Many facilities throughout the world utilize electronic access control. Examples of such facilities include hospitals, universities, businesses, factories, military installations, hotels, and residential units. There are thus, many thousands of access control components such as credential readers and access cards in existence today. Many of these readers and access cards (credentials) are of a legacy technology that is lacking advanced security features. With a legacy access control architecture, there is a credential reader mounted at an access point or door. When a user presents a credential to the reader and the credential is read, the credential reader sends the credential data to an access controller mounted somewhere on the premises behind the secure side of the door. The access controller then compares the data received from the electronic credential reader with a database of valid access credentials. If the credential is determined to have valid access privileges the controller energizes a relay that momentarily enables the unlocking mechanism of the door.
With such legacy systems, often, the communication between the credential and reader contains no security measures at all. This makes the credential data transmitted by the credential reader a point of vulnerability for the system, prone to interception by malicious actors. As there are many electronic credential readers in use today at various commercial, industrial, military, and other institutions, it is therefore desirable to have improvements in electronic access control.