printer friendly version

Integration crucial for manufacturers

With a view on how important integration is to the system integrator community (as printed in the previous article, it would only be fair to ask the manufacturers for their take on the value of integration. In the past, integration was more of a grudge for manufacturers who were able to supply full solutions as they naturally wanted to ‘own’ the whole project and thereby own the customer.

Nicolas Garcia.

Smaller manufacturers might have had different ideas as they could not supply a full solution, but only a few years ago, integration was still a thorny issue with most customers and SIs having to rely on management platforms to make all the components of a project play nicely together. Today things are different as most manufacturers realise they must ensure their systems can work in a diverse environment and communicate seamlessly with other products, both in the security field and externally.

Hi-Tech Security Solutions spoke to two of the leading biometrics manufacturers to get their take on integration and more in the Covid and post-Covid world. These are two of the ‘big guys’ in the game, so the reader should realise they may not represent the feelings and capabilities of the smaller players who operate on price advantage alone and therefore can’t put as many resources into their product development. Having said that, it’s the smaller players that have the greatest need to ensure easy integration with their products to ensure they can ‘slot-in’ anywhere.

Starting out, we asked them how important it is to have the ability to integrate into other (access-related and non-access) functionality or operations today?

The data must flow

Walter Rautenbach, MD of neaMetrics and the Suprema distributor in 21 African countries says, “We view integration as very important. The topic of integration became popular many years ago as users became tired of running separate systems for which they had to employ extra people to manage, not to mention the additional room for human error that this brought about. Rightfully, it also became a great selling point as vendors extrapolated more value from clients by offering modular and integrated solutions.

“In the current age of automation, however, we are getting used to seeing data flowing from one system to the other and it is rather an anomaly if it does not. Google home is a good example, with various hardware vendors integrated into one central hub, where I can switch on my lights, trigger an alarm, or view camera footage. As end-users get used to this on the private front, they expect the same for their businesses, access control and T&A.;

“They want security systems that can integrate the access they give people, being employees or visitors, into one system. Moreover, they also expect nothing less than integration into payroll, video and any other day-to-day data processing functions.”

It serves to remember that access control is an integral part of the security ecosystem, says Nicolas Garcia, regional director of sales for IDEMIA. “If any product, biometric or otherwise, has the ambition to become the technology of choice for a building, for example, the first and foremost consideration has to be how well this product can be integrated into the whole security equation.

“For access control, the primary consideration is to ascertain the identity of the legitimate individual with the appropriate access rights. This, of course, can be achieved via a variety of means, with biometric authentication being considered the most accurate. Upon accurate identification, the individual’s access is logged as a record in the larger security ecosystem.

“Other non-access functions, such as building management, are increasingly becoming multi-faceted. In the context of the pandemic, some public spaces now require temperature checks from individuals to ensure a general level of health and safety. Technology that supports temperature monitoring will, again, have to be adequately integrated into a larger ecosystem to keep real-time records. These records maybe even matched to individuals accessing the space at a given time to support contact tracing in the unfortunate event of an outbreak, for example.”

The challenges faced

While it is easy to badmouth a manufacturer for perceived lack of integration capabilities, it can’t be simple to ensure your products are open and secure in every situation. Garcia says the main challenge with integration is that there is so many different possible combinations that it is becoming difficult for one SI to master all the solutions out there. As a result, an SI usually specialises in specific verticals like residential estates, mining, industrial, etc.

“We, as manufacturers, have to ensure that our solutions are as easy as possible to set up and use. We also propose face-to-face or on-line training and certifications to ensure our partners have proper knowledge of our systems. All relevant parties can join our online training platform. We also work on tools to make our partners’ lives easier while not compromising security over convenience.”

Rautenbach agrees, noting that the rate of change in technology is one of the greatest challenges. New hardware and software systems are released daily and new standards for integration are almost as frequent. It is therefore not a small consideration to decide which integration platforms to provide, nor which of the multitude of leading manufacturers to integrate with, should it be done internally.

“It is with this in mind that Suprema has, since its inception, reinvested 15% of its annual revenue into R&D; and integration, he adds, “thereby leading the way through open API, system plug-ins and SDKs that enable integration of its hardware and software into other systems. Suprema also integrates into leading software and hardware providers themselves to give clients the benefit of linking their video, payroll, credentials, mobile, identity and many other solutions with Suprema hardware and software.”

