Access control software - Expert commentary

The EU called for a ban on police use of facial recognition but not commercial use. Why?
The EU called for a ban on police use of facial recognition but not commercial use. Why?

Recently, the European Parliament called for a ban on police use of facial recognition. In the US, too, some cities have restricted police use of facial recognition. The first question that comes to mind is - why ban police from using technology that is allowed to private companies? Point of difference The key difference between the way police use facial recognition and the way commercial facial recognition products work is that: The police get a picture of a suspect from a crime scene and want to find out: "Who is the person in the picture?" That requires as wide a database as possible. Optimally - photos and identities of all the people in the world. Commercial facial recognition products such as those used by supermarkets, football stadiums, or casinos answer different questions: "Is the person in the picture on the employees' list? Is the person in the picture on a watch-list of known shoplifters?" To answer these questions doesn't require a broad database but rather a defined list of employees or a watch-list of specific people against whom there is an arrest warrant or a restraining order. Use of facial recognition AnyVision helps organisations leverage facial recognition ethically to identify known persons of interest "Facial Recognition Apps Should Be Provided to the Police with an Empty Database". This is exactly the subject of the open letter sent by AnyVision, to the British Biometrics and Surveillance Camera Commissioner, Prof. Fraser Sampson, titled: "Facial Recognition Apps Should Be Provided to the Police with an Empty Database". AnyVision recently raised $235M from Softbank and another leading VCs is a visual AI platform company that helps organisations across the globe leverage facial recognition ethically to identify known persons of interest, including shoplifters, felons, and security threats. Ethical use of facial recognition AnyVision CEO Avi Golan wrote, "The ethical use of facial recognition is a thorny one and requires a nuanced discussion. Part of that discussion has to explain how facial recognition works, but, just as important, the discussion must also involve how the technology is used by police departments and what checks and balances are built into their processes.” “We recommend building their watchlists from the ground up based on known felons, persons of interest, and missing persons. Some facial recognition solution providers have scrapped billions of photos and identities of people from social networks, usually without their consent." "Unfortunately, this method of facial recognition has justifiably angered privacy groups and data protection agencies around the globe and damaged the public trust in accuracy and reliability of facial recognition systems.” Preventing invasion of citizen’s privacy We believe an unjustified invasion of citizens' privacy can be prevented, false arrests can be reduced" “We believe that lists of suspects should be limited and justified. In this way, unjustified invasion of citizens' privacy can be prevented, false arrests can be reduced and public confidence in technology can be increased.” Golan added: "AnyVision is willing to share its industry insights and best practices from our vast research experience with leading global players, including name-brand retailers, global hospitality and entertainment companies, and law enforcement agencies from around the world.” Balancing public order and crime prevention “If the regulations set forth by Surveillance Camera Code of Practice are committed to the principles outlined above, then law enforcement agencies can strike the right balance between the need to maintain public order and prevent crime with the rights of every person to privacy and non-discrimination before the law." Recently Clearview AI CEO told Wired; the company has scraped 10 billion photos from the web - 3 times more than was previously known.

The growing popularity of personal safety apps
The growing popularity of personal safety apps

