD processor with 64-bit support. | * '''CPU:''' Intel or AMD processor with 64-bit support. | ||
* Disk Storage: 500 MB of free disk space. | * '''Disk Storage:''' 500 MB of free disk space. | ||
* Internet connection: Required for downloading and operation. | * '''Internet connection:''' Required for downloading and operation. | ||
'''TachoSync authentication service IP address and port: | '''TachoSync authentication service IP address and port: | ||
| Line 26: | Line 26: | ||
==How to Install CCA== | ==How to Install CCA== | ||
===Download it from TachoSync UI=== | |||
[[File:CCA.png|right]] | [[File:CCA.png|right]] | ||
# Go to '''[https://tacho.teltonika.lt TachoSync]'''. | # Go to '''[https://tacho.teltonika.lt TachoSync]'''. | ||
| Line 32: | Line 33: | ||
# Open the downloaded file and install CCA. | # Open the downloaded file and install CCA. | ||
# Run CCA. | # Run CCA. | ||
Now you can connect card reader with a company card that will be used for remote authentication. | |||
For more information on how to add company cards, please refer to [ | For more information on how to add company cards, please refer to [[TachoSync_Interface#Adding_a_Company_Card|Adding a company card]]. | ||
===Version update via CCA=== | |||
# Another option is to update it directly from CCA's monitor view. Once a new version is available, a banner appears at the top of the CCA window. The banner contains the version number, release date and "Update" button. If the banner is dismissed, it does not re-appear until a new version is released. | |||
# Click "Update" - the download starts, progress is shown. | |||
# When download is completed, click "Install and restart". | |||
# If the update fails, retry from the "Version information" button (bottom-right). | |||
== Latest | ==Latest CCA version== | ||
{| class="wikitable" | |||
!Version!!Release Date!!Release Notes | |||
|- | |||
|'''2.1.0''' [[File:Download_zip.png|100px|link=Special:Redirect/file/Company_Card_Authenticator_v2.1.0.zip]]||'''2026-01-14''' | |||
|<ul style="margin:1;"> | |||
* Fixed an issue where company cards were not identified reliably when using Lisle Hyper Card racks. | |||
* Fixed a rare display issue where the same company card could appear duplicated in the monitor view when using standard smart card readers (PC/SC). | |||
</ul> | |||
|- | |||
|} | |||
{| class="wikitable" | {| class="mw-collapsible mw-collapsed wikitable" | ||
!Version!!Release Date! | |+ style="white-space: nowrap" | Older versions | ||
!Release Notes | |- | ||
!Version!!Release Date!!Release Notes | |||
|- | |||
|2.0.0||2025-12-18 | |||
|<ul style="margin:1;"> | |||
* Added version information to the CCA monitor, showing the installed version, release date, package size, and whether an update is available. | |||
* Added a version history view with release notes for recent CCA versions, accessible directly from the application. | |||
* Introduced in-app update flow, allowing users to download and install new versions directly from the CCA monitor view. | |||
* Added non-disruptive update notifications with the option to update immediately or postpone. | |||
* Improved stability when reading company card data via standard smart card readers (PC/SC), reducing cases where cards could become temporarily unresponsive. | |||
* Improved connection handling between the CCA application and the TachoSync service, allowing the system to recover more reliably from temporary or stale connections. | |||
* Improved internal handling of multi-threaded card operations to prevent rare issues during simultaneous card processing. | |||
</ul> | |||
|- | |- | ||
| | |1.2.1||2025-09-15 | ||
|<ul style="margin:1;"> | |<ul style="margin:1;"> | ||
* Fixed a rare issue where some smart card readers (PC/SC) did not retrieve ATR command correctly. | * Fixed a rare issue where some smart card readers (PC/SC) did not retrieve ATR command correctly. | ||
