Laurie Aaron

ACRE, a globally renowned provider of security products and solutions for the access control, intrusion, smart traffic and video surveillance markets, has announced that the ACRE brands – RS2, Vanderbilt and Open Options – will launch ACT ID, a new cloud-based mobile credential application that enables organizations to utilize both iOS and Android smartphones with existing WaveLynx multi-technology readers for secure access to doors in office buildings, government facilities, healthcare institutions, schools, residences and a growing variety of enterprises.  ACT ID cloud-based mobile credential solutio ACT ID features zero-touch, cloud-issued credentials for enrollment into a user’s access control system. The application does not require any subscriptions or fees, making it an extremely flexible and affordable solution that allows organizations to transition to mobile access at their own pace.   “ACRE and its brands provide some of the industry’s most sought-after access control systems and solutions for customers across a variety of markets,” said Laurie Aaron, Executive Vice President, WaveLynx Technologies. Risk-free mobile access solution Laurie adds, “Through this integration, we’re able to provide additional functionality and risk-free mobile access solutions for end users to adopt as they update and expand their access control systems.”  “Mobility is an integral part of the goal of forward-thinking enterprise organizations, as more organizations look for way to leverage more touchless access control and seamless visitor management tools,” said Kim Loy, Chief Product Officer, ACRE. Touchless access control solutions Kim adds, “Partnering with WaveLynx across the ACRE organization allows our brands to capitalize on this demand from the market and diversify their ability to provide secure, convenient mobile security options to partners and customers alike.”

Can a smart card be used securely for multiple applications (and among multiple manufacturers )? End users are demanding such interoperability, and they also want openness to switching out components of their access control systems in the future without being “locked in” to one vendor. Those are the goals of the LEAF Identity consortium, a collection of companies that share and support end user-owned encryption keys stored securely in smart cards with MIFARE DESFire EV2 chips and are used to authenticate access control credentials and read the data required to access multiple applications secured by multiple vendor devices. Smart card systems - more secure Almost everyone in the industry now knows that low-frequency (125 kHz) “prox” cards are not secure; in fact, low-cost cloning equipment is readily and inexpensively available. As the industry transitions to encrypted cards, challenges of interoperability persist. Keeping smart card systems more secure are AES 128 encryption keys encoded onto the card chips. Information is exchanged via radio frequency (RF) in a challenge-response interaction when a card is presented to a reader. The most recent LEAF EV2/EV3 cards allow up to 16 devices to be individually accessed using 16 unique keys, respectively that are stored in the smart cards (and among a variety of manufacturers). LEAF Identity Consortium enables interoperability with encrypted Smart Cards LEAF Memory Model specifies a standard EV2 (EV1 backward compatible) smart card data format and application access protocols that ensure each manufacturer’s devices can interface with a card chip in the same way. Specifically, each card has a “common data structure” based on the LEAF Memory Model, which means that the location of information is arranged on a card chip in a predictable and consistent manner. Each end-user application (for door readers, secure printing, vending, etc.) stored in the card is secured with their own cryptographic key. Member companies adhere to that structure in order to be interoperable with a single credential. There are no license fees or intellectual property rights involved. Keysets The approach involves a LEAF Custom Cryptographic Keyset (LEAF Cc Keysets) owned by the end-user. “When we present these concepts to integrators, they realize that, first, they need to get their clients to pay attention to the risks around proximity cards and to migrate to encrypted card technology,” says Laurie Aaron, Executive Vice President, WaveLynx Technologies Corp. “Then we explain the benefits of customer-owned keys and of the LEAF data structure. Then integrators can differentiate themselves by selling the value of the end-user staying in control and having unlimited interoperability.” WaveLynx Access control manufacturer WaveLynx is implementing the LEAF concept, which is the brainchild of CEO Hugo Wendling, who saw the advantages of leveraging the ability of an EV2 chip card to authenticate access to multiple applications by multiple manufacturer’s devices. WaveLynx set up the specification, maintains the website, and is involved when a manufacturer wants to become LEAF Enabled. They provide a key management service (for life) to end-users based on LEAF capabilities. End-users “own” the keys and can submit a request to WaveLynx to have us securely share them with any other manufacturer. Sharing a key involves two key custodians from WaveLynx Technologies and the Vendor who is receiving the customer’s keys, each of whom only has access to half of the encrypted key in order to keep it secure.  Keys are shared via a “key ceremony”. Combining capabilities The LEAF consortium provides a way for manufacturers to work together to provide an ecosystem of devices that are compatible with a single encrypted smart card without the need to embed proprietary reader modules in their devices or license another manufacturer’s technology, thereby making it possible for them to increase their market share. Working together, independent manufacturers can assemble a group of devices to compete more effectively with larger manufacturers. In effect, they combine their capabilities in order to offer the end-user viable options and to compete. LEAF Consortium partners include Allegion, ASSA ABLOY, Brivo, Eline by DIRAK, Linxens, RFIDeas, and Telaeris. Biometric partners include Idemia and IrisID. Biometric devices may either store their biometric on the card or on a central database and access it through the badge number. The LEAF standard continues to evolve. Although the standard does not currently offer mobile credentials, a common mobile credential standard is currently being discussed and designed by the Consortium.  

Maxxess Systems, a globally renowned company in event response management and collaboration systems, is pleased to announce that they have entered into a global strategic partnership with WaveLynx Technologies, leveraging complementary technology innovations and a shared focus on expanding market adoption of mobile access control. Ethos Readers and LEAF credentials Maxxess Systems will serve as a reseller of WaveLynx Ethos Readers and LEAF credentials, and will develop an end-to-end mobile access solution integrating Wavelynx MyPass technology for automatic mobile credential provisioning into Maxxess’ suite of security and safety management solutions. “The current security environment has demonstrated to all company leaders the importance and value of mobile credentials,” said Nancy Islas, President of Maxxess Systems, adding “WaveLynx MyPass Mobile Credentials provides convenient security while complimenting Maxxess mobile suite of safety solutions.” Maxxess eFusion solutions Laurie Aaron, WaveLynx Technologies, Executive Vice President stated, “WaveLynx Technologies drives our products into the market through our loyal, value-added OEM partners and we’re excited to partner with Maxxess Systems. WaveLynx reader devices and our LEAF enablement align with the innovative culture of Maxxess eFusion solutions and the partnership will help WaveLynx expand our international presence in South America, Europe and the Middle East.”