Software House Access Control Cards, Tags & Fobs(2)
Browse Access Control Cards, Tags & Fobs
- Software House
Access control card/ tag/ fob products updated recently
Today’s security industry technology standards create a common framework for achieving predictable performance. Systems are made more secure and easier to install, use and integrate with other devices. Standards are also intended to be living documents, open to continual refinements to benefit manufacturers, integrators and end users. An excellent example is the Open Supervised Data Protocol (OSDP), which is now the industry’s gold standard for physical access control installations. It was designed to offer a higher level of security with more flexible options than the aging defacto Weigand wiring standard. Updating OSDP-readers simultaneously One recent addition enables end users to push firmware and software updates to thousands of OSDP-enabled card readers simultaneouslyOSDP, first introduced in 2011 by the Security Industry Association (SIA), continues to evolve with significant manufacturer input. One recent addition enables end users to push firmware and/or software updates to a few or thousands of OSDP-enabled card readers simultaneously. Weigand technology requires updates to be made one at a time at each reader. Regularly changing reader encryption keys is an excellent way to enhance facility security. It’s easy using the OSDP file transfer capability and the latest DESFire EV2 credentials containing multiple encryption keys. You can transfer the next code on the card to all readers and the job is done. And there’s no need to create a new card for each user or reprogram each individual reader. AES-128 encryption ensures cybersecurity It’s time to migrate entirely away from Weigand technology. If greater security, convenience and reduced labour from the latest OSDP updates isn’t reason enough, here are a few more things to consider. The 40-year-old Weigand protocol provides no signal encryption, making it easy for hackers to capture the raw data transmitted between cards and readers. OSDP readers support AES-128 encryption while providing continuous monitoring of wires to guard against cybercriminals. Weigand reader installations require homerun cable pulls from the control panel to each peripheral device. OSDP readers can be daisy chained, providing additional savings on cabling and installation time. Weigand technology is simply too slow to work with today’s most versatile and secure card technologies. OSDP readers work with virtually all modern access control cards. The OSDP standard also works with biometric devices; Weigand does not. Meeting requirements of FICAM guidelines SIA is pushing to make the latest OSDP version a standard recognised by the ANSI, a move to enhance the global competitiveness of U.S. security businessesAlso, OSDP is becoming a must-have standard for organisations demanding the highest security levels. The standard meets requirements of the Federal Identity, Credential and Access Management (FICAM) guidelines that affect how the access control industry does business with the federal government. SIA is pushing to make the latest OSDP version a standard recognised by the American National Standard Institute (ANSI), a move to enhance the global competitiveness of U.S. security businesses. There’s still a large worldwide reader installation base that works solely with the Weigand protocol. Admittedly, changing them all at one time may be prohibitively expensive; however, standards should be viewed as a journey, not a destination. That’s why a measured migration is the right choice for many organisations. Begin by securing the perimeter. Replace only the outside-facing Weigand readers. As long as the walls are secured, the inside can remain a softer target until OSDP-compatible readers can be added indoors. The case for moving to OSDP as a standard is compelling. It offers our industry the opportunity to design access control software and products that provide what end users want most – greater security, flexibility and convenience.
