HID Access Control Readers

The emergence of smartphones using iOS and Android is rapidly changing the landscape of the IT industry around the world. Several industries, such as digital cameras, car navigation, MP3, and PNP, have been replaced by equivalent or even better performance using smartphones. Smartphones provide increasing portability by integrating the functions of various devices into a single unit which allows them to connect to platforms with network-based services and offer new services and conveniences that have never been experienced before. These changes have expanded into the access control market. Although not yet widespread, ‘Mobile access cards’ is one of the terminologies that everyone has been talking about. RF cards used for access security are being integrated into smartphones just as digital cameras and MP3s were in the past. While people might forget their access cards at home in the morning, they seldom forget their smartphones. Using smartphones for access control increases entry access reliability and convenience. Mobile/smartphone access control A key aspect of mobile credential is that it makes it possible to issue or reclaim cards without face-to-face interaction As in other markets, the combination of smartphones and access cards is creating a new value that goes beyond the simple convenience of integration enhancing the ability to prevent unauthorized authentication and entrance. People sometimes lend their access cards to others, but it is far less likely they might lend their smartphone with all their financial information and personal information – to another person. This overcomes an important fundamental weakness of RF cards. Another valuable aspect of mobile credential is that it makes it possible to issue or reclaim cards without face-to-face interaction. Under existing access security systems, cards must be issued in person. Since card issuance implies access rights, the recipient’s identification must be confirmed first before enabling the card and once the card has been issued, it cannot be retracted without another separate face-to-face interaction. Mobile access cards In contrast, mobile access cards are designed to transfer authority safely to the user's smartphone based on TLS. In this way, credentials can be safely managed with authenticated users without face-to-face interaction. Mobile cards can be used not only at the sites with a large number of visitors or when managing access for an unspecified number of visitors, but also at the places like shared offices, kitchens and gyms, currently used as smart access control systems in shared economy markets. The market share of mobile access cards today is low even though the capability can offer real benefits to users and markets. While the access control market itself is slow-moving, there are also practical problems that limit the adoption of new technologies like mobile access cards. Use of Bluetooth Low Energy technology While NFC could be an important technology for mobile credential that is available today on virtually all smartphones, differences in implementation and data handling processes from various vendors prevents universal deployment of a single solution to all devices currently on the market. Accordingly, Bluetooth Low Energy (BLE) has been considered as an alternative to NFC. Bluetooth is a technology that has been applied to smartphones for a long time, and its usage and interface are unified, so there are no compatibility problems. However, speed becomes the main problem. The authentication speed of BLE mobile access card products provided by major companies is slower than that of existing cards. Enhancing credential authentication speed Authentication speed is being continuously improved using BLE's GAP layer and GATT layers The second problem is that mobile access cards must be accompanied by a supply of compatible card readers. In order to use mobile access cards, readers need to be updated but this is not a simple task in the access control market. For 13.56 MHz smart cards (which were designed to replace 125 kHz cards), it has taken 20 years since the standard was established but only about half of all 25 kHz cards have been replaced so far. Legacy compatibility and the need for equivalent performance, even with additional benefits, will drive adoption timing for the Access Control market. While BLE technology helps resolve the compatibility problem of mobile access cards, it can identify some breakthroughs that can solve the speed problem. Authentication speed is being continuously improved using BLE's GAP layer and GATT layers, and new products with these improvements are now released in the market. Making use of key improvements allows Suprema's mobile access card to exhibit an authentication speed of less than 0.5 seconds providing equivalent performance to that of card-based authentication. AirFob Patch MOCA System's AirFob Patch addresses the need for technological improvements in the access control market in a direct, cost effective, and reliable way – by offering the ability to add high-performance BLE to existing card readers – enabling them to read BLE smartphone data by applying a small adhesive patch approximately the size of a coin. This innovative breakthrough applies energy harvesting technology, generating energy from the RF field emitted by the existing RF reader – then converting the data received via BLE back into RF – and delivering it to the reader. By adding the ability to use BLE on virtually any existing RF card reading device, MOCA allows greater ability for partners and end