NFC vs RFID vs BLE: In Terms of Physical Security

BLE_vs_ALL.png

Since the development of new communication standards like Bluetooth Low Energy (BLE) and Near Field Communication (NFC), there’s been a lot of debate throughout the physical access control space on which one delivers the most bang for your buck. Additionally, with long-standing protocols like Radio Frequency Identification (RFID), the discussion then leads into a “if it’s not broken, why fix it?” kind of dialogue. While RFID has great use cases for applications such as inventory management and theft prevention, the 70 year old technology is becoming a limited communication protocol for the physical security space. Below we dive into the key differences between BLE, NFC, and RFID communication protocols and how they impact the overall security of physical access control technology.

First off, due to the industry’s long standing use of RFID, hackers and other bad actors have had plenty of time to identify the holes in the system. Moreover, several devices have been produced since RFID entered the physical access control space that make it simple for hackers to breach a system in as little as 30 seconds. These systems are being sold on sites like eBay at a low-cost; making it easy for anyone to intercept the data being communicated between key cards and your average 125KHz RFID powered system. Since awareness of RFID system vulnerabilities were brought to the security industry’s attention, efforts have been made to ameliorate the issues. However, according to Francis Brown, managing partner at security firm Bishop Fox, “despite increased efforts and progress made by some companies in recent years to upgrade to more secure contactless card systems, the large majority of physical access control systems out there are still legacy 125KHz proximity card deployments”.

Additionally, the credentials that are powered by RFID are (more often than not) hard credentials, making them easier to lose, steal, or copy. This is where using RFID’s successor, NFC, can improve on a system’s security, since it utilizes soft credentials like digital keys to distribute access. The caveat with NFC is that although these system’s soft credentials make it more secure, the communication protocol is still derived from RFID. As such, NFC communicates in a similar fashion to its predecessor; offering two-way communication between NFC enabled devices and their corresponding devices through HF (High Frequency) RFID. Ultimately, the communication protocol still holds the same kind of risks, unless companies utilize secure NFC channels with rich encryption to ensure that data is transmitted with full integrity.

BLE based systems also have the advantage of utilizing soft credentials like digital keys to facilitate tighter security. However, the key difference between both RFID and NFC with BLE is the communication process. Where RFID and NFC uses radio frequency to communicate, BLE utilizes outbound signals to find and communicate with other Bluetooth enabled devices. While the utilization of signals may sound like it could open BLE communication up to the same vulnerabilities found in RFID and NFC, the key difference lies within a systems approach to securing the transmission of the data.

For example, UniKey’s platform uses a heavily encrypted mobile application to communicate with an equally encrypted, BLE enabled, smart reader. While the mobile application is always broadcasting a signal, the reader remains idle; waiting for a user to touch it and trigger its search for a compatible, BLE enabled device such as the smartphone and its mobile application. The reader then 1) scans to see if the compatible device is within range of it and 2) holds proper credentials. All data that is passed from the phone to the reader is heavily encrypted, allowing for secure transmission and smarter access. Moreover, since native BLE security harbors several possible weaknesses and exploits, UniKey’s platform does not rely on it to hold down the fort. Instead, BLE is solely used as a point to point communication channel, and is undergirded by UniKey’s own crypto protocol. It also gives platform customers the ability to share keys among system users without requiring device pairing for every user. Notably, this is something native BLE security would require.

Overall, no matter the communication standard a security system uses, the level of security it can provide consumers is in the hands of the company that produced it. At UniKey, our mission is to provide our partners and the world with the most secure mobile access control solutions technology can offer. To learn more about how UniKey uses BLE to empower our solutions and partners, visit www.unikey.com.



 

How it's Made: Smart Cabinetry Pt 3

642147244

In our last blog post we took an in-depth look at the hardware and embedded processes behind Mohammad’s SmartCabinet. “When I started the project, my deadline was the senior design fair, roughly 5 months out. Looking at the scope of work and time it would take to put it all together, I thought the project was going to be impossible, at least in that small frame of time. UniKey’s platform expedited the process though, making it possible for me to meet that deadline.”

When we sat down with Mohammad one of the first questions we asked him was: What did you feel was the biggest pain point throughout the entire project? Naturally, “bringing the cabinet online” was his response. This problem, which was nearly identical to what UniKey had to overcome with the deadbolt, was a perfect match for the company’s mobile key platform. The hardware, as we alluded to in the previous How it’s Made post, was just half of what Hammad had to tackle on the road to bringing his product online. As with any connected device, functionality and user experience is also wildly contingent on the product’s firmware, software, and mobile applications.

The Software & Mobile Applications

In order to bring his SmartCabinet online, Hammad first had to build his mobile app. Utilizing UniKey’s mobile SDK and support, Hammad fashioned a custom Android app, powered by UniKey for all BLE communication and security protocols. To enable mobile access control, Hammad had to connect his mobile application with the hardware we mentioned in the previous post. “The entire security protocol and BLE processes are supported by UniKey’s platform and SDK, ensuring we’d feature a robust and trusted security architecture. This allowed me to have an accredited security protocol and the ability to focus on the features that are unique to my product”, Hammad adds.

Moreover, Hammad explained that UniKey’s app interfaced perfectly with all of the functions he wanted to feature on the SmartCabinet, including Touch-to-Open® and Inside/Outside Intelligence®. The software and mobile apps created through UniKey’s SDKs were also flexible enough to include a log of the cabinet’s weight-sensor, along with other unique functions. This was an added touch Hammad wanted in his product in order to allow users to see a real-time log of their belongings which are being tracked in the cabinet; granting them a stronger peace of mind in seeing the contents untouched. Additionally, similar to UniKey’s smart locks, users of the SmartCabinet are able to send eKeys from its mobile app. It also offers them the same level of control over the device as the app displays the cabinet’s lock status. Together, with Hammad’s vision, hard work, and some help from UniKey’s components, users are given a sophisticated, connected experience.