* Fixed an issue with Lisle devices where a card slot could appear occupied, but the card information was missing. The system now re-checks the slot to ensure the card is properly recognized. | * Fixed an issue with Lisle devices where a card slot could appear occupied, but the card information was missing. The system now re-checks the slot to ensure the card is properly recognized. | ||
</ul> | </ul> | ||
|- | |- | ||
|1.2.0||2025-09-11 | |1.2.0||2025-09-11 | ||
|<ul style="margin:1;"> | |<ul style="margin:1;"> | ||
* Improved authentication speed when using Lisle Hyper Card racks – authentication is now 3–4 times faster compared to the previous version. | * Improved authentication speed when using Lisle Hyper Card racks – authentication is now 3–4 times faster compared to the previous version. | ||
| Line 58: | Line 84: | ||
</ul> | </ul> | ||
|- | |- | ||
|1.1.0||2025-07-04 | |1.1.0||2025-07-04 | ||
|<ul style="margin:1;"> | |<ul style="margin:1;"> | ||
* Disabled internal logging to internal.log, keeping only the main application logs. This prevents uncontrolled file growth and simplifies troubleshooting. | * Disabled internal logging to internal.log, keeping only the main application logs. This prevents uncontrolled file growth and simplifies troubleshooting. | ||
| Line 66: | Line 92: | ||
</ul> | </ul> | ||
|- | |- | ||
|1.0.0||2025-04-25 | |1.0.0||2025-04-25 | ||
|<ul style="margin:1;"> | |<ul style="margin:1;"> | ||
* Reduced memory usage to improve performance and stability. | * Reduced memory usage to improve performance and stability. | ||
| Line 78: | Line 104: | ||
[[File:Company Card Authenticator interface window.png|link=Special:Redirect/file/Company Card Authenticator interface window.png|frame|200px|alt=Company Card Authenticator interface|Company Card Authenticator interface]] | [[File:Company Card Authenticator interface window.png|link=Special:Redirect/file/Company Card Authenticator interface window.png|frame|200px|alt=Company Card Authenticator interface|Company Card Authenticator interface]] | ||
The CCA provides the name of the connected | The CCA provides the name of the connected reader(s) and the following information in a table: | ||
* Card slot - identifier of card slot in the reader. | * Card slot - identifier of card slot in the reader. | ||
* Card ID - a unique identifier assigned by the smart card chip - '''copy this ID to TachoSync when adding a new company card - see | * Card ID - a unique identifier assigned by the smart card chip - '''copy this ID to TachoSync when adding a new company card - see [[TachoSync Interface#Companies|“Companies”]] for more information'''. | ||
* Card Number - card serial number that is printed on the card (and encoded electronically) that uniquely identifies the card. | * Card Number - card serial number that is printed on the card (and encoded electronically) that uniquely identifies the card. | ||
* Status - card status. | * Status - card status. | ||
| Line 87: | Line 113: | ||
* Valid until - validity end date. | * Valid until - validity end date. | ||
In the bottom-right of the window, the information icon allows seeing version information in-app: | |||
*The service provider | [[File:Company Card Authenticator verion_information.png|370x370px]] | ||
==CCA Hosting Models== | |||
'''A. Centralized Card Management (Provider-hosted CCA) | |||
*The service provider hosts the company cards of the end-clients. | |||
*These cards are stored in card hotels / hyper-racks (hardware racks that can host many cards at once). | *These cards are stored in card hotels / hyper-racks (hardware racks that can host many cards at once). | ||
*The CCA software runs on the provider’s infrastructure, making all stored cards available to | *The CCA software runs on the service provider’s infrastructure, making all stored cards available to TachoSync. | ||
'''Key highlights: | '''Key highlights: | ||
| Line 99: | Line 128: | ||
*Works best for providers serving many small transport companies that do not want local IT hassle. | *Works best for providers serving many small transport companies that do not want local IT hassle. | ||
