Nortek Blue Pass Mobile Access Reader Tested

By: Brian Rhodes, Published on Jul 11, 2019

Nortek claims BluePass mobile readers are a 'more secure and easy to use approach to access', but our testing uncovered security problems and usability issues compared to other mobile readers.

free image1 2 - Nortek BluePass Mobile Reader Tested

Inside, we examine:

  • The biggest strengths and problems with BluePass
  • Testing Nortek's mobile app performance with both Android and iPhone
  • The prices we paid for BluePass credentials and mobile reader
  • Overview explaining BluePass' configuration to IPVM's test access system
  • A mysterious, and unused, extra pigtail connector
  • An explanation of Nortek OEM ProDataKey's mobile reader
  • The platform's strengths & weaknesses compared to others

Upcoming Mobile Shootout

Later this summer, IPVM will publish a shootout of mobile credential platforms including BluePass and a number of other tested products:

****** ************** ****** ********** * '**** ****** and **** ** *** approach ** ******', *** our ******* ********* ******** problems *** ********* ****** compared ** ***** ****** readers.

free image1 2 - Nortek BluePass Mobile Reader Tested

******, ** *******:

  • *** ******* ********* *** problems **** ********
  • ******* ******'* ****** *** performance **** **** ******* and ******
  • *** ****** ** **** for ******** *********** *** mobile ******
  • ******** ********** ********' ************* to ****'* **** ****** system
  • * **********, *** ******, extra ******* *********
  • ** *********** ** ****** OEM **********'* ****** ******
  • *** ********'* ********* & weaknesses ******** ** ******

Upcoming ****** ********

***** **** ******, **** will ******* * ******** of ****** ********** ********* including ******** *** * number ** ***** ****** products:

[***************]

Key ********

********* *****************:

  • ******* : ******* ***** * 'mobile' *******, *** **** shows ***** ****** ** farther **** ~* **** away **** *** ****** or **** *********** ****** be '****'.
  • *** ***, ******* ****: *** ** ********' biggest ****** ** ******* 'high ********' **.** *** formats ** **** ** supported, *********** ********* *** device **** ***** **** in **** ******* *** not ******* *************.
  • ** *** ********: ******'* ********** *** does *** ******* ****** unlock *******, ******* ***** cannot ******** ***** ******* access **** ******.
  • *** ****** ********: ******** ** *** integrated **** **** ****** platforms, ********* *** ******** and ********** ** * redundant ****** ****** ****** in ******'* ******.

******** *** ********* *******:

  • ** ****** ************:** **** **** *** attempts, ** ****** **** failed ** **** ** either *** *** ** Android **** ******.
  • ****** '*****' *******:**** ********, ***** *** have ***** ***** ** their ****** ** *****, and ****** ********** *** reader ******** *** ******** of ***** ** *****. Not *** ****** ******* include **** *******, ***** is ****** **** ********** phones **** ******* ****** happen.
  • ******* *****:****** **** '****** *****' readers, ******** *** * sealed ********* *** ** IP65 *****. ** ****** unit *********** ******* ** direct **** *** ****, and *** ****** ********* as *******.

BluePass ****** ******

******'* **** ******-***** ****** is ***~$*** ********, ********* ** *** mullion ****** **** *** furnished **** * ****-*****/****** gang *** ******* *****.

**** ************ ****** *******, BluePass ** ******* *** the ********** **** ** door *********** *** **** standard ****** ******. *** reader ** ******** ** a **** ***** ******* housing **** *** **** status ********* **** ******* green ** ***** *****:

*******, *** ******* ******** dirt, *****, *** ************ in ****** *** *** looks ***** ***** ***** service ****. ****** *** excessive ******* ** *** test **** *****:

***** ****** ********** ******** cleaning ******** *******, * step *** ****** **** most ***** ******* **** typically **** * *****/*** glossy *******.

Short ****** *****

*** ****** '******' ***** of ****** ** ******'* reader *** ******** ** be *** ****** **** other ****** *******.

*** ***** ********* ** BluePass *** ******* '*******' or *** ***** ** to * ******* ******** of ** ******. *** sensitivity ** *** ******'* BLE ***** ** ******* one ******* ***** ******, with ** ******** ****** listed *** '*******' *** 'Closer' ********:

***** **** **** ** be ** **** ***** proximity ** *** ****** to ****** *******, **** when ***** ** *** to *** ******* '*******' setting. ****** ***** *** close ***** ** * security *******, **** *********** **** ***************:

** *** ******’* ********* reception ******** ** *** too ****, ** *** inadvertently **** **** ** employee’s ****** ****** *** allow ************ ***** **** the ******** ****** ********* a **** ****, ** touching, *** ******.