Putting the Pieces Together

“Producing the SmartCabinet took me several weeks of dedicated time and labor, but I’m incredibly happy with the results”, states Hammad. Having seen and even tried out this mobile key enabled SmartCabinet, we can add that the product is anything but a commonday piece of storage. It’s also a direct example of what anyone can do with UniKey’s mobile key platform. Roughly five months ago, Hammad’s cabinet was just a dormant piece of storage. Today it’s an automated, intelligent safe that can be observed in real-time and enable the same smart, passive features UniKey enabled locks and readers are known for. To read the last two posts on Hammad’s SmartCabinet, or to learn more about UniKey’s platform visit www.unikey.com

How it's Made: Smart Cabinetry- Powered by UniKey Pt 2

Screen Shot 2018-05-15 at 10.27.54 AM.png

A few weeks ago we sat down with Mohammad Hammad, our test engineering intern turned full-time engineer at UniKey Technologies. Mohammad filled us in on all the aspects of how rigorous and time consuming a senior design project for UCF’s College of Engineering and Computer Science can be. The weeks leading up to the final Smart Cabinetry project, Mohammad worked relentlessly, spending many late nights in UniKey’s hardware lab to put the final pieces of his project together. However, “UniKey’s mobile access control platform made it much easier to implement the BLE communication/authentication and gave me the ability to focus more on the overall functionality of the product,” he stated. Designed to be a simple and straightforward process through the utilization of sophisticated SDKs and hardware reference designs, Hammad was able to bring his smart cabinet to life within 5 months time. Below we break down the pieces of UniKey’s platform that helped him make it happen.

The Hardware

When you think of a cabinet, generally the first image that pops into your head is a kitchen cabinet. Naturally, “it was the most common design for cabinetry and we wanted our product to be designed for common use. We pictured it being used for medicine cabinets, pantries, liquor cabinets, and home office setups.” Whether it would be used to keep hazardous products away from children or to simply protect confidential documents, certificates, or records, Hammad wanted a design that could be suitable for multiple purposes. Diving more into the nitty gritty parts of the hardware, in order to create a mobile access control cabinet with an automated opening/closing feature, Hammad built his own locking mechanism. The lock is powered by a M995 servo to give it the kind of torque needed to open the cabinet door.

As the project was sponsored by UniKey, Hammad inherently wanted to utilize one of the company’s greatest assets: Touch-to-Open® Technology. TTO packs a powerful user experience as it not only supplies the convenient touch to unlock feature, but it is also fortified by Inside/Outside Intelligence® that authenticates the location of a user’s location upon their interaction with the lock. TTO, however, proved to be a challenge for this project as it’s something that had only been rendered on smart locks and readers. To supply the cabinet with this level of functionality, Hammad built a touch-pad sensor and housed it within the cabinet to maintain its outer aesthetic. The sensor uses a cap touch circuit that’s triggered by a user’s touch, initiating Touch-to-Open® and a frictionless experience for cabinetry.

For the embedded portion of the project, Hammad used a Printed Circuit Board (PCB) to serve as the hub for  microcontrollers which run the system, the coprocessor and host. The coprocessor was modeled after UniKey’s PBU (Powered by UniKey Module) reference design and handled the BLE communication for the PCB. The host simply needed to communicate with the coprocessor and control the hardware peripherals. To enable the mobile applications for the smart cabinetry, Hammad leveraged UniKey’s coprocessor firmware that handled the security processes and BLE communication between the phone and cabinet. Due to the design of the cabinet, an external BLE antenna was required. With guidance from some of UniKey’s expert team members and reference design, an antenna was built that could handle the communication protocol. This was done by using a copper plate and wire to create a “patch antenna”, which was then plugged  into the PCB, and routed to the coprocessor to amplify the BLE signal.

Just the Half of It

In this post we focused on half of the components and thought processes that went into the cabinet’s hardware and its corresponding embedded technology. “When I first came up with the idea to make a smart lock-enabled cabinet, I was inspired by all the technology I got to work with at UniKey on a day to day basis. The project was definitely a challenge but it was made feasible by UniKey’s platform and its straightforward APIs, SDKs, and hardware reference designs”. In the upcoming weeks we’ll sit down with Mohammad once more to hear about the the software and mobile applications that were used to power the SmartCabinet’s user experience. Until then, you can learn more about the SmartCabinet and UniKey’s platform by visiting www.unikey.com.





 

The UniKey Platform

Imagine a world where you don't have to do the typical "phone, keys, wallet" check every time you walk out the door. A world where access to your home, car, and office is all simplified. Your phone is now your key.  With UniKey's one-of-a-kind mobile key platform, access control is taking on a new appearance, where security and convenience are no longer mutually exclusive. 

UniKey: A Year in Review

UniKey: A Year in Review

For UniKey Technologies, 2017 has been a momentous year full of expansion and collaboration. With several products coming to life this year and nearly a dozen scheduled to launch in 2018, the company is rapidly delivering secure mobile access control solutions all over the world. To expand on UniKey’s 2017 goals and successes and gather more insight into future endeavors, we sat down with Phil Dumas, Founder and CEO, and Lee Odess, COO.

What is UniKey all About?

What is UniKey all About?

Since the beginning, UniKey has been redefining the way the world accesses everything. What started out as a small team working tirelessly to deliver the world's first residential smart lock has now grown into an organization of over 50 individuals dedicated to bringing all locks online.