Deep Dive into Luckey’s Standard and Enterprise Access Control Systems: Ensuring Top-notch Security
In our ongoing efforts to provide transparent insights into our platform’s features and security, we’re spotlighting the intricacies of our Standard System and Enterprise System. These systems are a testament to our commitment to upholding the highest industry standards concerning security and access control.
Encryption Process Unveiled
Badge File System: At the heart of our access control, data are stored securely within files in the badge system.
Personal Key – Customized Security: Every customer system can define an access key, or Personal Key, allowing customers to encrypt the stored file.
AES Standard Algorithm: Access to these files is fortified with authentication using the AES standard algorithm, available on MIFARE® DESFire.
Post-Validation Security Layer: Following the badge’s initial validation, our system goes beyond the public ID. It decrypts the encrypted payload on the badge to ensure access.
Badge Enrollment: Methods & Security Protocols
Enrollment Process: The encrypted payload is inscribed onto the badge during the first validation. The enrollment can be realized in two ways:
- Through the wall-mounted Stylos device.
- Utilizing the Stylos reader at reception.
Wall-mounted Stylos – A Flexible Approach: We’ve discerned that the wall-mounted Stylos method offers unparalleled flexibility. This method is beneficial as:
- It omits the need to visit the reception for badge validation.
- It reduces infrastructure at the reception, translating to cost efficiency.
However, there’s a facet to consider: Badge holders might potentially share or duplicate their credentials prior to their initial badge validation. This scenario mirrors the duplication of a physical key. For clarity, consider this:
- A badge with a specific public UID is issued via the Luckey platform.
- Instead of immediate validation, the badge holder shares it with a third party.
- This third party reads the UID, replicates it onto their badge, and validates it before the original holder, essentially misappropriating the credentials.
While this method finds favor among our flexible and shared workspace clientele, those wishing to sidestep the scenario described can opt for an upgrade.
Enhanced Security with Reception-based Stylos Reader: Upgrading the system to include the Stylos reader at the reception ensures badge data encryption at the very issuance moment, mitigating risks.
Security Across Access Points
While our security features shine at perimeter access points, the behavior variance at internal access points, such as offices and meeting rooms, is worth noting. These primarily operate based on a whitelist reading the public badge UID. Yet, for heightened security, software upgrades can be initiated to introduce badge encryption, eschewing reliance on whitelists.
We hope this elucidation provides clarity on the robustness of our Standard and Enterprise Systems. We’re here to field any queries or concerns you might have, ensuring a seamless and secure experience on the Luckey platform.