Systems and techniques for a physical access control systems with localization-based intent detection are described herein. In an example, an access control system may regulate access to an asset. The access control system is adapted to establish a first connection with a key-device. The access control system may be further adapted to receive a credential for a user over the first connection. The access control system may be further adapted to establish a second connection with the key-device. The access control system may be further adapted to determine an intent of the user to access the asset. The access control system may use location data derived from the second connection to determine the intent of the user. The access control system may be further adapted to provide the credential to an access controller, based on identifying an intent of the user to access the asset.
H04W 12/64 - Location-dependent; Proximity-dependent using geofenced areas
G07C 9/21 - Individual registration on entry or exit involving the use of a pass having a variable access code
G07C 9/25 - Individual registration on entry or exit involving the use of a pass in combination with an identity check of the pass holder using biometric data, e.g. fingerprints, iris scans or voice recognition
G07C 9/10 - Movable barriers with registering means
G07C 9/00 - Individual registration on entry or exit
G07C 9/29 - Individual registration on entry or exit involving the use of a pass the pass containing active electronic elements, e.g. smartcards
G07C 9/22 - Individual registration on entry or exit involving the use of a pass in combination with an identity check of the pass holder
G07C 9/27 - Individual registration on entry or exit involving the use of a pass with central registration
H04W 4/80 - Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication
G07C 9/28 - Individual registration on entry or exit involving the use of a pass the pass enabling tracking or indicating presence
The use of multimodal face attributes in facial recognition systems is described. In addition, use of one or more auxiliary attributes, such as a temporal attribute, can be used in combination with visual information to improve the face identification performance of a facial recognition system. In some examples, the use of multimodal face attributes in facial recognition systems can be combined with the use of one or more auxiliary attributes, such as a temporal attribute. Each of these techniques can improve the verification performance of the facial recognition system.
G06V 40/16 - Human faces, e.g. facial parts, sketches or expressions
G06V 10/80 - Fusion, i.e. combining data from various sources at the sensor level, preprocessing level, feature extraction level or classification level
G07C 9/00 - Individual registration on entry or exit
G07C 9/37 - Individual registration on entry or exit not involving the use of a pass in combination with an identity check using biometric data, e.g. fingerprints, iris scans or voice recognition
3.
PROVIDING DATA FOR TRAINING A MACHINE LEARNING MODEL
It is provided a method for providing data for training a machine learning model. The method is performed in a training data provider (1) and comprises the steps of: obtaining (40) a data structure comprising a chain of delegations, the chain of delegations covering a delegation path from a media capturing device (3) to the training data provider (1) such that, in the chain of delegations, each delegation is a delegation from a delegator to a receiver; sending (42) a key request to a delegation verifier (2), the key request comprising the data structure; receiving (44) a decryption key from the delegation verifier (2); obtaining (46) encrypted media data captured by the media capturing device (3); decrypting (48) the encrypted media data, resulting in decrypted media data; and providing (50) the decrypted media data for training the machine learning model.
It is provided a method for determining whether a portable key device is located inside or outside a metal door. The method is performed by a credential communication device and comprises the steps of: obtaining a first time-of-flight, ToF, measurement between a first antenna and the portable key device, wherein the first antenna is located on the outside of the metal door; obtaining a second ToF measurement between a second antenna and the portable key device, wherein the second antenna is located on the inside of the metal door; and determining the portable key device to be located on the outside of the metal door when the first ToF measurement is less than the second ToF measurement by an amount which is greater than a threshold value.
Various systems and methods for securely sharing private information are described herein. A mobile device comprises instruction to configured the mobile device to identify a verifier device having an available wireless connection, the wireless connection having a wireless connection strength; determine that a triggering event occurs, the triggering event based on the wireless connection strength; when the triggering event occurs: connect to the verifier device; transmit a digital credential to the verifier device, each of a plurality of data elements of the digital credential separately encrypted using distinct encryption keys; receive a request to access a requested data element of the digital credential; prompt a user of the mobile device for consent to share the requested data element; and transmit information to the verifier device when the user consents sharing the requested data element, the information used to decrypt only the requested data element.
A method for maintaining a log of events in a shared computing environment is provided. One example of the disclosed method includes receiving one or more data streams from the shared computing environment that include transactions conducted in the shared computing environment by a first entity and a second entity that is different from the first entity. The method further includes creating a first blockchain entry for a first transaction conducted in the shared computing environment for the first entity, creating a second blockchain entry for a second transaction conducted in the shared computing environment for the second entity, where the second blockchain entry includes a signature that points to the first blockchain entry, and then causing the first and second blockchain entries to be written to a common blockchain data structure in a database that is made accessible to both the first entity and the second entity.
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
An arrangement (10) for a lock device (88a, 88b), the arrangement (10) comprising an input member (12, 106); a coupling member (26) movable between an uncoupled position (34) and a coupled position (80); an electromechanical actuator (28) comprising an actuating member (42) linearly movable between an uncoupling actuating position (44) and a coupling actuating position (78); and a torsion spring (30) having a first leg (62) and a second leg (64) movable away from each other against a deformation of the torsion spring (30), wherein the actuating member (42) is arranged to engage the first leg (62) and the second leg (64) is arranged to engage the coupling member (26) when the coupling member (26) is in the uncoupled position (34) and the actuating member (42) moves from the uncoupling actuating position (44) to the coupling actuating position (78). A lock device (88a, 88b) comprising an arrangement (10) is also provided.
According to a first aspect, it is provided a method for requesting access to a physical space secured by a lock. The method is performed in a mobile device of a user and comprises the steps of: authenticating the mobile device with an authentication server, resulting in a token, being a data item, indicating one or more access groups to which the user belongs, wherein the token is cryptographically signed by the authentication server; storing the token in the mobile device; obtain a lock identifier of the lock; and transmitting an access request to an access control device, the access request comprising the token and the lock identifier.
An arrangement (10, 82) for locking and unlocking a lock device (58, 74), the arrangement (10, 82) comprising a transfer element (12) movable between a protruded position (42) and a retracted position (56); a core member (14) of soft magnetic material, the core member (14) comprising a coil section (20); an electric coil (16) wound around the coil section (20); and a blocking member (48) comprising a magnet (18), the blocking member (48) being movable between a blocking position (50), in which the magnet (18) establishes a magnetic circuit through the coil section (20) and the blocking member (48) blocks movement of the transfer element (12) to the retracted position (56), and an unblocking position (54), in which the magnet (18) establishes a magnetic circuit through the coil section (20) and the blocking member (48) unblocks movement of the transfer element (12) to the retracted position (56). A lock device (58, 74) comprising an arrangement (10, 82), and a method of controlling a lock device (58, 74), are also provided.
It is provided a system comprising a lock device and a key device for use in access control to a physical space. The key device comprises: an electronic key module configured to communicate with an electronic lock module of the lock device for access control; and a permanent magnet configured to close a magnetically controllable switch of the lock device to thereby power an electronic lock module of the lock device. The lock device comprises: the electronic lock module configured to communicate with the electronic key module to evaluate whether to grant access; a power source; and the magnetically controllable switch provided between the power source and the electronic lock module such that the magnetically controllable switch is closable by the permanent magnet of the key device to power the electronic lock module.
It is provided a sensor device comprising: a proximity sensor; a processor; a wireless communication module; and a memory. The memory stores instructions that, when executed by the processor, cause the sensor device to: receive a user input signal; determine when the received user input signal matches a signal template being associated with an event; store in the memory a record indicating an occurrence of the event associated with the user input signal; and transmit, once the wireless communication module is active, any stored records.
