“Swipe from the best, then adapt”
A quote from the author of In Search of Excellence, Tom Peters.
Today in physical access control we’ve reached a point where we’re doing just that- swiping and adapting. Every great piece of technology was most likely adapted from another. The automobile was adapted from the horse and buggy, from the loom we got the sewing machine, and from the invention of key cards and mag-stripes we now have mobile credentials. Thus, is the way of progress, as adaptation is the birthplace of innovation and life-changing inventions. As the physical security space progresses, there will be a few challenges to address along the way however, this is something that is only natural in the cycle of innovation and change. Our Founder and CEO, Phil Dumas, discusses this topic in greater detail in his latest post.
By 2021, experts predict that roughly 44 million mobile credentials will be downloaded and used to unlock home and office doors across the globe. However, these numbers don’t take into consideration all the other mobile credentials we use on a daily basis. It’s easy to make your way through theme park turnstiles or general admission at a concert without realizing you just used a form of mobile access control. In fact, the average person most likely uses one to two mobile credentials a week (at the very least) in ways that are more subtle than a smart lock powered key. Below is a list of four overlooked mobile tokens many of us have used before:
Theme Parks
By far the most unnerving experience at theme parks has got to be the ticketing line. If you have ever been to a theme park before the development of smartphone technology, you know exactly what this is referring to. Thankfully, we’re now living in 2018 where mobile ticketing, or eTicketing, has become a solution theme parks like Disney and Universal have implemented into their admissions system to make the ticketing process a lot smoother and significantly less trying. For example, Disney and Universal offer their guests a mobile app where they may go in and purchase theme park tickets. What were once paper tickets, which almost always needed to be printed or physically handed off at a ticket booth, are now QR codes that are ready to scan the moment guests purchase the tickets.
Concerts, Sporting Events, and Plays
One of the biggest ways we all have used mobile credentials is through third-party/online ticketing powerhouses like TicketMaster and StubHub. These sites were created in the same vein of Disney and Universal’s mobile/eTicketing solutions and offer users the ability to obtain tickets to shows online, which are then sent to consumers via an email with an embedded QR or barcode. Now sports fans, theatre lovers, and concert-goers can enjoy the ease of purchasing digital tickets and can focus more of their attention on what really matters: the event.
Airports
Another way a majority of us have used mobile credentials is through electronic boarding passes. Back in 2007, the TSA started to allow travelers to use e-passes instead of physical tickets. Ever since the release of this mobile innovation, over 102 airports have implemented e-pass scanners into their check-in and boarding process and almost 1 billion people have used the more convenient mobile boarding pass. It’s expected that by 2019, over 1.5 billion travelers will be using e-passes over their paper counterparts.
eWallet Apps
If you’ve ever used Apple, Samsung, or Android Pay, then you have used a form of mobile credentials. These apps digitize your credit cards and communicate through Bluetooth Low Energy (BLE) and Near Field Communication (NFC). Stores either install BLE and NFC-enabled POS systems or they rely on NFC beacons to transmit the embedded data from our phones to the checkout counter. Wallet apps like the ones listed above, as well as Venmo and Paypal are expected to account for 503 billion dollars of global purchases by 2020.
Connect the Digital and Physical Worlds
Mobile credentials are taking many different forms in our everyday lives. Several have reached a point where they are speeding up, or completely eliminating some of the most tedious tasks we’ve had to do in the past. As mobile credentials become a more widely adopted solution, more companies are taking notice and partnering with platform companies like UniKey to build a mobile solution for their goods and services. At UniKey, our products and solutions are motivated by our goal of building seamless and smarter access for our homes, offices, and cars that can keep up with digital consumers and innovators. To learn more about mobile credentials and simplifying the way the world accesses everything, visit unikey.com.
Since the development of new communication standards like Bluetooth Low Energy (BLE) and Near Field Communication (NFC), there’s been a lot of debate throughout the physical access control space on which one delivers the most bang for your buck. Additionally, with long-standing protocols like Radio Frequency Identification (RFID), the discussion then leads into a “if it’s not broken, why fix it?” kind of dialogue. While RFID has great use cases for applications such as inventory management and theft prevention, the 70 year old technology is becoming a limited communication protocol for the physical security space. Below we dive into the key differences between BLE, NFC, and RFID communication protocols and how they impact the overall security of physical access control technology.
