Security Checklist

04.10.2021

At its simplest, the security of an access control system means it prevents unauthorized persons from entering your building or zone of control. However, other aspects of that security are less visible. Arguably, the most important is protection against cloning of transponders that users carry with them. This protection is achieved with highly secure encryption – of which MIFARE DESFire’s technique is among the world’s most powerful.

One method that hackers attempt is to detect and read data from the air interface between RFID readers and transponders. Another method detects data during transfer between readers and their hosts. Both methods are defeated by A.) deploying mutual security keys among your transponders and readers, and B.) encrypting data traffic between readers and hosts (OSDPv2). Combined, they defeat both hacking methods, protecting user data the entire distance from transponder to system host.

Security also means future sourcing stability, cost-effectiveness and convenience. For system integrators, open standard technologies and protocols provide the clearest future path. Why? Because an open technology with proven market longevity will invariably earn the trust, support and ongoing development of numerous manufacturers. In short, an open technology won’t vendor lock you – you can be confident of its sourcing and ongoing support.

Regarding mobile identification, its recent surge in access control has been rapid. It has not just brought access credentials to users’ phones. Additionally, many devices now provide secure, biometric fingerprint authentication for users. This feature greatly enhances the potential security a manager can hypothetically integrate into their site’s mobile identification.

Idesco can greatly simplify your integration of mobile identification into your current system. How so? Once you deploy Idesco mobile-compatible readers, our Idesco ID service lets you send mobile credentials to users’ phones directly from your own system. There is no need for a separate cloud service or parallel system to manage mobile credentials. Instead, you can store them alongside your conventional user credentials. This keeps credential management simple and convenient for you.

Tips for improving the security of your system:

  • Consider the advantages mobile phone biometrics could offer as you consider integrating mobile identification into your access system.
  • Personal pin-codes significantly enhance the security conventional transponders provide.
  • Choose a secure, ‘unhackable’ transponder technology for your cards and tags.
  • Explore the alternative strategy of ”transparent” readers for enhancing your security. Transparent readers not only create an essentially impervious ‘wall’ between hackers and your system. They also can provide you a wider range of device functionality and updating – directly from your system.
  • Consider deploying OSDPv2 for your system. OSDPv2 won’t just highly secure data flow among your system components – it can also simplify device updating and improve interaction with users on display devices.
  • For older Wiegand-based systems (with unencrypted data transfer) you can still use:
    • encrypted MIFARE® DESFire readers and transponders, and
    • Deploy either an Idesco decryption module before, or software installed in, your controller to greatly secure data transfer between your Idesco readers and their host.

Other news

18.10.2021

We very much look forward to meeting you at SECTECH 2021, October 27-28 in Stockholm. It will be delightful to finally see you all again, face-to-face!

Read more

04.10.2021

We are delighted to announce our new service, Idesco ID, has been nominated for the Detektor International Award, ID & Access Control category

Read more

04.10.2021

All Idesco 8 CD 2.0 DESFire readers transact DESFire EV3

Read more
Customer support

Cookies on our website

Your privacy is important to us, and we are committed to protecting your personal information. Before you continue browsing our website, please read privacy policy and accept cookies.