Nortek Blue Pass Mobile Access Reader Tested

By Brian Rhodes, Published Jul 11, 2019, 10:15am EDT

Nortek claims BluePass mobile readers are a 'more secure and easy to use approach to access', but our testing uncovered security problems and usability issues compared to other mobile readers.

free image1 2 - Nortek BluePass Mobile Reader Tested

Inside, we examine:

  • The biggest strengths and problems with BluePass
  • Testing Nortek's mobile app performance with both Android and iPhone
  • The prices we paid for BluePass credentials and mobile reader
  • Overview explaining BluePass' configuration to IPVM's test access system
  • A mysterious, and unused, extra pigtail connector
  • An explanation of Nortek OEM ProDataKey's mobile reader
  • The platform's strengths & weaknesses compared to others

Upcoming Mobile Shootout

Later this summer, IPVM will publish a shootout of mobile credential platforms including BluePass and a number of other tested products:

Key ********

********* *****************:

  • ******* : ******* ***** * 'mobile' *******, *** **** shows ***** ****** ** farther **** ~* **** away **** *** ****** or **** *********** ****** be '****'.
  • *** ***, ******* ****: *** ** ********' biggest ****** ** ******* 'high ********' **.** *** formats ** **** ** supported, *********** ********* *** device **** ***** **** in **** ******* *** not ******* *************.
  • ** *** ********: ******'* ********** *** does *** ******* ****** unlock *******, ******* ***** cannot ******** ***** ******* access **** ******.
  • *** ****** ********: ******** ** *** integrated **** **** ****** platforms, ********* *** ******** and ********** ** * redundant ****** ****** ****** in ******'* ******.

******** *** ********* *******:

  • ** ****** ************:** **** **** *** attempts, ** ****** **** failed ** **** ** either *** *** ** Android **** ******.
  • ****** '*****' *******:**** ********, ***** *** have ***** ***** ** their ****** ** *****, and ****** ********** *** reader ******** *** ******** of ***** ** *****. Not *** ****** ******* include **** *******, ***** is ****** **** ********** phones **** ******* ****** happen.
  • ******* *****:****** **** '****** *****' readers, ******** *** * sealed ********* *** ** IP65 *****. ** ****** unit *********** ******* ** direct **** *** ****, and *** ****** ********* as *******.

BluePass ****** ******

******'* **** ******-***** ****** is ***~$*** ********, ********* ** *** mullion ****** **** *** furnished **** * ****-*****/****** gang *** ******* *****.

**** ************ ****** *******, BluePass ** ******* *** the ********** **** ** door *********** *** **** standard ****** ******. *** reader ** ******** ** a **** ***** ******* housing **** *** **** status ********* **** ******* green ** ***** *****:

*******, *** ******* ******** dirt, *****, *** ************ in ****** *** *** looks ***** ***** ***** service ****. ****** *** excessive ******* ** *** test **** *****:

***** ****** ********** ******** cleaning ******** *******, * step *** ****** **** most ***** ******* **** typically **** * *****/*** glossy *******.

Short ****** *****

*** ****** '******' ***** of ****** ** ******'* reader *** ******** ** be *** ****** **** other ****** *******.

*** ***** ********* ** BluePass *** ******* '*******' or *** ***** ** to * ******* ******** of ** ******. *** sensitivity ** *** ******'* BLE ***** ** ******* one ******* ***** ******, with ** ******** ****** listed *** '*******' *** 'Closer' ********:

***** **** **** ** be ** **** ***** proximity ** *** ****** to ****** *******, **** when ***** ** *** to *** ******* '*******' setting. ****** ***** *** close ***** ** * security *******, **** *********** **** ***************:

** *** ******’* ********* reception ******** ** *** too ****, ** *** inadvertently **** **** ** employee’s ****** ****** *** allow ************ ***** **** the ******** ****** ********* a **** ****, ** touching, *** ******.

** ***** ** ****** tech ******* *** ******** the ***** **** ***** is ****** *** ******* of *** ******.

********' ******* ***** ** shorter *** **** ************ than ***** ****** ******* IPVM *** ******, ********* HID, ********* ****, ********, and *****.

*** ***** ***** ********** will ******* ******** **** being ****** ** ************ requiring ****** **** ****** like ******* ****** *****, many **********, *** *** be * ********* ********** for *** *************.

