Abstract: A keyless access system for securely authorizing access to a resource via a dynamic interface that user equipment (“UE”) may access using a changing access identifier without the UE installing or executing any specialized applications or code. The secure authorization of visitor access may include periodically modifying the access identifier, providing access activation data with a first access identifier to a UE in response to a triggering action, providing the dynamic interface to the UE in response to the access activation data automatically directing a browser of the UE to the first access identifier, receiving UE authorization data that is entered using a keypad or login screen of the dynamic interface, and providing access to the resource based on the first access identifier being associated with the resource, the UE authorization data authorizing access to the resource, and the access being provided before an expiration time.

Abstract: Secure handsfree proximity-based access control is provided by a system that includes system devices located near different secured resources. Each system device may broadcast a changing unique identifier to user devices in wireless range of the system device. The system may also include an application that runs on each user device, and that obtains a signal strength measurement in response to receiving or detecting a current identifier advertised from a system device. The application may request access to a secured resource over one or more available wireless networks in response to satisfying the signal strength threshold. The system may include an access control unit that authorizes access to the secured resource based on the earliest arriving request, and further based on an identifier of the request matching to the current identifier, and the current identifier not having been previously used to obtain access to the secured resource.

Abstract: A keyless access system for securely authorizing access to a resource via a dynamic interface that user equipment (“UE”) may access using a changing access identifier without the UE installing or executing any specialized applications or code. The secure authorization of visitor access may include periodically modifying the access identifier, providing access activation data with a first access identifier to a UE in response to a triggering action, providing the dynamic interface to the UE in response to the access activation data automatically directing a browser of the UE to the first access identifier, receiving UE authorization data that is entered using a keypad or login screen of the dynamic interface, and providing access to the resource based on the first access identifier being associated with the resource, the UE authorization data authorizing access to the resource, and the access being provided before an expiration time.

Abstract: One or more beaconing devices transmit synchronized changing beacons. The changing beacons trigger execution of an application that is installed but closed or not running on a mobile device, that is in wireless beaconing range of a beaconing device, and that has registered the changing beacons with the mobile device operating system (“OS”) to trigger execution of the application upon receipt of the changing beacons. The changing beacons also keep the executing application running by resetting OS policies for closing the application when it is running with the mobile device in a locked or standby state. The application may perform different procedures and different times with the beaconing device or other devices including authorizing access to a secured resource when the mobile device is far away from the beaconing device, and confirming intent to access the secured resource when the mobile device is close to the beaconing device.

Abstract: A device may include a wire interface (e.g., port), a detection circuit and a microcontroller. The detection circuit may include a resistor, a comparator, and wiring connecting the resistor to the wire interface and to a first input of the comparator. The microcontroller may provide a test signal to the resistor, and a threshold signal to a second input of the comparator. The test signal passes through the resistor and continues to the wire connector and the comparator first input with little to no change or attenuation when the wire interface is disconnected, but is attenuated when the wire interface is connected to a wire with capacitance charging and discharging based on the test signal. The comparator may compare the voltage of a resulting signal at the wire interface to the threshold signal voltage, and depending on the comparison may detect if a wire is connected to the wire interface.

Abstract: A device may include a wire interface (e.g., port), a detection circuit and a microcontroller. The detection circuit may include a resistor, a comparator, and wiring connecting the resistor to the wire interface and to a first input of the comparator. The microcontroller may provide a test signal to the resistor, and a threshold signal to a second input of the comparator. The test signal passes through the resistor and continues to the wire connector and the comparator first input with little to no change or attenuation when the wire interface is disconnected, but is attenuated when the wire interface is connected to a wire with capacitance charging and discharging based on the test signal. The comparator may compare the voltage of a resulting signal at the wire interface to the threshold signal voltage, and depending on the comparison may detect if a wire is connected to the wire interface.

