LEGIC Access Control Readers

The emergence of smartphones using iOS and Android is rapidly changing the landscape of the IT industry around the world. Several industries, such as digital cameras, car navigation, MP3, and PNP, have been replaced by equivalent or even better performance using smartphones. Smartphones provide increasing portability by integrating the functions of various devices into a single unit which allows them to connect to platforms with network-based services and offer new services and conveniences that have never been experienced before. These changes have expanded into the access control market. Although not yet widespread, ‘Mobile access cards’ is one of the terminologies that everyone has been talking about. RF cards used for access security are being integrated into smartphones just as digital cameras and MP3s were in the past. While people might forget their access cards at home in the morning, they seldom forget their smartphones. Using smartphones for access control increases entry access reliability and convenience. Mobile/smartphone access control A key aspect of mobile credential is that it makes it possible to issue or reclaim cards without face-to-face interaction As in other markets, the combination of smartphones and access cards is creating a new value that goes beyond the simple convenience of integration enhancing the ability to prevent unauthorized authentication and entrance. People sometimes lend their access cards to others, but it is far less likely they might lend their smartphone with all their financial information and personal information – to another person. This overcomes an important fundamental weakness of RF cards. Another valuable aspect of mobile credential is that it makes it possible to issue or reclaim cards without face-to-face interaction. Under existing access security systems, cards must be issued in person. Since card issuance implies access rights, the recipient’s identification must be confirmed first before enabling the card and once the card has been issued, it cannot be retracted without another separate face-to-face interaction. Mobile access cards In contrast, mobile access cards are designed to transfer authority safely to the user's smartphone based on TLS. In this way, credentials can be safely managed with authenticated users without face-to-face interaction. Mobile cards can be used not only at the sites with a large number of visitors or when managing access for an unspecified number of visitors, but also at the places like shared offices, kitchens and gyms, currently used as smart access control systems in shared economy markets. The market share of mobile access cards today is low even though the capability can offer real benefits to users and markets. While the access control market itself is slow-moving, there are also practical problems that limit the adoption of new technologies like mobile access cards. Use of Bluetooth Low Energy technology While NFC could be an important technology for mobile credential that is available today on virtually all smartphones, differences in implementation and data handling processes from various vendors prevents universal deployment of a single solution to all devices currently on the market. Accordingly, Bluetooth Low Energy (BLE) has been considered as an alternative to NFC. Bluetooth is a technology that has been applied to smartphones for a long time, and its usage and interface are unified, so there are no compatibility problems. However, speed becomes the main problem. The authentication speed of BLE mobile access card products provided by major companies is slower than that of existing cards. Enhancing credential authentication speed Authentication speed is being continuously improved using BLE's GAP layer and GATT layers The second problem is that mobile access cards must be accompanied by a supply of compatible card readers. In order to use mobile access cards, readers need to be updated but this is not a simple task in the access control market. For 13.56 MHz smart cards (which were designed to replace 125 kHz cards), it has taken 20 years since the standard was established but only about half of all 25 kHz cards have been replaced so far. Legacy compatibility and the need for equivalent performance, even with additional benefits, will drive adoption timing for the Access Control market. While BLE technology helps resolve the compatibility problem of mobile access cards, it can identify some breakthroughs that can solve the speed problem. Authentication speed is being continuously improved using BLE's GAP layer and GATT layers, and new products with these improvements are now released in the market. Making use of key improvements allows Suprema's mobile access card to exhibit an authentication speed of less than 0.5 seconds providing equivalent performance to that of card-based authentication. AirFob Patch MOCA System's AirFob Patch addresses the need for technological improvements in the access control market in a direct, cost effective, and reliable way – by offering the ability to add high-performance BLE to existing card readers – enabling them to read BLE smartphone data by applying a small adhesive patch approximately the size of a coin. This innovative breakthrough applies energy harvesting technology, generating energy from the RF field emitted by the existing RF reader – then converting the data received via BLE back into RF – and delivering it to the reader. By adding the ability to use BLE on virtually any existing RF card reading device, MOCA allows greater ability for partners and end users to deploy a technologically-stable, high performance access control mobile credential solution to their employees, using devices they already own and are familiar with. Adding MOCA AirFob Patch eliminates the need to buy and install updated readers simply to take advantage of mobile credential, lowering costs and risks, and increasing employee confidence and convenience. Growth forecast of mobile access card market in 2020 In 2020, forecasts show that the mobile access card market will grow far more rapidly Several companies have entered the mobile access card market, but they have not set up a meaningful product solution stream until 2019. In 2020, forecasts show that the mobile access card market will grow far more rapidly. Reviewing new entries into the market allows identification of the latest products that provide improving solutions to compatibility and speed problems. MOCA AirFob Patch addresses development plans in process today that overcome the legacy installed base of card readers – allowing rapid creation of an environment that can make immediate use of BLE mobile access cards. Integrated mobile digital ID With proven usability and within suitable environments, mobile access cards will also begin to make inroads into other markets, not just the access control market. In the sharing economy market, which seeks access management without face-to-face interaction, the integrated mobile digital ID led by the 'DID Alliance' will serve as a technical tool that can be used in access authentication – forging increasing links between the access control and digital ID markets.