125 *** ****

******* ********** ** *** reader ** **** ** only '*****' ****** *** kHz ** *** ***********. No **.** *** ********** formats ** *** **** are *********.

******* *** ******* *** insecure *** *******, *** *** ** BluePass **** ********** ***** types, *** ****** ** commonly ******** **** '**** security' ****** **************.

**** **** ***********, ** the *** *** ***** cannot ** ********, **** if ***** **** ** exclusively *** *** *** credentials.

****** ***** ** **** if/when **.** *** ******* is ******** *** ********, users **** **** ** replace ******* ******* *** upgrades **** *** ** possible **** ******** ******.

No *** ********

** ******** ** *** required ***** *****, *** smartphone *** *** ** manual '******' ****** *** unlocking * **** *** visitors ** ****** *** users ******* ** *** 'secure ****' ** ** opening.

******'* ********* ********** *** has ** ******* ******* or ***** *******, *** once * ******** ********** is ***** ** * device ** *********** ****** to **** ******:

*** *** **** *** need ** ** ****** to ** ********, *** even * ****** ***** running ***** **** **** activate ***********.

** ****** **** **** 150 ******** *** *** credentials ** **** ******* and *******, ************ ** issues. ******** **** ******** in *** ********.

Web ****** ********** ****

*** ********'* *** ****** is ****** ** *** credentials *** ***/****** ***** to *** ******, ***** a ******** ********* *** available ** *** ********** apps.

**** ***** *** *****, emails *** **** ** their ****** ***** **** allow **** *** ******** their ****** ** *******:

****** ************** *** *** required ** **** ****** to **** ******* ** enroll ** ****** ***********, but *** *** ****** is *** ************ ** other ****** ******* *** essentially ** * ********* and *****-***** ***********.

*** '***** **********' ******** access ********** *********, **** csv ****** ***** *** be ******** **** *** portal, *** ********* *********** must ** ******* ********.

Credential ********** *****

******** *********** *** **** in *, **, *** 100 **********, **** ****** ranging **** ~$* - $8 **** ********* ** how **** *** *******.

***** '*******-***' ***** *** then ********** ** **** web ****** ********, **** individual ****** ******* ** specific *****.

** ***** ** ** validated *** * ******** site's ******** *******, *** Portal's **** ******* **** assign *** ***********, *** while ******** ****** *** be ******** *** **** this ************** **** ********* need ** ** ********** to ******* ****** ********* or ******** ******** ****.

One ********** *** ******

* ********* ******* **** BluePass *********** ** **** can **** ** ******** to * ****** *** time, *** ** ***** change, ****, ** *** multiple ******* **** **** need ** ******** ******** credentials ** *** **** on *******.

****** ********* ****:

******** ****** *********** *** only **** *** *** life ** *** ******** mobile ******. **** * new ****** ** *********, new *********** *** ********, even ** *** ***** number *** *** *******.

**** ********** **** ****** in ******** *********** ********* for ****** *****, *** could ***** **** **** to ******* *** ***** changing ******* ********** ** control ******** ********** *****.

Reader **** **********

******'* ****** ****** ** longer **** **** '******* mount' *******, *** ** available **** ** *** size, * ****** ********** of ****** ***** ************* **** ******.

*******, *** ****** ******* are ********* ** ******* sizes, ********* *** **** generally ********* '**** *****' R40 ****:

BluePass ** ******* ****

****** *** ********* ** BluePass, *** ********** **** between *** **** *** door *********** *** ** intercepted.

*** **** ** ********** to '*** ** *** middle' ******** ***$** ****** ** ************** **** **** ** physically ********* *** ****** in *** ***** ** reader *****:

******** ***** *** **** even ******* ** ******** a ****** ****** ** sensor ** *** ******, so ********** **** * device ***** *********** ** undetected ** *** ******.

Unlabeled *** ******** *****

*** ********* ******* ** BluePass ****** ** ** unlabeled ********* ******* **** the ***** ********* **********:

******'* ************* **** *** explain **** ** *** this ********* ** ******** or **/***** ** ****** be ********* ** ** access ******.

****** **** ******* *** not ******* *** ******* either, ****** ******* ** 'that ***** ** ******', unable ** ******* *** it ** ******** ** not ******.