First off, due to the industry’s long standing use of RFID, hackers and other bad actors have had plenty of time to identify the holes in the system. Moreover, several devices have been produced since RFID entered the physical access control space that make it simple for hackers to breach a system in as little as 30 seconds. These systems are being sold on sites like eBay at a low-cost; making it easy for anyone to intercept the data being communicated between key cards and your average 125KHz RFID powered system. Since awareness of RFID system vulnerabilities were brought to the security industry’s attention, efforts have been made to ameliorate the issues. However, according to Francis Brown, managing partner at security firm Bishop Fox, “despite increased efforts and progress made by some companies in recent years to upgrade to more secure contactless card systems, the large majority of physical access control systems out there are still legacy 125KHz proximity card deployments”.
Additionally, the credentials that are powered by RFID are (more often than not) hard credentials, making them easier to lose, steal, or copy. This is where using RFID’s successor, NFC, can improve on a system’s security, since it utilizes soft credentials like digital keys to distribute access. The caveat with NFC is that although these system’s soft credentials make it more secure, the communication protocol is still derived from RFID. As such, NFC communicates in a similar fashion to its predecessor; offering two-way communication between NFC enabled devices and their corresponding devices through HF (High Frequency) RFID. Ultimately, the communication protocol still holds the same kind of risks, unless companies utilize secure NFC channels with rich encryption to ensure that data is transmitted with full integrity.
BLE based systems also have the advantage of utilizing soft credentials like digital keys to facilitate tighter security. However, the key difference between both RFID and NFC with BLE is the communication process. Where RFID and NFC uses radio frequency to communicate, BLE utilizes outbound signals to find and communicate with other Bluetooth enabled devices. While the utilization of signals may sound like it could open BLE communication up to the same vulnerabilities found in RFID and NFC, the key difference lies within a systems approach to securing the transmission of the data.
For example, UniKey’s platform uses a heavily encrypted mobile application to communicate with an equally encrypted, BLE enabled, smart reader. While the mobile application is always broadcasting a signal, the reader remains idle; waiting for a user to touch it and trigger its search for a compatible, BLE enabled device such as the smartphone and its mobile application. The reader then 1) scans to see if the compatible device is within range of it and 2) holds proper credentials. All data that is passed from the phone to the reader is heavily encrypted, allowing for secure transmission and smarter access. Moreover, since native BLE security harbors several possible weaknesses and exploits, UniKey’s platform does not rely on it to hold down the fort. Instead, BLE is solely used as a point to point communication channel, and is undergirded by UniKey’s own crypto protocol. It also gives platform customers the ability to share keys among system users without requiring device pairing for every user. Notably, this is something native BLE security would require.
Overall, no matter the communication standard a security system uses, the level of security it can provide consumers is in the hands of the company that produced it. At UniKey, our mission is to provide our partners and the world with the most secure mobile access control solutions technology can offer. To learn more about how UniKey uses BLE to empower our solutions and partners, visit unikey.com.
In our last blog post, we took an in-depth look at the hardware and embedded processes behind Mohammad’s SmartCabinet. “When I started the project, my deadline was the senior design fair, roughly 5 months out. Looking at the scope of work and time it would take to put it all together, I thought the project was going to be impossible, at least in that small frame of time. UniKey’s platform expedited the process though, making it possible for me to meet that deadline.”
When we sat down with Mohammad one of the first questions we asked him was: What did you feel was the biggest pain point throughout the entire project? Naturally, “bringing the cabinet online” was his response. This problem, which was nearly identical to what UniKey had to overcome with the deadbolt, was a perfect match for the company’s mobile key platform. The hardware, as we alluded to in the previous How it’s Made post, was just half of what Hammad had to tackle on the road to bringing his product online. As with any connected device, functionality and user experience is also wildly contingent on the product’s firmware, software, and mobile applications.
The Software & Mobile Applications
In order to bring his SmartCabinet online, Hammad first had to build his mobile app. Utilizing UniKey’s mobile SDK and support, Hammad fashioned a custom Android app, powered by UniKey for all BLE communication and security protocols. To enable mobile access control, Hammad had to connect his mobile application with the hardware we mentioned in the previous post. “The entire security protocol and BLE processes are supported by UniKey’s platform and SDK, ensuring we’d feature a robust and trusted security architecture. This allowed me to have an accredited security protocol and the ability to focus on the features that are unique to my product”, Hammad adds.
