LEGIC Access Control Readers

Entrance control and access control - of the physical kind - are common terms in the security industry which are often used interchangeably, but should they be? Having worked both sides of the fence, with previous roles at TDSi and HID and now the Major Accounts and Marketing Manager at Integrated Design Limited, Tony Smith highlights the subtle but important differences between these two terms and the systems they refer to, outlining how they should work together to achieve optimal security. Access control is a system which provides discriminating authentication Access control provides a discriminating authentication process and comprises the software or hardware that defines the criteria for acceptance or denial Used to describe a system which performs identification of users and authentication of their credentials (deciding whether or not the bearer of those credentials is permitted admission) access control is an incredibly broad term. Access control provides a discriminating authentication process and comprises the software or hardware that defines the criteria for acceptance or denial of an individual to a restricted area. Entrance control – such as security turnstiles - takes the output of that validation and has the capability to see whether that criteria is being adhered to, either granting or denying access as appropriate. Entrance control is the hardware responsible for keeping people honest If access control verifies authorized personnel using their credentials – their face, fingerprints, PIN number, fob, key card etc – and decides whether or not they are permitted access, entrance control is the hardware which enforces that decision by making users present their credentials in the correct way, either opening to allow pedestrian access or remaining closed to bar entry and potentially raising an alarm. For example, a card reader acts as an access control device, recognizing the card holder as having the correct permissions and saying ‘yes, this person can pass’. But, it’s the entrance control system – a turnstile, for example – which actually physically allows or denies access. Physical access and video surveillance Some entrance control systems don’t feature a physical barrier, however. Fastlane Optical turnstiles will not physically stop an unauthorized person from passing through, and instead alarm when someone fails to present valid credentials, alerting security staff that a breach has occurred. These kinds of turnstiles are suited to environments which just need to delineate between the public and secure side of an entrance, with less need to physically prevent unauthorized users from entering. State of the art access control integrations have been installed for award-winning complex, The Bower It’s also possible to capture video footage of any incidents, allowing security personnel to identify users failing to abide by the access control system’s rules, using It’s also possible to capture video footage of incidents, allowing security personnel to identify users failing to abide by access control system rules the footage to decide on the level of response required. The breach could have been the result of a member of staff being in a hurry and failing to show their card before passing through, in which case they can be reminded about the security protocol. Or, it could be an unidentified person who needs to be escorted from the premises. Entrance control and access control working together For optimum security, access control and entrance control should work together, with the entrance control system enhancing the use of the access control system, making it more efficient and better value for money. The two can’t effectively operate without each other. Security turnstiles, for example, require something to tell them that someone is about to enter – the access control system does this – and, the access control system needs a method of stopping people when they don’t badge in correctly. The two systems are complementary.

The jury is in: traditional security is out — and it’s being replaced with service-based solutions. The bottom line is: if you’re not embracing it, you’ll soon be left behind. XaaS — the collective term referring to the delivery of anything as a service — includes all services made possible through the use of the cloud. Security-as-a-Service (SaaS), which encompasses any type of system from access control to video surveillance, has paved the way for users to gain significant functionality and scalability not previously experienced with more traditional methods. Complicated IT functions SaaS allows manufacturers to provide numerous benefits to their customers As such, there is a marked transition for manufacturers from simply designing and building products to providing a service rooted in a partner- and customer-centric focus. This change hasn’t come easily. Some are still holding out and waiting for the “fad” to pass. However, the potential advantages for all parties involved far outweigh the perceived negative points. First and foremost, SaaS allows manufacturers to provide numerous benefits to their customers. An “as-a-service” model shifts the burden of data maintenance and infrastructure spending to an integrator/dealer partner or service provider. This relieves the end user of the expertise necessary to implement complicated IT functions to keep networked and on-premise solutions up-to-date. Traditional security systems Additionally, end users demand solid customer service. For some end users, traditional security systems are so similar in features and functionality that the key differentiator is the ability of the integrator or manufacturer to provide exceptional customer service and training. This is made possible through the service-based model, where customers appreciate a strong relationship with their integrator or manufacturer that provides them with additional knowledge and assistance when necessary. The cloud has proven to be  highly functional, flexible, and convenient for organizations Everyone also wants convenience. In the consumer market, we invest in things like meals that are pre-measured, prepped, and ready to be cooked, or companies that auto-ship dog food to our door each month. This ease-of-use translates over to the B2B market, where time is money and systems that save valuable resources are highly regarded. The Role of the Cloud The cloud has proven to be a highly functional, flexible, and convenient method for organizations to leverage as part of their strategies to protect and modernize their facilities. And the service-based nature lends itself well; forward-thinking integrators and dealers can diversify their product arsenal while still capitalizing on a recurring monthly revenue model (RMR). But then why has there been so much resistance to this change? Over the last 10 to 15 years, the cloud has gotten a bad rap for a myriad of reasons, including usability, management, and unreliability. However, that view of the cloud is changing for the positive as the technology becomes more advanced and innovators learn more about what it means to design a product or service with security at its core. "As-a-service” platform For example, one of the biggest misconceptions that plagues the cloud is the idea that it is not secure. However, the security of public cloud service providers is integral to their success because their business depends on it. Developing an ongoing and trustworthy relationship with customers can only be made possible through the assurance that their services are safe and the customer’s data is protected. As such, they’ve embraced the service-based model that is, at its core, the future of the business world as we know it. There isn’t a person, manufacturer, or integrator partner out there today who isn’t somehow touched or influenced by an “as-a-service” platform. And it’s about time the service-based model that leverages the public cloud reaches the masses.