An arrangement (16) for controlling movements of an access member (12) relative to a frame (14), the arrangement (16) comprising abase section (18) for connection to either the access member (12) or the frame (14); a fixation part (20) for connection to the other of the access member (12) and the frame (14); a flexible elongated element (22) configured to be tensioned to thereby force the base section (18) and the fixation part (20) to move towards each other in a relative closing movement (86); and a braking device (82) arranged to brake a speed of the relative closing movement (86).
Authentication methods and systems are disclosed. In one non-limiting example, an authentication method may include detecting a user within an image, determining that the image further includes additional recognizable data, analyzing the additional recognizable data and one or more biometric features of the user, and determining that the additional recognizable data and the one or more biometric features of the user correspond to valid additional recognizable data and valid biometric features of an enrolled user, respectively. The method may further include enabling the user to access a protected asset based on determining that the additional recognizable data and the one or more biometric features of the user correspond to valid additional recognizable data and valid biometric features of an enrolled user, respectively.
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
G06V 20/30 - Scenes; Scene-specific elements in albums, collections or shared content, e.g. social network photos or video
G06V 40/16 - Human faces, e.g. facial parts, sketches or expressions
An actuating device (12) comprising a stationary structure (20); an actuating element (22) rotatable relative to the stationary structure (20); an electric power source (24, 82); a spindle (26) arranged to be rotated by rotation of the actuating element (22); a locking member (28) movable between a locked position (66) and an unlocked position (86); an electromechanical transfer device (30, 84) arranged in the spindle (26), the transfer device (30, 84) being configured to adopt a locked state (68) and an unlocked state (78); a receiver device (34) fixed with respect to the spindle (26), the receiver device (34) being electrically connected 62 to the transfer device (30, 84); and a transmitter device (32) fixed with respect to the stationary structure (20) and arranged to be electrically powered by the power source (24, 82), the transmitter device (32) being configured to wirelessly transmit power to the receiver device (34).
It is provided a location determiner comprising: a first antenna; a radio signal modification device, wherein the radio signal modification device is configured to improve an ability to determine whether the portable key device is located on a back side or on a front side of the location determiner, based on obtaining a channel impulse response, CIR, of an impulse signal transmitted from the portable key device, wherein the location determiner is installable such that the back side is in a space being restricted by selectively unlockable a physical barrier and the front side is opposite the back side.
It is provided a method for determining when a portable key device is located on a front side or on a back side in relation to a barrier secured by an electronic lock. The method is performed in a location determiner and comprises the steps of: obtaining a channel impulse response, CIR, based on an impulse signal transmitted from the portable key device, the CIR being based on a plurality of samples of the impulse signal as received by an antenna being fixedly mounted in relation to the electronic lock; and determining, based on the CIR, whether the portable key device is located on the front side or on the back side.
A reader device of a physical access control system comprises an ultra-wide band (UWB) physical layer and processing circuitry. The processing circuitry is operatively coupled to the UWB physical layer and is configured to: receive access credential information from a separate second device; receive ranging information from the second device; grant access through a physical portal according to the access credential information and ranging information; determine a number of people intending to pass through the physical portal; and generate an indication according to the determined number.
G07C 9/15 - Movable barriers with registering means with arrangements to prevent the passage of more than one individual at a time
G01S 7/41 - RADIO DIRECTION-FINDING; RADIO NAVIGATION; DETERMINING DISTANCE OR VELOCITY BY USE OF RADIO WAVES; LOCATING OR PRESENCE-DETECTING BY USE OF THE REFLECTION OR RERADIATION OF RADIO WAVES; ANALOGOUS ARRANGEMENTS USING OTHER WAVES - Details of systems according to groups , , of systems according to group using analysis of echo signal for target characterisation; Target signature; Target cross-section
G01S 13/76 - Systems using reradiation of radio waves, e.g. secondary radar systems; Analogous systems wherein pulse-type signals are transmitted
G01S 13/02 - Systems using reflection of radio waves, e.g. primary radar systems; Analogous systems
A test system comprises a radio frequency (RF) shielded container, the shielded container to house a UWB receiver device under test; an RF antenna arranged within the RF shielded container; and a UWB transmitter device operatively coupled to the RF antenna. The UWB transmitter device is configured to transmit a UWB signal within the RF shielded container using the antenna, wherein the transmitted UWB signal is representative of multi-path components (MPCs) of resulting signals in an end-use environment of the UWB receiver device resulting from transmitting a UWB ranging signal in the end-use environment.
It is provided a method for controlling access to a physical space using a co-sign delegation. The method is performed in a lock device and comprises the steps of: receiving an access request from an electronic key; obtaining a plurality of delegations, wherein each delegation is a delegation from a delegator to a delegatee, the plurality of delegations collectively forming a chain of delegations; determining that a delegation is a co-sign delegation, indicating that all further delegations need to be cryptographically signed by both the delegator of the respective delegation and by an access controller; and granting access to the physical space when the chain of delegations start in an owner of the lock device and ends in the electronic key; and when all delegations in the chain of delegations after the co-sign delegation are cryptographically signed by both the delegator of the respective delegation and by the access controller.
G07C 9/20 - Individual registration on entry or exit involving the use of a pass
G07C 9/00 - Individual registration on entry or exit
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
It is provided a wearable device for determining when a user has fallen down. The wearable device comprises: a first biometric sensor for obtaining first biometric data of the user, wherein the first biometric sensor is a first accelerometer configured to measure acceleration of a part of a first limb of the user; a second biometric sensor for obtaining second biometric data of the user comprising a finger pressure parameter; and a third biometric sensor for obtaining third biometric data, the third biometric sensor being a second accelerometer configured to measure acceleration of a body part of the user being distinct from the first limb. The wearable device is configured to determine an identity of the user is based on the first biometric data, the second biometric data and the third biometric data, the identity being used to control access to a physical space, and to determine when the user has fallen down.
B60R 25/01 - Fittings or systems for preventing or indicating unauthorised use or theft of vehicles operating on vehicle systems or fittings, e.g. on doors, seats or windscreens
G06F 17/14 - Fourier, Walsh or analogous domain transformations
22.
BUMPING PREVENTING ARRANGEMENT FOR LOCK DEVICE, LOCK DEVICE AND METHOD
A bumping preventing arrangement (10) for a lock device (38, 52, 68), the bumping preventing arrangement (10) comprising transfer member (12, 46, 64, 74) having a magnet (14), the transfer member (12, 46, 64, 74) being movable along an actuation axis (18) between a locked position (16) and an unlocked position (36); a plurality of electric conductors (20), each electric conductor (20) enclosing the actuation axis (18); and a plurality of switches (22), each switch (22) being associated with a respective electric conductor (20), and being arranged to selectively close an electric circuit comprising the associated electric conductor (20) such that eddy currents are induced in the electric conductors (20) when the magnet (14) moves along the actuation axis (18) from the locked position (16) towards the unlocked position (36). A lock device (38, 52, 68) and a method of controlling a lock device (38, 52, 68) are also provided.
It is provided a protection circuit for protecting a battery comprising a plurality of lithium primary cells. The protection circuit comprises: a switch configured to control when the battery supplies power to a load; and a control circuit being configured to: detect, at a first point in time, when a voltage across at least part of the battery falls below a threshold voltage; and open the switch when the voltage across at least part of the battery is remains below the threshold voltage during a preconfigured duration from the first point in time, wherein the opening of the switch is irreversible.
