Avigilon Alta access control offers the ability to leverage your mobile phone as your credential to unlock an entrance via our reader. We do this using our patented, Triple Unlock technology that leverages Bluetooth®, Wi-Fi, and LTE simultaneously to send three signals from the phone to the reader. The three signals are pitted against each other and the first one to arrive unlocks the door; the other two are discarded.<image1>
| Iframe | ||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
When a credentialed user approaches the reader and enters the overlapping Bluetooth range of both the phone and the reader, the reader makes a handshake with the mobile phone (in listening mode), which allows the connection to be sustained. The reader waits for a trigger event to activate the unlock process. The trigger event could be a hand wave in front of the reader, touching the reader, or pressing the unlock button on the phone app.
...
Given all of the different access capabilities and the underlying technologies they rely on, there are optimal reader and mobile app settings , as well as and installation and environmental considerations to ensure a reliable unlock experience.
...
Note that there is a function called “Visitor Pass” which can be issued one-off to allow guests access to a reader through their mobile device. The user is sent a web link to click on their device via the browser running on the smartphone (this assumes access to the internet) that allows them to use a reader to unlock an entrance by sending a command over the internet.
Near Field Communication (NFC)
In some circumstances, the Android version of the Avigilon Alta mobile app can use NFC on Android devices as an additional authentication method. However, you need to confirm that the version of the mobile app you are running is one that does support NFC and that the phone supports NFC to be able to take advantage of this authentication method. At this time, NFC is not yet supported on Apple devices.
Restrictions and permissions on the phone
If your organization uses a mobile device management system that restricts capabilities on the phone, such as enabling or disabling Wi-Fi or Bluetooth, or limiting the installation of apps and credentials, it may limit the ability to use tools needed to make the mobile credentials work.
Performance Variables
One of the reasons that we developed our Triple Unlock technology was to compensate for the variations in performance of any single factor. This reduces the reliance on one technology, such as just Bluetooth or just Wi-Fi, and eliminates the risk of having a single point of failure. While it is well known, it is worth stating that LTE coverage in certain regions, cities, or even buildings or areas of a building, can vary greatly and impact the ability to send and receive communications on the LTE network. Similarly, Bluetooth capabilities vary across Apple and Android, and different versions of phones. Thus, there is a variable range in how Bluetooth may function on different devices, and as a result, may be unreliable at times. Finally, Wi-Fi performance depends on the strength of the Wi-Fi signal, the phone’s ability to connect to the Wi-Fi network, and the strength of the overall network connection. Sometimes Wi-Fi networks are well-connected and highly performant, and sometimes they are not.
Bluetooth Performance
Performance data from our end users show that Android smartphones (across a wide variety of manufacturers) prior to 2023 have demonstrated less effective Bluetooth performance than comparable year iOS phones when looking at a 5-year period.
Readers
Just like with mobile phones, there are a variety of factors that affect reader performance, the type of credentials that a reader can use, and the ability of the reader to communicate with a mobile device. These factors include settings, proximity to other readers, connectivity, and type of reader.
| Iframe | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Settings
Readers that are installed in close proximity to each other may reduce the performance of mobile credentials. This is because multiple readers may be trying to connect to the same mobile phones at one time, creating a lag in response time for the entrance unlocks, as well as confusion as to which intended entry that device is meant to unlock.
| Iframe | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
To mitigate these issues, we do not recommend using Wave to Unlock in environments where many readers are placed together, such as when there are multiple turnstiles at an entrance. In this deployment scenario, we recommend configuring the readers in Turnstile mode, which reduces the read range on the reader to a shorter distance. In this mode, the phone must be presented within inches of the reader to trigger the unlock.
Note that Wave to Unlock prioritizes convenience over more stringent security, as anyone can trigger an unlock by waving their hand in front of a reader if there is a credentialed phone within range, regardless of whether or not the credentialed user was trying to enter. Therefore, Wave to Unlock is not recommended in very high-security environments, unless used with a secondary authentication method.
| Iframe | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Proximity of users
Users with mobile credentials on their person that are stationed next to readers, such as a receptionist or a security guard, may inadvertently activate the reader such that someone else could trigger the Wave to Unlock using the other person’s credentials to authenticate. In these situations, one should not place a credentialed user within Bluetooth range of an installed reader to ensure security and reduce risk. Alternatively, the Bluetooth range on the reader can be reduced so that it doesn’t overlap with the credentialed stationary user.
Connectivity
The ability of the reader to connect to and communicate with the credentialed device impacts the performance of mobile credentials. This can be negatively impacted by poor LTE signal, weak or unreliable Wi-Fi, or Bluetooth interference. Physical obstructions can also impact connectivity, such as a wall or pillar blocking line-of-sight to the phone.
There are some things that can be done to mitigate these issues. For example, if your location has a poor LTE signal, you could consider an LTE booster to improve the signal. Wi-Fi connectivity may be improved by installing a Wireless Access Point closer to the readers. Additionally, set the read range to the longest distance, ensure a clear line of sight between the phone and the reader, and ensure there are no other readers in close proximity.
Type of reader
The type of credentials that can be used depends on the type of reader you install. As a rule, all Avigilon Alta readers support mobile credentials, as well as physical credentials such as a fob or keycard. Keypad readers support using a keycode as a credential.
| Iframe | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
If multi-factor authentication is required, this can be achieved using a keypad reader (keycode plus physical or mobile credentials). Or, a secondary reader can be connected to an Avigilon Alta reader. For example, connecting a biometric reader would enable you to require a fingerprint and a physical or mobile credential to access.