The statistics are staggering. The death tolls are rising. And those who now fear environments that were once thought to be safe zones like school campuses, factories, commercial businesses and government facilities, find themselves having to add the routine of active-shooter drills into their traditional fire drill protocols. The latest active shooter statistics released by the FBI earlier this year in their annual active-shooter report designated 27 events as active shooter incidents in 2018. The report reveals that 16 of the 27 incidents occurred in areas of commerce, seven incidents occurred in business environments, and five incidents occurred in education environments. Deadly active-shooter events Six of the 12 deadliest shootings in the country have taken place in the past five years Six of the 12 deadliest shootings in the country have taken place in the past five years, including Sutherland Springs church, Marjory Stoneman Douglas High School, the San Bernardino regional center, the Walmart in El Paso and the Tree of Life Synagogue in Pittsburgh, which have all occurred since 2015. Although these incidents occurred in facilities with designated entry points common to churches, schools and businesses, the two most deadly active-shooter events since 2015 were the Route 91 Harvest music festival shooting in Las Vegas that left 58 dead and the Pulse nightclub killings in Orlando where 49 perished. As Christopher Combs, special agent in charge of the FBI field office in San Antonio, Texas, said during a news conference following the August 31 mass shooting in Odessa, Texas that claimed seven lives: “We are now at almost every two weeks seeing an active shooter in this country." Active shooter incidents Between December 2000 and December 2018, the FBI’s distribution of active shooter incidents by location looks like this: Businesses Open to Pedestrian Traffic (74) Businesses Closed to Pedestrian Traffic (43) K-12 Schools (39) Institutions of Higher Learning (16) Non-Military Government Properties (28) Military Properties—Restricted (5) Healthcare Facilities (11) Houses of Worship (10) Private Properties (12) Malls (6) What the majority of these venues have in common is they all have a front entrance or chokepoint for anyone entering the facilities, which is why any active-shooter plan must include a strategy to secure that entry point. Situational awareness in perimeter and door security Preventing people with the wrong intentions from entering the space is the goal" According to Paul Franco, an A&E with more than 28 years of experience as a consultant and systems integrator focusing on schools, healthcare and large public and private facilities, that while active shooter incidents continue to rise, the residual effect has been an increase in situational awareness in perimeter and door security. “Certainly, protecting people and assets is the number one goal of all our clients. There are multiple considerations in facilities like K-12 and Healthcare. Preventing people with the wrong intentions from entering the space is the goal. But a critical consideration to emphasize to your client is getting that person out of your facility and not creating a more dangerous situation by locking the person in your facility,” says Franco. High-security turnstiles “Schools today are creating a space for vetting visitors prior to allowing access into the main facility. Using technology properly like high-security turnstiles offer great benefits in existing schools where space constraints and renovation costs can be impractical.” What steps should they be taken when recommending the proper door security to ensure the building is safe As a consultant/integrator, when discussions are had with a client that has a facility in a public space like a corporate building, government center or industrial facility, what steps should they be taken when recommending the proper door security to ensure the building is safe and can protect its people and assets? For Frank Pisciotta, President and CEO of Business Protection Specialists, Inc. in Raleigh, North Carolina, a fundamental element of his security strategy is making appropriate recommendations that are broad-based and proactive. Properly identifying the adversaries “As a consultant, my recommendations must include properly identifying the adversaries who may show up at a client’s door, the likelihood of that event occurring, the consequences of that event occurring, determining if there are tripwires that can be set so an organization can move their line of defense away from the door, educating employees to report potential threats and creating real-time actionable plans to respond to threats. A more reactionary posture might include such thing as target hardening such as ballistic resistant materials at entry access points to a facility,” Pisciotta says. Veteran consultant David Aggleton of Aggleton & Associates of Mission Viejo, California recommends that clients compartmentalize their higher security areas for limited access by adding multiple credential controls (card + keypad + biometric), along with ‘positive’ access systems that inhibit tailgating/piggybacking such as secure turnstiles, revolving door and mantrap if your entrances and security needs meet the required space and access throughput rates. Integrated solution of electronic access control Defining a single point of entry in some public facilities is becoming the new standard of care according to many A&Es and security consultants, especially in a school environment. This approach allows a concerted effort when it comes to staffing, visitor monitoring and an integrated technology solution. The bottom line remains: most buildings are vulnerable to a security breach A proactive stance to securing a door entryway will use an integrated solution of electronic access control, turnstiles, revolving doors and mantraps that can substantially improve a facility’s security profile. The bottom line remains: most buildings are vulnerable to a security breach, so it’s not a matter of if there will be a next active shooter tragedy, it’s only a matter of where. Enhancing access control assurance “There is no easy answer to this question,” says Pisciotta referring to how a secured entrance can deter an active shooter. “There have been at least two high-profile incidents of adversaries shooting their way into a facility through access control barriers. So, if the threat so dictates, a ballistic resistant might be required.” He concludes: “There is obviously no question that turnstiles, revolving doors and man traps enhance access control assurance. Electronic access control is easy to integrate with these devices and providing that credentials are secure, approval processes are in place, change management is properly managed and the appropriate auditing measures in place, access control objectives can be met.”