users to deploy a technologically-stable, high performance access control mobile credential solution to their employees, using devices they already own and are familiar with. Adding MOCA AirFob Patch eliminates the need to buy and install updated readers simply to take advantage of mobile credential, lowering costs and risks, and increasing employee confidence and convenience. Growth forecast of mobile access card market in 2020 In 2020, forecasts show that the mobile access card market will grow far more rapidly Several companies have entered the mobile access card market, but they have not set up a meaningful product solution stream until 2019. In 2020, forecasts show that the mobile access card market will grow far more rapidly. Reviewing new entries into the market allows identification of the latest products that provide improving solutions to compatibility and speed problems. MOCA AirFob Patch addresses development plans in process today that overcome the legacy installed base of card readers – allowing rapid creation of an environment that can make immediate use of BLE mobile access cards. Integrated mobile digital ID With proven usability and within suitable environments, mobile access cards will also begin to make inroads into other markets, not just the access control market. In the sharing economy market, which seeks access management without face-to-face interaction, the integrated mobile digital ID led by the 'DID Alliance' will serve as a technical tool that can be used in access authentication – forging increasing links between the access control and digital ID markets.

Entrance control and access control - of the physical kind - are common terms in the security industry which are often used interchangeably, but should they be? Having worked both sides of the fence, with previous roles at TDSi and HID and now the Major Accounts and Marketing Manager at Integrated Design Limited, Tony Smith highlights the subtle but important differences between these two terms and the systems they refer to, outlining how they should work together to achieve optimal security. Access control is a system which provides discriminating authentication Access control provides a discriminating authentication process and comprises the software or hardware that defines the criteria for acceptance or denial Used to describe a system which performs identification of users and authentication of their credentials (deciding whether or not the bearer of those credentials is permitted admission) access control is an incredibly broad term. Access control provides a discriminating authentication process and comprises the software or hardware that defines the criteria for acceptance or denial of an individual to a restricted area. Entrance control – such as security turnstiles - takes the output of that validation and has the capability to see whether that criteria is being adhered to, either granting or denying access as appropriate. Entrance control is the hardware responsible for keeping people honest If access control verifies authorized personnel using their credentials – their face, fingerprints, PIN number, fob, key card etc – and decides whether or not they are permitted access, entrance control is the hardware which enforces that decision by making users present their credentials in the correct way, either opening to allow pedestrian access or remaining closed to bar entry and potentially raising an alarm. For example, a card reader acts as an access control device, recognizing the card holder as having the correct permissions and saying ‘yes, this person can pass’. But, it’s the entrance control system – a turnstile, for example – which actually physically allows or denies access. Physical access and video surveillance Some entrance control systems don’t feature a physical barrier, however. Fastlane Optical turnstiles will not physically stop an unauthorized person from passing through, and instead alarm when someone fails to present valid credentials, alerting security staff that a breach has occurred. These kinds of turnstiles are suited to environments which just need to delineate between the public and secure side of an entrance, with less need to physically prevent unauthorized users from entering. State of the art access control integrations have been installed for award-winning complex, The Bower It’s also possible to capture video footage of any incidents, allowing security personnel to identify users failing to abide by the access control system’s rules, using It’s also possible to capture video footage of incidents, allowing security personnel to identify users failing to abide by access control system rules the footage to decide on the level of response required. The breach could have been the result of a member of staff being in a hurry and failing to show their card before passing through, in which case they can be reminded about the security protocol. Or, it could be an unidentified person who needs to be escorted from the premises. Entrance control and access control working together For optimum security, access control and entrance control should work together, with the entrance control system enhancing the use of the access control system, making it more efficient and better value for money. The two can’t effectively operate without each other. Security turnstiles, for example, require something to tell them that someone is about to enter – the access control system does this – and, the access control system needs a method of stopping people when they don’t badge in correctly. The two systems are complementary.