It’s not surprising that people are nervous about the security of newer technologies, many of which are part of the Internet of Things (IoT). While they offer greater efficiency and connectivity, some people still hesitate. After all, there seems to be a constant stream of news stories about multinational corporations being breached or hackers taking control of smart home devices. Both of these scenarios can feel personal. No one likes the idea of their data falling into criminal hands. And we especially don’t like the thought that someone can, even virtually, come into our private spaces. The reality, though, is that, when you choose the right technology and undertake the proper procedures, IoT devices are incredibly secure. That said, one of the spaces where we see continued confusion is around access control systems (ACS) that are deployed over networks, particularly in relation to mobile access, smartcards, and electronic locks. These technologies are often perceived as being less secure and therefore more vulnerable to attacks than older ACS systems or devices. In the interest of clearing up any confusion, it is important to provide good, reliable information. With this in mind, there are some myths out there about the security of ACS that need to be debunked. The fact that these devices communicate with an ACS via Bluetooth or Near Field Communication (NFC) leads to one of the main myths we encounter Myth #1: Mobile credentials are not secure The first myth we have to look at exists around mobile credentials. Mobile credentials allow cardholders to access secured doors and areas with their mobile devices. The fact that these devices communicate with an ACS via Bluetooth or Near Field Communication (NFC) leads to one of the main myths we encounter about the security of credentialed information. There is a persistent belief that Bluetooth is not secure. In particular, people seem to be concerned that using mobile credentials makes your organisation more vulnerable to skimming attacks. While focusing on the medium of communication is an important consideration when an organisation deploys a mobile credentialing system, the concerns about Bluetooth miss the mark. Bluetooth and NFC are simply channels over which information is transmitted. Believing that Bluetooth is not secure would be the same as suggesting that the internet is not secure. In both cases, the security of your communication depends on the technology, protocols, and safeguards we all have in place. So, instead of wondering about Bluetooth or NFC, users should be focused on the security of the devices themselves. Before deploying mobile credentials, ask your vendor (1) how the credential is generated, stored, and secured on the device, (2) how the device communicates with the reader, and (3) how the reader securely accesses the credential information. When you deploy smartcard technology as part of your ACS, you should choose the latest generation, such as MiFARE DesFIRE EV1 or EV2 and HID iCLASS SEOS Myth #2: All smartcards are equally secure The question “how secure are my smartcards?” is a serious one. And the answer can depend on the generation of the cards themselves. For example, while older smartcards like MiFARE CLASSIC and HID iCLASS Classic offer better encryption than proxy cards and magstripe credentials, they have been compromised. Using these older technologies can make your organisation vulnerable. As a result, when you deploy smartcard technology as part of your ACS, you should choose the latest generation, such as MiFARE DesFIRE EV1 or EV2 and HID iCLASS SEOS. In this way, you will be protecting your system as well as your buildings or facilities. Some traditional readers and controllers can also pose a serious risk to your organisation if they use the Wiegand protocol, which offers no security. While you can upgrade to a more secure protocol like OSDP version 2, electronic locks are a very secure alternative worth considering. It is also important to understand that not all smartcard readers are compatible with all smartcard types. When they are not compatible, the built-in security designed to keep your system safe will not match up and you will essentially forego security as your smartcard-reader will not read the credentials at all. Instead, it will simply read the non-secure portion—the Card Serial Number (CSN) —of the smartcard that is accessible to everyone. While some manufacturers suggest that this is an advantage because their readers can work with any smartcard, the truth is that they are not reading from the secure part of the card, which can put your system and premises at risk. Using electronic locks can help protect facilities and networks through various security protocols, including encryption and authentication Myth #3: Electronic locks are more vulnerable These days, there are still many who believe that electronic locks, especially wireless locks, are more vulnerable to cybercriminal activity as compared to traditional readers and controllers. The concern here is that electronic locks can allow cybercriminals to both access your network to get data and intercept commands from the gateway or nodes over the air that would allow them access to your buildings or facilities. The reality is that using electronic locks can help protect facilities and networks through various security protocols, including encryption and authentication. Additionally, because many of these locks remain operational regardless of network status, they provide real-time door monitoring. This means that many electronic locks not only prevent unauthorised access but also keep operators informed about their status at all times, even if a network goes down. Outdated technology and old analogue systems are more vulnerable to attacks When it comes to deploying electronic locks, it is important to remember that, like any device on your network, they must have built-in security features that will allow you to keep your information, people, and facilities safe. Be prepared to unlock future benefits Ultimately, the information in your IP-based ACS is at no greater risk than any other information being transmitted over the network. We just have to be smart about how we connect, transmit, and store our data. In the end, maintaining the status quo and refusing to move away from old technology is not a viable option. Outdated technology and old analogue systems are more vulnerable to attacks. The reason it is so important to debunk myths around ACS and, at the same time, get people thinking about network security in the right way is that network-based systems can offer an ever-increasing number of benefits. When we deploy new technology using industry best practices and purchase devices from trusted vendors, we put ourselves and our networks in the best possible position to take full advantage of all that our increasingly connected world has to offer.