He says it’s worth noting that “Suprema offers more than the standard way of integration to SIs by also providing system developers with the tools to do native software integration and development with its products. Our dedicated African engineering team offers advice, assistance and development services to those that need it.”

Making it secure

As hinted above, opening your solutions to integration with everybody can be easy if you have no concerns about the security of the final solution and especially the data used in transactions. But when it comes to access and identity information, you don’t get much more personal information than that.

So, what can and should be done to be as open to everyone as possible, but also to ensure the security of the information entrusted to you. When a product fails, the first one to be blamed is the one with the logo on the product, irrelevant of whether mistakes were made in the installation or in other areas of the security solution.

Suprema follows international standards in security and integration which ensures secure data exchange and no backdoors which might create security and data risks, states Rautenbach. “Within Suprema devices and software platforms, data is secured in the same way, ensuring that data encryption standards are followed to protect data within and to control access through integration platforms.

“The weakest link is the integration itself and what happens with it outside of the Suprema realm. Here we offer best practice advice and review integrations wherever we can before certification.”

Garcia has a similar answer, noting that IDEMIA’s security measures follow international best practice standards and recommendations. “For instance, we use encryption wherever possible and we regularly perform intrusion tests through third-party independent organisations. These measures have led us to improve our security based on their findings and recommendations.

“The best evidence that this is working is that we were recently awarded iBeta1 and iBeta2 certifications for VisionPass, our facial recognition solution. This is the first of its kind worldwide and this demonstrates that IDEMIA is taking data security in a very serious light.”

Security in the wires

One standard for security specifically designed for the access control world is OSDP (Open Supervised Device Protocol), an access control communications standard developed by the Security Industry Association (SIA) with the goal of improving interoperability among access control and security products. (OSDP was approved as an international standard by the International Electrotechnical Commission in May 2020 and has been published as IEC 60839-11-5.)

There are many benefits to using OSDP in place of the legacy, but still popular Wiegand; some of these include:

• Two-way communications between the reader and controller (Wiegand is one-way, to the controller).

• The OSDP Secure Channel supports AES-128 encryption.

• OSDP is an open standard that allows users to choose different manufacturers for their readers and controllers.

(To find out more about OSDP and its benefits, readers can download an eBook on the topic at https://info.hidglobal.com/201812pacsglobalnxtgenaccesswebebdemystifyingtheospd_LP-Request.html, or via the short link: www.securitysa.com/*osdp1; www.securitysa.com/*osdp will take you to the SIA site for more on OSDP)

Rautenbach explains that OSDP is one of the internationally recognised integration methods and Suprema complies 100% and offers it as a standard method of integration into its hardware.

“OSDP does, however, have its limitations,” he notes. “It is more focused on specific protocols and hardware-to-hardware interfaces. In today’s world of software, SIs are looking for more flexible ways of integration and although OSDP offers secure ways for device to devices or controller, it will not offer you integration of VMS, payroll, visitor management etc. into other systems. All Suprema users can make use of secure OSDP, should this be their preference, but many more avenues of integration are available to software developers.”

Garcia says IDEMIA has seen an increase in requests for OSDP integration and while the company’s products are OSDP ready, there is still a long way to go before a majority of installed sites use OSDP. “In the meantime, we support our partners in setting up OSDP connections on our readers whenever assistance is required and we have incorporated this information into our training programme.”

Looking ahead

Finally, we asked our interviewees for a quick take on what they see happening in the year ahead in the access and identity space.

“Facial recognition will continue its exponential growth, but offerings in secure credentials on our mobile phones might exceed even that,” says Rautenbach. “We are looking forward to mobile credentials that will allow users to keep a secure hand on their own data and see this as the bridge into not only using this for access control into a building, but for other day-to-day things we have to do. What could be more convenient than just using what everyone always has on them?”

“Whilst there is still a strong demand for contact fingerprint biometric readers despite the pandemic, contactless is growing and we are expecting the trend to continue over the next few years, says Garcia. “However, we propose facial recognition and contactless fingerprint solutions (which both serve their own purposes) will also keep a steady growth rate.

“We don’t see these readers [contactless facial and fingerprint readers] as competitors to each other, but rather as complementary. In fact, there is no silver bullet when it comes to biometric decisions. As always, IDEMIA sales and presales teams are there to assist in selecting the technology most adapted to each specific use case.”

Share this article:

Further reading: