Smartphone access - a new era in access control systems

Smartphone access - a new era in access control systems 3r31241.  
3r31241.  
For more than 20 years in access control systems, the prevailing type of identifier has been a contactless RFID card. Modern replacement by smartphones of everything and everything seems to have gotten to the extremely conservative ACS industry. 3r31241.  
3r31241.  
Moreover, the advantages of a smartphone in the ACS, in comparison with plastic cards, are absolutely destructive. Under the cut, we will destroy the card access control system and someone else. HID Global 3r31257. - one of the world's largest manufacturers of access control systems, 3r33535. Approximately rated that at the moment 40% of the global ACS market is HID Proximity cards (125 KHz), which in terms of security is the same hat as EM-marine. On the official HID website, these cards are fully present, and in 3r3356. Description
There is not a word that these cards can be copied. 3r31241.  
3r31241.  
The funny thing about quotes is that the Em-Marine card, StandProx worth 12 rubles and the simplest HID Proximity card, HID ProxCard II®, is 200 rubles . 3r31241.  
3r31241.  
The second main question immediately suggests itself: Is the Russian market doomed to the eternal use of contactless cards? And if not, what technologies are they replacing? 3r31241.  
3r31241.  
And here I will allow myself to express my own opinion - in the next few years the landscape of the market will seriously change, and nothing will, and no one will change that. 3r31241.  
3r31241.  
3r31135. In place of the card access control will come: 3r31136. 3r31241.  
3r31241.  
3r31139.  
3r31141. Mobile Access Technologies 3r3-31308.  
3r31141. Biometric identification
 
3r31241.  
On the current state of affairs in the field of biometric identification we have a huge longrid on our site. . But we will talk about mobile access technology in detail in this article. 3r31241.  
3r31241.  
The first company to offer mobile access to the mass consumer was HID Global, part of the ASSA ABLOY conglomerate, with a turnover for 2016 of $ 1.2 billion. Included in r3r3101. top 50 3r31257. The largest companies in the industry of security systems. 3r31241.  
3r31241.  
[i] Scan from "white paper" HID Global 3r3108. 3r31241.  
3r3111. 3r33112. 3r31257. 3r31241.  
Let us take 2014 as the starting point for the advent of technology in the markets. 3r31241.  
3r31241.  
Now 201? and in the Russian market you can find 10 manufacturers offering solutions for mobile access. 3r31241.  
3r31241.  
3r31139.  
3r31141. Foreign - 4
 
3r31141. Russian - 6 3-3331308.  
3r31241.  
It seems that we again beat everyone, and all the other countries of the world envy us. But the devil, as always, in detail, let's look at them. 3r31241.  
3r31241.  
And here is the first detail - Russian companies presented their products only in 201? announced in 2017 at an exhibition of technical security equipment 3r3139. Securika
. But in reality, work devices came on the market nonetheless in 2018.
 