It is provided a method for enabling determination of proximity of a mobile device (2a, 2b) to a beacon device (3a). The method is performed by a proximity determiner (1) and comprises the steps of: determining a set of beacon devices (3a-e) being detectable from the mobile device; obtaining beacon measurements of one or two beacon devices in each pair; generating a two-dimensional graph based on the beacon measurements; obtaining device measurements of signal strength of beacons from the beacon devices in the set of beacon devices; finding an optimum in a space defined by the two- dimensional graph; and determining the most probable position of the mobile device in the graph based on the optimum.
G01S 5/02 - Position-fixing by co-ordinating two or more direction or position-line determinations; Position-fixing by co-ordinating two or more distance determinations using radio waves
G01S 5/14 - Determining absolute distances from a plurality of spaced points of known location
A method and system for in-field encoding of credentials to a credential device. An example method comprises receiving a request to at least one of add or update credentials to a credential device; providing an invitation code for an in-field device, the in-field device being separate from the credential device; receiving, from the in-field device, the invitation code along with information from the credential device for establishing a secure communication channel with the credential device; establishing a secure communication channel with the credential device using the in-field device as an intermediate; generating one or more commands for encoding credentials to the credential device based on the request; and sending the one or more commands, via the secure communication channel using the in-field device as an intermediate, to the credential device.
It is provided a method for enabling determination of proximity of a mobile device (2a, 2b) to a selected proximity determiner (3a). The method comprises the steps of: determining a base set of proximity determiners (3b-e) whereby an enlarged set of proximity determiners is defined as the selected proximity determiner and the base set of proximity determiners; receiving beacon measurements of signal strength of other proximity determiners in the enlarged set of proximity determiners; generating a two-dimensional graph based on the beacon measurements; receiving respective device measurements indicating signal strength of a signal from the mobile device at each proximity determiner in the enlarged set of proximity determiners; finding an optimum in a space defined by the two-dimensional graph; and determining the most probable position of the mobile device in the graph based on the optimum.
G01S 5/14 - Determining absolute distances from a plurality of spaced points of known location
G01S 5/02 - Position-fixing by co-ordinating two or more direction or position-line determinations; Position-fixing by co-ordinating two or more distance determinations using radio waves
According to a first aspect, it is provided a method for processing an input media feed for monitoring a person. The method is performed by a media processing device comprising a media capturing device. The method comprises the steps of: obtaining an input media feed using the media capturing device; providing the input media feed to a local artificial, AI, intelligence engine, to extract at least one feature of the input media feed; and transmitting intermediate results comprising the extracted at least one feature to train a central AI model, while refraining from transmitting the input media feed. The local AI engine forms part of the media processing device. The intermediate results comprise a label of the extracted at least one feature. The label is obtained from an end result of another local AI engine.
G06V 10/774 - Generating sets of training patterns; Bootstrap methods, e.g. bagging or boosting
G06V 20/52 - Surveillance or monitoring of activities, e.g. for recognising suspicious objects
G06V 10/94 - Hardware or software architectures specially adapted for image or video understanding
G06V 10/82 - Arrangements for image or video recognition or understanding using pattern recognition or machine learning using neural networks
G06V 10/77 - Arrangements for image or video recognition or understanding using pattern recognition or machine learning using data integration or data reduction, e.g. principal component analysis [PCA] or independent component analysis [ICA] or self-organising maps [SOM]; Blind source separation
G01S 7/41 - RADIO DIRECTION-FINDING; RADIO NAVIGATION; DETERMINING DISTANCE OR VELOCITY BY USE OF RADIO WAVES; LOCATING OR PRESENCE-DETECTING BY USE OF THE REFLECTION OR RERADIATION OF RADIO WAVES; ANALOGOUS ARRANGEMENTS USING OTHER WAVES - Details of systems according to groups , , of systems according to group using analysis of echo signal for target characterisation; Target signature; Target cross-section
A method for creating a secure channel between devices for secure communication therebetween. The method comprises transmitting a first nonce from an initiator device to a responder device; receiving, at the initiator device, a second nonce and an identity of the responder device; transmitting an identity of the initiator device and a first set of one or more encrypted data objects from the initiator device to the responder device; receiving, at the initiator device, a second set of one or more encrypted data objects from the responder device; and generating, at the initiator device, a session key for secure communication between the initiator and responder devices.
H04L 9/06 - Arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for blockwise coding, e.g. D.E.S. systems
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
H04L 9/14 - Arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
A method for offline delegation of authorization to access a secure asset. The method comprises receiving an offline delegation request from a delegating device at a receiving device while the receiving device is not in communication with a server of an authorization management system, the offline delegation request indicating a delegation of authorization from the delegating device to the receiving device for access to a secure asset; after establishing communication with the server, transmitting the offline delegation request from the receiving device to the server; and receiving, at the receiving device, authorization data from the server in exchange for the offline delegation request, the authorization data permitting access to the secure asset by the receiving device; wherein the offline delegation request comprises an identity of the receiving device or user of the receiving device and is digitally signed by the delegating device.
G06F 21/35 - User authentication involving the use of external additional devices, e.g. dongles or smart cards communicating wirelessly
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
31.
METHODS AND DEVICES FOR PHYSICAL ACCESS CONTROL SYSTEMS
An access control system includes a plurality of physical access control readers that form a reader network which utilizes a first communication protocol. The system includes a plurality of mobile communication devices each having a first communication interface and a second communication interface. The first communication interface enables the mobile communication devices to access a mobile communication network which utilizes a second communication protocol, and the second communication interlace enables the mobile communication devices to communicate with the access control readers. The plurality of physical access control readers exchange status information for the plurality of physical access control readers and for the plurality of mobile communication devices over the reader network.
An access control system includes a plurality of physical access control readers that form a reader network which utilizes a first communication protocol. The system includes a plurality of mobile communication devices each having a first communication interface and a second communication interface. The first communication interface enables the mobile communication devices to access a mobile communication network which utilizes a second communication protocol, and the second communication interlace enables the mobile communication devices to communicate with the access control readers. The plurality of physical access control readers exchange status information for the plurality of physical access control readers and for the plurality of mobile communication devices over the reader network.
The present disclosure relates to a method to check if a connector system with a Connector Position Assurance (“CPA”) member is in a closed position. The method includes providing an RFID-tag reader that is positioned at a distance D to the integrated circuit enabling far-field RFID communication and not permitting near-field RFID communication. Further, the method includes checking the readability of the integrated circuit with the RFID-tag reader and issuing an alert signal if the integrated circuit is not readable by the RFID-tag reader indicating that the CPA member is not in the closed position.
G06K 7/10 - Methods or arrangements for sensing record carriers by corpuscular radiation
G06K 19/07 - Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards with integrated circuit chips
An actuating device (12) comprising an actuating element (14); an electric generator (16); and an electromechanical coupling device (18) configured to adopt a decoupled state, for decoupling the actuating element (14) from a locking member (22), and a coupled state, for coupling the actuating element (14) to the locking member (22); wherein the coupling device (18) comprises a blocker (26), a holder (38) and a release mechanism (40); wherein the holder (38) is arranged to adopt a holding position, in which the holder (38) holds the blocker (26), when the coupling device (18) adopts the coupled state; wherein the holder (38) is arranged to adopt a released position, in which the holder (38) does not hold the blocker (26), when the coupling device (18) adopts the decoupled state; and wherein the release mechanism (40) is arranged to mechanically force the holder (38) from the holding position to the released position by manual rotation of the actuating element (14) about the actuating axis (20).
Release mechanism for an electronic locking system, wherein the release mechanism is configured such that an input member and an output member are locked against relative rotation and can rotate together within a locking ring opening when a locking member is located in an input member recess and in an output member recess, and such that the output member is released to rotate relative to the input member when the locking member is located in the output member recess and in a locking ring recess. A freewheel mechanism and assemblies for an electronic locking system are also provided.
