ASSA ABLOY - Aperio® Access Control Readers

Motion detection is a key feature of security systems in residential and commercial environments. Until recently, systems have relied heavily on closed circuit television (CCTV) and passive infrared (PIR) sensors, which both require significant investment and infrastructure to install and monitor. Developments in wireless technology are increasing home security possibilities. Few years ago, these developments led Cognitive Systems to discover that the wireless signals surrounding oneself can be used to detect motion. Known in the wireless industry as WiFi sensing, this technology brings many benefits that other motion detection solutions have not been able to provide. The working of WiFi sensing At Cognitive Systems, the company has used WiFi sensing technology to develop a motion detection solution called WiFi Motion™, which measures and interprets disruptions in RF signals transmitted between WiFi devices. When movement occurs in a space, ripples in the wireless signals are created. WiFi Motion interprets these ripples and determines if an action, such as sending a notification, is needed. Enabling this functionality in a space is incredibly simple. With a software upgrade to only one’s WiFi access point (or mesh router), motion sensing capabilities are layered into one’s WiFi network. Existing connected WiFi devices then become motion detectors without detracting from their original functions or slowing down the network. Using artificial intelligence (AI), WiFi Motion establishes a benchmark of the motionless environment and learns movement patterns over time, which could be used to predict trends. This allows unusual movement patterns to be detected with greater accuracy while decreasing the potential for costly false alerts. WiFi Motion requires no line-of-sight or installation WiFi sensing and other home monitoring solutions All of these capabilities are made possible by WiFi sensing and together create a motion detection system that provides unparalleled accuracy, coverage, privacy and affordability compared to other solutions on the market. PIR integration is far more complex and imposes electronic and physical design restrictions compared to WiFi sensing. In terms of placement, PIR systems are difficult to install, requiring line-of-sight and a device in every room for localization. WiFi Motion requires no line-of-sight or installation and is also a scalable solution compared to PIR. Much like cameras, PIRs can only cover so much space, but WiFi Motion can cover the entire home and even detect motion in the dark and through walls, without adding additional devices to the home. WiFi Motion detects less distinguishing context than cameras and microphones, but more context than regular PIR sensors for the perfect balance of privacy and highly accurate motion detection. Privacy solution While cameras have been the security solution for years, WiFi Motion offers a more affordable solution that can rival the privacy and coverage capabilities of even the most high-end cameras. With such a wide coverage area, one might think that WiFi sensing infringes on privacy, but actually, the opposite is true. With WiFi Motion, the contextual information collected cannot be used to identify a specific individual, unlike cameras which can clearly identify a person’s face or microphones, which can identify a person’s voice. It is different from other smart home security options that use cameras and microphones because it only senses motion using WiFi signals - it doesn’t “see” or “listen” like a camera or microphone would. This provides opportunities for added security in spaces where privacy might be a concern and installing a camera may not be a comfortable solution, such as bathrooms and bedrooms. The data collected is also anonymized and highly encrypted according to stringent industry privacy standards. Existing connected WiFi devices then become motion detectors Additional WiFi sensing applications Since WiFi sensing technology requires no additional hardware or subscription fees, it is much more affordable than other motion detection solutions. It can be used as a standalone solution, or it can be easily layered into more complex systems. This ease of integration, scalability and relatively low cost brings a lot of potential for various applications. Motion detection can trigger other smart devices in the network to turn lights on or off In eldercare, for example, WiFi sensing can be used to help seniors live comfortably in their homes for as long as possible. With the increasing aging population and high costs associated with care homes, the market for this application is considerable. Caregivers can use an app to monitor movement in their loved one’s home and be alerted about unusual movement patterns that could indicate a concern. For smart homes and other environments that have a network of smart devices, the artificial intelligence (AI) component of the technology allows for improvements to automated features. Motion detection can trigger other smart devices in the network to turn lights on or off or make adjustments to the temperature in a room. Security for the commercial sector For office buildings and other commercial properties, it is easy to see how all of these features could be scaled up to offer a highly accurate and cost-effective motion sensing and smart device automation solution. Cognitive Systems is closely involved with the development of WiFi sensing technology, working with various industry groups to establish standards and help it reach its full potential. WiFi Motion is merely the tip of the iceberg in terms of motion sensing possibilities, but its applications in the world of security are undeniably compelling. It is an exciting time for the wireless industry, as one works with stakeholders in the security space to explore everything this technology can do.