''' | '''B. Local Deployment (End-client hosts CCA) | ||
*The end-client (transport company) keeps the company card on-site, usually in a single-slot USB smart card reader connected to a PC. | *The end-client (transport company) keeps the company card on-site, usually in a single-slot USB smart card reader connected to a PC. | ||
*The CCA application is installed on that PC. | *The CCA application is installed on that PC. | ||
| Line 107: | Line 136: | ||
*No logistics of sending cards away. | *No logistics of sending cards away. | ||
*The provider doesn’t need to maintain a card hotel. | *The provider doesn’t need to maintain a card hotel. | ||
==Smart Card Readers== | |||
To securely access and download tachograph data, logistics companies must use a company card — an official smart card issued by authorities. | |||
It proves company ownership of vehicles and unlocks access to the data stored in smart tachographs. | |||
===Single-slot Smart Card Readers=== | |||
[[File:Single slot smart card reader Identiv.jpg|thumb|alt=Single-slot smart card reader (© Identiv, 2025)|Single-slot smart card reader (© Identiv, 2025)]] | |||
Single-slot smart card readers are an effective and cheap solution for small companies to manage several company cards. Usually, up to 10 readers can be connected via USB to a single Windows PC/server. | |||
Examples of single-slot smart card readers: | |||
* [https://www.hidglobal.com/products/omnikey-3021 HID OMNIKEY 3021] | |||
* [https://support.identiv.com/2700r/ Identiv uTrust 2700 R] | |||
Requirements for single-slot smart card readers: | |||
* [[TachoSync Company Card Authenticator | Company Card Authenticator]] installed on the managing PC/server. | |||
* Every single-slot smart card reader may have specific drivers and other requirements. | |||
===USB Limitations with Single-slot Smart Card Readers=== | |||
When using a small number of company cards, standard USB smart card readers are usually sufficient. However, as the number of connected cards increases, USB-based solutions begin to reach practical and architectural limits. | |||
Modern operating systems and USB controllers are designed for general-purpose peripherals, not for handling dozens of continuously active smart card readers in parallel. In larger setups, this can lead to issues such as: | |||
* Unstable device enumeration when many readers are connected. | |||
* Increased likelihood of communication timeouts or unresponsive cards. | |||
* Limited ability to reliably scale beyond a certain number of readers per host. | |||
* Reduced overall stability when readers are frequently accessed simultaneously. | |||
These limitations are not specific to TachoSync or Company Card Authenticator, but are inherent to how USB buses, hubs, and smart card drivers operate at scale. | |||
'''For environments that require many company cards to be available at the same time''' (e.g., large fleets or service providers), dedicated "card hotel" solutions (multiple-slot smart card readers) provide a more reliable architecture. | |||
Systems like Lisle Hyper Card racks, are designed specifically for high-density smart card usage and address USB limitations by: | |||
* Centralizing card communication through controlled hardware interfaces. | |||
* Managing card identification and access in a predictable and scalable way. | |||
* Reducing dependency on multiple individual USB readers and hubs. | |||
* Improving stability when dozens of cards are inserted and accessed concurrently. | |||
By using a "card hotel" solution, Company Card Authenticator can operate more reliably in large-scale deployments, ensuring consistent card detection, authentication, and long-term stability. | |||
For a deeper technical explanation of USB limitations and how card hotel systems address them, see [https://www.lisledesign.com/usb-limitations here]. | |||
===Multiple-slot Smart Card Readers=== | |||
[[image:Hyper-card-rack-120-img3.png|thumb|alt=Multiple-slot smart card reader (© Lisle, 2025)|Multiple-slot smart card reader (© Lisle, 2025)]] | |||
