I recently worked on a security application where the employee used a swipe card to identify themselves at certain locations. The event of identifying themselves was transmitted to a server, which had a database which contained the mapping from the serial number of the swipe card to the name of the employee.
All o f the employee records existed in a database. As we added cards to the system, the long and unwieldy swipe card number had to be entered manually into the employee’s record to create the mapping. As with any long-number entry, there is a risk that the number was entered incorrectly. Checksums within the serial number detected some faults but it was still not very satisfactory. And if the mistake was not discovered immediately, it led to hassle for the employee and supervisor the first time the card was used.
As we thought through this challenge, one option would have been to add a card reader to the server, or the PC accessing the server, and allow a card to be swiped instead of typing in the number. This added a number of unwelcome challenges. This reader would be different from the already installed readers since the communications link was different. The server was updated via the web, so you could not be sure where the user would be located, and restricting them to one location or PC would be troublesome.
Many solutions look so obvious after the fact and this was one of those cases. We eventually realized that the scenario where a card is unrecognised also provided the ideal opportunity to enter the correct user name.
So when the card is not recognised, instead of simply rejecting the user, the supervisor has the opportunity of picking a name from a list of employees, and the mapping from card number to employee is then created. This solution requires no extra hardware. The supervisor no longer has to type in long error prone numbers. The card can be swiped at any location, so when a new employee receives his card he simply goes to his nearest access point, and over the phone, tells the supervisor that he is about to swipe for the first time. The swipe is unrecognised, and the supervisor sees the new serial number, and its location, and links it to the appropriate employee.
This is a case of applying a principle called equal opportunity. It means that something that was delivered as output to the user can be turned around and used as input. This means that the user never has to enter the original data, since they received that data as output. Another example would be receiving a call on your cell phone from an unrecognised number, and being allowed to add it as a contact without having to type in the number all over again.
My online tutorial on equal opportunity provides a number of other examples of this useful technique:
http://www.panelsoft.com/tut_equal/index.htm