Abstract: Disclosed are systems and methods for performing entry access over two or more networks. The two or more networks are leveraged to accelerate the entry access and provide redundancy. Performance over each of the two or more networks is tracked in order to allow a mobile device to exchange entry access messaging over the particular network providing fastest start-to-unlock time. The mobile device can alternatively exchange the entry access messaging simultaneously over the two or more networks to create a race condition whereby the fastest start-to-unlock time is obtained without monitoring network performance. Performing the entry access messaging exchange over the two or more networks also ensures reliability in the event a particular network is down or congested, an authorization device on a particular network is down or overloaded, a radio of a mobile device communicating over a particular network is disabled or slow performing.

Abstract: Secure handsfree proximity-based access control is provided by a system that includes system devices located near different secured resources. Each system device may broadcast a changing unique identifier to user devices in wireless range of the system device. The system may also include an application that runs on each user device, and that obtains a signal strength measurement in response to receiving or detecting a current identifier advertised from a system device. The application may request access to a secured resource over one or more available wireless networks in response to satisfying the signal strength threshold. The system may include an access control unit that authorizes access to the secured resource based on the earliest arriving request, and further based on an identifier of the request matching to the current identifier, and the current identifier not having been previously used to obtain access to the secured resource.

Abstract: Secure handsfree proximity-based access control is provided by a system that includes one or more system devices located near different secured resources. Each system device may broadcast a changing unique identifier to user devices in wireless range of the system device. The system may also include an application that runs on each user device, and that obtains a signal strength measurement in response to receiving or detecting a current identifier advertised from a system device. The application may request access to a secured resource over one or more available wireless networks in response to satisfying the signal strength threshold. The system may include an access control unit that authorizes access to the secured resource based on the earliest arriving request, and further based on an identifier of the request matching to the current identifier, and the current identifier not having been previously used to obtain access to the secured resource.

Abstract: The solution is directed to access control systems and verifying proximity of a user to an access point that the user is wirelessly requesting access to. The proximity verification is based on placing proximity hubs adjacent to the different access points. Each proximity hub advertises a different unique identifier that changes periodically over a short-range wireless network and can be detected with a mobile device if the mobile device is physically within a short distance from the proximity hub. The unique identifier changes based on a rolling code. A user is permitted access to a restricted access point in response to the mobile device sending over a different long-range wireless network, the unique identifier advertised from a proximity hub adjacent to a desired access point and user access credentials authenticating access privileges of the user to the desired access point.

Abstract: A two-part security method and system is provided to prevent unauthorized access to a secured resource via a relay attack that uses at least one intermediary device to relay signaling from an authorized access device to the secured resource despite the access device being out-of-range of the secured resource. The first part involves detecting a relay attack by encrypting signaling between the access device and the secured resource, and by detecting when the signaling is modified as a result of an intermediary device inserting data or modifying the data of the signaling exchanged between the access device and the secured resource. The second part involves detecting a relay attack based on environmental data from the access device that identifies a feature of an environment in which the access device is located, and the environmental data mapping to a location that is not within a specified location of the secured resource.

Abstract: Provided is an office receptionist system formed from a distributed set of system valets and a system concierge. The system valets record and pass human inquiries at various points of ingress and egress to the system concierge. The system concierge parses each inquiry, determines the type of inquiry being made, and further determines whether the inquiry provides sufficient information for the determined inquiry type. The sufficiency of the inquiry is determined from a rule set that further defines different data sources from which the system concierge obtains data elements for generating a response to the inquiry as well as the actions to perform as part of responding to the inquiry. The response is returned to the system valet originating the inquiry for playback thereon.

Abstract: Systems and methods for performing decoupled authorization, whereby authorizing access permissions of a user to a resource is performed separate and independent from authorizing intent of the user to access the resource. Once both authorizations are successfully completed within a specified timeout interval, the access state of the resource is changed, thereby granting the user access to the resource. The decoupled authorizations are independently performed over different networks, in response to different triggers, or by leveraging different hardware. Access to the resource can therefore be provided prior to the user arriving before the resource, with little to no action by the user, and without comprising security as the resources will remain restricted or locked if the either of the user's intent or access permissions cannot be verified.