The emergence of smartphones using iOS and Android is rapidly changing the landscape of the IT industry around the world. Several industries, such as digital cameras, car navigation, MP3, and PNP, have been replaced by equivalent or even better performance using smartphones. Smartphones provide increasing portability by integrating the functions of various devices into a single unit which allows them to connect to platforms with network-based services and offer new services and conveniences that have never been experienced before. These changes have expanded into the access control market. Although not yet widespread, ‘Mobile access cards’ is one of the terminologies that everyone has been talking about. RF cards used for access security are being integrated into smartphones just as digital cameras and MP3s were in the past. While people might forget their access cards at home in the morning, they seldom forget their smartphones. Using smartphones for access control increases entry access reliability and convenience. Mobile/smartphone access control A key aspect of mobile credential is that it makes it possible to issue or reclaim cards without face-to-face interaction As in other markets, the combination of smartphones and access cards is creating a new value that goes beyond the simple convenience of integration enhancing the ability to prevent unauthorized authentication and entrance. People sometimes lend their access cards to others, but it is far less likely they might lend their smartphone with all their financial information and personal information – to another person. This overcomes an important fundamental weakness of RF cards. Another valuable aspect of mobile credential is that it makes it possible to issue or reclaim cards without face-to-face interaction. Under existing access security systems, cards must be issued in person. Since card issuance implies access rights, the recipient’s identification must be confirmed first before enabling the card and once the card has been issued, it cannot be retracted without another separate face-to-face interaction. Mobile access cards In contrast, mobile access cards are designed to transfer authority safely to the user's smartphone based on TLS. In this way, credentials can be safely managed with authenticated users without face-to-face interaction. Mobile cards can be used not only at the sites with a large number of visitors or when managing access for an unspecified number of visitors, but also at the places like shared offices, kitchens and gyms, currently used as smart access control systems in shared economy markets. The market share of mobile access cards today is low even though the capability can offer real benefits to users and markets. While the access control market itself is slow-moving, there are also practical problems that limit the adoption of new technologies like mobile access cards. Use of Bluetooth Low Energy technology While NFC could be an important technology for mobile credential that is available today on virtually all smartphones, differences in implementation and data handling processes from various vendors prevents universal deployment of a single solution to all devices currently on the market. Accordingly, Bluetooth Low Energy (BLE) has been considered as an alternative to NFC. Bluetooth is a technology that has been applied to smartphones for a long time, and its usage and interface are unified, so there are no compatibility problems. However, speed becomes the main problem. The authentication speed of BLE mobile access card products provided by major companies is slower than that of existing cards. Enhancing credential authentication speed Authentication speed is being continuously improved using BLE's GAP layer and GATT layers The second problem is that mobile access cards must be accompanied by a supply of compatible card readers. In order to use mobile access cards, readers need to be updated but this is not a simple task in the access control market. For 13.56 MHz smart cards (which were designed to replace 125 kHz cards), it has taken 20 years since the standard was established but only about half of all 25 kHz cards have been replaced so far. Legacy compatibility and the need for equivalent performance, even with additional benefits, will drive adoption timing for the Access Control market. While BLE technology helps resolve the compatibility problem of mobile access cards, it can identify some breakthroughs that can solve the speed problem. Authentication speed is being continuously improved using BLE's GAP layer and GATT layers, and new products with these improvements are now released in the market. Making use of key improvements allows Suprema's mobile access card to exhibit an authentication speed of less than 0.5 seconds providing equivalent performance to that of card-based authentication. AirFob Patch MOCA System's AirFob Patch addresses the need for technological improvements in the access control market in a direct, cost effective, and reliable way – by offering the ability to add high-performance BLE to existing card readers – enabling them to read BLE smartphone data by applying a small adhesive patch approximately the size of a coin. This innovative breakthrough applies energy harvesting technology, generating energy from the RF field emitted by the existing RF reader – then converting the data received via BLE back into RF – and delivering it to the reader. By adding the ability to use BLE on virtually any existing RF card reading device, MOCA allows greater ability for partners and end users to deploy a technologically-stable, high performance access control mobile credential solution to their employees, using devices they already own and are familiar with. Adding MOCA AirFob Patch eliminates the need to buy and install updated readers simply to take advantage of mobile credential, lowering costs and risks, and increasing employee confidence and convenience. Growth forecast of mobile access card market in 2020 In 2020, forecasts show that the mobile access card market will grow far more rapidly Several companies have entered the mobile access card market, but they have not set up a meaningful product solution stream until 2019. In 2020, forecasts show that the mobile access card market will grow far more rapidly. Reviewing new entries into the market allows identification of the latest products that provide improving solutions to compatibility and speed problems. MOCA AirFob Patch addresses development plans in process today that overcome the legacy installed base of card readers – allowing rapid creation of an environment that can make immediate use of BLE mobile access cards. Integrated mobile digital ID With proven usability and within suitable environments, mobile access cards will also begin to make inroads into other markets, not just the access control market. In the sharing economy market, which seeks access management without face-to-face interaction, the integrated mobile digital ID led by the 'DID Alliance' will serve as a technical tool that can be used in access authentication – forging increasing links between the access control and digital ID markets.

