Abstract: It is provided a method for providing hardware integrity control of an electronic device (2). The method comprising: triggering (40) each one of a plurality of components (4a-d) of the electronic device to generate of respective partial secret keys (10a-d) forming part of a threshold cryptography scheme (11) associated with a public key (12), wherein a threshold number of the plurality of partial secret keys (10a-d) are required to be applied in the threshold cryptography scheme (11) for verification against the public key (12); and providing (42) the public key (12) to a hardware verification device (3). A corresponding hardware integrity device (1), computer program (67, 91) and computer program product (64, 90) are also provided.

Abstract: An access control system may comprise a credential including credential data, and at least one reader. The at least one reader is configured to receive, over a link, the credential data. The at least one reader is configured to verify that the credential is valid based on the credential data, and mark the credential as valid and track a location of the credential relative to the at least one reader. The at least one reader is configured to make or delay an access control decision for the credential based on the location of the credential.

Abstract: It is provided a method for detecting people, the method being performed by a people detector provided by a doorway. The method comprises the steps of: receiving an open signal indicating that a door of the doorway is open; setting a people sensor of the people detector in an active mode based on receiving the open signal; detecting when a person passes through the doorway, using the people sensor; receiving a closed signal indicating that the door of the doorway is closed; transmitting a result of the step of detecting, wherein the step of transmitting is performed based on receiving the closed signal; and setting the people sensor in a power save mode based on receiving the closed signal.

Abstract: A control arrangement (20) for controlling movements of an access member (14), the control arrangement comprising a base structure (22); a drive member (32) rotatable about a rotation axis (28); an input member (38) arranged to be driven along an actuation axis (40) by rotation of the drive member, and arranged to move in a lateral direction (74, 76); an output member (50) arranged to be driven by the input member along the actuation axis; an electromagnetic generator (58) arranged to be driven by movement of the output member along the actuation axis to generate electric energy; and a force transmitting arrangement (42, 52; 116) arranged to transmit a relative movement between the input member and the output member along the actuation axis to a movement of the input member in the lateral direction towards the base structure for frictional braking between the input member and the base structure.

Abstract: A laser marking system comprises a laser energy source that generates a laser beam, a laser controller configured to focus the laser beam over a field of view greater than a size of laser-markable items, and a start-up target that includes laser-safe material and is located within the field of view. The laser controller is further configured to point the laser beam at the start-up target during a start-up phase of the laser energy source and focus the laser beam on one of the laser-markable items after the start-up phase.

Abstract: Customizing an application on a mobile device includes storing at least a portion of customization data in a customization server that is independent of the mobile device, a user of the mobile device accessing the customization server independently of the mobile device, receiving authorization data from the customization server that enables the mobile device to securely receive customization data from the customization server, and the mobile device using the authorization data to cause the customization server to provide the customization data to the mobile device. The authorization data may be provided by postal message, email message, an SMS text message, and/or a visual code provided on a screen of a computer used to access the customization server. The user may use a computer to provide credential information to access the customization server. Customizing the application may allow the mobile device to access a user service on behalf of the user.

Abstract: An electronic lock for controlling access to a restricted physical space. The electronic lock comprises: electronically-controllable lock hardware; and a system-on-chip, SoC, comprising a processor and memory. The SoC comprises: a trusted environment comprising a secure data storage and a lock-core software module comprising instructions that, when executed by the processor, cause the electronic lock to: evaluate access for a user based on data stored in the secure data storage and control the lock hardware based on the evaluation; and an untrusted environment comprising untrusted software that is prevented from bypassing the lock-core software module to control the electronically-controllable lock hardware.

Abstract: A verifier device of an authentication system comprises physical layer circuitry and processing circuitry coupled to the physical layer circuitry. The processing circuitry is configured to encode an authentication command for sending to a credential device; decode a response communication received from the credential device, wherein the response communication includes a first random number; encrypt the first random number, a second random number, and verifier keying material for sending to the credential device; decrypt encrypted information received from the credential device, wherein the encrypted information includes the first random number, the second random number, and receiver keying material; and calculate a session encryption key using the verifier keying material and the receiver keying material.

Abstract: A lock device (12) comprising a bolt (22) movable between a retracted position (24) and an extended position (90); a bolt force device (26) arranged to force the bolt (22) from the retracted position (24) towards the extended position (90); a blocking member (28) movable between a blocking position (32) and an unblocking position (96); a lock device magnet (46) movable between a passive position (48) and an active position (94) in response to a repulsive magnetic force acting on the lock device magnet (46); and a release transmission (52) arranged to mechanically transmit a movement of the lock device magnet (46) from the passive position (48) to the active position (94), to a movement of the blocking member (28) from the blocking position (32) to the unblocking position (96). A system (10) comprising a lock device (12) and a strike plate (14) is also provided.

