Real words or buzzwords?: Interoperability – Part 3

June 6, 2023
There are two types of security system interoperability – both of which are important considerations in the design of security systems and the selection of security system products.

Editor’s note: This is the 69th article in the “Real Words or Buzzwords?” series about how real words become empty words and stifle technology progress.

Welcome to the third installment of our multi-part series on interoperability in commercial and industrial electronic physical security systems.

The previous two articles covered some important security industry standards. However, one stumbling block with traditional standard-setting processes is their extensive duration, often spanning decades. By the time these standards are ratified, technological advancements often have already surpassed the capabilities addressed by the standards.

Given technology’s relentless acceleration and the advent of new technologies, waiting for decades, or even just one, is simply unfeasible, especially in the face of rapidly evolving technology.

Interoperability Platforms: A Flexible Approach

Interoperability platforms offer a key advantage; they’re not confined to implementing only standards-based functionality. They can support any manufacturer’s products that merit it, via the manufacturer’s Software Development Kits (SDKs) and Application Programming Interfaces (APIs).

In an era where technology never stands still, modern interoperability platforms become increasingly important due to their ability to adapt and evolve, reducing the disruptive impacts of technology change across the industry.

Modern Access Credentials: A New Era of Identity Verification

With the Internet’s explosion, the pervasive consumerization of IT, and the widespread adoption of personal computing devices like smartphones and tablets, the need for personal identity verification has become a universal requirement.

The physical security industry needs to move away from its long-standing preference for proprietary credential technologies and embrace the personal credential independence desired and expected by employees, contractors, partners and visitors.

The LEAF Consortium: Pioneering Interoperability in Access Credentials

The LEAF Consortium, a group of partnering entities, aims to revolutionize interoperability in access control and identity credentials. (LEAF is not an acronym, but a brand name chosen by the LEAF Consortium.)

The LEAF Standards provide specifications and reference designs for various components like readers, smart cards and mobile device-based credentials, leading the way to interoperable and secure credential solutions.

The consortium, formed by industry veterans with substantial experience in secure credentials and multiple reader technology capabilities, seeks to streamline the integration of past, present, and future technologies.

Several access control product manufacturers, including Allegion, Brivo, E-LINE, EyeLock, IDEMIA, Iris ID, Linxens, RF IDeas, Universal Smart Cards, and WaveLynx, now offer LEAF-enabled card and biometric readers and card credentials.

WaveLynx Technologies: Facilitating Open and Secure Access

WaveLynx Technologies, established in 2013 and a prominent member of the LEAF Consortium, is known for its open and secure access control solutions.

These solutions are designed to empower businesses to modernize their authentication technology at a pace and trajectory that best suits their operational needs.

Setting WaveLynx apart from other manufacturers is their unique business model. Rather than selling readers and credentials — whether physical credentials or mobile and wallet options — directly to distribution channels or end users, they provide their technologies to other industry manufacturers.

These manufacturers then incorporate WaveLynx’s technologies into their own product lines. This includes companies such as Brivo, among others.

This approach fosters cross-brand access control credential interoperability, presenting a number of practical benefits. For instance, it allows a visitor’s personal mobile credential, including those stored on an iPhone or Apple Watch Wallet, to be enrolled in a facility’s access control system. This eliminates the need to issue a temporary credential for the duration of the visit. Moreover, it facilitates remote registration, reducing the visitor registration burden on on-site staff and allowing visitors to arrive on site and get straight to business.

WaveLynx’s technologies form an interoperability platform that comprises reader and credential technologies (devices, software and firmware) that are easy for access control manufacturers to customize. They allow existing security system deployments to be upgraded according to their own timelines.

Their multi-technology readers support various credential types, including Proximity (125 kHz), Smart (13.56 MHz), NFC, and Bluetooth, thereby ensuring a seamless and secure transition to each credential type.

WaveLynx’s solutions aim to liberate businesses from the restrictions of proprietary access control systems, offering them flexibility, choice, and control. This marks a significant shift towards a more customer-centric experience in the realm of access control credentials.

Access Control System Hardware
Interoperability: A Shift in the Security Industry

In 1992, Mercury Security emerged as a reliable source of card readers, reader controllers and access control panels. Their top-notch products led many companies to abandon their own proprietary access control hardware and resell Mercury's instead.