It is provided a method for enabling access control for access to a physical space secured by a lock device. The method is performed in a security device and comprises the steps of: obtaining at least one image captured using a first camera of a portable key device, the at least one image being captured in a vicinity of the lock device; receiving a template decryption key from a lock device over a short-range communication link; obtaining a credential associated with the lock device; matching the at least one image with a plurality of templates, each template being associated with a lock device, which comprises obtaining the plurality of templates by decrypting encrypted templates using the template decryption key; and wherein a positive match is a necessary condition for opening the lock device.
Methods and systems are provided for performing operations comprising: receiving, by a credential gateway from a client device, a request to obtain a digital credential for accessing a secure resource, the credential gateway being configured to coordinate an exchange of digital credentials associated with different secure resource types with a plurality of client devices; communicating the request to a server associated with the secure resource; receiving, by the credential gateway from the server associated with the secure resource, a data object that includes the digital credential; selecting, by the credential gateway, based on the data object, a security protocol from a plurality of security protocols; and providing, by the credential gateway, the digital credential to the client device in accordance with the selected security protocol.
An RFID assembly that includes both a UHF patch antenna and an HF or LF loop antenna is provided. The patch antenna and the loop antenna are arranged inside a housing in such a manner that the loop antenna partially overlaps an end portion of the patch antenna, thereby forming an extension of the patch antenna. In this manner, a performance of the UHF patch antenna can be maintained despite decreasing the size of the same, while an interference between the patch antenna and the loop antenna can be suppressed, in particular, by providing a gap between the same.
It is provided a method for detecting people, the method being performed by a people detector provided by a doorway. The method comprises the steps of: receiving an open signal indicating that a door of the doorway is open; setting a people sensor of the people detector in an active mode based on receiving the open signal; detecting when a person passes through the doorway, using the people sensor; receiving a closed signal indicating that the door of the doorway is closed; transmitting a result of the step of detecting, wherein the step of transmitting is performed based on receiving the closed signal; and setting the people sensor in a power save mode based on receiving the closed signal.
Techniques for handling and reducing ink overspray of an ink jet printer are provided. In an example, an ink overspray collector for an ink jet printer can include a first opening defining a first print area of the ink jet printer, and a frame about the first opening. The frame is configured to receive overspray from operation of the ink jet printer and can be formed of a woven material. In some examples, a controller of the ink jet printer can reduce an amount of ink ejected near the edges of the print media to reduce overspray.
B41J 2/045 - Ink jet characterised by the jet generation process generating single droplets or particles on demand by pressure, e.g. electromechanical transducers
It is provided a method for configuring a target device. The method comprises the steps of: transmitting a configuration request message to the target device, the configuration request message comprising a configuration request and a request signature, wherein the request signature is based on the configuration request; receiving a configuration response message from the target device, the configuration response message comprising a configuration response and a response signature, wherein the response signature is based on the configuration response and the request signature; verifying the response signature to determine whether the configuration response message is valid, based on the configuration response, the request signature and a public key for the target device; and transmitting a configuration commit message to the target device only when the configuration response message is valid, the configuration commit message comprising a configuration commit indicator and a commit signature.
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
H04L 67/133 - Protocols for remote procedure calls [RPC]
43.
METHODS & PROCESSES TO SECURELY UPDATE SECURE ELEMENTS
This disclosure describes techniques for updating firmware of a secure element. The techniques include operations comprising: receiving, by a gateway device, from a remote source, a firmware file; receiving, by a processing element implemented on the gateway device, ephemeral session specific key material for a first secure element implemented on the gateway device; dividing the firmware file into a plurality of data chunks; applying, by the processing element, the ephemeral session specific key material to a first data chunk of the plurality of data chunks to generate a first data packet; and sending, by the processing element, the first data packet to the first secure element.
G06F 21/57 - Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
It is provided a method for controlling camera-based supervision of a physical space. The method is performed in a supervision controller and comprises the steps of: determining that a person enters the physical space; deactivating camera-based supervision of the physical space based on the person entering the physical space, by turning off a video feed of the camera-based supervision; determining that a person exits the physical space; and activating camera-based supervision of the physical space based on the person exiting the physical space.
G06V 20/52 - Surveillance or monitoring of activities, e.g. for recognising suspicious objects
G08B 13/196 - Actuation by interference with heat, light, or radiation of shorter wavelength; Actuation by intruding sources of heat, light, or radiation of shorter wavelength using passive radiation detection systems using image scanning and comparing systems using television cameras
G08B 21/04 - Alarms for ensuring the safety of persons responsive to non-activity, e.g. of elderly persons
45.
RELAY ATTACK DETECTION FOR INTERFACES USING COMMAND-RESPONSE PAIR
A reader device of an access control system comprises physical layer circuitry and processing circuitry. The processing circuitry is operatively coupled to the physical layer circuitry and is configured to initiate transmission of a command to a credential device; determine a time duration from sending the command to the credential device to receiving a response to the command from the credential device; and generate an indication when the time duration exceeds a relay attack detection threshold time duration.
A laser marking system comprises a laser energy source that generates a laser beam, a laser controller configured to focus the laser beam over a field of view greater than a size of laser-markable items, and a start-up target that includes laser-safe material and is located within the field of view. The laser controller is further configured to point the laser beam at the start-up target during a start-up phase of the laser energy source and focus the laser beam on one of the laser-markable items after the start-up phase.
The present disclosure relates to a reader, such as a reader for a physical access control system. The reader can include first and second antennas, each designed or configured for receiving ultra-wide band (UWB) signals. The reader can also include a mounting plane configured for mounting the reader to a surface. An axis aligning the first and second antennas can be arranged substantially perpendicular relative the mounting plane. A material can be provided between the first and second antennas The material can have a thickness that defines a distance between the first and second antennas of less than a half wavelength of the UWB signal through air (λA/2), the material configured to slow down electromagnetic waves passing therethrough such that the thickness of the material provides an effective separation distance of the first and second antennas of at least a half wavelength of the UWB signal through air (λA/2).
A storage device (10) for storing a key, the storage device (10) comprising a housing (12, 38); a blocking structure (40); a carrier (18) for carrying 76 a key, the carrier (18) being movable relative to the housing (12, 38) between a closed position (20), in which the carrier (18) is accommodated within the housing (12, 38), and an open position (26), in which the carrier (18) at least partly protrudes from the housing (12, 38) for retrieval of a key from the carrier (18), the carrier (18) comprising a blocking member (44) and a biasing device (42) arranged to bias the blocking member (44) into engagement with the blocking structure (40) in the closed position (20); and an actuator (52) comprising a locking structure (54), the actuator (52) being arranged to move the locking structure (54) between a 40 locking position (56) to lock the blocking member (44) when engaging the blocking structure (40), and an unlocking position (84) in which the blocking member (44) is not locked by the locking structure (54).
A method of operating a seamless physical access control system comprises transferring communication session information using an out-of-band (OOB) communication channel of a smart ultra-wide band (UWB) capable device; establishing a secure OOB communication channel between the smart UWB capable device and a reader device using the communication session information; determining that a UWB enabled application of the smart UWB capable device needs secure ranging; establishing a secure UWB communication channel between the smart UWB capable device and the reader device; and transferring ranging information from a secure component of the smart UWB capable device to the reader device via the secure UWB communication channel.