Abstract: An arrangement for closing an access member rotatable relative to a frame, the arrangement comprising a frame part for fixation to the frame; an access member part for fixation to the access member, the access member part being rotatable relative to the frame part about a hinge axis between a closed position and an open position; a mechanical force device configured to store mechanical energy from an opening movement of the access member part from the closed position to the open position, and configured to release the stored mechanical energy to a closing movement of the access member part from the open position to the closed position; an electromagnetic generator arranged to be driven by the closing movement to generate electric energy; and a freewheel arranged to disengage during the opening movement and to engage during the closing movement to drive the generator.

Abstract: Methods and systems (100) for trajectory prediction are provided. The methods and systems (100) include operations comprising: receiving (501) a plurality of observed speed points; processing (502) the plurality of observed speed points corresponding to the observed trajectory by a machine learning technique to generate a plurality of predicted speed points, the machine learning technique being trained to establish a relationship between a plurality of training observed speed points and training predicted speed points; determining (503) a future trajectory based on the plurality of predicted speed points, each of the plurality of predicted speed points corresponding to a different slice of a plurality of slices of the future trajectory; determining (504) that a target access control device is within a threshold range of the future trajectory; and performing (505) an operation associated with the target access control device (110).

Abstract: An arrangement for closing an access member rotatable relative to a frame about a hinge axis, the arrangement comprising a primary element for fixation to either the frame or the access member; a secondary element for fixation to the other of the frame and the access member; a connection device arranged between the primary element and the secondary element and engaging the secondary element; and a force device comprising a drive element rotatable about a pivot axis and engaging the connection device, the force device being arranged to force rotation of the connection device relative to the primary element about the pivot axis, wherein a position of the force device relative to the primary element is adjustable after fixation of the primary element and the secondary element to adjust a distance between the pivot axis and the hinge axis. An access member system and a method are also provided.

Abstract: Methods and systems for establishing a system specific trust system are provided. The methods and systems establish a secure channel between a first device and a second device using a system specific trusted authority. The methods and systems determine, by the first device, using a first certificate associated with the second device, a first set of access rights of the second device and determine, by the second device, using a credential associated with the first device, a second set of access rights of the first device.

Abstract: It is provided a method for enabling determination of proximity of a mobile device (2a, 2b) to a beacon device (3a). The method is performed by a proximity determiner (1) and comprises the steps of: determining a set of beacon devices (3a-e) being detectable from the mobile device: obtaining beacon measurements of one or two beacon devices in each pair: generating a two-dimensional graph based on the beacon measurements: obtaining device measurements of signal strength of beacons from the beacon devices in the set of beacon devices: finding an optimum in a space defined by the two-dimensional graph; and determining the most probable position of the mobile device in the graph based on the optimum.

Abstract: A method of integrating a logical access control system with a physical access control system is disclosed. A soft token is received at a hardware accessory from a client device of a user. The soft token includes a payload. The payload includes information about the user that is stored in a user profile of the logical access control system. Based on a verifying of the soft token using a certificate extracted from a trust store of the hardware accessory, the information about the user that is included in the payload is parsed. Based on the information about the user satisfying one or more access criteria of a reader associated with a physical access control system, the reader is triggered. The triggering includes emulating a transaction associated with the physical access control system.

Abstract: It is provided a method for finding faults in firmware for a lock device. The method is performed by a test device. The method comprises the steps of: receiving data indicating an event that results in operation of the firmware in a test lock device, the test lock device being capable of performing at least some of the functions of the lock device; sampling a plurality of measurements that are indicative of power use by the test lock device over time, wherein the measurements are captured to cover at least part of the operation of the firmware by the test lock device based on the event; and determining that a potential fault occurs in the firmware for the event when the sampled measurements fail to correspond to the event, based on previously recorded data for the same type of event.

Abstract: The use of multimodal face attributes in facial recognition systems is described. In addition, use of one or more auxiliary attributes, such as a temporal attribute, can be used in combination with visual information to improve the face identification performance of a facial recognition system. In some examples, the use of multimodal face attributes in facial recognition systems can be combined with the use of one or more auxiliary attributes, such as a temporal attribute. Each of these techniques can improve the verification performance of the facial recognition system.

Abstract: A method of encoding a credential device of an authentication system comprises sending credential device information to a backend server of the authentication system using a mobile device, verifying ownership of the credential device and the mobile device using the backend server, generating, using the backend server, a quick response (QR) code that includes encoding information for the credential device, generating using the backend server a quick response (QR) code that includes encoding information for the credential device, decoding the QR code to retrieve the encoding information, and encoding the credential device with the encoding information.

Abstract: Systems and methods for providing secure execution of functions for edge devices include a plurality of edge devices, a controller, and an array of secure elements. The edge devices are each configured to obtain data for an application of the system. The controller is connected to communicate with the edge devices to receive the data from each of the edge devices. The array of secure elements is connected to the controller, and each secure element executes functions using the data received from the edge devices. The controller associates an identified secure element of the array of secure elements with a respective edge device to execute the functions for data received from the respective edge device, and the controller is connected to communicate a result of the executed functions to the respective edge device.