3r31241.  
The second detail - in terms of the quantity of supply, Russian manufacturers, as always, benefit, but what about the quality. Inside - everything is bad, but there is hope. 3r31241.  
3r31241.  
What Russian ACS manufacturers have been waiting for for 4 years, especially with the understanding of all the catastrophic advantages of mobile access. 3r31241.  
3r31241.  
3r31179. The advantages of mobile access
3r31241.  
3r31135. It is cheaper 3r31136. Even if virtual identifiers cost money, they cannot be lost, broken, easier to administer. And if virtual identifiers are free, it’s catastrophically cheaper. 3r31241.  
3r31241.  
3r31135. It is safer [/b] , creating duplicate 125 KHz cards, both HID Proximity and EM-marine, a process that is not difficult even for my grandmother, my grandmother, of course, there is no interest in using the “holes” in your access control system, but since you install the system , you already know that there are interested. 3r31241.  
3r31241.  
In addition, unlike contactless cards, the smartphones themselves support multifactor authentication, biometric identification and other security features that were not dreamed of by contactless cards. 3r31241.  
3r31241.  
3r31135. It's easier 3r31136. administer. When an identifier is lost, broken, forgotten at home, someone has to solve this issue, and this someone, depending on the size of the enterprise, can spend quite a significant amount of paid time on it. 3r31241.  
The advantage of mobile access is that smartphones are less likely to lose, break and forget at home. 3r31241.  
3r31241.  
3r31135. It is more effective than 3r31136. , a significant reduction in practice when employees mark the arrival /departure for each other. In the states, the companies on this are 3r3183. lose $ 373 million r3r31257. according to 2017 data. No one thinks how many people we have, perhaps the breadth of the Russian soul does not allow, but judging by the love of memes like "this country cannot be defeated," I think no less than in the United States. 3r31241.  
3r31241.  
3r31135. It is more environmentally friendly [/b] Contactless cards are made of plastic, which will be decompose hundreds of years , and still need to consider that the production of plastic is not the most environmentally friendly technology. In the opinion of the UN, this reason alone is enough to refuse the use of plastic cards. 3r31241.  
3r31241.  
3r31135. It is more convenient [/b] . Access via a mobile device can be a quicker and more convenient procedure. For example, when traveling by car, Bluetooth Smart technology with an increased range of action allows you to open gates or barriers when a car approaches, and the driver does not have to lower the window of the car and reach the reader with a card. 3r31241.  
3r31241.  
3r31179. What is mobile access? 3r31180. 3r31241.  
Smartphone access means using the smartphone as an identifier. 3r31241.  
To do this, you need a smartphone based on iOS or Android with NFC or BLE support. Also, in almost all cases, you will need to install a mobile application that is downloaded for free from the Apple Store or Google Play, regardless of the vendor. 3r31241.  
3r31241.  
Smartphone access can be considered as a complete replacement or use of contactless RFID identifiers. Since all readers, in addition to being able to read the identifier from the smartphone, can read conventional RFID identifiers. 3r31241.  
3r31241.  
This can be convenient in some cases, for example: all regular employees walk on a smartphone, and plastic cards are used to issue guest passes. Well, no one forbids to tie a smartphone and a card to one person, but let's not forget that a smartphone can sometimes be discharged. 3r31241.  
3r31241.  
Access via a smartphone implies two technologies, at least one of which must correspond to readers supporting mobile access - NFC and BLE. 3r31241.  
3r31241.  
NFC 3r31257. (Near field communication) - close identification technology that supports HCE (Host Card Emulation) mobile technology 3r31241.  
BLE 3r31257. (Bluetooth Low Energy) - low power consumption technology 3r3231. Bluetooth 3r31257. . 3r31241.  
3r31241.  
Manufacturers of readers Parsec, Rusguard and PERCo, have in their arsenal only the NFC-module. Which, of course, is unfortunate, since it severely limits their use. 3r31241.  
3r31241.  
Nedap, HID Global, Suprema, ESMART, Salto, Sigur and ProxWay manufacturers have a full list of modules in their readers. 3r31241.  
3r31241.  
In addition, manufacturers understand that mobile access technologies do not come to the empty market, but to the market already filled with current card access control systems. Therefore, all with all the readers presented below, you can use classic contactless smart cards. First, it will be easier to organize a “transitional” period, i.e. You can not change all the readers to mobile at once, which can fly into the penny, and do it gradually, leaving for example most of it exclusively on the cards. 3r31241.  
3r31241.  
And secondly, there is always a unique person with Nokia 331? well, or maybe someone just wants to use the cards, why not - the world is diverse. 3r31241.  
3r31241.  
So, what else can you use besides the smartphone: 3r31241.  
3r31241.  
3r31139.  
3r31141. Contactless smart cards (mostly Mifare Classic, Mifare DESFire, Mifare Plus, iClass)
 
3r31141. Bank cards (Mastercard, Visa, World)
 
3r31141. Smartphones
 
3r31241.  
Depending on the vendor, the list of identifiers will vary, but smart cards support everything. 3r31241.  
3r31241.  
3r31179. Vendors offering solutions for mobile access in the Russian market 3r31180. 3r31241.  
3r31135. 1. Nedap [/b] 3r31241.  
At Nedap, work with guest passes is very conveniently organized; for guest access, a one-time bar or QR code is sent to him by e-mail, which is read from the smartphone screen. 3r31241.  
3r31241.  
Reader MACE Reader MM -
the price is 2?609 rubles
3r31241.  
Reader MACE Reader MM QR - the price is 3?634 rubles 3r31241.  
Reader MACE Smart - the price is 2?816 rubles 3r31241.  
Mobile application MACE App for Android and MACE App for iOS 3r31241.  
3r31241.  
3r31135. 2. Suprema [/b] 3r31241.  
Suprema readers are distinguished by a unique combination of identification methods, combining identification capabilities on a smartphone, biometric identification and identification using contactless cards in one device. From biometrics, Suprema supports fingerprint technology, and face recognition. 3r31241.  
3r31241.  
Street biometric terminals BioLite N2 - 3r3333315. price of ??? rubles
3r31241.  
ACS BioStation A2 biometric terminals - price ??? rubles 3r31257. 3r31241.  
ACS and BioStation L2 ACR terminals -
price of 5?629 rubles 3r31257. 3r31241.  
BioEntry P2 Biometric Reader Controllers -
price 3?241 rubles
3r31241.  
BioEntry W2 Fingerprint Readers - price of ??? rubles 3r31257. 3r31241.  
BioEntry R2 budget biometric reader -
the price is ??? rubles
3r31241.  
FaceStation 2 Biometric Terminals - the price is 8?230 rubles 3r31241.  
BioStation 2 Biometric Terminals - price ??? rubles 3r31241.  
Xpass D2 RFID Card Readers - 3r33333. The price is 1?811 rubles 3r31257. 3r31241.  
Xpass smart card readers - the price is 1?932 rubles 3r31241.  
Mobile application on Android Biostar 2 Mobile 3r31257. and
Biostar 2 Mobile 3r31257. for iOS. 3r31241.  
3r31241.  
3r31135. 3. Parsec 3r31136. 3r31241.  
Smart Card Reader PNR-P26 -
the price is 1?720 rubles 3r31257. 3r31241.  
Smart Card Reader PNR-P19 -
the price is 1?250 rubles
3r31241.  
Smart Card Reader PNR-P15 - 3r33333. the price is ??? rubles
3r31241.  
OEM Smart Card Reader PNR-P03E - the price is ?800 rubles 3r31241.  
Bank card reader PNR-P19.B - the price is ??? rubles 3r31241.  
Multi-format reader PNR-X19.B - the price is ??? rubles 3r31241.  
Android mobile application - Parsec Card Emulator 3r31241.  
3r31241.  
3r31135. 4. Rusgard [/b] 3r31241.  
Multi-format reader RDR-202-Multi-Key - the price is 1?000 rubles 3r31241.  
Desktop reader card Z-2 USB-MF-RG - 3r3405. the price is ?600 rubles
3r31241.  
Android mobile application - 3r31257. 3r33411. RusGuard Key 3r31241.  
3r31241.  
3r31135. 5. HID 3r31136.
 