Systems and techniques for a physical access control systems with localization-based intent detection are described herein. In an example, an access control system may regulate access to an asset. The access control system is adapted to establish a first connection with a key-device. The access control system may be further adapted to receive a credential for a user over the first connection. The access control system may be further adapted to establish a second connection with the key-device. The access control system may be further adapted to determine an intent of the user to access the asset. The access control system may use location data derived from the second connection to determine the intent of the user. The access control system may be further adapted to provide the credential to an access controller, based on identifying an intent of the user to access the asset.
H04W 12/64 - Location-dependent; Proximity-dependent using geofenced areas
G07C 9/21 - Individual registration on entry or exit involving the use of a pass having a variable access code
G07C 9/25 - Individual registration on entry or exit involving the use of a pass in combination with an identity check of the pass holder using biometric data, e.g. fingerprints, iris scans or voice recognition
G07C 9/10 - Movable barriers with registering means
G07C 9/00 - Individual registration on entry or exit
G07C 9/29 - Individual registration on entry or exit involving the use of a pass the pass containing active electronic elements, e.g. smartcards
G07C 9/22 - Individual registration on entry or exit involving the use of a pass in combination with an identity check of the pass holder
G07C 9/27 - Individual registration on entry or exit involving the use of a pass with central registration
H04W 4/80 - Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication
G07C 9/28 - Individual registration on entry or exit involving the use of a pass the pass enabling tracking or indicating presence
A lock device (12) comprising a bolt (22) movable between a retracted position (24) and an extended position (90); a bolt force device (26) arranged to force the bolt (22) from the retracted position (24) towards the extended position (90); a blocking member (28) movable between a blocking position (32) and an unblocking position (96); a lock device magnet (46) movable between a passive position (48) and an active position (94) in response to a repulsive magnetic force acting on the lock device magnet (46); and a release transmission (52) arranged to mechanically transmit a movement of the lock device magnet (46) from the passive position (48) to the active position (94), to a movement of the blocking member (28) from the blocking position (32) to the unblocking position (96). A system (10) comprising a lock device (12) and a strike plate (14) is also provided.
E05B 47/00 - Operating or controlling locks or other fastening devices by electric or magnetic means
E05B 63/20 - Locks with special structural characteristics with arrangements independent of the locking mechanism for retaining the bolt in the retracted position released automatically when the wing is closed
It is provided a method for enabling remote unlock of a lock securing access to a physical space. The method is performed in a server and comprises the steps of: receiving, from a first mobile device, an access request to unlock a lock, wherein the request comprises an identifier of the lock and a user identifier associated with an access requester, being a user of the first mobile device; finding a remote credential device being associated with the lock; and transmitting an access request to the remote credential device, the access request comprising an identifier based on the user identifier.
Systems and techniques for improving ink jet ink durability and adhesion to a substrate. The techniques may include applying a varnish to the surface of the substrate, curing, in an initial curing step, the varnish with an ultraviolet (UV) lamp, and applying a pigmented ink to at least a portion of the substrate. The initial curing step may comprise pinning the varnish with the UV lamp in a low-power state. The techniques may additionally or alternatively include applying a layer of pigmented ink and varnish at substantially the same time, allowing the pigmented ink and varnish to at least partially mix, then pinning or curing the ink/varnish combination.
A method comprises transferring information that includes a response uniform resource locator (URL) between a primary device and a secondary device using a primary communication channel between the primary device and the secondary device; determining, using the secondary device, status of connectivity of a network separate from the primary communication channel; transmitting, by the secondary device, a response to a request from the primary device via the network using the response URL when the status indicates the network is available, and transmitting the response via the primary communication channel when the status indicates the network is unavailable.
Various systems and methods for securely sharing private information are described herein. A user device includes a memory device; and a processor subsystem, which when configured by instructions stored on the memory device, is operable to perform the operations comprising: receiving, at a verifier device, an indication of supported unclonable functions and a challenge value; identifying an unclonable function from the supported unclonable functions, to obtain a selected unclonable function; executing the selected unclonable function based on the challenge value, to obtain a result; and transmitting the indication of supported unclonable functions, the selected unclonable function, and the result to the verifier device to authenticate the user device.
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
56.
Reader housing having a camera window and display screen
According to a first aspect, it is provided a method for providing access to a lock for provision of a service. The method comprises the steps of: receiving a request for access to the lock; sending a consumer request to a service consumer device, asking whether to grant access to the lock; receiving a positive consumer response from the service consumer device; determining validity time for a grant token; obtaining a grant token for the service provider, the grant token having the determined validity time; providing the grant token to the service provider; deleting the grant token in the access coordination server; receiving an agent request for access to the lock for a specific service provider agent device, the agent request comprising the grant token; obtaining a credential for the service provider agent device; and providing the credential to the service provider agent device.
G07C 9/00 - Individual registration on entry or exit
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
59.
ARRANGEMENT FOR ELECTRONIC LOCKING SYSTEM, AND ELECTRONIC LOCKING SYSTEM
An arrangement (10) for an electronic locking system (24), the arrangement (10) comprising an actuating element (12) arranged to perform an actuating procedure (18) by means of manual manipulation by a user; an electromagnetic generator (14) comprising a stator (20) and a rotor (22), the rotor (22) being arranged to be rotationally driven relative to the stator (20) at least temporarily during the actuating procedure (18) by movement of the actuating element (12) to thereby generate electric energy; and an electronic control system (16) arranged to be electrically powered by the generator (14); wherein the control system (16) is arranged to control a provision of feedback to the user; and wherein the feedback is a haptic feedback in the actuating element (12), a sound signal, a light signal, or combinations thereof. An electronic locking system (24) comprising the arrangement (10) is also provided.
Various systems and methods for providing discovering smart card slots in a device are described herein. A server device for discovering smart card slots in a client device may be implemented with a processor subsystem; and memory including instructions, which when executed by the processor subsystem, cause the processor subsystem to perform operations comprising: receiving, at the server device from the client device, over an established Bluetooth connection, smart card connector parameters, the client device having a plurality of smart card slots; iterating through the plurality of smart card slots; at each slot of the plurality of smart card slots, using a smart card protocol to attempt to access an application at each slot, the application pre-associated with the server device; and in response to identifying the application exists in a slot of the plurality of smart card slots, connecting with the application.
G06K 19/07 - Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards with integrated circuit chips
H04W 4/80 - Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication
Various systems and methods for securely sharing private in formation are described herein. A mobile device comprises instruction to configured the mobile device to identify a verifier device having an available wireless connection, the wireless connection having a wireless connection strength; determine that a triggering event occurs, the triggering event based on the wireless connection strength; when the triggering event occurs: connect to the verifier device; transmit a digital credential to the verifier device, each of a plurality of data elements of the digital credential separately encrypted using distinct encryption keys; receive a request to access a requested data element of the digital credential; prompt a user of the mobile device for consent to share the requested data element; and transmit information to the verifier device when the user consents sharing the requested data element, the information used to decrypt only the requested data element.
It is provided a sensor device comprising: a vibration detector configured to be provided in contact with a windowpane of a window; a sensor controller; and a cable between the vibration detector and the sensor controller; wherein the vibration detector comprises a piezoelectric sensor that is configured to wake up the sensor controller when a vibration is detected by the piezoelectric sensor.