The basic principles of access control are well established: only authorised people should have access to secure areas, only at times that can be defined in advance, and only within a system that can identify exactly who went where, and when. Traditional mechanical lock-and-key systems cannot accomplish this — at least, not without loading a huge admin burden onto security staff. But modern, electronic wireless access control has the flexibility to achieve it. What criteria determine the right sort of access control for your organisation? It makes sense to assess what is desirable against what is affordable or available in the electronic access control market today. Asking yourself these 5 questions will lead to a wise investment in the right technology: Wireless locks like Aperio work seamlessly with existing systems from over 100 different access control providersDo you want to extend your existing system, or begin from scratch? You are not stuck with locks chosen by a previous management team. Security needs change. Wireless locks like Aperio, for example, work seamlessly with existing systems from over 100 different access control providers, integrated online or offline. You will save time and money extending your current system with a technology like Aperio and users can continue with their existing credentials. Going forward, it makes sense to choose locks built using open architecture, for added flexibility and to future-proof your next investment. Who are the site users and what kind of credentials suit their needs? In many industries, access to premises is required by permanent staff and short-term contractors: your access system needs to be flexible. Different systems offer credentials stored on cards and fobs, or on programmable, battery-powered keys. For example, the new Openow app for SMARTair wireless locking converts a user’s smartphone into a virtual key. You issue and revoke user keys using the intuitive software, an efficient, flexible mobile management solution. What is the structure of the site (or sites) you protect? You will need different locks for high-traffic and low-traffic doors, indoor and outdoor use. Almost everywhere, wireless locks are much easier to install and to maintain than traditional wired magnetic locks — and more cost-effective to run. Certified wireless security locks provide extra protection for sensitive areas needing stringent standards. If you have a mobile workforce or manage dispersed sites, consider the credential management practicalities. For example, programmable keys that are easy to update with a Bluetooth-enabled smartphone app — like ASSA ABLOY’s CLIQ Connect solution — will save your staff time and money. For outdoor access points, you will need gate locks or padlocks certified for operation in extreme conditions Do you want to secure more than just doors? Some wireless systems have locks for cabinets, machines, windows and even server racks (handy if you want an extra layer of control over co-located servers). There will be workflow advantages in monitoring these ‘non-doors’ — medicine stores, for example, or car parks or lifts — from the same admin interface as your doors. Site users will appreciate the convenience of carrying one credential for every access need. For outdoor access points, you will need gate locks or padlocks certified for operation in extreme conditions. For example, CLIQ mechatronic padlocks are currently deployed outdoors at utility sites in Scandinavia and supermarkets in East Africa. Do you need real-time capabilities? Choose an Online system and you can manage and amend access control doors at any time and from anywhere, using the admin software. You can monitor sensitive areas like medicine stores remotely and in real time, and can revoke access rights if a user credential gets lost. In an emergency, remote locking or unlocking of an entrance could be critical. Aperio wireless locks, for example, are integrated with online electronic access and real-time monitoring systems in hospitals, manufacturing plants and student halls of residence. With some systems, including SMARTair, you can combine ‘Update on Card’ and Online updating for different doors within the same installation. The CLIQ Connect app and programmable keys make real-time control over remote sites or teams possible. Wireless access control offers a compelling mix of audit compliance, easy installation, cost efficiency, and seamless integration. It makes life easier for security managers, and is deployed in premises as diverse as power plants and co-working spaces; museums and care homes; banks, schools and skyscrapers.
