Published on 19 October, 2016
|ScanPass® Mobile Credential is engineered to remove the prevalent issues associated with card-based cyber threats
Cyber threats and hacking are consistently in the news, and recent reports have circulated that indicate that some access control readers can be easily compromised. ScanPass Mobile Credential is purpose built to prevent the three primary methods with which card-based access control is circumvented: skimming, eavesdropping, replay attacks and tampering.
Skimming is a method with which an attacker uses his reader to access information on the victim’s RFID device or token. Eavesdropping occurs when an attacker recovers the data sent during a transaction between a legitimate reader and a token. Replay attacks permit a user to temporarily construct a “clone” of a token, thereby allowing permission to access the system. All three can be used to get network data and let unauthorised parties into the protected premises. Then there’s the widely deployed Wiegand protocol, which fosters further vulnerabilities because of its open and non-standard-based communication method.
ScanPass Mobile Credential technology features
Here’s why their technologically sound and cutting-edge ScanPass Mobile Credential technology inherently removes the dangers of possible cyber threats and takeovers:
- Every transmission from the user’s device to the access expander is fully encrypted.
- Access requests are designed with built-in replay protection.
- Each device credential is unique which means that they cannot be shared or duplicated and offer greater security since they are 64-bit for Android and 128-bit for Apple iOS devices.
- Unauthorised use is prevented by secure log-in requirements and the phone’s security lockout enabled.
- Since no access readers are required at the premises with ScanPass Mobile Credential, there is no equipment accessible for tampering. Especially with outdoor access readers, attackers can deliberately damage systems by attacking the wiring and IP reader wiring can be used to connect to the premise computer networks.
- Connect ONE’s Access Expander provides lockout timing after a certain number of invalid attempts with ever-increasing lockout times as invalid requests continue.
- Device credentials can be deactivated at any time through the cloud-hosted user interface.
- Permissions are individualised customised and granted by door, time, holiday and expiration settings.
Ensuring safety of business
If one wishes to ensure their customer’s business is safe and secure, consider the advantages inherent in ScanPass Mobile Credential. The unique convenience application uses a barcode sticker affixed at the entrance location to identify the door to be opened quickly and easily. Not only does it leverage the smartphone, but users with a tablet, iPad or any connected device with a camera and WiFi or cellular connectivity can use it to access the door. ScanPass Mobile Credential requires no software to install or maintain, eliminating access control cards/fobs and the installation of readers and controllers – a substantial cost savings for the installing dealer and their customers.
ScanPass Mobile Credential and Connect ONE are products of Connected Technologies, LLC. The Connect ONE cloud-hosted interface manages all the customer’s solutions – security, access control, video, critical temperature monitoring and energy management from an easy to use platform.