However, a widespread dependency on a single manufacturer’s product creates potential risks, including situations of supply chain disruptions, such as occurred during the COVID pandemic.

Standards initiatives can’t really address such challenges, given the lack of industry support for standards and the tendency of industry incumbents to favor proprietary customer lock-in. However, an interoperability platform could.

Z9 Security: The First True Interoperability Platform

One industry concern about standards is the risk of commodification of field devices, which could lead to an apparent interchangeability of high and low-quality devices, blurring the distinctions between them.

Additionally, low-quality devices could negatively impact aspects of a security system’s performance, increase support costs, and damage the brand reputation of the overarching system application.

Z9 Security, founded to address such issues, says that it offers the security industry’s first true hardware and software interoperability platform – one built on a flexible, open architecture that covers cloud services, mobile and web applications, embedded software, and server software for access control, video surveillance, intrusion detection and logical access and identity management.

The Z9 interoperability platform facilitates controlled integration, not universal interchangeability.

The basis of the Z9 platform is called “z9/op=n” (pronounced Z9 Open), which includes elements for both software and hardware providers. All Z9-enabled hardware is accessed using the same Z9 SDK and conceptual model, with variations for physical hardware configuration and feature set.

Thus, for software providers, the single Z9 SDK provides simplified integration capability with all Z9-enabled hardware.

However, the specific choices of which Z9-enabled hardware to support is still up to the software provider, who can limit them to partner companies whose hardware meets the performance requirements of the market the software provider is serving.

Similarly, simplified integration to a hardware provider’s Z9-enabled products is available to any software partner that the hardware provider chooses to work with. That choice is still up to the hardware provider.

Additionally, Z9 provides penetration-tested support for cloud-connected hardware, in “Z9/FL=X” (pronounced Z9 Flex), which includes support for all the hardware in the “z9/op=n” ecosystem, plus additional hardware including offline locks. Z9/FL=X can be deployed in any container-based cloud infrastructure, such as AWS ECS, Azure, or Google Cloud, and can be scaled as needed for systems of any size.

It integrates with new or existing cloud applications via a single, robust, cloud-to-cloud JSON/REST API.

The Takeaway: Interoperability
Platforms Can Increase Innovation

In conclusion, interoperability platforms lighten the integration burden for both software and hardware vendors. This allows software and hardware product development teams to focus more on feature innovation, including the incorporation of AI-enabled capabilities into security systems.

Special Note: Security practitioners with large-scale physical security system responsibilities should consider attending the Global Security Operations summit being held at LinkedIn Global Headquarters this August in Sunnyvale, California. You’ll be able to see and talk to the companies leading the interoperability charge, including those named above. You’ll also get actionable insights from among the 50 security colleagues in attendance as well as from sponsoring manufacturers.

Interoperability is just one of the important factors discussed as the event examines what is involved in developing a sound strategy for improving security operations capabilities and security risk mitigation by the smart use of emerging technologies.

Ray Bernard, PSP CHS-III, is the principal consultant for Ray Bernard Consulting Services (RBCS), a firm that provides security consulting services for public and private facilities (www.go-rbcs.com). In 2018 IFSEC Global listed Ray as #12 in the world’s Top 30 Security Thought Leaders. He is the author of the Elsevier book Security Technology Convergence Insights available on Amazon. Follow Ray on Twitter: @RayBernardRBCS.

About the Author

Ray Bernard, PSP, CHS-III

Ray Bernard, PSP CHS-III, is the principal consultant for Ray Bernard Consulting Services (www.go-rbcs.com), a firm that provides security consulting services for public and private facilities. He has been a frequent contributor to Security Business, SecurityInfoWatch and STE magazine for decades. He is the author of the Elsevier book Security Technology Convergence Insights, available on Amazon. Mr. Bernard is an active member of the ASIS member councils for Physical Security and IT Security, and is a member of the Subject Matter Expert Faculty of the Security Executive Council (www.SecurityExecutiveCouncil.com).

Follow him on LinkedIn: www.linkedin.com/in/raybernard

Follow him on Twitter: @RayBernardRBCS.