As physical security systems increasingly resemble the architecture of an IT (information technology) network, the cybersecurity risks are increasing. Sometimes hacks in physical security go unrecognised because of poor detection. Here's part two of our Cybersecurity series. Going forward, the physical security industry should adopt the same principles as the information security market, embracing new elements such as risk assessment and certifications. A change in culture is needed to align and embrace cybersecurity and make necessary improvements, says Terry Gold of D6 Research. Independent testing and access control There are signs of progress. Increasingly, access control systems today are designed to be more cyber-resilient and are tested extensively to discover and address any vulnerabilities. Data capture form to appear here! For example, the latest version of Tyco’s C-Cure 9000 undergoes independent testing to discover and address any critical vulnerabilities, and new firmware and software updates are tested to ensure they do not open any ‘back doors.’ Tyco’s Cyber Protection Program is part of the company’s ‘holistic approach’ to supplying customers with quality solutions. If cybersecurity is managed properly, the new wave of access control systems are as secure as previous systems. In some cases, more secure. For example, the new generation of smart cards, such as MiFARE DesFIRE EV1 or EV2 and HID iCLASS SEOS, use protocols that are much safer than the last generation Wiegand systems. New secure protocols such as OSDP version 2 are a better alternative to Wiegand. The new wave of access control systems are more secure than previous systems and use protocols that are much safer than the last generation Protocols for wireless electronic locks Wireless electronic locks use security protocols such as encryption and authentication that prevent cybercriminals from accessing the network to get data and intercept commands. In short, the information in an IP-based access control system is at no greater risk than any other information being transmitted over the network, as long as smart decisions are made on how systems are connected and data is transmitted and stored. Standards are one approach to ensure a minimum level of cybersecurity for physical security products and systems. For example, Underwriters Laboratories (UL) seeks to work with manufacturers to up their game on cybersecurity and to certify compliance to a minimum level of cybersecurity ‘hygiene.’ Requirements for software cybersecurity The UL Cybersecurity Assurance Program (CAP) has developed the UL 2900-1 standard, which offers General Requirements for Software Cybersecurity for Network-Connectable Products. It was published in 2016 and in July 2017 was published as an ANSI (American National Standards Institute) standard. The standard was developed with cooperation from end users such as the Department of Homeland Security (DHS), U.S. National Laboratories, and other industry stakeholders. UL 2900-2-3 – the standard that focuses on electronic physical security/Life Safety & Security industry, was published in September 2017. Cybersecurity should be an element in physical security as the risk for data to be physically removed from a building is greater than ever Physical security integral to cybersecurity Not only should cybersecurity be an element in physical security, the reverse is also true: Physical security should be seen as integral to cybersecurity. Looking at the intersection of cybersecurity and physical security from this opposite angle uncovers a world of opportunity to make the enterprise safer. Physical risks to cybersecurity include insider and outsider threats, poor or non-existent screening, and the presence of a seemingly innocent personal item. Off-the-shelf devices such as SD cards, external hard drives, audio recorder and even smart phones can be used to transport audio, video and/or computer data into and out of a building. For the private and public sectors, the risk for data to be physically removed from a building is greater than ever, and physical security systems can protect against this vulnerability. Missed part one of our Cybersecurity series? Click here. Part three, coming soon.
Effective access control can be achieved without the use of cards using a new generation of secure facial authentication enabled by artificial intelligence and machine learning. Alcatraz AI is introducing a system that deploys a sensing device, about the size of a badge reader, with multiple colour and infrared cameras that can detect facial features and confirm an identity. Real-time 3D facial mapping avoids anyone using a photograph, video or mask to spoof the system and confirms there is a real person that matches the stored facial image. System helps in tailgating mitigation Deep neural networks, powered by NVIDIA, enable the system to achieve new levels of frictionless access control, says Vince Gaydarzhiev, CEO of Alcatraz AI. Computer processing is achieved at the edge to ensure speedy and secure access control. We saw an opportunity to create a system that solves issues of tailgating and addresses the need for security without increasing friction"“We saw an opportunity to create a system that solves issues of tailgating and addresses the need for security without increasing friction,” says Gaydarzhiev. The accuracy of the system lessens the need for security guards, he says. The Silicon Valley startup, currently with 20 employees, was founded in early 2016 