***** *** * ***** factor, *** ********* *** terminated *** **** **** up ****** *** *** make ********** * ***** pigtail **** * ******** box ********* ** ***** is *****.

Versus *** *****/****** ***********

*** **** ** ******** is ****** ** ** higher **** *** ** used ** ***** ******* with **** ***** **** frequent ****** ****** ********.

***** ****** ********** ***** are ****** ** ** slightly ***** *** * one-time ******** **** ********, Nortek *********** *** ***-************ and ****** ** ******** to **** **** *** device, ********* ********** ******* ** ***** on '*** ****'. ** unlike ********, ******** ******* can ** ****** ***** HID ***** *********** *** a ****** ***** ** about $* *** **** versus ~$* *** **** Nortek ********** ******.

**** ******, *** ****** credential ** * ***-**** purchase **** *** ** used *** *** **** of *** ****** ** was ********, ***** *** is ** ****** ****.

Versus ********

**** ** *** **** 'cool ******' ******** ********* in ******* ********'* ******* are ******* ** ********, including *** '*****' ** open ******* *** ************* with **** *** *** Android *******.

******, ******** ********* **** of *** *** *** and ******* ************ **** BluePass *** ** ********** only **.** *** ******* and ********** **** **** the ****** ** **********.

** ***** ** *********** ****, **********'* *********** *******, *** ********* ****** at ~$*** ****, *** two ***** *** *********.

**** ********, ***** ** no ****** ********** ******** required. *******, ****** ******, Openpath ******* **** **** with ******** *********** *** the ****** ****** **** be **** *** * service *** ********* ******* for *********** ** ** valid.

Versus ******** *** *** *******

******** ** *** ***** of '***-***' *** *** readers, ******'* **** ** quite ****. **** *** example *** *** **** Midrange **** **** ******* ~$130 ****** ** ******'* ~$250 *****:

***** **** *******, ********'* 125 *** ************* ***** sense *** '******' ********* credentials, *** ** ******* are ********* ***** ***** physical *********** ****** **** mobile, **** ****** *** kHz ******* *** ******** available.

Nortek **** *** **********

****** ** ******* ******** to ****** ****************(******** ****** '***') ******* **.

*** *******'* ***** ***** shows *** **** ****** and **** ********, *** interestingly *** ******* *** available ** *** **** Nortek *******:

*** ***'* ******* ******** UniKey's '*****' ******* **** detects ***** **** ** the ******* * **** is *******, *********** ******** activating *** ****** ** intruders ****** ** ******* close **.

**********'* *** **** ****** substantial ************ **** ***** Nortek ********, **** ********** user *** ********** ********** without * *** ******, and ****** **** ****** command ******* ** *** app.

** **** ** ***** distribution-access***** ** ******** ****** profile **** ***** **** summer, *** **** ******* Touch ** ***********, *******, and ******** ** ***** then.

UniKey *****

**** ********, ****** ** relying ** *********** ******** development *** *** ****** platform. *************, **** ******* is **** ** * partnership ****'****** ***********' ********* ******:

** ***** ** ********* ***********, **** ******* *** developed *** '****** ***********' piece *** **** ******** from ****** **** ******* (see ******* **** ****), ****, ****, *** Honeywell.

Device ******* & ******** ****

  • ****** * **** ******* iOS **.*.*
  • ** ** ******* ******* 8.0.0 '****' ******** ******* H83030C
  • ****** ******** ********: *.*.**

Comments (1)

Undisclosed #1

07/11/19 04:33pm

Good information. I would definitely pass on these due to the 125kHz support. This technology needs to go away completely, I know they are thinking all the takeovers they can do which is fine for them. In the long run selling 125kHz today should be shunned.

In the back of my mind I wonder if this stuff is pushed to the market to fast looking at Vizpin their AE doc is vague. It combines a controller and reader and does not call out which Weigand protocols are supported or frequencies.

Agree: 1
Disagree
Informative
Unhelpful
Funny
Read this IPVM report for free.

This article is part of IPVM's 7,092 reports and 940 tests and is only available to members. To get a one-time preview of our work, enter your work email to access the full article.

Already a member? Login here | Join now
Loading Related Reports