Abstract: A method, access control system, and readers for use in an access control system are described. One example of the disclosed method providers the ability to securely augment an existing physical access control system that relies on access control tokens (e.g., credentials) with a secure mobile-based solution allowing the secure local offline exchange of a new access control token for another that can be used with the existing installed access control system.

Abstract: The present disclosure relates to a reader, such as a reader for a physical access control system. The reader can include first and second antennas, each designed or configured for receiving ultra-wide band (UWB) signals. The reader can also include a mounting plane configured for mounting the reader to a surface. An axis aligning the first and second antennas can be arranged substantially perpendicular relative the mounting plane. A material can be provided between the first and second antennas. The material can have a thickness that defines a distance between the first and second antennas of less than a half wavelength of the UWB signal through air (?A/2), the material configured to slow down electromagnetic waves passing therethrough such that the thickness of the material provides an effective separation distance of the first and second antennas of at least a half wavelength of the UWB signal through air (?A/2).

Abstract: Release mechanism (12) for an energy harvesting arrangement (10) for an electronic locking system (78), the release mechanism (12) comprising a drive device (18); a harvesting elastic element (30); at least one magnet (36); an input device (38); and an engaging profile (52); wherein the input device (38) is arranged to engage the drive device (18) by means of a magnetic force such that the drive device (18) can be displaced from a starting position (32) by movement of the input device (38) along a harvesting path (58); and wherein the engaging profile (52) is arranged to engage the drive device (18) at an engaging position (60) of the drive device (18), such that further movement of the input device (38) along the harvesting path (58) causes a relative inclination between a drive device surface (26) and a input device surface (42). An energy harvesting arrangement (10) and an electronic locking system (78) are also provided.

Abstract: A method to check if a connector system with a Connector Position Assurance (“CPA”) member is in a closed position. The method includes providing an RFID-tag reader that is positioned at a distance D to the integrated circuit enabling far-field RFID communication and not permitting near-field RFID communication. Further, the method includes checking the readability of the integrated circuit with the RFID-tag reader and issuing an alert signal if the integrated circuit is not readable by the RFID-tag reader indicating that the CPA member is not in the closed position.

Abstract: An RFID device that can be connected to a piece of material, in particular, a piece of fabric (22), in an efficient manner and that is small and flexible is provided. A wire antenna (16) is coupled to an integrated circuit provided on a substrate (12) of the RFID device (10). The wire antenna (16) is attached to the substrate (12) by being laced with the substrate (12) via a pair of through holes. In this state, the wire antenna (16) is fixedly connected to the piece of material by heating a coating of the wire antenna (16), which coating includes a thermoset adhesive material. In this manner, the substrate (12) is connected to the piece of material via the wire antenna (16).

Abstract: A reader system for an access control system includes first and second antennas and first and second controllers. The first controller is configured to communicate with a credential device using a first communication protocol via the first antenna to exchange a credential with the credential device. The second controller is configured to communicate with the credential device using a second communication protocol via the second antenna to perform ranging for the credential device and is configured to communicate with the first controller via a communication link.

Abstract: A security document is disclosed to include an image area provided on a front side of the document that includes image content, an information area provided on the front side that includes informational content, and a security feature including a pattern of perforations provided in an overlapping relationship with the image area and the information area so as to simultaneously bind and secure the image content with the informational content.

Abstract: A device connectable to a reader of an access control system includes an antenna, an ultra-wide band (UWB) front end circuit, a controller, and a communication link. The (UWB) front end circuit is connected to the antenna to facilitate UWB communication with a credential device. The controller is connected to the UWB front end and configured to perform ranging for the credential device using the UWB communication. The communication link is configured to interface with the reader.

Abstract: Systems and methods for access control systems includes first and second access facilities, and first and second readers. The first reader is configured to control access through the first access facility, receive a credential using a first communication protocol from a device that stores the credential, and establish a secret with the device using the credential. The second reader is configured to control access through the second access facility. The first reader is configured to provide the secret to the second reader, and the second device is further configured to perform ranging using the secret and a second communication protocol different than the first communication protocol to identify intent information. Access through one of the first facility or the second facility is coordinated using the intent information.

Abstract: A verifier device of an authentication system comprises physical layer circuitry and processing circuitry coupled to the physical layer circuitry. The processing circuitry is configured to encode an authentication command for sending to a credential device; decode a response communication received from the credential device, wherein the response communication includes a first random number; encrypt the first random number, a second random number, and verifier keying material for sending to the credential device; decrypt encrypted information received from the credential device, wherein the encrypted information includes the first random number, the second random number, and receiver keying material; and calculate a session encryption key using the verifier keying material and the receiver keying material.

Abstract: It is provided a wearable device for determining when a user has fallen down. The wearable device comprises: a first biometric sensor for obtaining first biometric data of the user, wherein the first biometric sensor is a first accelerometer configured to measure acceleration of a part of a first limb of the user; a second biometric sensor for obtaining second biometric data of the user comprising a finger pressure parameter; and a third biometric sensor for obtaining third biometric data, the third biometric sensor being a second accelerometer configured to measure acceleration of a body part of the user being distinct from the first limb. The wearable device is configured to determine an identity of the user is based on the first biometric data, the second biometric data and the third biometric data, the identity being used to control access to a physical space, and to determine when the user has fallen down.