Entrance control and access control - of the physical kind - are common terms in the security industry which are often used interchangeably, but should they be? Having worked both sides of the fence, with previous roles at TDSi and HID and now the Major Accounts and Marketing Manager at Integrated Design Limited, Tony Smith highlights the subtle but important differences between these two terms and the systems they refer to, outlining how they should work together to achieve optimal security. Access control is a system which provides discriminating authentication Access control provides a discriminating authentication process and comprises the software or hardware that defines the criteria for acceptance or denial Used to describe a system which performs identification of users and authentication of their credentials (deciding whether or not the bearer of those credentials is permitted admission) access control is an incredibly broad term. Access control provides a discriminating authentication process and comprises the software or hardware that defines the criteria for acceptance or denial of an individual to a restricted area. Entrance control – such as security turnstiles - takes the output of that validation and has the capability to see whether that criteria is being adhered to, either granting or denying access as appropriate. Entrance control is the hardware responsible for keeping people honest If access control verifies authorized personnel using their credentials – their face, fingerprints, PIN number, fob, key card etc – and decides whether or not they are permitted access, entrance control is the hardware which enforces that decision by making users present their credentials in the correct way, either opening to allow pedestrian access or remaining closed to bar entry and potentially raising an alarm. For example, a card reader acts as an access control device, recognizing the card holder as having the correct permissions and saying ‘yes, this person can pass’. But, it’s the entrance control system – a turnstile, for example – which actually physically allows or denies access. Physical access and video surveillance Some entrance control systems don’t feature a physical barrier, however. Fastlane Optical turnstiles will not physically stop an unauthorized person from passing through, and instead alarm when someone fails to present valid credentials, alerting security staff that a breach has occurred. These kinds of turnstiles are suited to environments which just need to delineate between the public and secure side of an entrance, with less need to physically prevent unauthorized users from entering. State of the art access control integrations have been installed for award-winning complex, The Bower It’s also possible to capture video footage of any incidents, allowing security personnel to identify users failing to abide by the access control system’s rules, using It’s also possible to capture video footage of incidents, allowing security personnel to identify users failing to abide by access control system rules the footage to decide on the level of response required. The breach could have been the result of a member of staff being in a hurry and failing to show their card before passing through, in which case they can be reminded about the security protocol. Or, it could be an unidentified person who needs to be escorted from the premises. Entrance control and access control working together For optimum security, access control and entrance control should work together, with the entrance control system enhancing the use of the access control system, making it more efficient and better value for money. The two can’t effectively operate without each other. Security turnstiles, for example, require something to tell them that someone is about to enter – the access control system does this – and, the access control system needs a method of stopping people when they don’t badge in correctly. The two systems are complementary.

The jury is in: traditional security is out — and it’s being replaced with service-based solutions. The bottom line is: if you’re not embracing it, you’ll soon be left behind. XaaS — the collective term referring to the delivery of anything as a service — includes all services made possible through the use of the cloud. Security-as-a-Service (SaaS), which encompasses any type of system from access control to video surveillance, has paved the way for users to gain significant functionality and scalability not previously experienced with more traditional methods. Complicated IT functions SaaS allows manufacturers to provide numerous benefits to their customers As such, there is a marked transition for manufacturers from simply designing and building products to providing a service rooted in a partner- and customer-centric focus. This change hasn’t come easily. Some are still holding out and waiting for the “fad” to pass. However, the potential advantages for all parties involved far outweigh the perceived negative points. First and foremost, SaaS allows manufacturers to provide numerous benefits to their customers. An “as-a-service” model shifts the burden of data maintenance and infrastructure spending to an integrator/dealer partner or service provider. This relieves the end user of the expertise necessary to implement complicated IT functions to keep networked and on-premise solutions up-to-date. Traditional security systems Additionally, end users demand solid customer service. For some end users, traditional security systems are so similar in features and functionality that the key differentiator is the ability of the integrator or manufacturer to provide exceptional customer service and training. This is made possible through the service-based model, where customers appreciate a strong relationship with their integrator or manufacturer that provides them with additional knowledge and assistance when necessary. The cloud has proven to be  highly functional, flexible, and convenient for organizations Everyone also wants convenience. In the consumer market, we invest in things like meals that are pre-measured, prepped, and ready to be cooked, or companies that auto-ship dog food to our door each month. This ease-of-use translates over to the B2B market, where time is money and systems that save valuable resources are highly regarded. The Role of the Cloud The cloud has proven to be a highly functional, flexible, and convenient method for organizations to leverage as part of their strategies to protect and modernize their facilities. And the service-based nature lends itself well; forward-thinking integrators and dealers can diversify their product arsenal while still capitalizing on a recurring monthly revenue model (RMR). But then why has there been so much resistance to this change? Over the last 10 to 15 years, the cloud has gotten a bad rap for a myriad of reasons, including usability, management, and unreliability. However, that view of the cloud is changing for the positive as the technology becomes more advanced and innovators learn more about what it means to design a product or service with security at its core. "As-a-service” platform For example, one of the biggest misconceptions that plagues the cloud is the idea that it is not secure. However, the security of public cloud service providers is integral to their success because their business depends on it. Developing an ongoing and trustworthy relationship with customers can only be made possible through the assurance that their services are safe and the customer’s data is protected. As such, they’ve embraced the service-based model that is, at its core, the future of the business world as we know it. There isn’t a person, manufacturer, or integrator partner out there today who isn’t somehow touched or influenced by an “as-a-service” platform. And it’s about time the service-based model that leverages the public cloud reaches the masses.