The jury is in: traditional security is out — and it’s being replaced with service-based solutions. The bottom line is: if you’re not embracing it, you’ll soon be left behind. XaaS — the collective term referring to the delivery of anything as a service — includes all services made possible through the use of the cloud. Security-as-a-Service (SaaS), which encompasses any type of system from access control to video surveillance, has paved the way for users to gain significant functionality and scalability not previously experienced with more traditional methods. Complicated IT functions SaaS allows manufacturers to provide numerous benefits to their customers As such, there is a marked transition for manufacturers from simply designing and building products to providing a service rooted in a partner- and customer-centric focus. This change hasn’t come easily. Some are still holding out and waiting for the “fad” to pass. However, the potential advantages for all parties involved far outweigh the perceived negative points. First and foremost, SaaS allows manufacturers to provide numerous benefits to their customers. An “as-a-service” model shifts the burden of data maintenance and infrastructure spending to an integrator/dealer partner or service provider. This relieves the end user of the expertise necessary to implement complicated IT functions to keep networked and on-premise solutions up-to-date. Traditional security systems Additionally, end users demand solid customer service. For some end users, traditional security systems are so similar in features and functionality that the key differentiator is the ability of the integrator or manufacturer to provide exceptional customer service and training. This is made possible through the service-based model, where customers appreciate a strong relationship with their integrator or manufacturer that provides them with additional knowledge and assistance when necessary. The cloud has proven to be  highly functional, flexible, and convenient for organizations Everyone also wants convenience. In the consumer market, we invest in things like meals that are pre-measured, prepped, and ready to be cooked, or companies that auto-ship dog food to our door each month. This ease-of-use translates over to the B2B market, where time is money and systems that save valuable resources are highly regarded. The Role of the Cloud The cloud has proven to be a highly functional, flexible, and convenient method for organizations to leverage as part of their strategies to protect and modernize their facilities. And the service-based nature lends itself well; forward-thinking integrators and dealers can diversify their product arsenal while still capitalizing on a recurring monthly revenue model (RMR). But then why has there been so much resistance to this change? Over the last 10 to 15 years, the cloud has gotten a bad rap for a myriad of reasons, including usability, management, and unreliability. However, that view of the cloud is changing for the positive as the technology becomes more advanced and innovators learn more about what it means to design a product or service with security at its core. "As-a-service” platform For example, one of the biggest misconceptions that plagues the cloud is the idea that it is not secure. However, the security of public cloud service providers is integral to their success because their business depends on it. Developing an ongoing and trustworthy relationship with customers can only be made possible through the assurance that their services are safe and the customer’s data is protected. As such, they’ve embraced the service-based model that is, at its core, the future of the business world as we know it. There isn’t a person, manufacturer, or integrator partner out there today who isn’t somehow touched or influenced by an “as-a-service” platform. And it’s about time the service-based model that leverages the public cloud reaches the masses.