Entrance control and access control - of the physical kind - are common terms in the security industry which are often used interchangeably, but should they be? Having worked both sides of the fence, with previous roles at TDSi and HID and now the Major Accounts and Marketing Manager at Integrated Design Limited, Tony Smith highlights the subtle but important differences between these two terms and the systems they refer to, outlining how they should work together to achieve optimal security. Access control is a system which provides discriminating authentication Access control provides a discriminating authentication process and comprises the software or hardware that defines the criteria for acceptance or denial Used to describe a system which performs identification of users and authentication of their credentials (deciding whether or not the bearer of those credentials is permitted admission) access control is an incredibly broad term. Access control provides a discriminating authentication process and comprises the software or hardware that defines the criteria for acceptance or denial of an individual to a restricted area. Entrance control – such as security turnstiles - takes the output of that validation and has the capability to see whether that criteria is being adhered to, either granting or denying access as appropriate. Entrance control is the hardware responsible for keeping people honest If access control verifies authorized personnel using their credentials – their face, fingerprints, PIN number, fob, key card etc – and decides whether or not they are permitted access, entrance control is the hardware which enforces that decision by making users present their credentials in the correct way, either opening to allow pedestrian access or remaining closed to bar entry and potentially raising an alarm. For example, a card reader acts as an access control device, recognizing the card holder as having the correct permissions and saying ‘yes, this person can pass’. But, it’s the entrance control system – a turnstile, for example – which actually physically allows or denies access. Physical access and video surveillance Some entrance control systems don’t feature a physical barrier, however. Fastlane Optical turnstiles will not physically stop an unauthorized person from passing through, and instead alarm when someone fails to present valid credentials, alerting security staff that a breach has occurred. These kinds of turnstiles are suited to environments which just need to delineate between the public and secure side of an entrance, with less need to physically prevent unauthorized users from entering. State of the art access control integrations have been installed for award-winning complex, The Bower It’s also possible to capture video footage of any incidents, allowing security personnel to identify users failing to abide by the access control system’s rules, using It’s also possible to capture video footage of incidents, allowing security personnel to identify users failing to abide by access control system rules the footage to decide on the level of response required. The breach could have been the result of a member of staff being in a hurry and failing to show their card before passing through, in which case they can be reminded about the security protocol. Or, it could be an unidentified person who needs to be escorted from the premises. Entrance control and access control working together For optimum security, access control and entrance control should work together, with the entrance control system enhancing the use of the access control system, making it more efficient and better value for money. The two can’t effectively operate without each other. Security turnstiles, for example, require something to tell them that someone is about to enter – the access control system does this – and, the access control system needs a method of stopping people when they don’t badge in correctly. The two systems are complementary.

The emergence of smart cities provides real-world evidence of the vast capabilities of the Internet of Things (IoT). Urban areas today can deploy a variety of IoT sensors to collect data that is then analyzed to provide insights to drive better decision-making and ultimately to make modern cities more livable. Safety and security are an important aspect of smart cities, and the capabilities that drive smarter cities also enable technologies that make them safer. We asked this week’s Expert Panel Roundtable: What are the physical security challenges of smart cities?

Retrofit projects provide new levels of physical security modernisation to existing facilities. However, retrofits come with their own set of challenges that can frustrate system designers and defy the efforts of equipment manufacturers. We asked this week’s Expert Panel Roundtable: What are the biggest challenges of retrofit projects, and how can they be overcome?

