The access control market continues to see improvements with the integration of biometric or wireless communication technologies into lock systems to form what is commonly referred to as mechatronic locks, or smart locks. Smart locks may generally fall into two categories: 1) cylinder-based smart locks; and 2) surface-mounted smart locks.
Cylinder-based smart locks are usually supplied with a removable button that includes a wireless reader. These wireless button readers are configured to receive and process wireless signals sent by a user device, such as for example, an RFID-enabled smart card or RFID-enabled smart phone. These card-based or phone-based wireless devices may then be used as a key to obtain access to one or more locks. After processing wireless signals received from the user device, the wireless button reader typically communicates instructions and information to electronics in the button or in the cylinder of the mechatronic lock. If the user has sufficient credentials, the button or cylinder will then activate another device within the button or cylinder that allows the user to open the mechatronic lock by turning the button in either a clockwise or counter-clockwise direction. Rotating the button thereby allows the user to engage or disengage a deadbolt of the mechatronic lock. One of the advantages of the cylinder-based RFID locks is that they are easy to install, in most cases require no wiring, and are battery-operated which enables them to function autonomously for periods of time.
Another category of locks available today include surface-mounted locks which are controlled by RFID readers, biometric readers, code-based readers, or some combination of each. Some of these locks further include embedded wireless communication transceivers that enable wireless communication with the lock owner. However, these usually require complex and intrusive installation processes, such as drilling or cutting into a door frame for example. As a result, such surface-mounted locks may be as difficult to remove as they are to install. Moreover, surface-mounted locks typically rely on batteries as a power source. However, their dependency on batteries renders the locks vulnerable to battery drainage or failure. Although many surface-mounted locks have a hidden mechanical key override in case of battery failure, these overrides are unsecure because they may be easily bumped, picked, or drilled. Once bumped, picked, or drilled, other redundant security features intended to enhance the lock's security, such as biometric scanners, become futile.
Cylinder-based smart locks with RFID button locks are likewise vulnerable to vandalism, in part, because of the way they are installed. Indeed, as shown in FIG. 1A, wireless reader buttons 108 on some products available today are usually attached to a mechatronic cylinder 101 by a pivot or metal bar 102. This pivot or metal bar 102 is usually freely rotating when not in use, which prevents an ill-intended user from breaking or vandalizing the lock 100. Specifically, some mechatronic cylinders may become disabled if an unwanted trespasser simply applies a large amount of rotational force to the button, allowing the unwanted trespassers access to a user's home. With a freely rotating pivot, the mechatronic cylinder will not typically become disabled by brute rotational force. As shown in FIG. 1A, a pivot 102 is typically a narrow conduit that couples electronics on the button 103-105 to electronics inside the mechatronic cylinder 106. The instructions sent to the mechatronic cylinder 101 either engage or disengage the button which, in turn, will engage or disengage the cylinder's deadbolt, thereby providing access to the user.
Additionally, integrating wireless communication capabilities generally requires adding a continuous and reliable source of power to the lock. For example, the wireless buttons depicted in FIG. 1A generally have a single power source 105. To prevent tampering, the single power source 105 is typically configured inside the button 108 which is disposed on the surface of the door facing inwards. However, these power sources 105 may lose charge or suffer from other failures unexpectedly. When the power source 105 is depleted or fails, users are typically required to call a lock professional to replace the power source or cut, drill, and break down the door frame 109 entirely. Although some lock systems have added alternative supplementary power sources to power the inside button 108 from the outside facing door surface, these devices are often located in the room that has been secured by the lock or are not readily available.
Other drawbacks to using RFID cylinder-based smart locks exist. Generally, RFID cylinder-based smart locks use passive RFID technology, which is known to be vulnerable to hacking or reverse engineering. Moreover, they lack flexibility in situations where a user's device 110 (e.g., their RFID-enabled card or RFID-enabled smart phone) is lost or stolen. In these scenarios, information associated with the user's RFID-enabled card or RFID-enabled smartphone will have to be physically deleted from memory of the lock. This typically requires a system administrator or locksmith to travel to the location of the lock and physically update the memory and any associated electronics in the lock. Because a system administrator and locksmith would have to repeat this process for each lock, the cost of updating such a system can grow significantly if the lost or stolen RFID-enabled card was configured to access a large number of locks.
Further, because these locks do not typically provide an alternative redundant access channel for opening the lock, a user may be prevented from accessing a site and locked out until a replacement RFID-enabled card has been provided, the RFID-enabled lock has been updated, or someone else with credentials to the lock has been found. Similarly, users who rely on their RFID-enabled smartphone may be locked out if their phone battery is depleted and the phone is OFF, because the RFID features may not work.