Sooner or later (hopefully sooner), the novel coronavirus global pandemic will allow workplaces to reopen. But as we move into this recovery phase, there are many questions surrounding the transition. How can companies ensure facilities are in acceptable working order to reopen? How do they decide who is coming back and when? How will social distancing impact the operation of a company’s physical access control system? How can companies ensure that both visitors and employees are aware of the policy changes and extra controls? For answers to these and other salient questions, we called on Ian Lowe, Product Marketing Director of HID SAFE Identity and Access Management (IAM) solutions. “There’s no doubt about it: the global pandemic will change the way we live, work, and conduct business for some time,” says Lowe. “Over the past several weeks, we have been working with customers to enable a safe return to the workplace. We have observed that the number of challenges in the mid-to-long-term level and the associated complexity vary by location.” Lowe shares some of the proactive measures and best practices that can assist in a safe return to the workplace as we settle into a “new normal”. Challenge 1: Ensuring building readiness After being unoccupied for weeks or months, building readiness must be addressed completely before welcoming anyone inside. Even though employees may be eager to return, the workplace itself may not be ready. Companies may want to consider continuing remote work while facility operations are prepped. Challenge 2: workforce management There’s no doubt about it: the global pandemic will change the way we live, work, and conduct business for some time While it is dependent on location and industry, taking a phased approach is the best course of action when allowing employees, contractors and visitors back into facilities. First, facilities management will want to survey the property for readiness and then provide an estimate as to when employees may begin reporting back into the office. Next, it’s important to consider that office density needs are interrelated to the facility architecture. It is possible to accommodate a higher capacity of workforce in an airy, open office space than in a constrained one. A good rule of thumb is to start by introducing no more than 30% of employees back into the workplace at first. This could be a rolling group model in which the population total remains controlled and constant, but specific individuals vary from day to day. This option is good for a workforce that needs to be together in person but not necessarily all at the same time due to office density concerns. Welcoming visitors or customers into the office should be delayed as long as possible. If that’s not feasible, visitor numbers should be factored into the total density count. A cloud-based visitor management system can help with implementation. Challenge 3: Controlling access The ability to vet staff, employees, contractors and visitors before and during the return will vary greatly depending on the location. Policies should be implemented that require employees to be screened regularly — and for an extended amount of time. Look to answer the following questions: Where have you visited in the days since last entering the workplace? Have you come into contact with anyone else who has recently visited high-risk areas? Have you shown any symptoms of infection in the past xx number of days? Policies should be implemented that require employees to be screened regularly — and for an extended amount of time If there is cause for concern, refuse the visitor and/or supplement the screening process with additional steps. Temperature checking is mandatory in many organizations⁠— often multiple times a day. This applies to interactions at delivery bays, too. A policy-based physical identity and access management solution integrated with existing physical access controls makes it possible to enforce, monitor and report this type of activity. Challenge 4: Social distancing and contact tracing plan Social distancing may continue within the office, which will impact restrictions and guidelines related to access control. The office layout may be reworked for proper distance between cubicles, workplace positions and employees. Specific entrances, exits and pathways may be designated as one-way-only. Assigning Bluetooth LE beacons to employees once they are inside the workplace will allow companies to monitor proximity to others and measure localised density in real-time⁠ by using location services, contact tracing, and surge response technologies. Challenge 5: Reduced physical touchpoints Contactless technologies can help enforce social distancing and reduce touchpoints on common surfaces Reducing the number of physical touchpoints is desirable throughout a workplace. Contactless technologies can help enforce social distancing and reduce touchpoints on common surfaces such as faucets, doorknobs, coffee pot handles, etc. While introducing additional security checks and screenings, it’s important to not increase touchpoints and further infection risks. There have been more requests for a contactless experience to secure workplace access, including automatic doors and turnstiles, contactless cards and mobile access. Challenge 6: Communicating for confidence Proactive communication is key to provide reassurance that appropriate safety measures have been taken and that both visitors and employees are aware of the policy changes and extra controls. Equally important is to communicate a policy change – and the reasoning behind it – before it happens. While there may not be an exact expiration date on these new policies, ensuring that impacted individuals will have a safer experience is universally appreciated.

