Tech Tips: Electronic Access Control Options

Sept. 8, 2023

For locksmiths who have been in security for a while, the pallet of solutions has never been larger even as the level of challenges continues to increase exponentially.

My own experiences in electronic access control (EAC) began as a technician and then later production manager for one of the pioneering companies in access control, and my activities included designing custom features into our own products and systems for the industrial, government, military and commercial sectors.

I went on to consult and install EAC, and sure enough, I continued to find myself designing custom features for existing and new systems for a wide variety of clients.

Back then it was the Wild West. When a client requested a feature or function that was not available from an EAC company, I did my best to source those components from non-mainstream outlets. Fortunately, there were plenty of companies that specialized in unique and custom products to meet the clients’ demands.

When assessing today’s market, I realized that what we installed reflected what the project required, which spanned the entire range of technologies, not just the most recently introduced product.

There have long been security and functionality issues with Wiegand. Since Wiegand sends data from the reader to controller without encryption or authentication, the data can easily be skimmed from outside a door. A hacker can use this data to access a facility or deny access to authorized personnel; stolen data may be cloned and sold. Even readers with advanced technology may be at risk, since Wiegand’s vulnerability is not in the credential or the reader itself, but in the unencrypted data connection between the reader and the controller.

Open Supervised Device Protocol (OSDP) was originally developed by HID Global, Mercury Security, and Lenel when customers wanted readers with new features to interface with evolving control panels. OSDP v2 with Secure Channel is a true protocol with encryption and authentication for robust security. OSDP meets federal access control requirements, such as PKI for FICAM.

OSDP was designed to be a simple, interoperable, cost-effective replacement for Wiegand. Interoperability allows mixing and matching of devices to best meet each application’s needs without vendor lock-in.

While the importance of physical locks and keys is the bedrock of physical security, we now can also protect the more esoteric elements, which cannot always be protected behind locked doors and physical barriers.  We are expected to protect not only “things,” but also people, data, and societal constructs.

It should be noted that the term “key,” which formerly referred to a metal thing that operated the tumblers in a mechanical lock, has taken on other meanings in security nomenclature. In the realm of encryption protocols, a key is a group of random characters in a particular order. Encryption protocols use a key to alter data so that it's scrambled, and so that anyone without the key can't decode the information.

The technologies, current events and business environment have driven consolidation, and interoperability, which in this context refers to integration for products and functions.

The traditional thresholds between physical security devices, hard-wired network systems, wireless and low energy protocols have been mitigated to result in relatively seamless interoperability.

The hardware is pretty much the same between access control brands. The software/firmware for each product is the differentiator. Early EAC equipment printed circuit boards (PCBs) were custom manufactured in the limited quantities required, and often actually and-wired.

Supply-side companies have learned to partner, and the security installation industry is partnering with them. Among the many innovative companies and new technologies which transitioned from trends into new realities, here is a small sampling.

Essex iRox™ Series Smart Card Readers

ESSEX manufactures keypads, station controls and card readers. Their products use stainless steel faceplates, epoxy encapsulation, piezo and LED technologies and are attractive, reliable, and well-suited for custom applications.

iRox™ is a heavy-duty smart card reader. iRox readers feature stainless steel construction, epoxy encapsulated electronics, audiovisual feedback and a low profile, vandal and ligature-resistant design.

The new iRox™ incorporates OSDP and support for HID Mobile Access® solutions including employee badge in Apple Wallet®.

The Essex Electronics iRox-T™ turnstile reader is a multi-frequency, multi-technology, low-profile reader designed to solve concealment challenges and enable streamlined upgrades to higher-security turnstile applications. It provides maximum read range and supports numerous low-frequency and high-frequency smartcards, including HID’s Seos® breakthrough credential technology for advanced security and HID Mobile Access® solutions.

Until foreign entities had enough time to reverse engineer, steal technologies, build their own factories, companies such a HID dominated the reader and credential market.

HID continues to thrive by constantly innovating new hardware and software solutions.

More info: https://www.hidglobal.com/solutions/hid-mobile-access-solutions

HID® Mercury™ MR52-S3B Doro Control Interface

The MR52 Series 3 is the latest generation door interface module for HID Mercury intelligent controllers. The HID Mercury MR Series 3 Serial Input/Output (SIO) modules enable system expansion of HID Mercury intelligent controllers as part of HID Mercury’s distributed architecture. The enhanced modules offer an improved processor and increased memory, plus features a secure crypto engine providing a secured layer of encryption to onboard sensitive data. Built on the HID Mercury open platform, Series 3 modules provide the necessary flexibility for OEMs, channel partners and end customers to choose the controller configuration that best fits their needs.

The MR52 Series 3 is a card reader interface panel with on-board flexibility to connect a wide range of security devices. The MR52 is easy to install and provides the required I/O for interfacing two card readers, eight general-purpose input monitor points and six control relays to any HID Mercury series intelligent controller.

With two-wire RS-485 connectivity, the MR52’s two reader ports support OSDP, OSDP Secure Channel, FICAM government profiles, keypads, biometric readers, Wiegand, clock and data, magnetic stripe, F/2F and supervised F/2F reader technologies.

System configuration and setup are provided through HID Mercury OEM partner software applications.

More info: www.hidglobal.com

Cypress Wireless Readers and Extenders

Cypress Integration Solutions specializes in unique and secure communication solutions for physical and logical access control. Products include wireless readers, reader extenders, expansion modules, time displays, barcode scanners, Wiegand splitters and OSDP products.

Cypress Wireless Handheld Readers verify credentials by wirelessly communicating with a live database through the reader’s base unit. Select models of the Wireless Handheld Reader also control a relay function such as opening a door or gates, or triggering a duress alarm.

Until now, configuring OSDP readers in the field was challenging, since no universal method existed. The pocket-sized OTT-2100 simplifies OSDP reader installations, since it works with most manufacturers’ OSDP readers, making it a vital part of every access control installer’s toolbox.

The standalone COMSET Tool handles the most common OSDP reader configuration settings. Configure readers in the field independently from the access controller, monitor the OSDP connection, and diagnose specific problems to simplify troubleshooting.

As an installation tool, use the OTT-2100’s COMSET Mode to quickly and easily configure the device address and communication baud rate of OSDP readers and other peripheral devices, even if the current configuration is not known. Use DIP switches for the desired settings. Connect the tool to an OSDP reader, and the OTT-2100 will automatically communicate with, and configure the reader. 

As a diagnostic tool, use the OTT-2100’s Listening Mode to check the state of OSDP communication between the reader and controller. 

The Wireless Suprex Reader-Extender is widely known for enabling installations beyond the Wiegand 500-foot limit, especially across parking lots, railroad tracks, in distant buildings or when installing at sites which should not be disturbed, e.g., buildings with asbestos or historical significance.

More info: www.cypressintegration.com

About the Author

Tim O'Leary

Tim O'Leary is a security consultant, trainer and technician who has also been writing articles on all areas of locksmithing & physical security for many years.