** ***** ** ****** tech ******* *** ******** the ***** **** ***** is ****** *** ******* of *** ******.

********' ******* ***** ** shorter *** **** ************ than ***** ****** ******* IPVM *** ******, ********* HID, ********* ****, ********, and *****.

*** ***** ***** ********** will ******* ******** **** being ****** ** ************ requiring ****** **** ****** like ******* ****** *****, many **********, *** *** be * ********* ********** for *** *************.

125 *** ****

******* ********** ** *** reader ** **** ** only '*****' ****** *** kHz ** *** ***********. No **.** *** ********** formats ** *** **** are *********.

******* *** ******* *** insecure *** *******, *** *** ** BluePass **** ********** ***** types, *** ****** ** commonly ******** **** '**** security' ****** **************.

**** **** ***********, ** the *** *** ***** cannot ** ********, **** if ***** **** ** exclusively *** *** *** credentials.

****** ***** ** **** if/when **.** *** ******* is ******** *** ********, users **** **** ** replace ******* ******* *** upgrades **** *** ** possible **** ******** ******.

No *** ********

** ******** ** *** required ***** *****, *** smartphone *** *** ** manual '******' ****** *** unlocking * **** *** visitors ** ****** *** users ******* ** *** 'secure ****' ** ** opening.

******'* ********* ********** *** has ** ******* ******* or ***** *******, *** once * ******** ********** is ***** ** * device ** *********** ****** to **** ******:

*** *** **** *** need ** ** ****** to ** ********, *** even * ****** ***** running ***** **** **** activate ***********.

** ****** **** **** 150 ******** *** *** credentials ** **** ******* and *******, ************ ** issues. ******** **** ******** in *** ********.

Web ****** ********** ****

*** ********'* *** ****** is ****** ** *** credentials *** ***/****** ***** to *** ******, ***** a ******** ********* *** available ** *** ********** apps.

**** ***** *** *****, emails *** **** ** their ****** ***** **** allow **** *** ******** their ****** ** *******:

****** ************** *** *** required ** **** ****** to **** ******* ** enroll ** ****** ***********, but *** *** ****** is *** ************ ** other ****** ******* *** essentially ** * ********* and *****-***** ***********.

*** '***** **********' ******** access ********** *********, **** csv ****** ***** *** be ******** **** *** portal, *** ********* *********** must ** ******* ********.

Credential ********** *****

******** *********** *** **** in *, **, *** 100 **********, **** ****** ranging **** ~$* - $8 **** ********* ** how **** *** *******.

***** '*******-***' ***** *** then ********** ** **** web ****** ********, **** individual ****** ******* ** specific *****.

** ***** ** ** validated *** * ******** site's ******** *******, *** Portal's **** ******* **** assign *** ***********, *** while ******** ****** *** be ******** *** **** this ************** **** ********* need ** ** ********** to ******* ****** ********* or ******** ******** ****.

One ********** *** ******

* ********* ******* **** BluePass *********** ** **** can **** ** ******** to * ****** *** time, *** ** ***** change, ****, ** *** multiple ******* **** **** need ** ******** ******** credentials ** *** **** on *******.

****** ********* ****:

******** ****** *********** *** only **** *** *** life ** *** ******** mobile ******. **** * new ****** ** *********, new *********** *** ********, even ** *** ***** number *** *** *******.

**** ********** **** ****** in ******** *********** ********* for ****** *****, *** could ***** **** **** to ******* *** ***** changing ******* ********** ** control ******** ********** *****.

Reader **** **********

******'* ****** ****** ** longer **** **** '******* mount' *******, *** ** available **** ** *** size, * ****** ********** of ****** ***** ************* **** ******.

*******, *** ****** ******* are ********* ** ******* sizes, ********* *** **** generally ********* '**** *****' R40 ****:

BluePass ** ******* ****

****** *** ********* ** BluePass, *** ********** **** between *** **** *** door *********** *** ** intercepted.

*** **** ** ********** to '*** ** *** middle' ******** ***$** ****** ** ************** **** **** ** physically ********* *** ****** in *** ***** ** reader *****:

******** ***** *** **** even ******* ** ******** a ****** ****** ** sensor ** *** ******, so ********** **** * device ***** *********** ** undetected ** *** ******.

