Campus ID News
Card, mobile credential, payment and security
FEATURED
PARTNERS

Princeton takes contactless access control all the way to the interior door

CampusIDNews Staff   ||   Oct 10, 2012  ||   ,


Students arriving at Princeton University this fall are finding more security in their residence halls. For the first time, their contactless campus ID card will be used to gain access to individual rooms.

The contactless readers on the front of the dorms remain the same, but instead of being issued keys for access to specific rooms students will now tap their card and enter a PIN for access, says Keith Tuccillo, system administrator for life safety and security systems at Princeton.

Using technology from SALTO Systems, the massive deployment includes 53 residence halls and 3,700 individual locks. It impacts about 9,000 undergraduate and graduate students living in Princeton’s housing facilities. Previously students would tap their HID iCLASS 32K card at the main entrance and then use a key for access to their rooms, Tuccillo explains. Starting in the fall, after students are through the main entrance they tap the card on a reader and enter a PIN to access their room.

“The housing department wanted something more robust,” says Trucillo, explaining the choice to require both contactless read and PIN entry. They wanted two-factor authentication so that if a student lost an ID card someone could not gain access to their room, he explains. To meet this need, Princeton chose SALTO’s XS4 lock with keypad.

For added security, the campus is assigning PINs rather than allowing students to self-select their own. “This is to avoid students choosing 1-2-3-4 as their PIN,” Tuccillo says. Students have been notified of their PIN and the changes to the physical access control system through email, physical mail and other print materials.

The Data on Card concept

“In a SALTO system, all data required to make an access decision is held on the card,” explains Mike Mahon, Senior VP Commercial Sales, SALTO Systems. The lock and card communicate with each other to determine if access should be approved or declined. This eliminates the need for online connectivity to a central database during access transactions.

In addition, Mahon explains that the cards themselves can act as transport, carrying system data throughout the network of readers. Cards pickup data from readers in the normal course of entries and exits and spread this data to other readers in a viral manner during subsequent transactions.

This Data on Card concept is a key part of what SALTO calls the SALTO Virtual Network. Another key component is the series of online readers known as hotspots. At a hotspot, cards can be revalidated, PINs changed and access rights adjusted. Additionally, important system data can be loaded for viral dissemination. Hotspots can be normal online exterior door readers or they can be dedicated stations, conveniently located within a building.

Revalidation of card privileges at hotspots is crucial to the SALTO Virtual Network architecture.

In traditional online access control systems, cards and privileges are revoked. Access rights for a terminated employee or student are turned off in the central system and all subsequent access requests are declined during the online transaction. But this presents a challenge in offline environments, as the removal of rights for a terminated cardholder cannot be communicated immediately to the deployed readers.

SALTO solved this challenge by reversing the traditional access control model. “Rather than granting privileges with no expiration or extremely long life spans, we grant short term privileges and use the power of our hotspots to facilitate rapid, seamless revalidation,” explains Mahon.

Imagine a building with two exterior doors and two hundred interior doors controlled with SALTO locks. Cardholder privileges are set to expire every 24 hours and all interior locks operate completely offline. Each time a cardholders enters the building, the students’ privileges are revalidated and rewritten to the card granting access for the next 24-hour period. This enables the student to pass through any approved interior door readers. If the individual is fired or expelled, the card will no longer be revalidated at an exterior door and the current privileges on the card will expire at the end of the 24-hour window.

Furthermore, as other cardholders enter through the exterior doors and are revalidated, the terminated cardholder data is written to the card for viral distribution. As these valid cards are presented to offline door locks through the normal course of operations, the terminated card is added to the lock’s blacklist. If the terminated card is presented to that lock during the few hours it still has remaining on from its prior validation, access is denied and the card rendered inactive.

Benefits from both online and offline functionality

Because SALTO makes all access decisions offline between the card and the reader, the system is not impacted by network or power disruptions. But while the system can function in a fully offline mode, online operation via wireless enables additional functionality.

“Princeton opted to connect the interior XSR locks via Wi-Fi to enable real-time audit tracking for access transactions, instantaneous lock down and remote door scheduling,” says Mahon.

This also reduces the reliance on revalidation of credentials as terminated cardholders can be removed from the deployed readers via online notification. The university chose to revalidate at different intervals based on group, for example staff once per week, students and faculty once per semester and certain staff every 48 hours, explains Mahon.

The new system offers Princeton more flexibility and potentially saves money. In the past, if a key was lost the lock had to be re-keyed. With the new system, however, changes can be made to the physical access control system removing the lost card and issuing a new credential for the student.

It also streamlines the process for granting contractors access to residence hall rooms. Physical master keys were assigned or temporarily issued to contractors. The problem with master key-based systems is that lost keys create extreme vulnerabilities and costs. In traditional environments, a lost master key would entail mass rekeying at significant expense.

In the new environment, the contractor is issued a card with only the appropriate privileges. If lost, the card is simply cancelled and the risk mitigated. The new system also keeps an audit trail of who accessed what locations and when.

The new system was two-years in the making, Tuccillo explains. With the start of the Fall semester, students and campus administrators should start reaping the benefits of these efforts to better secure Princeton’s residential facilities.

Related Posts

Subscribe to our weekly newsletter

RECENT ARTICLES

USF ID card back
Mar 28, 24 /

Caveat emptor when adding contact numbers to campus cards

The back of University of South Florida’s ID card provides several phone numbers for students in crisis or seeking safety services. Many campus cards contain similar resources, but what happens when this information changes. How do you deal with incorrect contact info for essential services? The USF card prominently lists contact numbers for the victim […]
High school bathroom

Bathroom breaks tracked by campus ID and mobile app

At California’s Fresno High, a new app is authorizing and monitoring trips to the bathroom in an effort to increase students’ time in class and decrease gathering in halls and bathrooms. Of course, this has not gone over well with students. Raising your hand and asking the teacher if you can go to the bathroom […]
Atrium Ozzi container

Atrium clients track check-out and return of reusable containers at OZZI kiosks

The push to reduce or even eliminate single-use containers from campus dining is now easier for Atrium clients. Thanks to a seamless integration between Atrium and the OZZI reusable container program, the processes for both students and dining services is streamlined. Atrium clients have been using OZZI for years, but the two systems were independent. […]
CIDN logo reversed
The only publication dedicated to the use of campus cards, mobile credentials, identity and security technology in the education market. CampusIDNews – formerly CR80News – has served more than 6,500 subscribers for more than two decades.
Twitter

Feb. 1 webinar explores how mobile ordering enhanced campus life, increased sales at UVA and Central Washington @Grubhub @CBORD

Join Jeff Koziol and Robert Gaulden from @AllegionUS as we explore how mobile credentials and proptech are changing on- and off-campus housing.

Load More...
Contact
CampusIDNews is published by AVISIAN Publishing
315 E. Georgia St.
Tallahassee, FL 32301
www.AVISIAN.com[email protected]
Use our contact form to submit tips, corrections, or questions to our team.
©2024 CampusIDNews. All rights reserved.