Abstract: Methods, devices, and systems are provided for performing and/or limiting features based on a determined motion associated with a portable device. When the portable device is determined to be in motion, a feature control application running on the portable device prevents at least one radio frequency identification (RFID) component of the device from communicating with RFID reading devices. When the portable device is still, or not in motion, the feature control application running on the portable device prevents the at least one RFID component of the device from communicating with RFID reading devices. Among other things, this feature control of a portable device can prevent theft of data in an access control system, credit payment system, and/or other data transfer system.

Abstract: A security document with unidirectional visual illumination is disclosed. A security feature is positioned within the document and not visible in normal ambient lighting conditions but becomes visible under specialized lighting conditions, for example in the presence of ultraviolet light. The security feature is constructible such that it is visible only from a single side of the security document, with the side being predeterminable regardless of the orientation of the specialized light.

Abstract: Methods, devices, and systems are provided for invisibly indicating duress via a wearable device. In response to determining a duress condition associated with a user exists, a duress signal is provided to components of the access control system. The duress signal can identify a user associated with the duress, a duress type, and even include a location associated with the duress condition. An alert of the duress condition can be distributed to one or more devices in the access control system. These devices may be associated with users of the system and the alert may be configured to silently inform the users of the duress condition.

Abstract: It is presented a method for detecting a position of a barrier. The method is performed in a status monitor device and comprising the steps of: detecting a barrier position of the barrier using a first sensor, the barrier position indicating a degree of opening of the barrier; detecting when the barrier is in a closed position using a second sensor; and calibrating the first sensor to indicate a closed position each time the barrier is detected to be in the closed position.

Abstract: A method and device for delivering one or more keys to an offline mobile communication device are provided. The method includes receiving the one or more keys from a backend issuance system, preparing the one or more keys for delivery to the offline mobile communication device via a short-to-medium communication channel, and transmitting the one or more keys to the offline mobile communication device via the short-to-medium range communication channel.

Abstract: A portable authentication system includes a security module, that may be a smart card, SIM (Subscriber Identity Module), USB controller with a secure chip, or similar module capable of storing one or more credentials, and an interface module such as a digital badge holder that is able to communicate with the security module, for instance by providing a smart card communication interface. The portable authentication system may be either a single integrated system or a dual system where the security module can be removed or disconnected from the interface system.

Abstract: An access control reader includes a credential interface and a network interface. The access control reader includes a processor coupled to the credential interface and the network interface and computer memory coupled with the processor and comprising instructions that are executable by the processor. The instructions comprise instructions to determine that the access control reader has been connected to a power source, and instructions to monitor activity at the credential interface after the access control reader has been connected to the power source. The instructions comprise instructions that cause the access control reader to enter either a first mode of operation or a second mode of operation dependent upon whether or not activity is detected at the credential interface within a threshold amount of time after the access control reader has been connected to the power source.

Abstract: A method, system and computer program product for ensuring PKI key pairs are operatively installed within a secure domain of a security token prior to generating a digital certificate. The public key component of the PKI key pair is incorporated into a digital certificate which is returned to the security token for storage. The arrangement included herein incorporates the use of a critical security parameter to ensure a chain of trust with an issuing entity such as a registration authority. Furthermore, the arrangement does not require security officer or system administrator oversight during digital certificate generation as the critical security parameter provides a sufficient level of trust to ensure that digital certificate generation is being performed in conjunction with a designated security token rather than a rogue application. Lastly, separate inventive embodiments allow alternate communications and verification arrangements to be implemented.

Abstract: Providing an electronic message includes constructing a first digital signature of the message and a personal secret known only to a sender of the message, constructing a second digital signature of the first digital signature and the message, and sending to a receiver the message, the first digital signature, and the second digital signature. The personal secret may be initially generated by the sender. The personal secret may be a pseudo-random number. The receiver may archive the message, the first signature, and the second signature. In response to a challenge, the message and the first and second signatures sent with the message may be compared using first and second signatures reconstructed by the sender. In response to at least one of the message and the first signature not matching, the message may be repudiated. Otherwise, the message may be validated. The sender may be a cell phone.