The HID Global solution allows the smartphone to interact with iCLASS SE and multiCLASS SE readers in the near “Tap” mode (touch) or at a distance in the “Twist and Go” mode (rotation of the smartphone). The “Twist and Go” technology allows you to unlock the blocking devices only after the user rotates the smartphone 90 degrees, which eliminates accidental opening when using Bluetooth. 3r31241.  
3r31241.  
Active feedback in the form of vibration and sound signals when opening doors increases the convenience for the user. 3r31241.  
3r31241.  
Smart card reader iClass SE R10 - price ?281 rubles 3r31241.  
Reader smart card iClass SE R15 - 3r33333. the price is 1?241 rubles
3r31241.  
Smart card reader iClass SE R40 - the price is 1?241 rubles 3r31241.  
Smart card reader iClass SE R90 - price ??? ruble 3r31241.  
Smart card reader iClass SE RK40 - price ??? rubles 3r31257. 3r31241.  
MultiClass SE RP10 smart card reader -
price ??? rubles 3r31257. 3r31241.  
MultiClass SE RP15 smart card reader -
the price is 1?721 rubles
3r31241.  
MultiClass SE RP40 Smart Card Reader - the price is 1?721 rubles 3r31241.  
MultiClass SE RPK40 Smart Card Reader - price ??? rubles 3r31257. 3r31241.  
3r31241.  
For the prices of each HID reader, you must also add $ 75 for
Bluetooth module
It is shipped separately. 3r31241.  
3r31241.  
Mobile applications HID Mobile Access for Android and HID Mobile Access for iOS 3r31241.  
The application allows you to get on the smartphone access card through the administrator's portal. Then the user can use the phone as an access identifier. Appendix 3r33479. BLE Config App
allows you to change the reader configuration using the phone, update the firmware, receive and install the configuration, manage the templates. 3r31241.  
3r31241.  
3r31135. 6. ESMART 3r31136. 3r31241.  
Reader ESMART® Reader NEO - the price is 1?000 rubles 3r31241.  
Reader ESMART® Reader STONE - 3r3493. the price is 1?000 rubles
3r31241.  
ESMART® Reader OEM Reader - price of ??? rubles 3r31241.  
Mobile application on Android - ESMART® Access 3r31241.  
IOS mobile app - 3r3505. ESMART® Access
3r31241.  
The ESMART® Configurator mobile app (3-33509. Available on iOS 3r31257., On Android promise in December) 3r3-31241.  
3r31241.  
ESMART stands out for its rich configuration options: 3r31241.  
The types of identifiers read: 3r31241.  
3r31241.  
3r31139.  
3r31141. Reading UID
 