Moreover, Hammad explained that UniKey’s app interfaced perfectly with all of the functions he wanted to feature on the SmartCabinet, including Touch-to-Open® and Inside/Outside Intelligence®. The software and mobile apps created through UniKey’s SDKs were also flexible enough to include a log of the cabinet’s weight-sensor, along with other unique functions. This was an added touch Hammad wanted in his product in order to allow users to see a real-time log of their belongings which are being tracked in the cabinet; granting them a stronger peace of mind in seeing the contents untouched. Additionally, similar to UniKey’s smart locks, users of the SmartCabinet are able to send eKeys from its mobile app. It also offers them the same level of control over the device as the app displays the cabinet’s lock status. Together, with Hammad’s vision, hard work, and some help from UniKey’s components, users are given a sophisticated, connected experience.
Putting the Pieces Together
“Producing the SmartCabinet took me several weeks of dedicated time and labor, but I’m incredibly happy with the results”, states Hammad. Having seen and even tried out this mobile key enabled SmartCabinet, we can add that the product is anything but a commonday piece of storage. It’s also a direct example of what anyone can do with UniKey’s mobile key platform. Roughly five months ago, Hammad’s cabinet was just a dormant piece of storage. Today it’s an automated, intelligent safe that can be observed in real-time and enable the same smart, passive features UniKey enabled locks and readers are known for. To read the last two posts on Hammad’s SmartCabinet, or to learn more about UniKey’s platform visit unikey.com
A few weeks ago we sat down with Mohammad Hammad, our test engineering intern turned full-time engineer at UniKey Technologies. Mohammad filled us in on all the aspects of how rigorous and time consuming a senior design project for UCF’s College of Engineering and Computer Science can be. The weeks leading up to the final Smart Cabinetry project, Mohammad worked relentlessly, spending many late nights in UniKey’s hardware lab to put the final pieces of his project together. However, “UniKey’s mobile access control platform made it much easier to implement the BLE communication/authentication and gave me the ability to focus more on the overall functionality of the product,” he stated. Designed to be a simple and straightforward process through the utilization of sophisticated SDKs and hardware reference designs, Hammad was able to bring his smart cabinet to life within 5 months time. Below we break down the pieces of UniKey’s platform that helped him make it happen.
The Hardware
When you think of a cabinet, generally the first image that pops into your head is a kitchen cabinet. Naturally, “it was the most common design for cabinetry and we wanted our product to be designed for common use. We pictured it being used for medicine cabinets, pantries, liquor cabinets, and home office setups.” Whether it would be used to keep hazardous products away from children or to simply protect confidential documents, certificates, or records, Hammad wanted a design that could be suitable for multiple purposes. Diving more into the nitty gritty parts of the hardware, in order to create a mobile access control cabinet with an automated opening/closing feature, Hammad built his own locking mechanism. The lock is powered by a M995 servo to give it the kind of torque needed to open the cabinet door.
As the project was sponsored by UniKey, Hammad inherently wanted to utilize one of the company’s greatest assets: Touch-to-Open® Technology. TTO packs a powerful user experience as it not only supplies the convenient touch to unlock feature, but it is also fortified by Inside/Outside Intelligence® that authenticates the location of a user’s location upon their interaction with the lock. TTO, however, proved to be a challenge for this project as it’s something that had only been rendered on smart locks and readers. To supply the cabinet with this level of functionality, Hammad built a touch-pad sensor and housed it within the cabinet to maintain its outer aesthetic. The sensor uses a cap touch circuit that’s triggered by a user’s touch, initiating Touch-to-Open® and a frictionless experience for cabinetry.
For the embedded portion of the project, Hammad used a Printed Circuit Board (PCB) to serve as the hub for microcontrollers which run the system, the coprocessor and host. The coprocessor was modeled after UniKey’s PBU (Powered by UniKey Module) reference design and handled the BLE communication for the PCB. The host simply needed to communicate with the coprocessor and control the hardware peripherals. To enable the mobile applications for the smart cabinetry, Hammad leveraged UniKey’s coprocessor firmware that handled the security processes and BLE communication between the phone and cabinet. Due to the design of the cabinet, an external BLE antenna was required. With guidance from some of UniKey’s expert team members and reference design, an antenna was built that could handle the communication protocol. This was done by using a copper plate and wire to create a “patch antenna”, which was then plugged into the PCB, and routed to the coprocessor to amplify the BLE signal.
Just the Half of It
In this post we focused on half of the components and thought processes that went into the cabinet’s hardware and its corresponding embedded technology. “When I first came up with the idea to make a smart lock-enabled cabinet, I was inspired by all the technology I got to work with at UniKey on a day to day basis. The project was definitely a challenge but it was made feasible by UniKey’s platform and its straightforward APIs, SDKs, and hardware reference designs”. In the upcoming weeks we’ll sit down with Mohammad once more to hear about the the software and mobile applications that were used to power the SmartCabinet’s user experience. Until then, you can learn more about the SmartCabinet and UniKey’s platform by visiting unikey.com.
