Abstract: Release mechanism for an electronic locking system, wherein the release mechanism is configured such that an input member and an output member are locked against relative rotation and can rotate together within a locking ring opening when a locking member is located in an input member recess and in an output member recess, and such that the output member is released to rotate relative to the input member when the locking member is located in the output member recess and in a locking ring recess. A freewheel mechanism and assemblies for an electronic locking system are also provided.

Abstract: It is provided a sensor device comprising: a proximity sensor (10); a processor (11); a wireless communication module (13); and a memory (14). When the sensor device is in a first functional state (20, 20a, 20b) and the proximity sensor detects a predetermined change in its proximity, the sensor device is configured to transition from the first functional state, in which wireless communication is inactivated, to a second functional state (21), in which wireless communication module is enabled. The predetermined change in its proximity is a removal of transport protection, comprising removal of a metallic tape over the proximity sensor, whereby the proximity sensor is capable to detect the removal of the metallic tape based on inductive sensing.

Abstract: Methods and systems are provided for performing operations comprising: generating, on a publicly accessible server, a secure enclave, the secure enclave having isolated memory and processing resources of the server; installing, on the secure enclave, a virtual machine comprising a guest operating system of a first entity; installing, by the virtual machine, one or more cryptographic processes associated with the first entity; and encrypting and decrypting cryptographic keys associated with the first entity using the one or more cryptographic processes.

Abstract: It is provided a method for enabling access control for access to a physical space secured by a lock device. The method is performed in a security device and comprises the steps of: obtaining at least one image captured using a first camera of a portable key device, the at least one image being captured in a vicinity of the lock device; receiving a template decryption key from a lock device over a short-range communication link; obtaining a credential associated with the lock device; matching the at least one image with a plurality of templates, each template being associated with a lock device, which comprises obtaining the plurality of templates by decrypting encrypted templates using the template decryption key; and wherein a positive match is a necessary condition for opening the lock device.

Abstract: According to a first aspect, it is provided a method for providing access to a lock for provision of a service. The method comprises the steps of: receiving a request for access to the lock; sending a consumer request to a service consumer device, asking whether to grant access to the lock; receiving a positive consumer response from the service consumer device; determining validity time for a grant token; obtaining a grant token for the service provider, the grant token having the determined validity time; providing the grant token to the service provider; deleting the grant token in the access coordination server; receiving an agent request for access to the lock for a specific service provider agent device, the agent request comprising the grant token; obtaining a credential for the service provider agent device; and providing the credential to the service provider agent device.

Abstract: Systems and techniques for a physical access control systems with localization-based intent detection are described herein. In an example, an access control system may regulate access to an asset. The access control system is adapted to receive a credential from a key device associated with a user using a first wireless connection. The access control system may be further adapted to verify the credential with a preliminary authentication for the asset. The access control system may be further adapted to establish a second wireless connection with the key device in response to verifying the credential with the preliminary authentication. The access control system may be adapted to determine an intent of the user to access the asset. The access control system may identify the credential includes a pattern in the preliminary authentication. The access control system may be further adapted to provide a command to grant access to the asset.

Abstract: It is provided a method comprising the steps of: obtaining a first sample point and a second sample point; transforming the first sample point and the second sample point by setting the I value of a first transformed sample point to the Q value of the obtained first sample point, setting the Q value of the first transformed sample point to the inverse of the I value of the obtained first sample point, setting the I value of a second transformed sample point to the inverse of the Q value of the obtained second sample point, setting the Q value of the second transformed sample point to the I value of the obtained second sample point; determining the phase difference between the first sample point and the second sample point; and determining the position of the mobile key device based on the phase differences.

Abstract: It is provided a method for controlling access to a physical space using an emergency delegation. The method is performed in a lock device and comprises the steps of: receiving an access request from an electronic key; obtaining a plurality of delegations, wherein each delegation is a delegation from a delegator to a delegatee, the plurality of delegations collectively forming a chain of delegations wherein when two delegations are chained together, the delegatee of one delegation is the delegator of the next delegation; determining that a delegation in the chain of delegations is an emergency delegation, the emergency delegation indicating that access should only be granted when an emergency situation occurs; determining when an emergency situation occurs; and granting access to the physical space when the chain of delegations starts in the lock device and ends in the electronic key; and when the emergency situation occurs.

Abstract: Customizing an application on a mobile device includes storing at least a portion of customization data in a customization server that is independent of the mobile device, a user of the mobile device accessing the customization server independently of the mobile device, receiving authorization data from the customization server that enables the mobile device to securely receive customization data from the customization server, and the mobile device using the authorization data to cause the customization server to provide the customization data to the mobile device. The authorization data may be provided by postal message, email message, an SMS text message, and/or a visual code provided on a screen of a computer used to access the customization server. The user may use a computer to provide credential information to access the customization server. Customizing the application may allow the mobile device to access a user service on behalf of the user.