Unlabeled *** ******** *****

*** ********* ******* ** BluePass ****** ** ** unlabeled ********* ******* **** the ***** ********* **********:

******'* ************* **** *** explain **** ** *** this ********* ** ******** or **/***** ** ****** be ********* ** ** access ******.

****** **** ******* *** not ******* *** ******* either, ****** ******* ** 'that ***** ** ******', unable ** ******* *** it ** ******** ** not ******.

***** *** * ***** factor, *** ********* *** terminated *** **** **** up ****** *** *** make ********** * ***** pigtail **** * ******** box ********* ** ***** is *****.

Versus *** *****/****** ***********

*** **** ** ******** is ****** ** ** higher **** *** ** used ** ***** ******* with **** ***** **** frequent ****** ****** ********.

***** ****** ********** ***** are ****** ** ** slightly ***** *** * one-time ******** **** ********, Nortek *********** *** ***-************ and ****** ** ******** to **** **** *** device, ********* ********** ******* ** ***** on '*** ****'. ** unlike ********, ******** ******* can ** ****** ***** HID ***** *********** *** a ****** ***** ** about $* *** **** versus ~$* *** **** Nortek ********** ******.

**** ******, *** ****** credential ** * ***-**** purchase **** *** ** used *** *** **** of *** ****** ** was ********, ***** *** is ** ****** ****.

Versus ********

**** ** *** **** 'cool ******' ******** ********* in ******* ********'* ******* are ******* ** ********, including *** '*****' ** open ******* *** ************* with **** *** *** Android *******.

******, ******** ********* **** of *** *** *** and ******* ************ **** BluePass *** ** ********** only **.** *** ******* and ********** **** **** the ****** ** **********.

** ***** ** *********** ****, **********'* *********** *******, *** ********* ****** at ~$*** ****, *** two ***** *** *********.

**** ********, ***** ** no ****** ********** ******** required. *******, ****** ******, Openpath ******* **** **** with ******** *********** *** the ****** ****** **** be **** *** * service *** ********* ******* for *********** ** ** valid.

Versus ******** *** *** *******

******** ** *** ***** of '***-***' *** *** readers, ******'* **** ** quite ****. **** *** example *** *** **** Midrange **** **** ******* ~$130 ****** ** ******'* ~$250 *****:

***** **** *******, ********'* 125 *** ************* ***** sense *** '******' ********* credentials, *** ** ******* are ********* ***** ***** physical *********** ****** **** mobile, **** ****** *** kHz ******* *** ******** available.

Nortek **** *** **********

****** ** ******* ******** to ****** ****************(******** ****** '***') ******* **.

*** *******'* ***** ***** shows *** **** ****** and **** ********, *** interestingly *** ******* *** available ** *** **** Nortek *******:

*** ***'* ******* ******** UniKey's '*****' ******* **** detects ***** **** ** the ******* * **** is *******, *********** ******** activating *** ****** ** intruders ****** ** ******* close **.

**********'* *** **** ****** substantial ************ **** ***** Nortek ********, **** ********** user *** ********** ********** without * *** ******, and ****** **** ****** command ******* ** *** app.

** **** ** ***** distribution-access***** ** ******** ****** profile **** ***** **** summer, *** **** ******* Touch ** ***********, *******, and ******** ** ***** then.

UniKey *****

**** ********, ****** ** relying ** *********** ******** development *** *** ****** platform. *************, **** ******* is **** ** * partnership ****'****** ***********' ********* ******:

** ***** ** ********* ***********, **** ******* *** developed *** '****** ***********' piece *** **** ******** from ****** **** ******* (see ******* **** ****), ****, ****, *** Honeywell.

Device ******* & ******** ****

  • ****** * **** ******* iOS **.*.*
  • ** ** ******* ******* 8.0.0 '****' ******** ******* H83030C
  • ****** ******** ********: *.*.**

Comments (1)

**** ***********. * ***** definitely **** ** ***** due ** *** ****** support. **** ********** ***** to ** **** **********, I **** **** *** thinking *** *** ********* they *** ** ***** is **** *** ****. In *** **** *** selling ****** ***** ****** be *******.