Multiple-slot smart card readers are the preferred solution when tens of hundreds of smart cards need to be managed. Multiple-slot readers help avoid most USB limitations and are easily scalable. | |||
Examples of multiple-slot smart card readers: | |||
* Lisle Design Hyper Card Rack readers | |||
** [https://www.lisledesign.com/products/hyper-card-rack-120 Hyper Card Rack™ 120 - Lisle Design] | |||
** [https://www.lisledesign.com/products/hyper-card-rack-20 Hyper Card Rack™ 20 - Lisle Design] | |||
* Lisle Design Standard Card readers – limited scalability compared to the Hyper series | |||
** [https://www.lisledesign.com/products/standard-card-desktop-6 Standard Card Desktop 6 - Lisle Design] | |||
More information about Lisle card reader differences can be found [https://www.lisledesign.com/card-reader-comparison here]. | |||
Lisle Design Hyper Card Rack requirements: | |||
* [[TachoSync Company Card Authenticator | Company Card Authenticator]] installed on the managing PC/server. | |||
* Drivers for the rack: [https://ftdichip.com/drivers/vcp-drivers/ VCP Drivers - FTDI]. | |||
<br> | |||
===Multiple Rack Configuration=== | |||
More than one multiple-slot readers can be connected to a server. | |||
In this case, each Lisle Design Hyper Card Rack™ 20 or Hyper Card Rack™ 120 must be configured using the „DIP“ switches. | |||
The DIP switches set the index of the rack in a sequence as a binary number, e.g.: | |||
* First rack: 0000 (all switches off) | |||
* Second rack: 0001 (first switch on) | |||
* Third rack: 0010 (second switch on) | |||
* Fourth rack: 0011 (first and second switches on) | |||
* Etc. | |||
{| style="margin: 0 auto;valign=" left"" | |||
|[[File:Hyper-card-rack-120-img5.png|thumb|left|x300px|DIP switches, lower right (© Lisle, 2025)]] | |||
|[[File:Hyper-card-rack-120-img4.png|thumb|left|x300px|Multiple racks connected (© Lisle, 2025)]] | |||
|} | |||
===<u>Troubleshooting</u>=== | |||
{| class="mw-collapsible mw-collapsed" | |||
!Cards become unresponsive after inactivity | |||
|- | |||
| | |||
'''<u>Symptoms</u>''' | |||
* CCA shows as ''connected''. | |||
* Company cards become unresponsive or show communication errors after a period of inactivity. | |||
* Restarting the '''CCA Windows service''' restores functionality temporarily. | |||
'''<u>Cause</u>''' | |||
* Windows '''USB selective suspend''' may put idle USB ports into a low power state. | |||
* USB smart card readers do not always recover correctly when the port resumes. | |||
* As a result, CCA loses communication with the reader. | |||
'''<u>Workarounds</u>''' <br> | |||
'''<big>Option A</big> — Disable USB selective suspend (recommended)''' | |||
* Control Panel → Hardware and Sound → Power Options | |||
* Change plan settings → Change advanced power settings | |||
* USB settings → USB selective suspend setting → '''Disabled'''. | |||
* Apply for Plugged in (and On battery, if applicable). | |||
'''<big>Option B</big> — Disable USB power management per device''' | |||
* Open '''Device Manager'''. | |||
* Expand '''Universal Serial Bus controllers'''. | |||
* For each '''USB Root Hub''': | |||
** Right click → Properties → Power Management. | |||
** Uncheck '''Allow''' the computer to turn off this device to save power. | |||
'''Notes:'''<br> | |||
* This is a '''Windows power management behavior''', not a CCA defect. | |||
* The issue is more likely to occur on non‑dedicated PCs with active power‑saving settings. | |||
* For dedicated CCA hosts, '''Option A''' is usually the simplest solution. | |||
''For more information'':<br> | |||
[https://learn.microsoft.com/en-us/windows-hardware/drivers/usbcon/usb-selective-suspend Microsoft documentation]|[https://www.pugetsystems.com/support/guides/how-to-disable-usb-selective-suspend-1190/ Puget Systems guide]|[https://www.ninjaone.com/blog/configure-usb-selective-suspend/ NinjaOne guide] | |||
|} | |||
==FAQ Company Cards== | ==FAQ Company Cards== | ||