From buildings to vehicle fleets and enterprise networks to perimeter gates, having access control to let the right people in—while keeping everyone else out—is a security necessity. ELATEC, a global specialist in radio frequency identification (RFID) readers enabling user authentication for these and other access control applications, will introduce its latest new product the TWN4 Palon Compact Panel Reader at the ISC West Conference and Exhibition, to be held March 17-20, 2020 in Las Vegas, Nevada. Physical access control applications The Palon is a powerful, multi-function reader optimized for physical access control applications. Unlike traditional RFID readers, Palon’s unique capabilities include: Flexible architecture and a robust, open API to support custom applications and unique functionality Supports encryption for security applications Quick and easy updating to support emerging market requirements, and done so either remotely or via a contactless configuration card Reads and writes all major transponder technologies globally—60+, including HID Global, LEGIC and NXP, and NFC and BLE mobile device technologies for use with smartphones. Highly customizable panel mount Palon’s compact OEM PCB module is designed for integration into third-party products and devices. And its attractive, highly customizable panel mount is ideal for use in PAC panels, elevators, parking systems, EV chargers, kiosks and more. To see Palon and ELATEC’s suite of offerings, visit ELATEC booth #23006. Visitors can also see Palon in the new product showcase at ISC West.

Correct configuration of readers in the field forms the basis of secure ID solutions. In the latest version of LEGIC Orbit, the option to restrict configuration data to specific reader ICs is a very powerful new feature. Versatile Configuration Packages LEGIC Orbit offers the possibility to transmit cryptographic keys and other configuration data from the management system securely to readers in the field. This works via so-called Versatile Configuration Packages (VCP), which are generated in a Hardware Security Module (HSM) and distributed to readers in the field via user’s smartphones or management system. With this new feature, you can now restrict the validity of each VCP to specific reader devices based on their chipID which uniquely identifies every LEGIC reader IC. This feature provides additional protection against abuse of configuration data and can help prevent configuration errors. Transmitting cryptographic keys For example, a cryptographic key for a specific building is generated in the secure LEGIC Orbit environment. Subsequent distribution of this key via VCP can now be restricted to readers installed only in that building. This feature makes it impossible to wrongly configure readers not belonging to that building.

With the OS50 firmware upgrade, several new features have been implemented to make the SM-6300 faster and even more powerful. New filter options in the search for Bluetooth devices enable the selection of specific devices, energy consumption is significantly reduced. Additionally, the generation of authorization media for the LEGIC Master-Token-System-Control (MTSC) solution and the creation of LEGIC prime and advant segments on LEGIC smartcards are possible with the new SM-6300init. LEGIC Master-Token-System-Control solution The SEARCH command for LEGIC reader ICs offers an easy and efficient way to communicate with different devices. When using the Bluetooth Low Energy transparent mode of the SM-6300, there is a growing demand for a filtering capability to precisely select a device, as more and more Bluetooth devices are around. With the new OS50, there are now more filter options available, allowing the reader to specifically find Bluetooth Low Energy devices that advertise certain data. In previous firmware versions the SEARCH command executed sequentially for every technology which cost valuable time in the search for the various ID media and slowed down the opening process noticeably. With the new upgrade, the search for Bluetooth Low Energy devices can be started and continued in the background while simultaneously searching for RFID media. SM-6300 reader ICs One of the strengths of the SM-6300 reader ICs is their design for use in battery-powered readers One of the strengths of the SM-6300 reader ICs is their design for use in battery-powered readers or other infrastructure components. Energy consumption is therefore essential and determines whether a solution is successful or not. If a reader design consumes less energy, the battery lasts longer, and maintenance costs are reduced. LEGIC has already introduced optimizations for energy consumption with enhancements to the sleep mode in September 2019. Since then, a reader can be woken up not just by inductive Wake Up, but also capacitive, with a timer or via GPIO. With the latest OS50 firmware upgrade, the SM-6300 is now also considerably more power-efficient when the IC is active. The improvements not only lead to a further reduction in energy consumption, but also significantly reduce the peaks in current consumption, which opens up new design possibilities. Generate authorization media To allow MTSC users to generate authorization media themselves, LEGIC reader ICs offer corresponding commands to create an authorization medium from a Master-Token blank. Until now, the generation of authorization media as well as the initialization of advant and prime applications on LEGIC smartcards could only be done with the SM-4500. With the new SM-6300init, these commands are now also supported by the 6000 series. This means that all applications can now be covered with just one design based on the SM-6300init.