electronic access control

Don’t let a secret tunnel topple your castle. OSDP encryption is crucial to your commercial security.

By Neal Bellamy, IT Director at Kenton Brothers

Open Supervised Device Protocol - OSDPAs in all security, it only takes one weak link to bring the whole castle down. You can have the best moat, the best turrets, and the best drawbridge. But if there was a secret, unguarded passage and the enemy discovered it, it could certainly lead to your demise. In the commercial access control world, the Weigand Protocol is that un-guarded secret passage.

The Weigand Protocol

The Weigand protocol has been used since the 1980s and is named after the Weigand Effect. The Weigand protocol is used to detect the 1’s and 0’s sent from a commercial security reader to the access control panel. (To be clear, there are two separate transmissions that happen when you present a card to a reader.)

The first communication is from the card to the reader itself. This transmission can be protected by the card technology being used. Both the card and the reader have to have the same technology to be compatible. iClass®, Mifare®, and Felica® are examples of card technology where the transmission is encrypted between the card and reader. Proximity is another type of card technology, but the transmission is not encrypted

The second transmission is from the reader to the door controller. With very few exceptions, the Weigand protocol has been the method to support this transmission. If you have an encrypted card technology (and you should) it’s like encoding a message with the Enigma machine, then translating back to plain German and sending the un-encrypted message on horseback to its next location. If the courier gets intercepted while the message is unencrypted… all of that amazing security of the message has been wasted. If someone could change the message without you knowing, you might even make the wrong decision. You might think this is CIA/MI5 material, but it is way more accessible than you think.

Enter the $25 Weigand interface.

Weigand InterfaceIf you look online, you can find a board that can be installed between a reader and control panel that will intercept and log every access card being used. The board is smaller than a poker chip and can be installed behind a reader pretty easily. Once installed, it is powered by the door controller and is completely invisible to the reader and access control system. The attacker can leave it in place for a few days or a few weeks, while it collects every card read. Then, when they are ready, they can retrieve the list of cards from the built-in Wi-Fi interface. If the attacker only needs access to get into that single door, they can even “replay” the card number from the Weigand interface back to the door controller, probably granting access. If they need access to multiple doors, they could use the information to recreate identical cards to the ones you are using.

Placing one of these Weigand interfaces at the front door of a facility could be devastating for your building security.

OSDP = Open Supervised Device Protocol

There is hope. The answer is to also encrypt communication from the reader to the panel.

Open Supervised Device Protocol (OSDP) aims to do this and more. OSDP has been an international standard since 2020 and is all about encrypted communications. It also adds bi-directional communication with readers (know when readers are offline/disconnected), allowing more than one reader on a port, etc. Over the last couple of years, board and reader manufacturers have been implementing OSDP into access control hardware. While not every manufacturer or model supports OSDP, support is growing. For most systems, OSDP can be added on a door-by-door basis. You can convert high-profile doors to OSDP while waiting to upgrade low-risk doors if your budget doesn’t support an all-or-nothing approach.

Stronger DefenseI need to mention a side note here for Gallagher. When I first encountered Gallagher security products in 2010, they were already using their HBUS technology for their readers. While Gallagher supports OSDP, the HBUS technology provides very similar benefits as OSDP like encryption, bi-directional communication, and multiple readers on a port… but HBUS has been doing it for much longer. An additional benefit with Gallagher HBUS and readers is being able to create your own card encryption key easily. This means that no other organization in the world will have a card that can be read on your Gallagher system. This is not a requirement for Gallagher, but it is super simple to do and is part of our standard procedures when installing a new Gallagher system.

Transmitting card numbers from the reader to your access control panels might be the chink in your access control’s armor. As part of our security standard, KB will make sure you are using encrypted communication from the card all the way to the access control system.

If you need help evaluating the next steps in your access control setup or how to get started on the right foot, let us know! Just give us a call and we will be happy to help.

Integrating Facial Recognition into Access Control Physical Security, Increasing Security and Convenience!

By David Strickland, Vice President of Kenton Brothers

“Innovate or Die”

Facial RecognitionWhen walking through Kenton Brothers Systems for Security, you will see this phrase prominently displayed on the walls throughout our building. Innovation is one of our core values and it’s a big reason we continue to provide remarkable physical security solutions for our customers… going on 126 years.

The world is very different than it was 125 years ago, and so are the solutions we provide to mitigate today’s security risks. The need for robust access control measures to safeguard sensitive areas is more critical than ever. As the security industry innovates, traditional methods like mechanical locks, keycards and PINs are gradually being replaced by cutting-edge biometric technologies. Among these, facial recognition stands out as a revolutionary tool, offering enhanced security and convenience in commercial access control physical security.

This blog explores the role of facial recognition as a biometric credential in access control. Here are five ways we think it will have a big impact.

1. Enhanced Security through Uniqueness:

Facial recognition technology capitalizes on the uniqueness of each individual’s facial features. Unlike passwords or keycards, which can be lost, stolen, or shared, faces are inherently unique, making them an ideal biometric credential. By registering authorized personnel in the system, access control devices can accurately match live facial images with the stored templates, ensuring that only authorized individuals gain entry.

2. Seamless and Contactless Authentication:

One of the standout advantages of facial recognition in access control is its contactless nature. Users no longer need to physically interact with devices or carry identification cards. Authentication is as simple as glancing at a camera, making it more convenient and hygienic—particularly in a post-pandemic world where reducing physical contact is thought to be essential.

3. Rapid and Real-Time Identification:

Facial RecognitionFacial recognition technology operates at impressive speeds, providing real-time identification results. This capability is especially valuable in high-traffic areas like airports, offices, and educational institutions, where quick and efficient access control is necessary. The system can process multiple faces simultaneously, reducing bottlenecks and ensuring smooth entry flows.

4. Integration with Existing Systems:

Facial recognition can seamlessly integrate with existing access control infrastructure. Many modern access control systems are designed with open architecture, allowing easy integration with biometric devices. By retrofitting facial recognition solutions into their current systems, organizations can upgrade security measures without a complete overhaul.

5. Multifactor Authentication with one “credential”:

The fusion of facial recognition with other biometric security measures, such as fingerprint or iris recognition, could create biometric systems that offer even higher security levels and resistance to spoofing attempts.  Multifactor authentication all within one “credential” – the human body!

So what about the other side of the coin… Can facial recognition be spoofed?

Yes, facial recognition can be defeated if the installation and calibration processes aren’t followed correctly. One innovation in the commercial security world is helping along that front. For instance, some systems such as  IDEMIA use liveness detection, which ensures that the face presented for authentication is a live, three-dimensional image rather than a photograph. This feature guards against spoofing attempts, where adversaries try to trick the system with static images.

The future of facial recognition in access control physical security looks very promising. Advancements in artificial intelligence and machine learning algorithms will likely improve the accuracy and efficiency of these systems. Additionally, including 3D facial recognition technology could further improve security by adding an extra layer of depth and precision to the identification process.

We believe Facial Recognition as a biometric credential in access control physical security represents a remarkable leap forward in safety and convenience. With enhanced security features, contactless authentication, and rapid identification capabilities, facial recognition technology is reshaping access control best practices.

Want to learn more? Let’s get together and discuss how utilizing this technology can increase your commercial physical security while increasing convenience: two things that are traditionally in conflict!

 

Video: Planning and Implementing Elevator Security

By Erik Andress, Sales Management Professional at Kenton Brothers

In today’s video we’re discussing elevators. In particular, how to secure them with cameras and access control. Elevators can be tricky… They require a lot of planning and coordination with the elevator company. We’ll get into some of those details today and what you need to know!

Step one is by far the most important stage and that’s planning.

Securing an elevator requires collaboration between the elevator company the security integrator as well as the client. The client lets the security innovator know how they want the elevator to function and behave. The security integrator works with the elevator company to make that possible.

Let’s use a an example: Where do you want the card reader mounted? Is it on the outside of the elevator denying access altogether or is it on the inside of the cab denying access just to certain floors? Or both? You may want to deny access to the elevator because it’s not for the public. You may also want to deny access to certain floors because it is a secure facility.

There are details we have to understand. Is there already traveling cable in the elevator? Is there space for us to install our equipment? Where is the control panel for the elevator, and where should our control panel go for access control? It can get complicated quickly.

Step two is integration.

We work with a professional elevator technician to make sure the proper cables are in place and integrate the card reader into the elevator’s controls.

Step three is configuration.

Now that the systems are integrated, we need to make sure that we go back to the client’s expectations of how they wanted the elevator to function. We need to make sure that our configuration is lining up with exactly what they asked for.

Step four is to test and calibrate.

When you put security inside of an elevator, you’re introducing a lot of moving pieces. With access control or commercial video surveillance, we need to make sure that we spend time testing the system. We need to make sure the camera’s field of views are dialed in correctly.

The final step is training.

We need to make sure that the admins and users of the system understands exactly how the system works and how changes can be made.

If you need help securing the elevators in your company buildings, we can help. Just give us a call!

Enhancing Physical Security: Alvarado Turnstiles and Garrett Metal Detectors

By Alana Hanly, Security Consultant at Kenton Brothers

In an ever-evolving world, ensuring physical security is incredibly important. Businesses, public spaces, and institutions face the challenge of safeguarding their premises and protecting individuals from potential threats. Two powerful tools that contribute significantly to physical security are Alvarado turnstiles and Garrett metal detectors. In this blog, we will explore how these technologies work and discuss their valuable role in various physical security scenarios.