The Ideation
One of UniKey’s greatest assets is its employment of some of the most talented students at the University of Central Florida. While working as a test engineering intern at UniKey, Mohammad Hammad, was also wrapping up his last year of UCF’s Engineering and Computer Science (CECS) Program. This is the year a lot of our team members, who are also UCF CECS alumni, remember very well as it’s one of the most demanding years in the program. Why is that? Because this is the year seniors of the program must design and execute the infamous senior design project.
Instead of letting the project keep him from sleeping at night, Mohammad immediately began to work on it. With the help of UniKey’s mobile key platform he was able to develop his “Smart Cabinetry;” a new take on the way we store our valuables. When asked about what initially spurred the idea for his project, Mohammad stated, “I wanted to make a more convenient way to secure your belongings in your own home, since most safes, cabinets, and other mechanisms for safekeeping have always seemed to work against their users – making it a task to access their assets”. To make a system that could simplify the everyday safe, Mohammad utilized UniKey’s mobile app SDK and PbU (Powered by UniKey) module to integrate mobile access control technology into a traditional cabinet lock. “The timing could not have been more perfect, actually. I knew the PbU module was set to be released around the beginning of the semester and that it would make my project easier to develop,” he adds.
The Product
Mohammad also took this specific mobile access control based project on because he wanted to add value, not only to his project, but to UniKey as well. Leveraging several pieces of UniKey’s platform, Mohammad aimed to create a differentiated piece of technology for his project. Additionally he was looking for a way to show individuals everywhere how simple it is to use UniKey solutions to build mobile key products. “I had previous experience testing UniKey’s products, but never had a the chance to really go through the entire building and development process. Even then though, it was easy to use thanks to the provided documentation for each of the platform’s pieces.” As one person, Mohammed was able to have his smart cabinetry product perfected and ready to use in 6 months; 3 months of which were for the design, documentation, and prototyping of the project.
The Final Result
The final result of Mohammed’s senior design project was a fully automated “smart cabinet”, capable of supporting mobile access control and of course, a more convenient way to secure your personal belongings. The Smart Cabinetry also has the ability to track the location of the objects you wish to keep secure, giving users a means to monitor their items in real-time through the implementation of pressure trackers. “It also features automatic door controls and remote control capability,” Mohammad adds. To learn more about how simple it is to integrate UniKey’s platform into any traditional lock, reader, or pincode, keep an eye out for the upcoming editions of our “How it’s Made” blog series where we gain a more in-depth look at how Smart Cabinetry was made. In the meantime, visit unikey.com.
As a majority of you already know, last week’s ISC West was a big success with over 30,000+ security professionals making their way to the Sands Expo for a look at the latest security trends and technology. UniKey was lucky enough to have a few members of our Senior Leadership team attend the show and come back with some insights on the trade show. We sat down with, Roy Johnson, our VP of Strategic Accounts to hear his thoughts.
What trends stuck out to you?
Roy: The idea of the mobile credential is starting to mature and gain adoption. There was a lot of interest in the technology last year but this year we’re seeing a shift in adoption beyond just the early adopters and first movers. This is starting with crossover reader products that can process both mobile and legacy card credentials. I expect us to quickly see a shift to readers that abandon legacy card technology entirely.
How can these trends be applied to UniKey’s platform?
Roy: These trends are at the center of what UniKey does, clearly. However, what sets us apart is that our platform and IP portfolio were built from the ground up to achieve a user experience that is more convenient than a standard access card or fob. To truly realize proliferation of the mobile credential it has to be better than what we have now. In some cases, it’s way more complicated to use a mobile credential with some offerings than a standard card. Opening a door with your phone is interesting. Opening a door with a phone that you never have to interact with or remove from your pocket is actually easier and more convenient than standard cards.
What do you think the trends will be at next year’s ISC West?
Roy: We will see more collaboration and partnerships in the space. Keeping mobile apps up to date, managing complex backend server infrastructures and service level agreements is miles away from the core business expertise of most reader OEMs. Beyond that, the mobile credential really transcends the PACS industry in the long run. These credentials are being used to open the doors to homes, automobiles, hotels, and of course the office. The opportunities for innovation when all of these doors are connected and the data that provides from an ecosystem point of view is a game changer. That will be the foundation for truly intelligent and adaptive security that doesn’t inconvenience the people that should have access to an area while keeping others out.