3r31141. Working with memory Mifare ID, Classic, Plus in SL1
 
3r31141. Working with Mifare Plus memory in SL3 mode 3r3-331308.  
3r31141. Physical and virtual identifiers ESMART® Access 3r3-331308.  
3r31241.  
For all Mifare cards, you can set the amount of data, the offset, the number of the read block, and the authorization key per sector (Crypto1 or AES128) 3r31241.  
3r31241.  
ESMART® Access is a technology of secure storage and transmission of physical and virtual identifiers, with banking-level security. 3r31241.  
Physical cards are built on a JCOP (Java) chip and use the ESMART-Access applet. 3r31241.  
An applet is a small application that allows you to extend the functionality of a regular identifier, subject to copying, to a copy-protected identifier. 3r31241.  
3r31241.  
ESMART® Access technology uses the following degrees of protection: 3r31241.  
3r31241.  
3r31139.  
3r31141. encryption 3r33557. AES
-128
 
3r31141. key diversification
 
3r31141. verification of CMAC data signatures 3r3-331308.  
3r31141. protection from 3r33568. Replay attacks
 
3r31241.  
The output interface format is Wiegand. You can specify an arbitrary number of data bytes, the use of parity bits off, and the sequence of output bytes. 3r31241.  
It is possible to customize the sound and light indication, with a choice of colors or the order of colors poured among themselves. 3r31241.  
3r31241.  
3r31135. 7. ProxWay [/b] 3r31241.  
Readers PW-Reader BLE - 3r33585. prices from 3549 rubles 3r31257. 3r31241.  
Mobile application PW Mobil ID for Android and PW Mobile ID for iOS 3r31241.  
Features: 3r31241.  
3r31241.  
3r31139.  
3r31141. Work on NFC and BLE
 
3r31141. Store up to 3 identifiers simultaneously 3r3-331308.  
3r31141. Intuitive interface: 2 buttons (Send ID to reader - “open” button and “gear” setting) 3-3331308.  
3r31141. Request a mobile identifier directly in the application - sending a request to the mail 3r3-331308.  
3r31141. Setting on /off the transfer of the identifier in the reader to enable the screen of the smartphone 3-3-31308.  
3r31141. Getting a mobile ID at the invitation of the administrator.
 
3r31141. The configurator for Android only is ProxWay Mobile Config
 
3r31241.  
3r31135. 8. Salto [/b] 3r31241.  
SALTO with smartphones is supported by the XS??? series. 3r31241.  
SALTO XS??? - 3r3333633. prices from 287 Euro
3r31241.  
Mobile app 3r3637. JustIN Mobile BLE
(only with Salto controllers)
 
3r31241.  
JustIN Mobile uses Bluetooth Low Energy (BLE) technology to securely transfer data between a smartphone and end devices. The encrypted key created in the SALTO access control software - ProAccess SPACE, is sent to the user's smartphone “Over the Air” - Over the Air - OTA. 3r31241.  
3r31241.  
The smartphone with the JustIN Mobile application and passed the registration and verification of the user receives and decrypts the mobile key, and after that the user simply touch the icon on the screen of the application on the smartphone to open the door. 3r31241.  
3r31241.  
3r31135. 9. PERCo 3r31136. 3r31241.  
PERCo equipment supporting work with smartphones:
 
3r31241.  
3r31139.  
3r31141. Reader MR07.1 - 3r3662. the price is ?723 rubles
 
3r31141. The control reader MR08 - 3r3667. the price is ?941 rubles
 
3r31141. Electronic KT02.7M - 3r3672. price ??? rubles
 
3r31141. Electronic KT05.7M (MA) - 3r37777. the price is ??? rubles
 
3r31141. Electronic KTC01.7M (MA) - 3r38282 through passage. the price is 1?910 rubles
 