Abstract: Systems and techniques for a physical access control systems with localization-based intent detection are described herein. In an example, an access control system may regulate access to an asset. The access control system is adapted to receive a credential of a user from a key device associated with the user using a first wireless connection. The access control system may be further adapted to establish a second wireless connection with the key device. The access control system may be further adapted to determine the user intends to access the asset based on a data set generated derived from the second wireless connection. The access control system may be further adapted to use a trained machine learning model to determine the intent of the user to access the asset. The access control system may be further adapted to transmit a command to grant access to the asset.

Abstract: An authentication engine, residing at one or more computing machines, receives, from a vision device comprising one or more cameras, a probe image. The authentication engine generates, using a trained facial classification neural engine, one or more first labels for a person depicted in the probe image and a probability for at least one of the one or more first labels. The authentication engine determines that the probability is within a predefined low accuracy range. The authentication engine generates, using a supporting engine, a second label for the person depicted in the probe image. The supporting engine operates independently of the trained facial classification neural engine. The authentication engine further trains the facial classification neural engine based on the second label.

Abstract: Systems and techniques for a physical access control systems with localization-based intent detection are described herein. In an example, an access control system may regulate access to an asset. The access control system is adapted to establish a first connection with a key-device. The access control system may be further adapted to receive a credential for a user over the first connection. The access control system may be further adapted to establish a second connection with the key-device. The access control system may be further adapted to determine an intent of the user to access the asset. The access control system may use location data derived from the second connection to determine the intent of the user. The access control system may be further adapted to provide the credential to an access controller, based on identifying an intent of the user to access the asset.

Abstract: It is presented a method for controlling access to an access object. The method is performed in an access control device and comprises the steps of: receiving a user input to reset the access control device; generating a new identifier for the access control device, and discarding any previously used identifier for the access control device; communicating with an electronic key to obtain an identity of the electronic key; obtaining a plurality of delegations, wherein each delegation is a delegation from a delegator to a receiver; and granting access to the access object only when the plurality of delegations comprise a sequence of delegations covering a delegation path from the access control device, identified using the new identifier, to the electronic key such that, in the sequence of delegations, the delegator of the first delegation is the access control device, and the receiver of the last delegation is the electronic key.

Abstract: Techniques for reducing or eliminating image banding in an ink-jet image are provided. In an example, a method of operating a printer to reduce or eliminate image banding can include generating command profile for printing a given image, applying a filter to the command profile to provide a filtered profile, and dispensing ink from a printhead of the printer based on the filtered profile. In certain examples, the filter can randomize droplet sizes of ink dispensed while executing the printing to reduce or eliminate image banding.

Abstract: It is provided a sensor device comprising: a proximity sensor; a processor; a wireless communication module; and a memory. The memory stores instructions that, when executed by the processor, cause the sensor device to: receive a user input signal; determine when the received user input signal matches a signal template being associated with an event; store in the memory a record indicating an occurrence of the event associated with the user input signal; and transmit, once the wireless communication module is active, any stored records.

Abstract: Confirming user consent includes prompting the user to tap a card a card reader or a computing device and confirming consent in response to the user taping the card. The user may be prompted for a response in a plurality of possible responses and only a particular one of the possible responses may require taping the card. The user may consent to installation of software on the computing device. The user may be logged in to the computing device. A login ID for the user may be cached and/or may be accessed in connection with the user tapping the card. Confirming user consent may also include obtaining a pairing code for accessing the card and confirming consent in response to the user taping the card and the pairing code allowing access to the card. The pairing code may be cached in the card reader or the computing device.

Abstract: Various systems and methods for securely sharing private in formation are described herein. A mobile device comprises instruction to configured the mobile device to identify a verifier device having an available wireless connection, the wireless connection having a wireless connection strength; determine that a triggering event occurs, the triggering event based on the wireless connection strength; when the triggering event occurs: connect to the verifier device; transmit a digital credential to the verifier device, each of a plurality of data elements of the digital credential separately encrypted using distinct encryption keys; receive a request to access a requested data element of the digital credential; prompt a user of the mobile device for consent to share the requested data element; and transmit information to the verifier device when the user consents sharing the requested data element, the information used to decrypt only the requested data element.

Abstract: A method for maintaining a log of events in a shared computing environment is provided. One example of the disclosed method includes receiving one or more data streams from the shared computing environment that include transactions conducted in the shared computing environment by a first entity and a second entity that is different from the first entity. The method further includes creating a first blockchain entry for a first transaction conducted in the shared computing environment for the first entity, creating a second blockchain entry for a second transaction conducted in the shared computing environment for the second entity, where the second blockchain entry includes a signature that points to the first blockchain entry, and then causing the first and second blockchain entries to be written to a common blockchain data structure in a database that is made accessible to both the first entity and the second entity.

Abstract: It is provided a method for managing access control to a physical space controlled by a first lock device. The method is performed by an access management device, and comprises the steps of: determining whether a mobile credential is located inside or outside a barrier secured by a lock device; storing an inside indicator in association with the mobile credential when it is located on the inside of the barrier, the inside indicator being valid until explicitly cleared; and preventing the mobile credential from establishing a communication channel with the first lock device when a valid inside indicator is stored for the mobile credential.