Abstract: A cloud card application platform is provided. The cloud card application platform enables one or more card applications to be virtualized on at least one server that is available to mobile devices via a communication network, such as the Internet. The one or more card applications virtualized on the cloud card application platform are capable of being managed remotely by service providers that have deployed and developed the one or more applications.

Abstract: Examining virtualized credentials of a holder includes verifying authenticity of a device of a relying party using a verifying device secret that is provided in a portable secure access module device that is separate from and communicates with the relying party device, authorizing a subset of credential data to be sent to the relying party device in response to the device of the relying party being authentic, where the subset of credential data depends on at least one of: a role of the relying party, selection by the holder, and contextual data of the relying party, and communicating with the device of the relying party to display at least some of the subset of credential data on a screen of the device of the relying party. The contextual data may be a privacy level setting, distance between the relying party and the holder, or geolocation of the relying party.

Abstract: The present invention concerns a RFID transponder, such as a card, comprising a first chip electrically connected to a first antenna and a second chip electrically connected to a second antenna. The first antenna comprises a secondary antenna which is inductively to the second antenna.

Abstract: Method and devices for making access decisions in a secure access network are provided. The access decisions are made by a portable credential using data and algorithms stored on the credential. Since access decisions are made by the portable credential non-networked hosts or local hosts can be employed that do not necessarily need to be connected to a central access controller or database thereby reducing the cost of building and maintaining the secure access network.

Abstract: A transfer printing device includes a transfer ribbon, a print unit, a mark sensor and a controller. The transfer ribbon includes a transfer layer that is attached to a carrier layer. The transfer layer includes a series of transfer sections. The controller is configured to perform a print operation, in which a transfer section that is available for printing is selected by detecting an absence of a used mark in a predetermined position on the transfer ribbon corresponding to the transfer section using the mark sensor. An image is printed to the selected transfer section and a used mark is printed on the transfer ribbon using the print unit. At least a portion of the used mark is in a predetermined position relative to the selected transfer section and is outside the selected transfer section.

Abstract: A print section sensor for detecting registration marks on a transfer ribbon in a ribbon feed path includes a reflective sensor configured to detect the registration marks and a transmissive sensor configured to detect the registration marks. The reflective sensor is located upstream of the transmissive sensor relative to a feed direction of the transfer ribbon.

Abstract: An access control system comprising a reader configured to make an ingress or egress determination using information received from one or more mobile devices is described. The reader may be further configured to store information about ingress and egress events for analysis by a system administrator.

Abstract: An integrated security system which seamlessly assimilates with current generation logical security systems. The integrated security system incorporates a security controller having standard network interface capabilities including IEEE 802.x and takes advantage of the convenience and security offered by smart cards and related devices for both physical and logical security purposes. The invention is based on standard remote authentication dial-in service (RADIUS) protocols or TCP/IP using SSL, TLS, PCT or IPsec and stores a shared secret required by the secure communication protocols in a secure access module coupled to the security controller. The security controller is intended to be a networked client or embedded intelligent device controlled remotely by to an authentication server. In another embodiment of the invention one or more life cycle management transactions are performed with the secure access module.

Abstract: It is presented a portable access control communication device comprising: a housing for protecting a key device, the access control communication device; a socket arranged to hold a blade of a key device, the socket comprising a connector for communication with the key device; a cellular radio communication module; and a controller. The controller is arranged to communicate, using the cellular radio communication module, with an access control device over a cellular communication network when a key device is provided in the socket such that there is electric contact between the key device and the socket. A corresponding method, computer program and computer program product area also presented.

Abstract: A system and method for determining presence information for mobile devices (104) are disclosed. Specifically, the presence information for a mobile device (104) can be determined based on whether or not the mobile device (104) is having a unique interaction with a smart tag (108). If a unique interaction is detected, then the mobile device (104) can be said to be within the presence of the smart tag (108) and the location or presence information for the mobile device (104) can be correlated to location information known for the smart tag (108).