What do you think differentiates UniKey from other companies you saw at the show?
Roy: Experience. UniKey is the largest mobile credential platform in the world with over 350,000 locks powered by us across 65 countries. We are experts when it comes to mobile credentials and the technologies surrounding them, it is our sole focus. More importantly, we recognize the immense value that our partners bring to the table in the form of manufacturing, distribution, and domain expertise for their vertical. When you work with UniKey to put a mobile credential in your product, you are working with a true partner. That is something we believe very strongly in.
Roy couldn’t have said it better. Working with our partners, Unikey aims to provide the very best in mobile access control solutions. To learn more about our platform and how you can work with us, visit unikey.com.
Next week thousands of security companies and experts will be making their way to Las Vegas’ Sands Expo for ISC West 2018. At last year’s ISC West all eyes were on video surveillance and biometrics, however, this year several different security technologies will compete for showgoers’ attention. Below, we have a list of just a few of the key access control technologies that will reign at this year’s show.
Internet of Things
The adoption rate for IoT technology has grown significantly since 2013 when it was reported to be an important factor for only 12% of organizations across all industries. Today that number stands at almost 30%. Industries, organizations, and entrepreneurs all over the world are finding ways to build on the IoT and its remarkable ecosystem in order to gain better insights on their customers that can help fine-tune unique customer experiences for each user. Additionally, IoT For All writes that when “your security measures are paired with IoT-enabled devices that bolster interconnectivity, you will have almost unlimited access to a digital trail of security events.” This kind of data holds the potential to give companies and users a better understanding of who and when individuals are accessing connected entry-points; giving them more control over their system. With that being said, security professionals can expect quite a few ISC sessions that will delve more into how the industry can utilize IoT and cloud-based access control solutions in order to create smarter, more intuitive products and more productive office spaces.
Biometrics
This year, biometrics will be making a reappearance at ISC West with many organizations showcasing facial recognition and fingerprint technology. However, this year’s biometric systems seem to be implementing more frameworks constructed on neural networks to boost the efficiency of visual data processing. As the name suggests, neural networks are more or less modeled after the human brain, and consist of “thousands or even millions of simple processing nodes that are densely interconnected.” Neural networks are also able to function in similar ways to the human brain, in that they’re able to process information in a similar fashion; something that can be used in object recognition systems such as facial or eye (retina and iris) recognition and even signature verification.
Video Surveillance
Yet another piece of access control technology that’s no stranger to the ISC spotlight, video surveillance, is expected to be another major focal point of the show for the second year in a row. Video surveillance systems are getting smarter through the use of video analytics which utilize machine learning methods like deep learning, artificial intelligence, and cognitive learning (like neural networks) and as they get more sophisticated, they’re able to be stronger threat detectors and data gatherers. Erin Harrington of SSI adds that “today’s cameras can track and analyze motion, sound, colors and even temperatures. They can recognize people, packages, pets, fire and specific activities like falling and breathing.” With all of its capabilities, video surveillance is generating more interest from security experts because of its daily opportunity to gather and process a massive amount of rich visual data. In the future, this data could be used as a foundation for predictive security systems.
Mobile
The final piece of security technology that will be a must-see at this year’s ISC West is mobile key technology. Mobile credentials have been a hot topic of discussion ever since the release of the very first smart lock, the Kwikset Kevo. While mobile keys are arguably one of the most secure and convenient forms of credentials, they’re also one of the most versatile. Mobile access control technology can be applied to all of the above security trends, giving several organizations and their products the ability to enhance their key offerings and features. For instance, using a mobile connected surveillance system, users can keep an eye out for potential threats from any remote location. Coupling this with mobile keys and their remote locking and unlocking abilities you get a similar system to Amazon Key, and a more protected front door. Additionally, adding mobile access control to biometrics could give systems an added layer of security and additional functionality. Take Samsung Pass and Apple Pay’s Face ID for example, where users can securely pay and/or verify their identity with their eyes and face; creating a more seamless and secure cashout process. With mobile access control, a smarter, connected security ecosystem is within reach.
Meet with UniKey at ISC West 2018
As you prepare for ISC West, we encourage you to schedule a meeting with UniKey’s Founder and CEO, Phil Dumas, and our team to find out how UniKey’s leading mobile access control platform can work with your legacy products. To find out more, visit https://unikey.com/isc-west-2018.