Organizations globally are facing an urgent need to rapidly onboard hundreds of key employees, such as medical staff, nursing staff and other staff members, on a daily basis across multiple facilities and sites. HID Global, a worldwide renowned provider of trusted identity and identity management solutions, has introduced an emergency badging solution to help manage the secure issuance and administration of staff badges and access control credentials for employees as they navigate the current global health crisis. HID FARGO Connect solution HID Global’s offering combines its award winning HID FARGO Connect solution for cloud-based ID card printing with its latest innovation for cloud-based identity management solution to equip organizations with a convenient “touch-free” system that minimizes the impact on overwhelmed credential issuance departments and drives a more secure work environment. Administrative and security challenges that have emerged among industry sectors such as healthcare institutions, government agencies and other organizations providing emergency services include: Inefficient access management processes that require manual sign-in and sign-out process. Overwhelmed IT departments that have had to adjust their credential issuance systems. Restricting access to in-demand items such as medical equipment and PPE (Personal Protective Equipment), and safeguarding against theft. Emergency badging solution HID Global’s emergency badging solution includes the tools required to issue secure credentials to temporary employees, such as: HID FARGO desktop card printer for ID and card issuance. FARGO Connect Console for badge issuance and management. A free, six-month subscription to HID FARGO Connect and the company’s cloud-based identity management platform. Consumables, cards, and subscriptions to HID Global’s applications and secure cloud environment for quick and convenient badge operations deployment.

HID Global, a worldwide provider of trusted identity solutions, and Keyfactor, a provider of secure digital identity management solutions, announced a collaboration that will improve how organizations secure data and protect privacy. By adding HID IdenTrust digital certificates to the Keyfactor platform, the offering provides enterprise customers with a single convenient solution to meet today’s zero-trust security models and identity. Digital certificates are used as a foundational security layer within IT and PKI frameworks. Transport Layer Security (TLS)/Secure Sockets Layer (SSL) certificates establish an encrypted connection between a browser or user’s computer and a server or website to ensure data security, privacy and authenticity. Unprotected enrollment servers HID’s IdenTrust business offers the only bank-grade identity authentication system in the world Rising cyber risk has prompted further adoption of digital certificates as businesses work to strengthen their overall security posture and prevent downtime due to system misconfiguration or certificate exploit. “Misconfigured systems, unprotected enrollment servers such as Simple Certificate Enrollment Protocol (SCEP), or other weaknesses can be exploited by hackers or rogue users to obtain fraudulent certificates that enable system access or “imposter” certificates that represent other users with elevated access,” said Chris Hickman, Chief Security Officer at Keyfactor. Identity authentication system “Finding rogue user or device certificates and preventing administrator impersonation can only be achieved by gathering and inspecting every internal and external certificate within the organization’s PKI.” HID’s IdenTrust business offers the only bank-grade identity authentication system in the world, delivering a legally and technologically interoperable environment for authenticating and using identities in more than 175 countries. With a range of application specific identity-based digital certificate solutions and over 5.1 million certificates in active production reliably supporting 18 billion validations per year, IdenTrust is one of the world’s leading digital certification authority. Access Management Solutions The Keyfactor platform provides the visibility and control to efficiently track, renew, replace and manage certificates To manage the HID IdenTrust certificates, Keyfactor offers the most complete and scalable cloud-based platform for the enterprise. The Keyfactor platform provides the visibility and control to efficiently track, renew, replace and manage certificates across the enterprise through one easy to use interface. Certificate management can now be automated to avoid inconvenient and costly down-time due to expired certificates while reducing the associated compliance risks. “Today’s zero-trust environment highlights the need for securing and managing identities of users, machines and devices on a network,” noted Brad Jarvis, Vice President and Managing Director of the Identity & Access Management Solutions (IAMS) with HID Global. Digital identity management "The combination of HID IdenTrust digital certificates and the Keyfactor platform enables our enterprise customers to achieve frictionless management and deployment of digital certificates. Customers can use this combined solution to achieve greater control of their information security assets along with effective risk management.” “This solution delivers end-to-end, secure certificate management that empowers business leaders to manage the operational and security risks that growing digital identity adoption presents,” said Kevin von Keyserling, Chief Strategy Officer & Co-founder at Keyfactor. “HID Global and Keyfactor share a common vision to support customers as they implement and scale digital identity management across the enterprise. This solution brings that vision to life, meeting our customer’s PKI needs today, and as they scale.”