Showing posts with label FORM FACTOR. Show all posts
Showing posts with label FORM FACTOR. Show all posts

Thursday, October 15, 2020

Contactless Access Credentials & Egress

Contactless Access Credentials & Egress 

THE business landscape changing so dramatically over the past few months — possibly irrevocably — the task for many in security, including for consultants, integrators, dealers and manufacturers. As businesses and organizations begin to reopen, many are rethinking the way they budget for security, including access control, video surveillance and intrusion Alarm.

It’s amazing that a microscopic virus from China could virtually bring the world to a standstill. The 2020 global pandemic has reshaped the way people work, learn and play on every conceivable level. In addition to the devastating impact on global health and safety, COVID-19 has infected the health of the global economy.

The growing call to return to work will surely accelerate many of the physical (not social) distancing, sterilization and occupancy issues that we are currently facing. Hopefully, modern medicine will rise to the challenge sooner than later with a COVID-19 vaccine, but this may take some time even with accelerated testing and approvals.

Commonly touched items that can cause the spread of coronavirus (and other infectious disease) can include things like elevator buttons, ATM and checkout keypads, door knobs and handles, keyboards and mice, and door/entry access control panels — just to name a few. When you think about all of the “touchable” items that you interact with each day it becomes a daunting task to stay away from them and feel safe, clean and virus-free. Well, it's no surprise that right now, businesses are feeling the need to provide solutions and upgrade their safety and security as the workforce begins to come back to the office or plan for that to happen soon.

Contactless credentials are the most common component used in an access control system and while many look alike externally, important differences exist. “Contactless credentials and touchless access control can help reduce the number of surfaces that people touch on campus and can help reduce contact transmission” said Arindam Bhadra founder SSA Integrate.

Credentials Overview

While other credential options exist, the most common choice is RFID 'contactless' types. Nearly 90% of systems use contactless cards or fobs built as unpowered devices that are excited and read when brought close to a reader unit. This 'wireless power' process is called resonant energy transfer.

In Proximity Reader technology the reader itself emits a field collected by the card, eventually reaching enough of a charge that temporarily powers a wireless data transfer between the two. The image below details typical internal components of the type, where the wire antenna collects energy, the capacitor stores it, and when full discharges ICC chip (credential) data back through the antenna to the reader:

In general, all contactless credentials work this way but the exact parameters like operating frequency, size of credential data, encryption, and format of the data greatly vary in the field. In the sections that follow, we examine these parameters in depth.

Contactless Credentials Dominated by Giants

One of the biggest differences in contactless credentials is the format of the data it contains, typically determined by the manufacturer. Upwards of three-quarters of contactless credentials use formats developed or licensed by HID Global and NXP Semiconductor.

HID Overview

Since the market began migrating away from 'magstripe' credentials in the early 1990's, HID Global gained marketshare with its 125 kHz "Prox" offerings. Now part of ASSA ABLOY, HID has become the most common security market credential provider, and OEM of products for access brands including Lenel, Honeywell, and Siemens. The company's best-known formats include:

·     "Proximity": an older 125 kHz format, but still regularly used and specified even in new systems

·      iClass: an HID Global specific 13.56 MHz 'smartcard'

HID is the most common choice for credentials in the US. Because of commanding market share, HID is able to license the use of its credential formats to a variety of credential and reader manufacturers. Even when marketing general 'ISO 14443 compliant' offerings, HID strictly follows "Part B" standards (vs Part "A" - described in more detail later).

NXP Overview

Formerly Phillips Semiconductor, Europe-based NXP offers a number of 'contactless' credential components used in a number of markets - security, finance, and industrial. With widespread adoption of ISO standards in credential specifications, NXP offers a catalog of types built to spec, including:

·    MIFARE PROX: NXP's 125 kHz format built on early drafts of ISO standards, but not as widely adopted as HID's "Proximity" lines

·  MIFARE/DESFire: an ISO Standards-based NXP 'smartcard' format, also operating on 13.56 MHz the 'DESFire' moniker was introduced in the early 2000s to distinguish the format from 'MIFARE Classic' credentials. DESFire credentials feature stronger encryption that required higher performing chips. The 'Classic' format fell under scrutiny for being vulnerable to snoop attacks, and DESFire countered this threat. Because these improvements were made only to credentials, and existing MIFARE readers could still be used, the new format became known as 'MIFARE/DESFire'.

Unlike HID, NXP's credential formats are 'license-free' and the according standards are available for production use for no cost. NXP manufacturers all ISO 14443 product to "Part A" standards. NXP's market share is largest outside the US, mostly attributed to the early (starting in ~1990's) adoption of HID Global formats inside the US, but the brand's formats are often the primary ones used in Europe and Asia for physical access control.

US vs the World

Because of NXP Semiconductor’s strength in EMEA and the lack of licensing, MIFARE, DESFire, and the associated derivatives are popular outside the US.

However, HID Global's strongest markets are in the Americas, especially in the US. Despite the additional cost of licensing compliant credentials and readers, the company also produces products that use the unlicensed NXP formats and has equal or greater operability as a result.

125 kHz vs 13.56 MHz

The credential's RF frequency factors a key role in its performance. Because readers can only scan credentials operating at specific matching frequencies, this attribute is the first to consider. If frequency and format do not match, credentials are simply not read. The chart below shows the frequency of popular formats:

Perhaps the biggest difference between 125 kHz and 13.56 MHz frequencies is credential security. 125 kHz formats do not support encryption and are easily snooped or spoofed. However, 13.56 MHz formats are encrypted (usually 128 bit AES or greater) and credential data can only be read by a device that is specifically given the key to do so. 

Deciphering Credential Types

One of the most challenging jobs for integrators and end users alike is simply identifying which credential a system is using. The market is crowded with hundreds of options with no guarantees of compatibility for items that all appear to be a blank white card. The image below details four different credential types with dramatically different performance and security characteristics, yet they all look the same to the untrained eye:

For contactless types, you must know three attributes that are not typically clearly printed or overtly labeled on the credential:

·     Format Name: This designates how and how much data the credential transmits, usually defined by an ISO standard for Wiegand formats. For example H10301 is the typical 26 bit format, H10304 is HID's Wiegand 37 bit, and so on. The best way to confirm the format used by a card is to locate a box label of existing cards (See image below 'Card Format Details') to interpret the raw hexadecimal output as a specific format. If card boxes are not available, researching the credential type used by checking the format used in the Access Control Management Software application, typically in the cardholder and reader configuration settings.

·       Facility Code: This attribute is NOT printed on the card in most cases. This piece of information is also typically found on box labels but can be decoded using the same online calculators for format name. In certain cases, access systems must be configured to accept specific facility codes and some low-end systems may limit acceptable codes to one specific number. Without knowing this code, credentials are not sure to work.

·       Card ID/Serial Number (CSN/UID): In many cases, the ID number is embossed or printed on the card. This number is the 'unique ID' that ties a user to a specific badge. While concurrent numbers are not an issue, redundant numbers are, and the same Card ID and Facility Coded credential cannot be issued twice in the same system. The image below shows.

Interestingly, the Sales Order/Batch Number information printed on the card is often not used by the access system at all and is only printed to assist in researching the origin of the card as shipped to a specific distributor, end user, or dealer.

In some cases, a card vendor or distributor will 'read' an unknown card for a fee, but turn around times may take several business days.

Often, the box for cards currently in production is often the quickest, easiest way to gather all three pieces of this information, if not a reordering part number, as shown below:

The ISO/IEC 14443 Division

Very little separates HID's iClass from NXP's MIFARE offerings, and if not for ambiguous interpretation of an ISO standard, they would 'look' the same to most readers. However, because early versions of the standard left room for differentiation, HID and NXP designed their 'compliant' standards with a different encryption structure.

The end result is both versions of credential claim 'ISO 14443 Compliance', but are not entirely interchangeable. To reconcile this difference, ISO revised 14443 to include parts 'A and/or B' to segregate the two offerings. The default, basic serial number of cards is readable in both A & B parts, but any encoded data on the card is unreadable between the two because the original standard left room for implementation ambiguity.

In general, because there is no licensing cost in using 'Part A' standards, many low-cost, non-US target market, and new reader products start here. However, readers marketed specifically in the US or from vendors with a broader global market license use 'Part B' compliance common to HID.

For example, this TSDi reader supports 14443-A, but not 14443-B, meaning in practical terms in does not support HID's 13.56 MHz iClass formats, but does support NXP's 13.56 MHz MIFARE/DESFire formats:

In contrast, HID iClass readers support both 'A' and 'B' along with the non-ISO specific 'CSN' such that either type of credentials will work with these readers:

13.56 MHz Smartcard Interoperability

While the 'Part A & B' division in ISO 14443 separates formats from being the same, it does not always mean they are unusable with each other. Portions of ISO 14443 are the same in both parts, including the 'Card Serial Number'. For some access systems, this is the unique number that identifies unique users, and because this number is not encoded, it will register in 'non-standard' readers:

·    CSN/UID String: Essentially the card's unique identifier is readable because it is not stored in the deep 'encrypted' media. Many simple EAC platforms use only this number to define a user, and instead use the internal database to assign rights, schedules, and privileges.

·    Encoded Read/Write: However, the vast majority of storage within the card is encrypted and unreadable unless compliant readers are used. Especially for access systems using the credential itself for storage (e.g.: Salto, Hotel Systems) and for multi-factor authentication (e.g.: biometrics) high security deployments, the simple CSN is not sufficient.

The CSN Loophole

In terms of security, not all credential details are encrypted. The 'Card Serial Number' (defined by ISO standards) for 13.56 MHz cards can often be read regardless of underlying format, modulation method, or encryption. The CSN may be usable as a unique ID by the system, but the full data set of the credential will not be available.

For smaller systems with only a few doors and a hundred or fewer cardholders, using the CSN as the primary ID is common due to the ease of enrollment in using CSNs as unique badge numbers. However, for high-security sites where access identity encryption is required by standard or when credentials are used for multiple integrated systems, using CSNs to identify issued cardholders is often not approved. Rather, the card's encrypted data is required instead.

Form Factor

Credential shapes are not just limited to cards or fobs. The size and method of hosting a credential can include stickers, tokens, cell-phone cases, or even jewellery.

The form factor of the credential often is an important consideration in overall durability and service life. For example, while a white PVC card may be ideal to print an ID badge on and hang from a lanyard, it can easily be bent or broken in a rough environment. A key fob, while unsuitable for printing a picture on, is designed to be durable enough to withstand abuse, harsh environment exposures, and even submersion in water.

The right form factor choice should be dictated by the user and the user's environment, and generally, all major credential types have numerous form factor options to suit.

Touchless Switches

Touchless wall switch makes opening a door simple and germ free. Blue LED back-lighting highlights the switch at all times, other than during activation. This provides a visual reference of the switch’s location in low light conditions. Its low-profile design makes it blend into your wall.



Saturday, February 4, 2017

Factors to Consider When Purchasing a PTZ IP Camera

Factors to Consider When Purchasing a PTZ IP Camera

PTZ IP cameras are commonly used for surveillance in large home compounds and public areas such as commercial car parks, stadiums and conference halls. PTZ stands for Pan Tilt Zoom, and that means you can use the IP software for cameras through the internet or your network to manipulate what the IP camera displays.
Different IP camera brands sport different kinds of zooms, and lower end cameras will simply feature the digital zoom. Proper optical zoom is the recommendable zoom type and this, together with the price, will always be specified in the product description.
Basically, a PTZ IP camera lets the user view real time images of the protected areas over the internet. You can simply monitor your office, home, building, yard or anywhere from miles away using a PC or a high end smartphone, tablet or PDA. Some network cameras even feature built-in Web server functions such that the IP camera doesn’t necessarily need to be connected to a computer.