G08B 13/04 - Mechanical actuation by breaking of glass
G01H 11/08 - Measuring mechanical vibrations or ultrasonic, sonic or infrasonic waves by detecting changes in electric or magnetic properties by electric means using piezoelectric devices
G01V 11/00 - Prospecting or detecting by methods combining techniques covered by two or more of main groups
G08B 13/16 - Actuation by interference with mechanical vibrations in air or other fluid
it is provided a method for performing a cryptographic signing operation of a data item. The method is performed in a server and comprises the steps of: receiving, from a smartcard reader, a request for a data item to be collectively signed, the request comprising an indication of the data item and an identifier of a smartcard, wherein the collective signing requires the use of both a smartcard secret key and a server secret key for the collective signature to be valid; establishing a secure channel with the smartcard; collaborating with the smartcard over the secure channel to provide a collective signature of the data item, wherein the server bases the signature on the data item and a server secret key, wherein the server secret key is specifically associated with the smartcard secret key, resulting in a collective signature; and sending the collective signature to the smartcard reader.
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
A computing device implemented method of identity authentication comprises receiving a biometric token; performing a biometric capture of a user; converting the biometric capture into a biometric bitstream; recovering a predictable seed of data using the biometric bitstream and the biometric token; using the recovered predictable seed of data to produce challenge response data sent to a verifier device in response to a challenge message received from the verifier device; and verifying the challenge response data using identity data of the user.
G06F 21/32 - User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
G06F 21/64 - Protecting data integrity, e.g. using checksums, certificates or signatures
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
A method, access control system, and readers for use in an access control system are described. One example of the disclosed method providers the ability to securely augment an existing physical access control system that relies on access control tokens (e.g., credentials) with a secure mobile-based solution allowing the secure local offline exchange of a new access control token for another that can be used with the existing installed access control system.
G07C 9/22 - Individual registration on entry or exit involving the use of a pass in combination with an identity check of the pass holder
G06F 21/62 - Protecting access to data via a platform, e.g. using keys or access control rules
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
It is provided a lock assembly comprising: a striking plate assembly comprising an aperture and a magnetometer arranged in proximity of the aperture; a bolt being displaceable to enable movement through the aperture of the striking plate assembly, the bolt comprising a magnet; and a sensor device for detecting proximate presence of an object, wherein the sensor device is configured to power up the magnetometer when the sensor device detects proximate presence of an object; wherein the lock assembly is configured to detect, using the magnetometer and magnet when the bolt is in a protruded position through the aperture.
It is provided a lock assembly (1) comprising: a striking plate assembly (10) comprising an aperture (12a, 12b); a first communication module (20a); and a bolt (13,14) being displaceable to enable movement through the at least one aperture (12a, 12b) of the striking plate assembly (10), the bolt (13,14) comprising a second communication module (20b); wherein the first communication module (20a) is configured to receive an identity of the bolt (13, 14) by communicating with the second communication module (20b) and wherein wireless signals from one of the first and second communication modules (20a, 20b) powers the other.
An RFID device that can be connected to a piece of material, in particular, a piece of fabric (22), in an efficient manner and that is small and flexible is provided. A wire antenna (16) is coupled to an integrated circuit provided on a substrate (12) of the RFID device (10). The wire antenna (16) is attached to the substrate (12) by being laced with the substrate (12) via a pair of through holes. In this state, the wire antenna (16) is fixedly connected to the piece of material by heating a coating of the wire antenna (16), which coating includes a thermoset adhesive material. In this manner, the substrate (12) is connected to the piece of material via the wire antenna (16).
G06K 19/077 - Constructional details, e.g. mounting of circuits in the carrier
G06K 19/02 - Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the selection of materials, e.g. to avoid wear during transport through the machine
G06K 19/07 - Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards with integrated circuit chips
It is provided a method for enabling upgrading firmware of a target device. The method is performed in a portable updater and comprises the steps of: downloading a plurality of firmware sections from a server, the firmware sections collectively making up a complete firmware for deployment on the target device; determining that a connection with the target device is established over a short-range wireless link; determining a firmware section to transfer to the target device; and transferring the determined firmware section to the target device over the short-range wireless link. The steps of determining a firmware section and transferring are repeated until a predetermined number of firmware sections, being a strict subset of all firmware sections, have been transferred.
Methods and systems are provided for performing operations comprising: generating, on a publicly accessible server, a secure enclave, the secure enclave having isolated memory and processing resources of the server; installing, on the secure enclave, a virtual machine comprising a guest operating system of a first entity; installing, by the virtual machine, one or more cryptographic processes associated with the first entity; and encrypting and decrypting cryptographic keys associated with the first entity using the one or more cryptographic processes.
It is provided a method for controlling access to an access object. The method is performed in an electronic key device and comprises the steps of: communicating with an access control device to obtain an identity of the access control device; sending an access request to a server, the access request comprising an identity of the electronic key device and the identity of the access control device; receiving a response from the server, the response comprising a key delegation to the electronic key device; and sending a grant access request to the access control device, the grant access request comprising the key delegation, to allow the access control device to evaluate whether to grant access to the access object based on a plurality of delegations comprising a sequence of delegations.
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
H04W 12/084 - Access security using delegated authorisation, e.g. open authorisation [OAuth] protocol
74.
SYSTEM AND METHOD FOR PROVIDING AGGREGATED CREDENTIALS WITH ASSURANCE LEVELS
Various systems and methods for using credentials are described herein. In an example, the system is configured to generate and issue electronic credentials that may include aggregate credentials from various issuers. In another example, a query statement is used to express relationships between credential data elements and obtain a subset of data corresponding to the query.
It is provided a method comprising the steps of: obtaining a first sample point and a second sample point; transforming the first sample point and the second sample point by setting the I value of a first transformed sample point to the Q value of the obtained first sample point, setting the Q value of the first transformed sample point to the inverse of the I value of the obtained first sample point, setting the I value of a second transformed sample point to the inverse of the Q value of the obtained second sample point, setting the Q value of the second transformed sample point to the I value of the obtained second sample point; determining the phase difference between the first sample point and the second sample point; and determining the position of the mobile key device based on the phase differences.
G01S 3/48 - Systems for determining direction or deviation from predetermined direction using antennas spaced apart and measuring phase or time difference between signals therefrom, i.e. path-difference systems the waves arriving at the antennas being continuous or intermittent and the phase difference of signals derived therefrom being measured
G01S 5/06 - Position of source determined by co-ordinating a plurality of position lines defined by path-difference measurements
G07C 9/29 - Individual registration on entry or exit involving the use of a pass the pass containing active electronic elements, e.g. smartcards
G06K 7/10 - Methods or arrangements for sensing record carriers by corpuscular radiation
76.
DETERMINING WHEN TO TRIGGER POSITIONING OF A PORTABLE KEY DEVICE
It is provided a method for determining when to trigger positioning of a portable key device used in access control for an electronic lock controlling access to a restricted physical space. The method is performed in a positioning determiner and comprises the steps of: obtaining movement data from a motion sensor of the portable key device, the movement data indicating movement of the portable key device; determining when the movement data indicates a stop in motion of the key device; and triggering positioning of the portable key device when a stop in motion of the key device has been determined.
A non-transitory computer readable medium comprising executable code that causes one or more processors to: receive, at a reader device from a credential device of a user, at least one of a first image of the user or a first representation of a face of the user; if a first image of the user was received, then generate, at the reader device, a generated representation of the face of the user using the first image; capture, at the reader device, a second image of the user and generate a second representation of the face of the user using the second image; determine a likelihood of a match between the second representation and at least one of the first representation and the generated representation; and permit access by the user to a secure asset in instances where the likelihood of a match meets a threshold.
G07C 9/25 - Individual registration on entry or exit involving the use of a pass in combination with an identity check of the pass holder using biometric data, e.g. fingerprints, iris scans or voice recognition
G06V 40/16 - Human faces, e.g. facial parts, sketches or expressions
G06F 21/32 - User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
78.