3r31241.  
Work with smartphones as identifiers is supported in the software for access control - 3r3689. PERCo-Web
and 3r3691. PERCo-S-20
. 3r31241.  
3r31241.  
On the Android smartphone, the free application must be installed. PERCo. Access . As an identifier for smartphones with Android OS, a unique IMSI identifier is used - an individual subscriber number associated with the SIM card of the smartphone. 3r31241.  
3r31241.  
Apple smartphones (iOS) use the unique Token as an identifier, which is tied to one of the bank cards emulated on the smartphone. Before use in the access control system on a smartphone, it is necessary to activate this particular bank card. Unique Token is not a bank card number. For Apple smartphones, installing the PERCo application. Access is not required. 3r31241.  
3r31241.  
3r31135. 10. Sigur [/b] 3r31241.  
Reader Sigur MR1 BLE - the price is 1?000 rubles 3r31241.  
3r31241.  
Sigur, as well as most Russian developers, rolled out their reader to Securika back in 201? at the moment the reader Sigur MR1 BLE is available for order, and mobile applications are available for download. 3r31241.  
3r31241.  
In addition to smartphones, the reader works with contactless Mifare cards, series - Classic, DESFire, Plus - including in SL3 mode. 3r31241.  
3r31241.  
Just as identifiers, you can use regular bank cards (Mastercard, Visa, MIR) with contactless payment support. 3r31241.  
3r31241.  
Sigur is allocated free mobile identifiers, and the fact that the identifiers themselves automatically upon issuance are immediately entered into the ACS database and from there enter the controllers. Mobile applications Sigur Access for Android 3r3731. Sigur Access
for iOS. 3r31241.  
3r31241.  
An application for configuring readers Sigur Settings only for Android. 3r31241.  
3r31241.  
3r31179. Issuance of the identifier on the smartphone
3r31241.  
In order for you to have the opportunity to use a smartphone as a pass, the smartphone should have 3r31135. generated [/b] or issued 3r31136. a unique identifier, namely, it will be transmitted from the smartphone to the reader, and from the reader to the controller, and the controller, depending on the access settings, will either grant access or deny it. 3r31241.  
3r31241.  
3r31179. Issuing a virtual identifier
3r31241.  
In this case, the generation of a virtual identifier occurs in the manufacturer’s database. Further, the already generated identifier is issued to the user. The meaning of its use is that all identifiers are stored in the database of the manufacturer and cannot be issued twice. That is, a virtual identifier cannot be transferred, it can be activated only once, on one specific smartphone, in one specific mobile application. In addition, the manufacturer controls the uniqueness of the issued identifiers in order to avoid issuing the same identifier to different users. 3r31241.  
3r31241.  
One of the advantages of using virtual identifiers is that the user cannot see the identifier (numeric identifier code) in the application, which means that the identifier cannot be copied or transmitted. 3r31241.  
3r31241.  
Intercepting the identifier during transmission from the smartphone to the reader also does not work, because It is transmitted in encrypted form. 3r31241.  
3r31241.  
Depending on the vendor, dispensing is done in slightly different ways:
 
3r31241.  
3r31139.  
3r31141. Salto uses Over the Air (OTA) technology to transfer access to the smartphone, which allows you to safely transfer the virtual identifier to the user's smartphone in encrypted form.
 
3r31141. In other cases, the transfer of identifiers occurs directly to the user through the access control administrator. Thus, the ESMART brand is currently working.
 
3r31141. Nedap uses mobile verification and network transfer of identifiers to a smartphone, and also implements the issuance of a free Mace ID when registering a new user.
 
3r31141. HID Global has the admin software in its application arsenal. When the administrator receives virtual identifiers from the manufacturer, they are assigned to users and sent over the network via users' smartphones.
 
3r31241.  
In this case, the issue of a ready-made identifier to the user occurs, which should only be activated using a unique activation code. The application contacts the server and, after comparison, confirms that the activation code is free, after which the identifier is transmitted to the application. 3r31241.  
3r31241.  
3r31022. The cost of virtual identifiers
3r31241.  
The database of virtual identifiers is maintained on the manufacturer’s servers — this is probably one of the reasons why manufacturers charge for issuing an identifier. 3r31241.  
3r31241.  
3r31135. ESMART 3r31136. - Secure virtual identifier ESMART® Access:
 
3r31139.  
3r31141. 100 rubles (Perpetual) 3r3-31308.  
3r31141. 60 rubles (7 days) 3r3-331308.  
3r31141. 40 rubles (1 Day) 3r3–31308.  
3r31241.  
3r31135. ProxWay
3r31241.  
3r31139.  
65 rubles (Unlimited) 3r3-331308.  
3r31241.  
3r31135. Nedap [/b] 3r31241.  
3r31139.  
3r31141. Free Mace ID at registration
 
3r31141. 1.1 euro /year (you can issue an unlimited number of times if one person leaves, his identifier responds remotely and is given to another person. There is also an administrator portal system provided by the manufacturer for 399 euros per year. The identifier is issued on the principle of creating a user's personal account. This means that the user can see his ID from any device from which he logs into his personal account.
 
3r31241.  
3r31135. HID 3r31136. 3r31241.  
Prices are set until the end of January 2019. 3r31241.  
3r31241.  
3r31139.  
3r31141. Unlimited 9 dollars per piece.
 
3r31241.  
From February 2019: 3r31241.  
3r31241.  
3r31139.  
3r31141. Approximately $ 5 per year - one identifier for 5 devices on the basis of a license (following the example of antivirus software).
 
3r31141. The cloud admin portal is free and, as with Nedap, provided by the manufacturer.
 
3r31241.  
3r31135. Suprema [/b] 3r31241.  
The server for issuing identifiers to users is created by the administrator in place and maintained by him. There are several types of packages:
 
3r31241.  
3r31139.  
3r31141. up to 250 r3r31308.  
3r31141. from 250 to 500
 
3r31141. from 500 to 1000
 
3r31141. from 1000 and more.
 