From buildings to vehicle fleets and enterprise networks to perimeter gates, having access control to let the right people in—while keeping everyone else out—is a security necessity. ELATEC, a global specialist in radio frequency identification (RFID) readers enabling user authentication for these and other access control applications, will introduce its latest new product the TWN4 Palon Compact Panel Reader at the ISC West Conference and Exhibition, to be held March 17-20, 2020 in Las Vegas, Nevada. Physical access control applications The Palon is a powerful, multi-function reader optimized for physical access control applications. Unlike traditional RFID readers, Palon’s unique capabilities include: Flexible architecture and a robust, open API to support custom applications and unique functionality Supports encryption for security applications Quick and easy updating to support emerging market requirements, and done so either remotely or via a contactless configuration card Reads and writes all major transponder technologies globally—60+, including HID Global, LEGIC and NXP, and NFC and BLE mobile device technologies for use with smartphones. Highly customizable panel mount Palon’s compact OEM PCB module is designed for integration into third-party products and devices. And its attractive, highly customizable panel mount is ideal for use in PAC panels, elevators, parking systems, EV chargers, kiosks and more. To see Palon and ELATEC’s suite of offerings, visit ELATEC booth #23006. Visitors can also see Palon in the new product showcase at ISC West.

Correct configuration of readers in the field forms the basis of secure ID solutions. In the latest version of LEGIC Orbit, the option to restrict configuration data to specific reader ICs is a very powerful new feature. Versatile Configuration Packages LEGIC Orbit offers the possibility to transmit cryptographic keys and other configuration data from the management system securely to readers in the field. This works via so-called Versatile Configuration Packages (VCP), which are generated in a Hardware Security Module (HSM) and distributed to readers in the field via user’s smartphones or management system. With this new feature, you can now restrict the validity of each VCP to specific reader devices based on their chipID which uniquely identifies every LEGIC reader IC. This feature provides additional protection against abuse of configuration data and can help prevent configuration errors. Transmitting cryptographic keys For example, a cryptographic key for a specific building is generated in the secure LEGIC Orbit environment. Subsequent distribution of this key via VCP can now be restricted to readers installed only in that building. This feature makes it impossible to wrongly configure readers not belonging to that building.

With the OS50 firmware upgrade, several new features have been implemented to make the SM-6300 faster and even more powerful. New filter options in the search for Bluetooth devices enable the selection of specific devices, energy consumption is significantly reduced. Additionally, the generation of authorization media for the LEGIC Master-Token-System-Control (MTSC) solution and the creation of LEGIC prime and advant segments on LEGIC smartcards are possible with the new SM-6300init. LEGIC Master-Token-System-Control solution The SEARCH command for LEGIC reader ICs offers an easy and efficient way to communicate with different devices. When using the Bluetooth Low Energy transparent mode of the SM-6300, there is a growing demand for a filtering capability to precisely select a device, as more and more Bluetooth devices are around. With the new OS50, there are now more filter options available, allowing the reader to specifically find Bluetooth Low Energy devices that advertise certain data. In previous firmware versions the SEARCH command executed sequentially for every technology which cost valuable time in the search for the various ID media and slowed down the opening process noticeably. With the new upgrade, the search for Bluetooth Low Energy devices can be started and continued in the background while simultaneously searching for RFID media. SM-6300 reader ICs One of the strengths of the SM-6300 reader ICs is their design for use in battery-powered readers One of the strengths of the SM-6300 reader ICs is their design for use in battery-powered readers or other infrastructure components. Energy consumption is therefore essential and determines whether a solution is successful or not. If a reader design consumes less energy, the battery lasts longer, and maintenance costs are reduced. LEGIC has already introduced optimizations for energy consumption with enhancements to the sleep mode in September 2019. Since then, a reader can be woken up not just by inductive Wake Up, but also capacitive, with a timer or via GPIO. With the latest OS50 firmware upgrade, the SM-6300 is now also considerably more power-efficient when the IC is active. The improvements not only lead to a further reduction in energy consumption, but also significantly reduce the peaks in current consumption, which opens up new design possibilities. Generate authorization media To allow MTSC users to generate authorization media themselves, LEGIC reader ICs offer corresponding commands to create an authorization medium from a Master-Token blank. Until now, the generation of authorization media as well as the initialization of advant and prime applications on LEGIC smartcards could only be done with the SM-4500. With the new SM-6300init, these commands are now also supported by the 6000 series. This means that all applications can now be covered with just one design based on the SM-6300init.