FIG. 1 shows a conventional arrangement for providing secure access. A user 401 makes a request, as depicted by an arrow 402, directed to a code entry module 403. The module 403 is typically mounted on the external jamb of a secure door. The request 402 is typically a secure code of some type which is compatible with the code entry module 403. Thus, for example, the request 402 can be a card number stored within a conventional proximity card used to direct the request 402 to a card reader 403. Alternatively, the request 402 can be a sequence of secret numbers directed to a keypad 403. The request 402 can also be a biometric signal from the user 401 directed to a corresponding biometric sensor 403. One example of a biometric signal is a fingerprint. Other physical attributes that can be used to provide biometric signals include voice, retinal or iris pattern, face pattern, palm configuration and so on.
The code entry module 403 conveys the request 402 by sending a corresponding signal, as depicted by an arrow 404, to a controller 405 which is typically situated in a remote or inaccessible place. The controller 405 authenticates the security information provided by the user 401 by interrogating a database 407 as depicted by an arrow 406. If the user 401 is authenticated, and has the appropriate access privileges, then the controller 405 sends an access signal, as depicted by an arrow 408, to a device 409 in order to provide the desired access. The device 409 can, for example, be the locking mechanism of a secure door, or can be an electronic lock on a personal computer (PC) which the user 401 desires to access.
Current systems as depicted in FIG. 1 utilise a communication protocol called “Wiegand” for communication between the code entry module 403 and the controller 405. The Wiegand protocol is a simple one-way data protocol that can be modified by increasing or decreasing the bit count to ensure uniqueness of the protocol among different security companies. The Wiegand protocol does not secure the information being sent between the code entry module 403 and the controller 405.
More advanced protocols such as RS 485 have been used in order to overcome the vulnerability of the Wiegand protocol over long distance routes. RS 485 is a duplex protocol offering encryption capabilities at both the transmitting and receiving ends, i.e. the code entry module 403 and the controller 405 respectively in the present case. The length of the path 404 nonetheless provides an attack point for the unauthorised person.
Proximity cards have become a popular means for emitting the request 402, since proximity cards are cheap, easy to use and convenient to carry for the user 401. Typically, proximity cards comprise an inductive circuit including an integrated circuit (IC), a capacitor, and a coil, which are connected in series within the card. When a proximity card 410 is placed within range of the code entry module 403 (or “card reader”), the code entry module 403 presents a field that excites the coil and charges the capacitor, which in turn energizes the IC on the proximity card 410. The IC then transmits a card number stored within the IC, via the coil as transmit antenna, to the code entry module 403. The field emitted by the code entry module 403 for older proximity cards is typically around 125 kHz. The field emitted by the code entry module 403 for newer proximity cards is typically around 13.56 MHz. These newer proximity cards are typically in the form of contactless RFID cards which are also known as “contactless smartcards”. Proximity cards have a communication range of 0-80 mm in most instances, allowing the user to place the card 410 within 80 mm of the code entry module 403 in order for the card to be read by the code entry module 403. The term “communication range” refers, in the described example, to the distance to within which the proximity module 126 and the code entry module 130 must be brought in order for their respective transmit/receive antennas to be able to achieve satisfactory communications.
Conventional proximity cards (e.g., 410) used for emitting the request 402 may be lost by the user 401, and the lost proximity card 410 may be used by an unauthorised person to gain the desired access. In fact, there has been a high incidence of such fraudulent activity with conventional proximity cards where unauthorised persons steal the cards. As a result many users have looked to upgrade their proximity card secure access systems with other more secure systems. However, the cost of such up-grades is high due to the necessity to re-wire buildings and facilities to implement the upgrades.