3r31241.  
The average price specified by the manufacturer is $ 440 per 100 people indefinitely. 3r31241.  
3r31241.  
Suprema is in the making of its mobile solutions, so the price changes periodically. 3r31241.  
3r31241.  
3r31135. Salto [/b] 3r31241.  
The fee is charged for servicing the cloud at 2.1 Euro per year per user. 3r31241.  
3r31241.  
3r31135. Sigur [/b] 3r31241.  
Offers free, perpetual mobile ids, generated from smartphone data and Sigur software. 3r31241.  
3r31241.  
3r31179. Generating an identifier based on smartphone data 3r31180. 3r31241.  
Parsec and RusGuard use the method of generating a virtual identifier based on the unique 3r33333. IMEI 3r31257. smartphone This happens automatically when you install the corresponding mobile application. PERCo for this purpose uses 3r3393935. IMSI 3r31257. , respectively, without a SIM card or with a non-working identification will not work. 3r31241.  
3r31241.  
Further, the identifier must be manually or with the help of a reader entered into the database of the access control software. Next, it enters the controller. 3r31241.  
3r31241.  
The disadvantages of generating an identifier based on phone data include the ease of identifying a fake. IMEI 3r3393945. fake enough just
even for an inexperienced user. 3r31241.  
3r31241.  
IMSI 3r3951. faking a little harder
, will require the so-called multisim card . Also in this case, the SIM card can simply be transferred, inserted into another phone and passed identification. 3r31241.  
3r31241.  
And of course, don't forget about the different 3r3r9959. technical devices 3r31257. , thanks to which you can learn IMSI secretly from the user. 3r31241.  
3r31241.  
Well, and the saddest fact, your IMSI and IMEI, of course, are known to mobile operators, and therefore to all law enforcement agencies of all Russia. 3r33965. Examples 3r31257. sincere love between Russian companies and law enforcement agencies a lot. 3r31241.  
3r31241.  
Do you want to give the key to all the doors in your company to our law enforcement officers? The question, which at least is worth considering, before making a choice. 3r31241.  
3r31241.  
3r31022. The cost of the identifier generated on the basis of phone data
3r31241.  
So in this case, the manufacturer does not incur any costs for maintaining the database of identifiers, so obtaining identifiers for free. 3r31241.  
3r31241.  
But you need to realize that the access control system, with identifiers generated from the phone data, is a security hole the size of a granary gate. The question of the correctness of the production of products with such holes is probably a topic for a separate article, because we do deal with security systems. 3r31241.  
3r31241.  
3r31179. ID revocation 3r31180. 3r31241.  
There are two ways to revoke an identifier from a smartphone: 3r31241.  
3r31241.  
3r31139.  
3r31141. The response is made in the controller's ACS software, after which the user is no longer able to go to the object 3r-31308.  
3r31141. Recall online from the user's smartphone, through the access control software for the access control system
 
3r31241.  
3r31022. ID recall from the smartphone 3r31023. 3r31241.  
If the identifiers are stored in the cloud access control interface, and the administrator has the appropriate software, then the identifier can be removed remotely. This technology is based on the HID Mobile Access application. 3r31241.  
3r31241.  
Similar technology is also used by the HID, Nedap and Suprema brands. 3r31241.  
3r31241.  
In other cases, deleting an identifier from a smartphone is done by deleting the identifier in the application or deleting the application itself from the smartphone. 3r31241.  
3r31241.  
3r31022. Feedback identifiers from the controller ACS 3r31023. 3r31241.  
The identifier is withdrawn from the ACS controller manually using the “Dismiss the employee” function in the controller’s ACS software. Valid on all controllers. 3r31241.  
3r31241.  
Rusguard has in its arsenal an “Administrator” module in the mobile application, which allows it, among other things, to block and delete employees from the system remotely 3r31241.  
3r31241.  
3r31179. Issue guest IDs 3r31180. 3r31241.  
The advantages of mobile access for issuing guest passes are that for guests or employees working remotely, there is no need for a mandatory visit to the “pass office” to issue a guest pass. You can send it in advance, for example, by E-mail. 3r31241.  
3r31241.  
3r31135. Guest IDs are issued in different ways depending on the vendor: 3r31136. 3r31241.  
3r31241.  
3r31139.  
3r31141. Issuance of identifiers for a specific time (ESMART) 3r3-331308.  
3r31141. Issuance of one-time identifiers (HID, Suprema)
 
3r31141. Issuing a QR code (Nedap), a QR code is sent to E-mail, read from the phone screen. This option seems to me especially convenient. does not require installation of the application on the smartphone for identification, but there is also a minus - a QR code can be easily transferred.
 
3r31141. Issuing a perpetual identifier and then manually deleting it from the ACS system (all the others), is essentially no different from guest contactless cards that are issued in classic ACS 3r3-331308.  
3r31241.  
3r31179. Transfer the identifier to the controller ACS 3r31180. 3r31241.  
The administrator of the access control system can receive activation codes from the manufacturer in different ways:
 
3r31241.  
3r31073.  
3r31141. By e-mail, in the form of a .xlsx file with a password. This is what happens with ESMART and ProxWay.
 