DESIGN
IP PTZ cameras are traditionally spherical in shape, and this is mainly because they are meant to be completely mobile. Either the network camera itself (the sensor and camera mechanism) has been designed to take the shape of a sphere, and held so that it can pivot accordingly, or the camera is structured more traditionally and cased in a spherical protective bubble where it can tilt, pan and zoom and take images from within the shield.

NIGHT VISION
IP cameras with night vision capabilities come with built-in LED lighting to enable object visibility in dark settings, or at night. For outdoor surveillance, specifically in places without artificial lighting, night vision cameras may come in handy.

PTZ vs PT
Some IP cameras can only pan and tilt but not zoom. The two functions will usually be enough if the area you want to cover is small, like, say, your living room. However, if you want to cover a large area such as a shopping mall, an IP camera with the zoom function will be more effective.

HOW DO THEY WORK ?
PTZ IP cameras are typically controlled using remote systems. Users can do an initial configuration to have the camera moving and rotating in a certain predetermined pattern, or do it manually using a keyboard or mouse controlled interface. The angle of the lens can also be manually controlled, and this facilitates automatic position adjustment of the camera.
BENEFITS OF PTZ IP CAMERAS
·         User does not need to be close to the camera to operate it.
·         Requires little maintenance after it has been installed (except for regular cleaning of course).
·         Has 360-degree mobility. This way, it can detect and track objects as they move in the covered area as long as the target object is within lens range.

Factors to Consider When Purchasing a PTZ IP Camera
INDOOR OR OUTDOOR USE ?
If you’re looking for a PTZ IP camera for outdoor surveillance, you need one with night vision, weatherproof enclosure, miniature architecture for “outsider” visibility reasons, and vandal-proof capability for fortification in high crime areas.

YOUR DESIRED CAMERA FORM FACTOR
Each form factor has its own benefits, and the brand you opt for should cover all your surveillance requirements. Would you prefer a dome-shaped or an inconspicuous mini-dome camera? A wireless option or just an ordinary corded PTZ IP camera? You know your place and specifications best.
LEVEL OF DETAIL
When weighing different camera alternatives, you need to be sure of the detail level you want to see in your images. For wide area surveillance, you need a higher resolution, of course, as this will allow you to view even the furthest of images in relatively great detail.
Another factor that affects a camera’s resolution is its field of view (FOV). This is the viewable expanse of a given scene taken by the camera, and is sometimes referred as the angle of coverage or angle of view. A small FOV generally leads to the target object appearing smaller than it would in a fairly larger FOV.

The type of lens featured in the camera will also have an impact on resolution and field of view alike. A lens with low focal length number will bring about a wide field of view but less magnification while a higher focal length number will provide more magnification.

PTZ IP cameras, just like ordinary cameras, come with different resolution capabilities, and if you choose a high-resolution one, you also need to choose a high resolution megapixel lens so that the resolution required to produce a clear and detailed image can be maintained. If you combine a high resolution camera sensor with a less powerful lens, then your images will not be as detailed and crisp as you may desire.
POWER
PTZ cameras have multiple motors built-in which draw a considerable amount of power compared to a regular surveillance camera. Power can be supplied locally at the camera location or a cable can be pulled from a power source to the camera. The size of the wire dictates the maximum distance the cable can extend from the camera to the power source. See the chart below.
·        12 Gauge Wire – Maximum Distance 320 Feet
·        14 Gauge Wire – Maximum Distance 225 Feet
·        16 Gauge Wire – Maximum Distance 150 Feet
·        18 Gauge Wire – Maximum Distance 100 Feet


Each PTZ camera is shipped with its own power supply. Some cameras operate on 12v DC and some on 24v AC. Make sure you note the type of power the camera uses and that the power supply matches the camera.