by a team from Apple, NVIDIA and Lily Robotics with a goal of targeting mid- to large-sized corporations that currently have deployed badging systems. The company has raised close to $6M from venture capital firms and individuals, and Johnson Controls/Tyco has invested in the startup. Alcatraz AI’s sensor device, mounted near a door, confirms a user’s identity and communicates the user’s badge number to the existing access control infrastructure. “The system improves the facial profile every time, using the neural network to be even more accurate in the future,” says Gaydarzhiev. He says it is the industry’s first “instant one-factor authentication for multi-person in-the-flow sensing.” The system is less expensive than previous facial authentication systems and does not require users to be very close to the reader Easy enrolment and deployment Enrolment in the system is easy. Companies can deploy a separate enrolment station, or any reader can be used for enrolment. After badging in a couple of times, the face matching system “enrols” the face with the associated badge number, thus allowing the user to dispense with the badge altogether. In the future, the frictionless system simply recognises the user and opens the door. A user company can quickly deploy the system at locations where thousands of employees have access, without requiring employees to go to HR for enrolment. Gaydarzhiev says accuracy of the system is no less than that of iris scanning, and the accuracy is configurable for specific needs. He says the system is less expensive than previous facial authentication systems and does not require users to be very close to the reader. Facial authentication is also more flexible than iris scanning or fingerprinting. Detecting intent from positioning of eyes The system detects intent from the positioning of the eyes and body to avoid opening a door unintentionallyIn contrast to near field communication (NFC) or Bluetooth systems, the technology does not require a compatible smart phone or have issues of communication range. There is no need for users to stop and perform an action or gesture to signal intent. The system detects intent from the positioning of the eyes and body to avoid opening a door unintentionally, says Gaydarzhiev. Alcatraz AI is targeting high-tech enterprises, including healthcare, government and eventually banks. Currently they have three pilot installations among large global software companies and are undergoing trials with some government agencies. Today, they sell direct to end users, but the intent is to develop a dealer channel that will account for most of the sales.
Visitors to The Security Event will be among the first to see live demonstrations of some of the latest products to be launched by Tyco, the security division of Johnson Controls. A wide range of access control, intrusion and video products from the American Dynamics, Exacq, Illustra, Bentel, CEM Systems, DSC, Kantech, Software House and Visonic brands, which are supplied under the Tyco umbrella, will be on show on stand SE102. These include: Access control credential iotega, an all-in-one smart security and home automation platform for residential and small commercial properties A new camera to cloud solution which provides a cost-saving and efficient and method of managing IP cameras and securely storing video in the cloud. The recently launched Illustra Flex IR 30 x PTZ cameras which have adaptive IR illumination that adjusts the intensity of the IR in line with the operator controlled zoom setting of the camera. A new 8 channel VideoEdge Deep Intelligence Network Video Recorder (NVR), which utilises machine learning techniques with the help of a powerful Graphic Processing Unit (GPU). This optimises the ability of the NVR to display highly accurate video intelligence compared to standard methods of video analytics. Kantech EntraPass software which enables users to operate any number of doors where card access is required and provides support for a server based Go Pass mobile App that allows card holders to use their mobile phones as an access control credential. iotega, an all-in-one smart security and home automation platform for residential and small commercial properties. Commercial security exhibition Tyco is a Founding Partner of The Security Event which takes place at the NEC Birmingham on 9-11th April, 2019 and is intended to fulfil the need for a UK focused commercial security exhibition. “The opportunity to take an active role as a Founding Partner in an industry event which will be at a location which so many of our customers consider ‘home’, is extremely welcome,” said Gordon Morrison, GB Sales Director for the Tyco Security Products access control and video brands. “The concept, focus and size of the show makes it ideal for us to showcase our unified fits with our requirements and plans for a major part of our business."
5 steps to finding the right access control system for youDownload
Why outdated access control systems are a big problemDownload
Five things to consider for AI with video technologyDownload
SMARTair wireless access control solution brings sensitive areas at the Syrenparken mental health treatment facility under total control
- SALTO provides parking solutions to Ports of Jersey with its smart access control solution
- ASSA ABLOY helps Vejle Friskole staff to reduce key management time with its SMARTair® system
- Vanderbilt ACT365 addresses access control security concerns at Study Abroad University, London