3r31141. There is an Administrator's personal account provided by the manufacturer for a fee, like Nedap and Salto, or a free personal administrator account like a HID. 3r31241.  
3r31241.  
Cloud monitoring is performed via the administrator’s personal account provided by the manufacturer. It contains data on all issued identifiers with the possibility of their withdrawal and issue remotely.
 
3r31141. In other cases, the server is created and monitored by the Access Control Administrator himself as in Suprema, Parsec, RusGuard and Sigur.
 
3r31088. 3r31241.  
3r31179. What will happen when you change your smartphone? 3r31180. 3r31241.  
For any vendor, when changing or losing a smartphone, the identifier is lost, akin to losing or replacing the physical card, hence a new virtual identifier is required for the new smartphone, and if generated, a new identifier will be generated based on the smartphone data. 3r31241.  
3r31241.  
Due to the fact that the application online checks all previously issued identifiers, the issuance of the same identifier again is not possible - the application will generate an authentication error. 3r31241.  
3r31241.  
An application of any reader vendor is subject to a unique identifier rule, as a result of which identifier repetition should not be possible from a system security point of view. 3r31241.  
3r31241.  
3r31179. Data storage 3r31180. 3r31241.  
The issue with personal data is a hot topic, so let’s dwell on what and where is stored. 3r31241.  
3r31241.  
3r31135. Id only: 3r31136. Stored in two places (in this case, the identifier is just a unique long number):
 
3r31241.  
3r31139.  
3r31141. In the reader’s manufacturer’s database, it can be browser-based for client access or software, or it can be a local storage database that is not accessible from the outside. This item is for virtual identifiers only; identifiers generated from smartphone data are not stored in the manufacturer’s common database.
 
3r31141. In the application on the user's phone
 
3r31141. In memory of the controller of ACS
 
3r31241.  
3r31135. The holder's ID and name are stored: 3r31136. 3r31241.  
3r31139.  
3r31141. In the database of software that interacts with controllers ACS. The software is installed on a computer that is in the same network as the controller.
 
3r31241.  
3r31179. NFC or Bluetooth
3r31241.  
To transfer the identifier from the smartphone to the reader, NFC or Bluetooth communication interfaces are used. Let us examine in more detail what is the difference, and what can be the pros and cons in the context of the ACS objectives. 3r31241.  
3r31241.  
NFC is a near identification technology. The advantage is less energy consumption compared to Bluetooth, but NFC loses Bluetooth technology in range, NFC - range up to 7 cm, Bluetooth - range up to 20 meters, unpretentiousness to weather conditions and data transfer speeds. 3r31241.  
3r31241.  
But long range is not always dignity. NFC, due to its short reading range, eliminates problems when transmitting an identifier, while Bluetooth transmissions may encounter interference and signals from third-party devices using this radio frequency. 3r31241.  
3r31241.  
An important feature of using NFC technology is that the NFC module is not available on iOS devices, in contrast to Bluetooth, which is available for almost all mobile devices and is more universal. 3r31241.  
3r31241.  
Do not forget that the specifics of using Bluetooth also lies in the fact that it must be permanently enabled on the smartphone. Often there is a fear that this will quickly discharge the phone. The use of fourth-generation Bluetooth technology, or BLE (Bluetooth Low Energy), makes it possible not to sacrifice the phone's charge for using mobile access systems, since the transmitter is turned on only for sending data. 3r31241.  
3r31241.  
In addition, the specifics of using Bluetooth will be that if there are several readers in the identification zone, they all consider the identifier and unlock the blocking devices, unless otherwise is programmed in the access control controller, but most likely it will not. Complex work scenarios are supported by far not all access control systems. 3r31241.  
3r31241.  
Well, imagine a situation: you walk along the corridor and all the doors on your way are torn off, except that it looks like a choir, this, of course, completely contradicts the goals of the ACS. Most manufacturers allow you to adjust the range for each particular reader, which would be a good solution, because for a door, it can be one, a small distance, and for a barrier, on the contrary, and a maximum of 20 meters is quite a working configuration. 3r31241.  
3r31241.  
3r31179. Conclusions 3r31180. 3r31241.  
Access control systems that we know are already dead. But the industry seems to have not realized this yet. Mobile identifiers will become one of the key drivers of the paradigm shift for access control in the world, and in the world, in Russia. 3r31241.  
3r31241.  
Mobile devices have already replaced a lot of everyday objects in our lives. Moreover, the replacement occurs at a staggering rate. Six months ago I did not use the phone for shopping, and today I try to avoid places where it is impossible to pay for the purchase with a smartphone, and I succeed. Today, I pay about 99.9% of my personal purchases from a smartphone. The progress from 0 to 99.9% for half a year impressed me even when I realized this. 3r31241.  
3r31241.  
The arrival of mobile technology in the security industry will produce a bombshell. And it seems that many will be thrown out of the market by this blast wave. 3r31241.  
3r31241.  
HID, Suprema, and Nedap - traditionally presented excellent, and unparalleled solutions, traditionally for a lot of money.
 