The past year has elevated consumer awareness about personal safety, from COVID-19 issues to social unrest, making safety top-of-mind and the need for personal safety solutions, even more prevalent. In addition, consumers spent more time at home, as schools closed, events were canceled and remote work increased. This prompted two major shifts that, in my opinion, most significantly opened the need for and raised the popularity of mobile safety solutions. Demand for grocery and food delivery apps surged Rise in use of app-based delivery services During the past 18 months, the use of app-based delivery services has skyrocketed During the past 18 months, the use of app-based delivery services has skyrocketed. With more use comes more interactions among strangers in homes and businesses, and while the majority of these moments are completely safe and convenient, incidents are happening, ranging from uncomfortable situations to physical assaults.   And, with more delivery drivers on the road, there are going to be more accidents among gig-economy workers. Based on recent estimates, food and grocery delivery are expected to remain popular, even as we get back to normal life. High popularity of mobile security apps and wearables With more work shifting from stationary locations to working on-the-go, mobile security apps or wearables can be a lifeline in all sorts of situations. It’s important for these mobile safety products to be comprehensive, dynamic and designed to address the full range of people’s safety and security needs, from providing simple human reassurance to dispatching emergency help. Domestic violence cases increased According to the National Domestic Violence Hotline, due to COVID-19 lockdown restrictions, domestic violence rose as a result of many victims being stuck at home with their abusers, while sheltering in place and working from home. Mobile safety apps, such as ADT’s SoSecure U.S. Attorneys General and other state-elected officials have endorsed mobile safety apps, like SoSecure by ADT These situations necessitate the need for discreet ways for victims to call for help. U.S. Attorneys General and other state-elected officials have endorsed mobile safety apps, like SoSecure by ADT, as a tool to help victims of domestic abuse, safely call for help, without alerting their abuser. Over the past year, the mobile safety app market has seen tremendous innovation, including more user-friendly ways to make SOS calls. Today, within a single app, a person can summon help hands-free, by saying a secret phrase, by text or by swiping a button. Extension of mobile safety into wearable devices And, users can connect with people trained to help in unsettling situations over video, which can be an effective deterrent and provide video evidence. We’ve also seen the extension of mobile safety into wearable devices, in order to make these devices more discreet and usable. There will always be some safety risks in our lives. However, the good news is there’s no need to live in a constant state of fear. The easiest, most direct way to be prepared and ready to ‘fight back’ is by having a personal safety tool in your pocket, a mobile safety app that is there, when you need it most.

Cutting through the hype: AI and ML for the security space
Cutting through the hype: AI and ML for the security space

Today’s organisations face numerous diverse threats to their people, places and property, sometimes simultaneously. Security leaders now know all too well how a pandemic can cripple a company’s ability to produce goods and services, or force production facilities to shut down, disrupting business continuity. For example, a category three hurricane barreling towards the Gulf of Mexico could disable the supplier’s facilities, disrupt the supply chain and put unexpected pressure on an unprepared local power grid. Delivering timely critical information Tracking such risk is hard enough, but managing it is even more difficult. A swift response depends on delivering the right information to the right people, at the right time. And, it’s not as easy as it sounds. Indeed, 61 percent of large enterprises say critical information came too late for them, in order to mitigate the impact of a crisis, according to Aberdeen Research (Aberdeen Strategy & Research). These challenges are accelerating the hype around Artificial Intelligence (AI) These challenges are accelerating the hype around Artificial Intelligence (AI). The technology promises to help us discover new insights, predict the future and take over tasks that are now handled by humans. Maybe even cure cancer. Accelerating the hype around AI But is AI really living up to all this hype? Can it really help security professionals mitigate risk? After all, there’s a serious need for technology to provide fast answers to even faster-moving issues, given the proliferation of data and the speed at which chaos can impact operations. Risk managers face three major obstacles to ensuring business continuity and minimising disruptions. These include: Data fatigue - Simply put, there’s too much data for human analysts to process in a timely manner. By 2025, the infosphere is expected to produce millions of words per day. At that pace, you’d need an army of analysts to monitor, summarise and correlate the information to your impacted locations, before you can communicate instructions. It’s a herculean task, made even more difficult, when we consider that 30 percent of this global datasphere is expected to be consumed in real time, according to IDC. Relevance and impact - Monitoring the flood of information is simply the first hurdle. Understanding its impact is the second. When a heat dome is predicted to cover the entire U.S. Pacific Northwest, risk managers must understand the specifics. Will it be more or less hot near their facilities? Do they know what steps local utilities are taking to protect the power grid? Such questions can’t be answered by a single system. Communication - Once you know which facilities are impacted and what actions to take, you need to let your employees know. If the event is urgent, an active shooter or an earthquake, do you have a fast, effective way to reach these employees? It’s not as simple as broadcasting a company-wide alert. The real question is, do you have the ability to pinpoint the location of your employees and not just those working on various floor in the office, but also those who are working from home? How AI and ML cut through the noise Although Artificial Intelligence can help us automate simple tasks, such as alert us to breaking news, it requires several Machine Learning systems to deliver actionable risk intelligence. Machine Learning is a branch of AI that uses algorithms to find hidden insights in data, without being programmed where to look or what to conclude. More than 90 percent of risk intelligence problems use supervised learning, a Machine Learning approach defined by its use of labelled datasets. The benefit of supervised learning is that it layers several pre-vetted datasets, in order to deliver context-driven AI The benefit of supervised learning is that it layers several pre-vetted datasets, in order to deliver context-driven AI. Reading the sources, it can determine the category, time and location, and cluster this information into a single event. As a result, it can correlate verified events to the location of the people and assets, and notify in real time. It’s faster, more customised and more accurate than simple Artificial Intelligence, based on a single source of data. Real-world actionable risk intelligence How does this work in the real world? One telecommunications company uses AI and ML to protect a mobile workforce, dispersed across several regions. An AI-powered risk intelligence solution provides their decision makers with real-time visibility into the security of facilities, logistics and personnel movements. Machine Learning filters out the noise of irrelevant critical event data, allowing their security teams to focus only on information specific to a defined area of interest. As a result, they’re able to make informed, proactive decisions and rapidly alert employees who are on the move. Four must-have AI capabilities To gain real actionable risk intelligence, an AI solution should support four key capabilities: A focus on sourcing quality over quantity. There are tens of thousands of sources that provide information about emerging threats - news coverage, weather services, social media, FBI intelligence and so much more. Select feeds that are trusted, relevant and pertinent to your operations. Swift delivery of relevant intelligence. To reduce the mean-time-to-recovery (MTTR), risk managers need an accurate understanding of what’s happening. Consider the different contextual meanings of the phrases ‘a flood of people in the park’ and ‘the park is at risk due to a flood’. Machine Learning continuously increases the speed of data analysis and improves interpretation. Ability to cross-reference external events with internal data. As it scans different data sources, an AI engine can help you fine-tune your understanding of what’s happening and where. It will pick up contextual clues and map them to your facilities automatically, so you know immediately what your response should be. Ready-to-go communications. Long before a threat emerges, you can create and store distribution, and message templates, as well as test your critical communications system. Handling these tasks well in advance means you can launch an alert at a moment’s notice. The ability to minimise disruptions and ensure business continuity depends on speed, relevance and usability. AI and ML aren’t simply hype. Instead, they’re vital tools that make it possible for security professionals to cut through the noise faster and protect their people, places and property.

Latest HID Global news

HID Global’s PKI-as-a-Service (PKIaaS) platform simplifies certificate automation with support for Microsoft autoenrollment protocol
HID Global’s PKI-as-a-Service (PKIaaS) platform simplifies certificate automation with support for Microsoft autoenrollment protocol

Automating the issuance of all enterprise public or private trusted digital certificates through a single platform reduces the risk of certificate mismanagement and associated outages. HID Global, a pioneer in trusted identity solutions, has simplified certificate automation for any Microsoft Active Directory-managed network devices with its PKI-as-a-Service (PKIaaS) platform. Customers can seamlessly issue, renew, replace or revoke certificates automatically with Microsoft Autoenrollment now that any device on the network can easily be connected with HID’s cloud-based PKIaaS via the Microsoft Autoenrollment connector. Cloud-based PKIaaS platform HID Global, through its cloud-based, HID PKIaaS platform that delivers the industry’s broadest range of automation capabilities for managing privately issued and publicly trusted certificates. The platform eliminates manual, risk-prone processes for tracking, installing, and renewing certificates, and provides one secure and convenient cloud-based platform for all certificate needs. Out-of-the-box integration PKIaaS platform’s out-of-the-box integration and Account Certificate Manager enables customers to centrally manage certificates HID Global has simplified how to integrate Microsoft Active Directory-managed network devices with its cloud-based PKIaaS to automate their certificate lifecycles. The HID’s PKIaaS platform’s out-of-the-box integration and Account Certificate Manager enables customers to centrally manage all device certificates across the entire enterprise, either manually or through an active directory or a mobile device management platform, and whether they are issued automatically or manually. Identity and access management solutions Microsoft Active Directory has a 44 percent share of the market for identity and access management solutions. Providing out-of-the-box integration and automation support for it in HID PKIaaS eliminates the need for agent-based certificate distribution and automation. In addition to Microsoft Autoenrollment, HID PKIaaS supports various pre-built integrations with standards-based certificate management protocols including Simple Certificate Enrollment Protocol (SCEP), Enrollment over Secure Transport (EST), and Automated Certificate Management Environment (ACME). It also provides robust RESTful Application Programming Interfaces (APIs) to integrate with any other third-party tools for certificate orchestration and automation. Auto-Enrollment connector PKIaaS’s Auto Enrollment connector acts as a proxy and connects with Microsoft Active Directory  HID PKIaaS’s Auto Enrollment connector acts as a proxy and connects with Microsoft Active Directory for any certificate request that makes an outbound connection to HID’s PKIaaS platform for certificate issuance or updates. There is no need to update any firewall configuration for an inbound connection since it only makes an outbound connection at port 443. There is also no agent or other configuration change required at the individual device level, enabling customers to leverage existing technology deployments and infrastructure. About digital certificate and PKIaaS offerings HID PKIaaS offers trust for the enterprise and its computers, network devices, IoT systems, and e-commerce transactions. Use cases range from securing websites and email communications to digitising paper-based processes using digital certificates and securing network endpoints or connected machines. The HID PKIaaS offering with native support for the Microsoft Autoenrollment protocol is available as a low-cost subscription service with a guaranteed uptime Service Level Agreement (SLA).

HID Global announces that their Crescendo smart card family supports iCLASS credential technology
HID Global announces that their Crescendo smart card family supports iCLASS credential technology

HID Global, a provider of trusted identity solutions, announces that its HID Crescendo® smart card family now supports HID® iCLASS® credential technology. The cards enable users to seamlessly unlock doors, data and their computers via a single high-assurance authenticator that supports an organisation’s zero trust security strategy. HID Global is a pioneer in seamless, converged physical and cyber workplace access. It has now extended the benefits of its HID Crescendo cards as an all-in-one solution for physical access and strong authentication to the digital workplace, on-site and remote. Multi-factor authentication The Crescendo C2300 smart cards enable organisations to issue a corporate ID badge that functions as a universal credential, supporting FIDO, PKI and OATH, as well as providing options for Seos, Prox, MiFARE and now iCLASS® for physical access. Crescendo cards and USB keys can be managed with the HID WorkforceID™ cloud-based platform Key elements within HID Global’s identity and access management multi-factor authentication ecosystem for the workforce, Crescendo cards and USB keys can be managed with the HID WorkforceID™ cloud-based platform when printing badges, issuing PKI certificates and enabling oath-based authentication to IT systems and networks. Adding HID iCLASS 32K credential technology to the HID Crescendo C2300 cards extends user options for a full contactless access experience. A similar experience is also provided with HID Seos, HID Prox and MiFARE DESFire EV1 technologies on dual-interface C2300 cards. Centrally managed credentials Contactless technology enables users to simply tap their cards to open a door, authenticate to Windows, VPNs and cloud applications, or encrypt and sign data. The HID Crescendo family includes smart cards and universal serial bus (USB) keys that can be used alone or managed by HID’s WorkforceID digital credential manager service. The service supports a wide range of authenticators with the simplicity of centrally managed credentials and digital certificates. It combines consistent access and authentication experience for users with a simplified administrator experience for deploying public key-based two-factor authentication. The Crescendo C2300 smart cards with HID iCLASS credential technology are available now.

