Schlage Unlocks End-User Experience with Interoperable Access Control Solutions

June 20, 2023
Custom encryption keys and credential technology play a key role in empowering end users

Interoperability and non-proprietary encryption keys are two strategic considerations in evaluating the right credential, card reader, intelligent lock and third-party hardware as part of your access control investment—but can be easy to overlook until it’s too late. Without the flexibility granted by these two vital features in access control solutions and credentials, end users may find themselves locked into contracts that can be difficult and costly to break away from. They may also be stuck with only one brand or type of product that is unable to be used with diverse technology and hardware environments. Proprietary encryption keys limit interoperability and confine users to the manufacturer’s hardware or ecosystem.

If the business or technology no longer serves the need of the end user, they may be left without access to encryption keys or the ability to upgrade. With the increase in manufacturers and ever-evolving technology, these considerations can help futureproof your access control investment.  

Security Technology Executive (STE) magazine had Hope Gilson and Paul Iverson of Allegion share their experience and insights on the importance of choosing between proprietary and non-proprietary encryption keys and enabling interoperability to provide freedom and flexibility to end users to meet their specific needs as technology and the industry change.  

STE: When weighing manufacturer choices for credentials and readers during the deployment of an access control solution, what feature sets should end users consider? 

Gilson: We encourage the first feature set to consider when deploying a credential technology to ensure, as referred to in our industry, it is a smart or high-frequency credential. These credentials are offered by several manufacturers under various product brands and utilize “authentication and encryption,” creating more secure transactions between the credential and the card reader or lock to mitigate the cloning risk associated with older card technology like magstripe, proximity and early-generation MIFARE®. If an end-user has other use cases beyond the door opening, including point of sale, secure print and strong authentication, an assessment with the facility security team should be completed to help ensure the manufacturer enables this utility. Additionally, if mobile access is in the end user roadmap, confirm the manufacturer is invested in Bluetooth® Low Energy, NFC and other emerging credential technologies and partnerships.

STE: When deploying high-frequency or smart card credentials, what is the difference between proprietary and non-proprietary encryption keys and why should this be considered? 

Iverson: The utilization of smart cards has incrementally scaled over the last 20+ years with the end user and channel focus directed to mitigating legacy credential risk along with extending credential utility beyond the door. What has not been paid keen attention to is the underlying technology embedded within the credential chip—the encryption key—the algorithm creating the secure transaction between the credential and card reader. Proprietary encryption keys are owned by the manufacturer and will not be shared with the end user; non-proprietary encryption keys are owned by the end user and possession of the key can be requested at any time. Contrasting the two—where proprietary keys are limiting, non-proprietary keys are not and create end-user control and flexibility in their relationship with a manufacturer.

STE: Why should custom encryption keys be considered by end users in the market today? 

Gilson: Custom encryption keys are non-proprietary and owned by the end user. The end user determines encryption key possession rights and key sharing—not the manufacturer. Proprietary business and technology relationships typically limit end-user options in terms of what card reader, lock and other hardware a credential will work with. When the business or technology relationship no longer serves the end user’s needs, requesting and gaining access to the key will often be denied. When the investment and scale are sizable for the organization, disengaging from a proprietary relationship can be disruptive and expensive. Custom keys alleviate this challenge by assigning key ownership where it belongs: with the end user. This enables end users to evaluate, align with other manufacturers, share their keys and enable configuration to alternative credentials and hardware. 

STE: What is meant by the concept of access control credentials and hardware interoperability? 

Iverson: In earlier years, some manufacturers preferred and adopted proprietary business and technology models, which ultimately ensured end users’ reliance after having made an investment in their proprietary technology. The credentials sold by a manufacturer were only interoperable with the hardware that was sold by the same manufacturer or within the proprietary ecosystem they developed, limiting end-user hardware options. As new card readers and lock hardware manufacturers emerged, end users demanded greater flexibility, driving cooperation among competitive manufacturers and creating incremental competitive credential and hardware interoperability options. The industry is improving; however, it still has ground to conquer to achieve a higher standard of flexibility to meet end users’ needs, including more credential and hardware interoperability. 

STE: As an industry credential and hardware leader, how does Schlage drive interoperability among competitive manufacturers? 

Gilson: Schlage’s interoperability advocacy predates our evolution as an electronics and technology company and can be traced back to the support of competitive mechanical key systems in Schlage mechanical lock hardware. An electronic portfolio is a natural extension of Schlage’s ongoing innovation. Schlage’s credential portfolio is anchored by our NXP partnership and MIFARE® DESFire® EV Series credentials.

As the industry continues to evolve, it’s more important than ever for end users to weigh each consideration when selecting access control solutions. Interoperability and proprietary credentials are two major factors when it comes to selecting access control solutions and may limit future choices. Whether leveraging existing credential hardware or investing in all-new solutions, Schlage continues to embrace freedom and flexibility for end users by providing multiple options to best fit their needs as the technology and the industry change. 

 

Learn how you can make your building smart and your future smarter with freedom, financial control and forward-thinking solutions from Schlage. 

Our Influencers:  Hope Gilson is the Business Development Manager-National System Integrators & Credential Wholesalers. Hope lives in the Houston area and joined Allegion in October 2022 as a Business Development Manager for National Integrators. She spent one year at Smarter Security, supporting the Southcentral region, and before that, 15 years as a Regional Sales Manager for HID, managing sales in New York, New Jersey, and Pennsylvania. She has also sold Software House and Identiv in previous years. As a result of her customer service reputation and passion, she is exceptionally well-connected nationally with consultants, integrators, and end users. 

 Paul Iverson is a Business Leader and Electronics Channel Partner. Paul is a 25-year industry veteran having worked as an integrator as well as with hardware manufacturers and access control OEMs. Paul has been with Allegion for almost 7 years and has served in multiple sales management roles.

 

Sponsored Recommendations

Appdome releases new defenses to combat accessibility malware

Two of the most advanced variants focus on Android banking apps - BrasDex in Latin America and Xenomorph in the U.S. and Europe use Automated Transfer Systems (ATS) malware.

DigiFlight, Inc. welcomes Michael Perrin as Senior Vice President, National Intelligence

With a career spanning 27 years in the U.S. Department of Defense (DoD) and 20 years in the intelligence community, Perrin will serve as DFI's primary point of contact for all...

Sternum shines with UL Solutions’ Diamond Level Qualification for IoT defense

With this UL qualification, Sternum’s Embedded Security and IoT Observability platform is a leading full stack solution that delivers unparalleled runtime protection and continuous...

GSX highlights PKOC demonstration

With PKOC, interoperability is simple, the credential is secure with PKI level authentication and there is no cost for a PKOC compatible credential.