3r31241.  
The strategy, which is chosen by Russian manufacturers of access control systems, is already visible. Of the Russian brands, only ESMART and ProxWay presented solutions comparable in technical implementation to foreign vendors. And there are ACS manufacturers, including those with a decent market share, who have not presented any solutions for mobile access at all, and, accordingly, not mentioned in this article. 3r31241.  
3r31241.  
And what is most interesting, neither ESMART nor ProxWay are leaders in the access control market. I would even say this newbies. 3r31241.  
3r31241.  
And mobile identifiers and biometrics are just the beginning. Another trend that can have a noticeable impact on the Russian market is the entry of the CCTV manufacturers into the market. HikVision introduced 3-3331207. a wide and sufficiently high-quality line of access control
. 3r31241.  
3r31241.  
And if you remember, and I remember about it every time someone pronounces the phrase “mysterious Russian soul”, that one of the most disgusting controllers for the ACS is 3r312313. The car C-2000-2
, is also the most popular controller, simply due to the popularity of fire-fighting fire-fighting systems. It turns out that video surveillance can be the same engine for the access control system from the manufacturers of video surveillance. 3r31241.  
3r31241.  
Another significant feature of contactless cards is that over its more than 30 year history, they have not gone beyond a local access control solution used mainly in companies. Individuals from the time of ancient Rome to the present use metal keys. 3r31241.  
3r31241.  
Using a smartphone may well be a solution for the retail market. Trite, but as a fan of Airbnb, I just got bogged down to agree on the time when the keys to the apartment I rented could be handed to me. How much easier would it be if I could put the app on my smartphone and quietly open the door during the entire rental period. In hotels, similar solutions may be more convenient than existing card solutions. 3r31241.  
3r31241.  
These are, in one way or another, other products, but the technologies are the same and, like in the video surveillance market, there are companies that offer solutions for different markets under different brands. So it can happen in access control. 3r31241.  
3r31241.  
It seems that many leaders of the Russian market of ACS instinctively seek salvation from the future in the past. They cling to the old experience, trying to extract from it what it has never been and could not be, since the Russian market for access control has never faced such changes. Probably, such a strategy will work for some time. 3r31241.  
3r31241.  
But many people do not mean everything, a couple of Russian companies ESMART and ProxWay presented quality products on the same level as their foreign counterparts. Sigur stands out with an interesting approach and seamless integration with its access control system. 3r31241.  
3r31241.  
All this gives us a good hope that soon only old-timers will be able to remember about EM-marine cards, along with perforated cards, cards with a bar code and cards with a magnetic stripe. 3r31241.  
3r31241.  
Another point worth mentioning is: identification devices, which we reviewed in detail in this article, are just one of the components of the access control system, and for your system to work perfectly (and for less we disagree), it is worth paying as much attention to choosing actuators , controllers and software. And of course, you should pay attention that the integration capabilities of modern access control systems are enormous - with security and fire systems, with video surveillance systems, with access to a computer, with elevator systems, and much more. So, do not forget to read before making your choice. our regular longrid by choice of access control.
3r31249. ! function (e) {function t (t, n) {if (! (n in e)) {for (var r, a = e.document, i = a.scripts, o = i.length; o-- ;) if (-1! == i[o].src.indexOf (t)) {r = i[o]; break} if (! r) {r = a.createElement ("script"), r.type = "text /jаvascript", r.async =! ? r.defer =! ? r.src = t, r.charset = "UTF-8"; var d = function () {var e = a.getElementsByTagName ("script")[0]; e.parentNode.insertBefore (r, e)}; "[object Opera]" == e.opera? a.addEventListener? a.addEventListener ("DOMContentLoaded", d,! 1): e.attachEvent ("onload", d ): d ()}}} t ("//mediator.mail.ru/script/2820404/"""_mediator") () (); 3r31250.
3r31255. Only registered users can participate in the survey. 3r31256. Sign in 3r31257. , you are welcome. 3r31258.
3r31261.
3r31263.
3r31265. What physical access technology will you choose?
3r31271.
3r31273.
3r31275.
3r31277.
3r31319.
Access via smartphone
3r31319.
Biometrics
3r31317. 15 users have voted. Abstained 3 users.
+ 0 -

Add comment