A large number of users in various countries and population segments today still do not own or have access to a smartphone. Thus, many solutions that only rely on RFID-enabled smartphones are not feasible. Some manufacturers have incorporated biometric readers or keypads for entering access codes into their access control systems in an effort to provide a solution to these users without access to smartphones. However, due to the size, price, and power constraints of the components used in biometric readers or code-based solutions, the quality and level of security provided by these alternative access channels may be limited.
The credentials (e.g., a fingerprint or fixed numeric passcode) used in connection with these alternative access channels may be stored in a local memory embedded in the lock. Thus, enrolling a new user typically requires the user to be physically present at the site of the lock to enter his or her credentials (e.g., a fingerprint or fixed numeric passcode), or have his or her credentials transferred via a portable memory device, such as a USB flash drive. In either scenario, a system administrator may be required to be physically present at the lock to manually transfer the user's credentials onto the lock. In the event a user no longer needs to have access to any of the locks, another on-site visit may be required to update the lock to remove the user's credentials and access information from the lock.
Another drawback to these systems is the lack of control for temporally restricting access to a lock. That is, once access to a lock has been given to a user (e.g., by entering his or her passcode or fingerprint onto the lock), it is difficult to control when the user can have access to the lock. Typically, users of these systems are given access to a lock on a 24/7 basis. Thus, most of these devices also do not keep usage logs of various events or activities that provide information on the lock's usage. Accordingly, lock owners or system administrators are typically unable to analyze information about when a particular lock was used and who attempted to use the lock.
Although some locks store logs containing usage information, they are usually stored in a memory system located on the lock, and thus, may require an administrator to make an on-site visit to the lock to electronically transfer the logs. Some manufacturers have enabled locks to wireless communicate information to devices such as a user's smartphone. However, these locks suffer from similar power limitations as those described above. Specifically, the wireless communication devices in these locks consume a significant amount of power when sending and receiving data. Thus, wireless communication devices powered by batteries may only be operated for limited amounts of time before becoming drained and depleted.
In comparison to cylinder-based RFID button locks, mechanical locks usually do not have a protruding button and are therefore not prone to the same level of vandalism. Further, they are not vulnerable to power supply failures. Mechanical locks are however, by their design, prone to attack by other tools that may allow an ill-intended person to gain access to premises by breaking, tearing, drilling or cutting the cylinder with various tools available from the trade.
In order to protect the lock from such attacks, some mechanical lock manufacturers provide a protection device against such vandalism called an anti-drilling rose 111. Anti-drilling roses are typically added to the face of the cylinder on the external-facing side of a door. As shown in FIG. 1A, anti-drilling roses are generally stout casings made of a durable material that cover portions of the exposed cylinder. Anti-drilling roses are typically screwed 112 into place from the inside of the door outwards, which prevents any disassembly of the system from the outside of the door, but does allow disassembly from the inside of the door. Anti-drilling roses 111 are typically durable enough to withstand blunt strikes with hammers, tearing off with special pliers, and drilling that would otherwise break a mechanical lock. However, anti-drilling roses are typically impractical to add to mechanical cylinders as they usually have a freely rotating anti-drilling protection disc that prevents the lock and key from being used as normal. Moreover, anti-drilling roses are not considered aesthetically pleasing, and therefore, are not often used despite the enhanced security protection they provide.
RFID button locks typically do not have anti-drilling roses. Thus, they are not protected against sideway thrusts of force, such as a heavy sideway thrusts of a hammer, which can dislodge the button from the cylinder body. When a button is dislodged from the cylinder body, the lock may be broken and inoperable, or the lock may be broken and an ill-intended user may gain access to the premises.
There are currently on the market a number of devices that use Bluetooth technology to enable communication between a lock and a smartphone. However, Bluetooth communication may also be vulnerable to hacking as well, because ill-intended persons may intercept and decode the Bluetooth signals being communicated between the phone and lock.
Accordingly, what is needed is a more secure wireless cylinder-based smart locking solution that can be opened and operated by a card, smartphone or by other redundant means such as biometric readers or access codes. The solution should also be managed by a smartphone application, mobile device, or computer, enabling a lock owner to control access rights for locks and users wirelessly and in real-time. The control over the access rights should allow the system owner to give selective permissions to users, by for example providing some users with unlimited access to a lock, and other users with time-restricted or single-usage access rights. The solution should also be capable of withstanding various forms of physical vandalism and tampering, rendering it highly secure. The solution should also incorporate redundant power supplies to prevent power failures and not include a mechanical override in case of power failure.