STORING FACIAL RECOGNITION ELEMENTS AS LAYERS TO BLEND FACIAL CHANGES
A computer readable medium comprising code that causes one or more processors to: receive a first representation of a face generated from a first image of a user and receive a difference model, the difference model indicative of a difference between the first image and a second image of the user; capture a third image of the user and generate a second representation of the face of the user using the third image; determine a first likelihood of a match between the first and second representations and/or determine a second likelihood of a match between the second representation and a third representation, the third representation being a combination of the first representation and the difference model; and permit access by the user to a secure asset in instances where at least one of the first or second likelihoods of a match meets a threshold.
A computer readable medium having executable code that causes one or more processors to: receive at least one of a first image of the user or a first representation of a face of the user; if a first image of the user was received, then generate a generated representation of the face of the user using the first image; capture a second image of the user and generate a second representation of the face of the user using the second image; receive an authentication factor; determine validity of the authentication factor; reduce a confidence threshold based on the authentication factor; determine a likelihood of a match between the second representation and at least one of the first representation and the generated representation; and permit access by the user to a secure asset in instances where the likelihood of a match meets the confidence threshold.
A device for permitting access to a secure asset, the device including: at least one processor; and memory storing instructions to: receive a first image of a user from a credential device of the user, the first image being at least one of embedded with an encrypted key, encrypted, or comprising a watermark; at least one of verify the embedded encrypted key, decrypt the first image, or verify the watermark of the first image to obtain a verified image; generate a first representation of a face of the user using the verified image; capture a second image of the user and generate a second representation of the face of the user using the second image; determine a likelihood of a match between the first and second representations; and permit access by the user to the secure asset in instances where the likelihood of a match meets a threshold.
A computer readable medium having executable code to: receive at least one of a first image of the user or a first representation of a face of the user; if a first image of the user was received, then generate a generated representation of the face of the user using the first image; capture a second image of the user and generate a second representation of the face of the user using the second image; receiving an authentication factor; determine validity of the authentication factor; determine a confidence of a match between the second representation and at least one of the first representation and the generated representation; and if the confidence is below a threshold and the authentication factor is determined to be valid, at least one of supplement or replace at least one of the first image or first representation with the second image or second representation, respectively.
A method for enrolling users in an access control system, the method including sending a notification to a device of a user, instructing the user to capture an image with the device; generating a first representation of a face of the user using a first image of the user; generating a second representation of a face of the user using a second image of the user captured with the device; determining a likelihood of a match between the first and second representations; and if the likelihood of a match meets a threshold, using the second image as an enrollment photo for the access control system.
G07C 9/25 - Individual registration on entry or exit involving the use of a pass in combination with an identity check of the pass holder using biometric data, e.g. fingerprints, iris scans or voice recognition
G06V 40/16 - Human faces, e.g. facial parts, sketches or expressions
G06F 21/32 - User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
83.
ACQUIRING A PLURALITY OF MOBILE CREDENTIALS IN A PLURALITY OF READERS
A computer readable medium having executable code that causes one or more processors to: obtain credential data from each of one or more credential devices within a communication range of a reader device; for each user corresponding to the credential data, identify a facial representation for the user; for each user, temporarily store the corresponding facial representation for that user along with the credential data corresponding to that user; capture an image of an access requester and generate a facial representation of the access requester using the image; compare the facial representation of the access requester with one or more of the temporarily stored facial representations; and permit access by the access requester to a secure asset in instances where the likelihood of a match between the facial representation of the access requester and any of the one or more temporarily stored facial representations meets a threshold.
G06V 40/16 - Human faces, e.g. facial parts, sketches or expressions
G07C 9/25 - Individual registration on entry or exit involving the use of a pass in combination with an identity check of the pass holder using biometric data, e.g. fingerprints, iris scans or voice recognition
84.
USING FACIAL RECOGNITION SYSTEM TO ACTIVATE AN AUTOMATED VERIFICATION PROTOCOL
A computer readable medium having executable code that causes one or more processors to: receive at least one of a first image of a user or a first representation of a face of the user; if a first image of the user was received, then generate a generated representation of the face of the user using the first image; capture a second image of the user and generate a second representation of the face of the user using the second image; determine a likelihood of a match between the second representation and at least one of the first representation and the generated representation; and if the likelihood of a match does not meet a confidence threshold, receive an authentication factor, determine validity of the authentication factor, and permit access by the user to a secure asset in instances where the authentication factor is valid.
G07C 9/37 - Individual registration on entry or exit not involving the use of a pass in combination with an identity check using biometric data, e.g. fingerprints, iris scans or voice recognition
85.
ULTRA-WIDE BAND DEVICE FOR ACCESS CONTROL READER SYSTEM
A device connectable to a reader of an access control system includes an antenna, an ultra-wide band (UWB) front end circuit, a controller, and a communication link. The (UWB) front end circuit is connected to the antenna to facilitate UWB communication with a credential device. The controller is connected to the UWB front end and configured to perform ranging for the credential device using the UWB communication. The communication link is configured to interface with the reader.
Systems and methods for access control systems includes first and second access facilities, and first and second readers. The first reader is configured to control access through the first access facility, receive a credential using a first communication protocol from a device that stores the credential, and establish a secret with the device using the credential. The second reader is configured to control access through the second access facility. The first reader is configured to provide the secret to the second reader, and the second device is further configured to perform ranging using the secret and a second communication protocol different than the first communication protocol to identify intent information. Access through one of the first facility or the second facility is coordinated using the intent information.
Techniques for operating a printer are provided. In an example, the printer can include a print head a cure light and a controller. The controller can be configured to move the print head relative to a print media to print a given image, to move the cure light relative to the print media at a cure speed in response to the cure light passing over a printed portion of the given image to cure the ink of the given image, and to move the cure light at an index speed in response to the cure light passing over a non-printed portion of the given image, wherein the index speed is greater than the cure speed.
Systems and techniques for a physical access control systems with localization-based intent detection are described herein. In an example, an access control system may regulate access to an asset. The access control system is adapted to receive a credential of a user from a key device associated with the user using a first wireless connection. The access control system may be further adapted to establish a second wireless connection with the key device. The access control system may be further adapted to determine the user intends to access the asset based on a data set generated derived from the second wireless connection. The access control system may be further adapted to use a trained machine learning model to determine the intent of the user to access the asset. The access control system may be further adapted to transmit a command to grant access to the asset.
H04W 12/64 - Location-dependent; Proximity-dependent using geofenced areas
G07C 9/21 - Individual registration on entry or exit involving the use of a pass having a variable access code
G07C 9/25 - Individual registration on entry or exit involving the use of a pass in combination with an identity check of the pass holder using biometric data, e.g. fingerprints, iris scans or voice recognition
G07C 9/10 - Movable barriers with registering means
G07C 9/00 - Individual registration on entry or exit
G07C 9/29 - Individual registration on entry or exit involving the use of a pass the pass containing active electronic elements, e.g. smartcards
G07C 9/22 - Individual registration on entry or exit involving the use of a pass in combination with an identity check of the pass holder
G07C 9/27 - Individual registration on entry or exit involving the use of a pass with central registration
H04W 4/80 - Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication
G07C 9/28 - Individual registration on entry or exit involving the use of a pass the pass enabling tracking or indicating presence
Systems and techniques for a physical access control systems with localization-based intent detection are described herein. In an example, an access control system may regulate access to an asset. The access control system is adapted to receive a credential for the asset from a key device associated with a user using a first wireless connection. The access control system may be further adapted to store the credential in a cache of memory. The access control system may be further adapted to establish a second wireless connection with the key device. The access control system may be further adapted to request a validation of the credential from an authorization service in response to establishing the second wireless connection with the key device. The access control system may receive a validation token from the authorization service. The access control system may be further adapted to store the validation token in the cache.