Businesses, large and small, create data which needs protecting, whether in an onsite server room or co-located at a data center. When a business imagines a corporate data breach, they’re probably picturing black-hat hackers pursued by cybercrime investigators. The reality is often more mundane. Only around a half of breaches involve hacking, according to one recent report. Gaps in the physical security, the business’ data and servers are equally important targets. Perhaps the company director leaves their laptop on the train. Or an unauthorized visitor spots open server racks and quickly downloads records onto his smartphone. Or maybe the server room access control is left entirely to lock-and-key technology which cannot be easily tracked. Physical server security Securing sensitive data needs the involvement of every member in an organization, from top to bottom. But physically protecting servers and data stores is the heart of the security and IT manager’s role. How much could a data breach cost someone? In the absence of appropriate physical server security, the mundane can be dangerous — and expensive. Recent research for IBM by the Ponemon Institute estimates the average total cost of a data breach at $3.86 million (€3.57 million). According to the same benchmark report, this average is rising, by 6.4% in the last year alone. Some of the highest breach costs are borne by companies in Europe, including Germany, France, Italy and the UK. Unauthorized access As Big Data gets bigger, so does the regulatory landscape for data handling Such costs can be direct: in business disruption, lost mailing lists or disabled logistics software. They can be indirect: an erosion of customer trust and damaged “brand equity”. Hard-earned goodwill and positive reputations are quickly reversed. Costs also come from fines levied by government and supranational regulators. As Big Data gets bigger, so does the regulatory landscape for data handling. The most relevant framework for those operating in the EMEA region is the European Union’s General Data Protection Regulation (GDPR). This wide-ranging data privacy rulebook has been enforced since May 2018. GDPR requires businesses to protect storage of all personal information, including customer and employee data. The business’ safeguards must include both electronic and physical barriers to unauthorized access. Server protection is critical. Physical security for the servers Does a company know who last accessed their servers, and when? If the answer to either question is “no”, the company is taking unnecessary risks with data security. Yet ensuring they stay on the regulators’ right side, and avoid a costly breach, could be straightforward: better access control. To ensure maximum security of their servers, in its recent white paper ASSA ABLOY recommends three levels of security working together within an integrated access system. Security management systems Level 1 — perimeter security ensures only authorized personnel enter a data storage building. Here, door and gate electronic locks with credential readers can work alongside the likes of CCTV and monitored fencing. It’s a company’s first line of physical breach defense. Level 2 — server room access can be monitored and controlled with a range of access control door devices with inbuilt credential readers, including Aperio battery-powered escutcheons or complete security locks. Either device integrates seamlessly with access and security management systems from over 100 different manufacturers. At room level, physical security must also include water- and dustproofing, electromagnetic security and protection against other physical threats to servers and data. Level 3 — final level of physical data security is a company’s server rack or cabinet. Server rooms have a steady flow of authorized traffic: cleaners, maintenance staff, repair technicians and others. Employee screening cannot be perfect — and accidents happen. Rack or cabinet locking with RFID readers is the last line of defense against a malicious or accidental physical data breach. Real-time access control ASSA ABLOY’s Aperio KS100 adds real-time access control and monitoring to server racks and cabinets ASSA ABLOY’s Aperio KS100 Server Cabinet Lock adds real-time access control and monitoring to server racks and cabinets. The lock works with an existing or new access control system; compatible credentials employ all standard RFID protocols including iCLASS, MIFARE and DESFire. Under the EU’s GDPR, the business must inform anyone affected by a breach “without undue delay”. With the Aperio KS100, the business would know right away if unauthorized access had even been attempted. Once installed, KS100 locks integrate with the access control system and communicate wirelessly via an Aperio Communications Hub, even if the company’s racks are co-located in a distant data centre. Once online integration with the security admin system is complete, lock access decisions are communicated from and recorded by the company’s software wirelessly. Data protection regulations “When Aperio replaces mechanical locking at all three levels of server access control, lost keys no longer compromise data security. Lost credentials are simply deauthorized and a valid replacement reissued. The current status of any lock, at any level, is revealed with the click of a mouse. Generating detailed audit trails is straightforward, making the KS100 and other Aperio wireless locks invaluable for incident investigation”, explains Johan Olsén, Aperio Product Manager at ASSA ABLOY Opening Solutions EMEA. The right electronic locking keeps the customer reputation intact, the business data off the Dark Web, and on the right side of the multiple data protection regulations, including GDPR.