Abstract: An access control system may comprise a credential including credential data, and at least one reader. The at least one reader is configured to receive, over a link, the credential data. The at least one reader is configured to verify that the credential is valid based on the credential data, and mark the credential as valid and track a location of the credential relative to the at least one reader. The at least one reader is configured to make or delay an access control decision for the credential based on the location of the credential.

Abstract: Securely storing data includes encrypting the data using a random key to provide obfuscated data, scrambling the obfuscated data to provide scrambled obfuscated data, generating a scramble schema indicating how to unscramble the scrambled obfuscated data, encrypting the scrambled obfuscated data to provide encrypted scrambled obfuscated data, splitting the scramble schema, and distributing separate portions of the scramble schema and separate portions of the encrypted scrambled obfuscated data to separate entities. The data may be private key data. Securely storing data may also include concatenating the random key on to the obfuscated data prior to scrambling the obfuscated data, wherein the random key is scrambled together with the obfuscated data. Scrambling the obfuscated data may use a Fisher Yates Shuffle mechanism. Securely storing data may also include generating and distributing a symmetric authentication key that is used to authenticate a first entity to a second entity.

Abstract: Various systems and methods for providing discovering smart card slots in a device are described herein. A server device for discovering smart card slots in a client device may be implemented with a processor subsystem; and memory including instructions, which when executed by the processor subsystem, cause the processor subsystem to perform operations comprising: receiving, at the server device from the client device, over an established Bluetooth connection, smart card connector parameters, the client device having a plurality of smart card slots; iterating through the plurality of smart card slots; at each slot of the plurality of smart card slots, using a smart card protocol to attempt to access an application at each slot, the application pre-associated with the server device; and in response to identifying the application exists in a slot of the plurality of smart card slots, connecting with the application.

Abstract: It is provided a method for managing central secret keys of a plurality of user devices associated with a single public key. The method is performed in a key manager and comprises the steps of: receiving, from a first user device, transformation data and an identifier of a second user device; obtaining a first central secret key associated with the first user device; generating a second central secret key by applying the transformation data to the first central secret key, wherein the transformation data is applied in reverse to how the same transformation data is applied by the first user device to a device secret key of the first user device; and storing the second central secret key in association with the second user device.

Abstract: It is provided a method for controlling access to a physical space using a co-sign delegation. The method is performed in a lock device and comprises the steps of: receiving an access request from an electronic key; obtaining a plurality of delegations, wherein each delegation is a delegation from a delegator to a delegatee, the plurality of delegations collectively forming a chain of delegations; determining that a delegation is a co-sign delegation, indicating that all further delegations need to be cryptographically signed by both the delegator of the respective delegation and by an access controller; and granting access to the physical space when the chain of delegations start in an owner of the lock device and ends in the electronic key; and when all delegations in the chain of delegations after the co-sign delegation are cryptographically signed by both the delegator of the respective delegation and by the access controller.

Abstract: Release mechanism for an electronic locking system, wherein the release mechanism is configured such that an input member and an output member are locked against relative rotation and can rotate together within a locking ring opening when a locking member is located in an input member recess and in an output member recess, and such that the output member is released to rotate relative to the input member when the locking member is located in the output member recess and in a locking ring recess. A freewheel mechanism and assemblies for an electronic locking system are also provided.

Abstract: It is provided a sensor device comprising: a proximity sensor (10); a processor (11); a wireless communication module (13); and a memory (14). When the sensor device is in a first functional state (20, 20a, 20b) and the proximity sensor detects a predetermined change in its proximity, the sensor device is configured to transition from the first functional state, in which wireless communication is inactivated, to a second functional state (21), in which wireless communication module is enabled. The predetermined change in its proximity is a removal of transport protection, comprising removal of a metallic tape over the proximity sensor, whereby the proximity sensor is capable to detect the removal of the metallic tape based on inductive sensing.

Abstract: Methods and systems are provided for performing operations comprising: generating, on a publicly accessible server, a secure enclave, the secure enclave having isolated memory and processing resources of the server; installing, on the secure enclave, a virtual machine comprising a guest operating system of a first entity; installing, by the virtual machine, one or more cryptographic processes associated with the first entity; and encrypting and decrypting cryptographic keys associated with the first entity using the one or more cryptographic processes.

Abstract: It is provided a method for enabling access control for access to a physical space secured by a lock device. The method is performed in a security device and comprises the steps of: obtaining at least one image captured using a first camera of a portable key device, the at least one image being captured in a vicinity of the lock device; receiving a template decryption key from a lock device over a short-range communication link; obtaining a credential associated with the lock device; matching the at least one image with a plurality of templates, each template being associated with a lock device, which comprises obtaining the plurality of templates by decrypting encrypted templates using the template decryption key; and wherein a positive match is a necessary condition for opening the lock device.