Systems and techniques for a physical access control systems with localization-based intent detection are described herein. In an example, an access control system may regulate access to an asset. The access control system is adapted to receive a credential from a key device associated with a user using a first wireless connection. The access control system may be further adapted to verify the credential with a preliminary authentication for the asset. The access control system may be further adapted to establish a second wireless connection with the key device in response to verifying the credential with the preliminary authentication. The access control system may be adapted to determine an intent of the user to access the asset. The access control system may identify the credential includes a pattern in the preliminary authentication. The access control system may be further adapted to provide a command to grant access to the asset.
H04W 12/64 - Location-dependent; Proximity-dependent using geofenced areas
G07C 9/21 - Individual registration on entry or exit involving the use of a pass having a variable access code
G07C 9/25 - Individual registration on entry or exit involving the use of a pass in combination with an identity check of the pass holder using biometric data, e.g. fingerprints, iris scans or voice recognition
G07C 9/10 - Movable barriers with registering means
G07C 9/00 - Individual registration on entry or exit
G07C 9/29 - Individual registration on entry or exit involving the use of a pass the pass containing active electronic elements, e.g. smartcards
G07C 9/22 - Individual registration on entry or exit involving the use of a pass in combination with an identity check of the pass holder
G07C 9/27 - Individual registration on entry or exit involving the use of a pass with central registration
H04W 4/80 - Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication
G07C 9/28 - Individual registration on entry or exit involving the use of a pass the pass enabling tracking or indicating presence
A secure multi-layered structure (14), for example, for a secure document, the secure multi-layered structure comprising a first layer (20) having a first aperture (25) opened in the first layer, a second layer (30) having a second aperture (35) opened in the second layer, and a third layer (40) having a third aperture (45) opened in the third layer, wherein each layer at least partially overlaps with the layer adjacent to it, at least a portion of the third layer being visible through the first aperture.
B32B 3/26 - Layered products essentially comprising a layer with external or internal discontinuities or unevennesses, or a layer of non-planar form; Layered products essentially having particular features of form characterised by a layer with cavities or internal voids
B32B 27/08 - Layered products essentially comprising synthetic resin as the main or only constituent of a layer next to another layer of a specific substance of synthetic resin of a different kind
92.
ULTRA-WIDE BAND DEVICE FOR ACCESS CONTROL READER SYSTEM
A reader system for an access control system includes first and second antennas and first and second controllers. The first controller is configured to communicate with a credential device using a first communication protocol via the first antenna to exchange a credential with the credential device. The second controller is configured to communicate with the credential device using a second communication protocol via the second antenna to perform ranging for the credential device and is configured to communicate with the first controller via a communication link.
G07C 9/29 - Individual registration on entry or exit involving the use of a pass the pass containing active electronic elements, e.g. smartcards
H04W 4/80 - Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication
G07C 9/00 - Individual registration on entry or exit
G06K 7/10 - Methods or arrangements for sensing record carriers by corpuscular radiation
H01Q 5/25 - Ultra-wideband [UWB] systems, e.g. multiple resonance systems; Pulse systems
A method of device authentication comprises receiving a password into an application of a user device; transmitting verification information of the password from the application to an authentication device; verifying, by the authentication device, validity of the password using the verification information; granting, by the authentication device, access by the user device to a secure resource when the password is valid; sending no indication of an invalid password to the user device when the authentication device determines the password is invalid; and blocking access of the user device to the secure resource when a predetermined number of passwords are determined to be invalid by the authentication device.
H04L 29/06 - Communication control; Communication processing characterised by a protocol
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
H04L 29/08 - Transmission control procedure, e.g. data link level control procedure
It is provided a method for controlling access to a physical space using an emergency delegation. The method is performed in a lock device and comprises the steps of: receiving an access request from an electronic key; obtaining a plurality of delegations, wherein each delegation is a delegation from a delegator to a delegatee, the plurality of delegations collectively forming a chain of delegations wherein when two delegations are chained together, the delegatee of one delegation is the delegator of the next delegation; determining that a delegation in the chain of delegations is an emergency delegation, the emergency delegation indicating that access should only be granted when an emergency situation occurs; determining when an emergency situation occurs; and granting access to the physical space when the chain of delegations starts in the lock device and ends in the electronic key; and when the emergency situation occurs.
An actuating device (10) for actuating a lock device (12), the actuating device (10) comprising an actuating element (14) rotatably arrangeable with respect to a stationary structure (22) for rotation about an actuation axis (28); an electric generator (16) In fixed with respect to the actuating element (14) for common rotation with the actuating element (14); a drive member (18) connected to the actuating element (14) and arranged to drive the electric generator (16), the drive member (18) being arrangeable to be driven by engaging the stationary structure (22) and by manually rotating the actuating element (14); and an electromechanical coupling device (20) fixed with respect to the actuating element (14) for common rotation with the actuating element (14), and arranged to be electrically powered by the electric generator (16), the coupling device (20) being configured to adopt a decoupling state and a coupling state. A lock device (12) is also provided.
A method for identity verification. The method may include receiving an image of an identification document at an electronic device and identifying a first facial image therein. The first facial image may be an image resulting from a pattern of perforations formed in a substrate of the identification document. The method may further include receiving a presentation of a second image at the electronic device and identifying a second facial image therein. The first facial image and the second facial image may be compared by the electronic device, and an indicator of the confidence level that the first facial image and second facial image are of a same face may be provided.
G06V 40/16 - Human faces, e.g. facial parts, sketches or expressions
G06K 7/14 - Methods or arrangements for sensing record carriers by corpuscular radiation using light without selection of wavelength, e.g. sensing reflected white light
G06V 30/413 - Classification of content, e.g. text, photographs or tables
A verifier device of an authentication system comprises physical layer circuitry and processing circuitry coupled to the physical layer circuitry. The processing circuitry is configured to encode an authentication command for sending to a credential device; decode a response communication received from the credential device, wherein the response communication includes a first random number; encrypt the first random number, a second random number, and verifier keying material for sending to the credential device; decrypt encrypted information received from the credential device, wherein the encrypted information includes the first random number, the second random number, and receiver keying material; and calculate a session encryption key using the verifier keying material and the receiver keying material.
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
It is provided a beacon circuit for use with electronic locks. The beacon circuit comprises a transmitter. The beacon device is configured to repetitively transmit a beacon signal to initiate subsequent communication with a receiver. The energy use for the beacon signal employs a communication channel which consumes less power than a communication channel for the subsequent communication. The beacon signal comprises an indication of time of the subsequent communication.
G07C 9/00 - Individual registration on entry or exit
G01S 5/02 - Position-fixing by co-ordinating two or more direction or position-line determinations; Position-fixing by co-ordinating two or more distance determinations using radio waves
G01S 1/02 - Beacons or beacon systems transmitting signals having a characteristic or characteristics capable of being detected by non-directional receivers and defining directions, positions, or position lines fixed relatively to the beacon transmitters; Receivers co-operating therewith using radio waves
Techniques for handling and reducing ink overspray of an ink jet printer are provided. In an example, an ink overspray collector for an ink jet printer can include a first opening defining a first print area of the ink jet printer, and a frame about the first opening. The frame is configured to receive overspray from operation of the ink jet printer and can be formed of a woven material. In some examples, a controller of the ink jet printer can reduce an amount of ink ejected near the edges of the print media to reduce overspray.
B41J 2/045 - Ink jet characterised by the jet generation process generating single droplets or particles on demand by pressure, e.g. electromechanical transducers
patents