Alvarado Turnstiles: An Overview

Alvarado TurnstilesAlvarado turnstiles are sophisticated entry control systems designed to regulate and monitor access to premises. Depending on the type of organization, these turnstiles offer a range of features, including barrier arms, optical sensors, and biometric authentication ensuring only authorized personnel can enter a secure area. Let’s look at some scenarios where Alvarado turnstiles play a pivotal role in enhancing physical security:

Crowd Management at Public Venues

Alvarado turnstiles help efficiently manage large crowds at stadiums, arenas, and concert venues. By controlling the flow of people, these turnstiles prevent unauthorized access and ensure a smooth and orderly entry process. Additionally, they can be integrated with ticketing systems or access control software, providing real-time data for attendance tracking and capacity management, or be implemented with Alvarado’s own Gate Watch software to support your organizational needs.

Employee Access Control

Alvarado TurnstilesIn corporate settings, Alvarado turnstiles act as a reliable solution for employee access control. By implementing turnstile systems with RFID or biometric authentication, businesses can restrict entry to authorized personnel only. This helps prevent unauthorized individuals from gaining access to sensitive areas, safeguarding valuable assets and confidential information.

Transportation Hubs

Airports, train stations, and bus terminals face unique security challenges due to high volumes of people and the need to ensure restricted areas remain secure. Alvarado turnstiles enable effective access control, allowing only ticketed passengers or authorized personnel into secure zones. They can be seamlessly integrated with security systems, such as video surveillance and alarm systems, to enhance overall safety.

Garrett Metal Detectors: Enhancing Threat Detection

Garrett Metal DetectorsGarrett Metal Detectors are renowned for their advanced technology in detecting metallic objects, offering an additional layer of security in various environments. Here are some of the common scenarios where these devices are used:

Weapons Screening

In locations where public safety is a priority, such as airports, courthouses, and public buildings, Garrett metal detectors are deployed to detect concealed weapons or dangerous objects. By creating a security checkpoint, these detectors help deter potential threats and provide a reliable means of identifying individuals carrying prohibited items.

Event Security

When large gatherings, conferences, or exhibitions take place, Garrett metal detectors play a crucial role in screening attendees for any concealed weapons or dangerous objects. Their presence serves as a deterrent and assures event organizers and participants of a secure environment. These detectors can be used alongside security personnel to conduct quick and non-intrusive screenings.

Loss Prevention

Garrett Metal DetectorsIn retail settings, shoplifting and employee theft pose significant challenges. Garrett metal detectors help prevent inventory shrinkage by detecting unauthorized metal objects leaving the premises. By incorporating metal detection systems at exits, retailers can reduce theft incidents and create a safer shopping environment for customers and employees.

In closing, Alvarado turnstiles and Garrett metal detectors are valuable tools in bolstering physical security across a wide range of scenarios. Whether it’s managing crowds, controlling access to restricted areas, or enhancing threat detection, these technologies offer effective solutions for safeguarding people and assets. By implementing these systems, businesses, institutions, and public venues can create secure environments, assuring individuals of their safety and peace of mind.

If you would like to know more about these solutions, we are here to help. Please give us a call.

Building a Commercial Security Training Wall for Scenario Testing

Building a Commercial Security Training Wall for Scenario TestingA customer, Rich, recently came to us with a problem. His access control environment has three generations of Software House’s access control boards as well as a fourth type of access control board, the Edge panel. Software House has done a good job of adding features as the boards have been upgraded over the years, but this means that the older boards do not have the same feature sets as the newer ones. Understanding the capabilities of each board is not always easy.

Rich also wanted to understand some of LifeSafety’s Power Supply features, something not currently being used in his environment.

He could have separated out seven or eight of the doors in his environment and used those for testing. However, testing in the production environment could have led to customer dissatisfaction (when things didn’t go as planned.) So, our best option was to build a training wall.

The Training Wall

Building a Commercial Security Training Wall for Scenario TestingCreating a training wall with four different boards and two doors per board would take up a lot of room and be fairly costly. We ended up creating two demonstration doors where they could be switched to one of the four access control boards. One of the doors we set up as fail-secure, meaning the door is still locked if power is removed. The other door was set up as fail-safe, meaning the door is unlocked when the power is removed. We did this to demonstrate the different ways of connecting the power supply and to provide a realistic scenario that might be found in the field.

Now, Rich has a way to test the different locking scenarios with the different feature sets of each board. Since two doors are connected to the boards, he can also test read in/read out, piggybacking, tail-gating, interlocked doors, and other scenarios involving more than one door. The training wall can also serve as a training area for new programmers, or new installation crews to show how the doors should be programmed or how the wires need to be connected.

We love unique challenges.

This certainly was a unique challenge for us. It’s the first time a customer has asked us to create a training wall for them. If you need a training wall or have another unique challenge, let us know! At Kenton Brothers, we embrace new challenges. Innovation is in our blood.