ASSA ABLOY to showcase door security and access control solutions at the GSX 2021
ASSA ABLOY to showcase door security and access control solutions at the GSX 2021

ASSA ABLOY’s presence at the 2021 Global Security Exchange (GSX) will focus on helping attendees identify opportunities to improve the safety, security and health of their facilities. Visit Booth #1353 to see the latest innovations in comprehensive door security and access control.    “Amid the health, economic, natural, and social crises we’ve experienced in the past 18 months, the role that security plays in creating safe and healthy environments is more critical than ever,” said Sean McGrath, Head of US Commercial Sales and Marketing, ASSA ABLOY Opening Solutions Americas. “Today’s dynamic environment requires creative approaches, innovative solutions, and ongoing collaboration to meet this challenge.” Most frequent touchpoints There are many examples of what can be done to upgrade the health, safety and security of a facility, including: Mitigating the spread of germs by reducing touchpoints at the door - Brought to the forefront because of the COVID-19 pandemic, preventing the spread of germs in a facility has become the new standard for healthy spaces. With doors and door hardware being some of the most frequent touchpoints in a building, creating low-touch or touchless openings is an effective way to accomplish this goal. At GSX, ASSA ABLOY will highlight their full range of Safer2Open™ products that allow doors to operate in a hands-free or touchless manner, including the newest addition: Alarm Controls NTB battery-powered wave-to-open sensor: The NTB Series can be used to quickly upgrade existing applications to code compliant no-touch solutions using existing wiring, extending touchless access and egress in an easy and affordable way. Wireless access control Utilising wireless access control to efficiently manage spaces - Wireless technologies continue to be an important option for upgrading the security of a facility. The ability to add access control to doors at a fraction of the cost of traditional solutions makes it even more valuable at a time when security requirements are growing and budgets are limited. Facilities can use this expanded access control footprint to improve safety by managing the flow of people, limiting the number of people in a particular area, and quickly changing how a space is used. Some of the latest developments in wireless access control include: HES ES100 integrated electric strike and card reader: As the newest addition to the Aperio® family of real-time wireless solutions, the HES ES100 combines a concealed electric strike with a surface-mounted wireless reader to provide yet another easy, affordable retrofit solution for remote control and monitoring. Adams Rite DL100 wireless deadlatch: Coming soon to the Aperio line of real-time wireless solutions, the DL100 offers cost-effective retrofit access control capabilities utilising the industry-standard Adams Rite MS® Door Prep for Deadlocks & Deadlatches for single or double narrow stile aluminium mechanical and automatic door applications. Future-proof environments Providing flexibility to adapt to changing requirements - Whether this means upgrading to the latest, high-security credentials or taking the necessary precautions to protect against cybersecurity risks, flexibility is key to creating resilient, future-proof environments. ASSA ABLOY offers many solutions that support this growing need, including one of the newest products that will be featured at GSX: SN Series: Available from ASSA ABLOY Group brands Corbin Russwin and SARGENT, the SN Series offers the latest in security and versatility with a choice of Wiegand communication protocol or Open Supervised Device Protocol (OSDP) that allows for secure channel, serial communication between the reader and Physical Access Control System (PACS). Featuring Signo™ reader technology from HID Global®, the SN Series is ideal for mixed credential environments and enables easy migration to higher security credentials and mobile access. Door opening solutions ASSA ABLOY Booth #1353 will feature a new product showcase with all of these new products ASSA ABLOY Booth #1353 will feature a new product showcase with all of these new products, as well as the award-winning Medeco 4 (M4) high-security key system that offers the highest level of protection against physical attack and unauthorised key duplication. It will also feature the latest complete door opening solutions, such as the multi-solution blast and hurricane opening that is designed to provide extra protection against explosions and hurricane-force winds and the RITE Slide integrated barn sliding door system that combines a sleek profile with an STC 34 rating for maximum privacy. Vertical market solutions In addition, the booth will showcase vertical market solutions and a new virtual 360° tour that helps universities visualise how door security solutions can be used to address everyday challenges on campus. The Global Security Exchange (GSX) 2021 will take place September 27-29 in-person at the Orange County Convention Center in Orlando, FL and online via the GSX digital platform. ASSA ABLOY’s sister companies will also be onsite, including Ameristar (booth #1363), LifeSafety® Power (booth #1463), and Traka (booth #1147).

Related white papers

Top 5 ways to ensure visitor safety and security

Moving to mobile: A guide for businesses switching to mobile access control

Attention OEMs: 5 Ways RFID Readers Can Secure Your Markets