Abstract: One or more beaconing devices transmit synchronized changing beacons. The changing beacons trigger execution of an application that is installed but closed or not running on a mobile device, that is in wireless beaconing range of a beaconing device, and that has registered the changing beacons with the mobile device operating system (“OS”) to trigger execution of the application upon receipt of the changing beacons. The changing beacons also keep the executing application running by resetting OS policies for closing the application when it is running with the mobile device in a locked or standby state. The application may perform different procedures and different times with the beaconing device or other devices including authorizing access to a secured resource when the mobile device is far away from the beaconing device, and confirming intent to access the secured resource when the mobile device is close to the beaconing device.

Abstract: Near field detection using a magnetometer is disclosed. A transmitter may distort magnetometer measurements of Earth's magnetic field by producing rapid but controlled fluctuations to encode a specific message in a manipulated magnetic field. When a mobile device is brought in range of the transmitter, a magnetometer of the mobile device detects that manipulated magnetic field. An application running on the mobile device forms messages based on the magnetometer output. In response to detecting the specific message, the application may execute an action on the mobile device or a remote device. NFC read-based near field detection similarly involves the application accessing an NFC chip of the mobile device, and scanning for one or more particular NFC tags that are read by the NFC chip. In response to detecting a particular NFC tag, the application executes an action on the mobile device or a remote device.

Abstract: Near field detection using a magnetometer is disclosed. A transmitter may distort magnetometer measurements of Earth's magnetic field by producing rapid but controlled fluctuations to encode a specific message in a manipulated magnetic field. When a mobile device is brought in range of the transmitter, a magnetometer of the mobile device detects that manipulated magnetic field. An application running on the mobile device forms messages based on the magnetometer output. In response to detecting the specific message, the application may execute an action on the mobile device or a remote device. NFC read-based near field detection similarly involves the application accessing an NFC chip of the mobile device, and scanning for one or more particular NFC tags that are read by the NFC chip. In response to detecting a particular NFC tag, the application executes an action on the mobile device or a remote device.

Abstract: Disclosed are systems and methods for updating a distributed system device with an update that a system controller fragments and propagates to the system device by way of two or more third party clients. The system controller manages client access rights to a service accessible at different distributed system devices. The system controller has first network connectivity with which to remotely distribute different fragments of an update to different clients. Each system device controls access to the service at different a site and has (i) second network connectivity with which the different clients propagate different fragments of the update to the system device upon entering communication range with the system device, (ii) memory storing different sets of fragments for the update based on different times at which the clients propagate the fragments, and (iii) a processor applying the update once all fragments of the update to the memory.

Abstract: Secure handsfree two-stage access control is provided via a first stage that is performed when a mobile device is within a first distance from an access control reader, and a second stage that is performed when the mobile device is within a second distance from the reader, wherein the second distance is less than the first distance. Performing the first stage includes establishing a secure connection between the mobile device and the reader, and authorizing access for the mobile device to a secured resource. Performing the second stage includes providing access to the secured resource when the mobile device has been authorized to access the secured resource during the first stage, and the mobile device enters within the second distance from the reader. The second stage may be triggered in response to the reader detecting a user gesture or action.

Abstract: Secure handsfree proximity-based access control is provided by a system that includes one or more system devices located near different secured resources. Each system device may broadcast a changing unique identifier to user devices in wireless range of the system device. The system may also include an application that runs on each user device, and that obtains a signal strength measurement in response to receiving or detecting a current identifier advertised from a system device. The application may request access to a secured resource over one or more available wireless networks in response to satisfying the signal strength threshold. The system may include an access control unit that authorizes access to the secured resource based on the earliest arriving request, and further based on an identifier of the request matching to the current identifier, and the current identifier not having been previously used to obtain access to the secured resource.