** *** **** ** my **** * ****** if **** ***** ** pushed ** *** ****** to **** ******* ** *********** ** *** ** vague. ** ******** * controller *** ****** *** does *** **** *** which ******* ********* *** supported ** ***********.

Login to read this IPVM report.
Why do I need to log in?
IPVM conducts unique testing and research funded by member's payments enabling us to offer the most independent, accurate and in-depth information.

Related Reports

New: Mobile Access Proxy Releases 'World's Smallest Mobile Reader' on Mar 04, 2020
Mobile access provider Proxy claims its new Nano is 'the world’s smallest mobile reader' that can be installed into nearly all existing access...
Vulnerability Directory For Access Credentials on Feb 20, 2020
Knowing which access credentials are insecure can be difficult to see, especially because most look and feel the same. Even insecure 125 kHz...
Access Credential Form Factor Tutorial on Feb 10, 2020
Deciding which access control credential to use and distribute, including form factor, can be a difficult task. Knowing the limitations and...
Fingerprints for Access Control Guide on Sep 09, 2019
Users can lose badges, but they never misplace a finger, right? The most common biometric used in access are fingerprints, and it has become one...
Mobile Access Control Guide on Aug 28, 2019
One of the biggest trends in access for the last few years has been the marriage of mobile phones and access cards. But how does this...
Mobile Access Control Shootout - Farpointe, HID, Openpath, Nortek, Proxy on Jul 29, 2019
One of the biggest rising trends in access control is using phones as credentials but which offering is best? IPVM has tested five of the...
HID Mobile Tested on Jun 21, 2019
HID Global is one of the largest access brands, but their mobile access has had challenges. Indeed, the company has already restructured their...
Farpointe Data Conekt Mobile Access Reader Tested on Jun 13, 2019
California based Farpointe Data has been a significant OEM supplier of conventional access readers for years to companies including DMP, RS2, DSX,...
Proxy Access Control Tested on May 09, 2019
Silicon Valley Access Startup Proxy raised $13.6 Million in May 2019, focusing on mobile physical access control. Beyond the fund raising, Proxy...
Startup GateKeeper Aims For Unified Physical / Logical Access Token on Apr 04, 2019
This startup's product claims to 'Kill the Password' you use to keep your computers safe. They have already released their Gatekeeper Halberd...

Most Recent Industry Reports

Wyze Raises $10 Million And Seeks Services Expansion on May 27, 2020
Wyze has raised $10 million, the company's first disclosed raise since the $20 million announced at the beginning of 2019. Inside this note,...
Startup Videoloft Presents Cloud Storage on May 27, 2020
Videoloft presented offsite cloud storage at the May 2020 IPVM Startups show. A 30-minute video from Videoloft including IPVM...
Directory of 250+ Fever Camera News Reports Globally on May 27, 2020
This global directory tracks 250+ articles about thermal cameras used to detect fevers in response to the coronavirus pandemic. Articles are...
Integrators Rising Against Coronavirus on May 27, 2020
IPVM integrator statistics make it clear - Coronavirus's impact on business is lessening and many are anticipating even better news in weeks...
Netposa Stock Surges 46% After US Human Rights Abuse Sanctions on May 27, 2020
Last Friday, the US government announced it would sanction PRC video management provider NetPosa for being "complicit in human rights violations...
LILIN Presents NDAA-Compliant P2 Cameras on May 26, 2020
Merit LILIN presented its NDAA-compliant P2 camera series at the April 2020 IPVM New Products show. Inside this report: A 30-minute video...
ZKTeco Body Temperature and Mask Detection Reader Tested on May 26, 2020
While dedicated fever cameras emerged first, now tablet/kiosk fever detectors are ramping up. China's ZKTeco has been aggressively promoting such...
IDIS Presents 12MP IR Panoramic Fisheye on May 26, 2020
IDIS presented its 12MP IR panoramic fisheye camera at the April 2020 IPVM New Products show. Inside this report: A 30-minute video from...
FDA Defines Correct Operation of "Fever Cameras" on May 26, 2020
The US FDA has now defined the correct operation of "Thermal Imaging Systems", colloquially known as "fever cameras". Many in video...
OnSSI Founders Return, Start Corsight on May 25, 2020
The OnSSI founders are back, less than 2 years after selling OnSSI to Qognify, they have returned to Corsight, a spin-out of an Israeli AI...