This is really interesting stuff! It would be neat if you could set different gestures for different times, such as "movement 1" from 6am-6pm and "movement 2" from 6pm-6am. I wonder why we don't see more being done with RFID. Does anyone have a collaborative sense of what current role RFID has with surveillance? Also, perhaps I missed it, but what is the level of fidelity for each specific gesture?
HID's Gesture Credentials Patents
Proximity style credentials carry a huge risk: they can be passively read by thieves, who take the stolen information and gain unlawful entry into access controlled buildings. HID Global, a major credential provider, has filed patents that keeps prox credentials locked tight until moving it in a specific way. Could this new authentication inject a dose of high security into a vulnerable EAC mainstay? We look at HID's "Gesture" patents in this note.
How it Works
I wonder how well HID can preserve the form factor of current prox cards as they expand the electronics contained within. Current products are passive and are powered by parasitic coupling to a proximate field. A huge selling point to anybody who recalls access cards prior to this breakthrough. So can standard cards derive enough power from a reader's field to power up accelerometers too?
At this point, these patents address an idea and notional designs. Questions about actual performance and configurability are waiting for "gesture" products to hit the shelves. More than likely we are still years away from seeing this in use.
For reference, consider that NFC specifications were first published in 2004, yet it still hasn't made it to distribution availability as an EAC credential (9+ years later).
The issue of 'parasitic power' (resonant inductive field power) is interesting. The MEMS either is powered by the reader's resonant power, or it contains its own small power source. The actual credential is still energized by the reader, provided the MEMS gesture completes the circuit between the coil and the IC/Capacitor components.
I happened to be attending the ASIS national convention a number of years back (way back) when a gentleman from the UK sporting a brief case held it up next to a Darado (eventually bought out by HID) card at an exhibitor's booth, pushed a button and "recorded" the internal number. He then used it in some way (I’m getting this second hand) to unlock the exhibitor's prox reader equipped door, much to the amazement of the crowd gathered around.
The attendees (including myself) and exhibitors alike were all atwitter (not the social media which had not been invented at the time) about it. As the story goes, the UK guy was a police officer who was involved in an investigation where a participant in a pigeon race used this technology to mimic a prox credential worn by the pigeon to stop the timer as the pigeon returned to its origin; thus, winning the race.
Seriously, I did not make this stuff up; but I have not verified it either.
I claim IP on the following idea.
Methdology to assign a specific gesture or combination of gestures to allow swiping for entry with a silent alarm. This would be useful if being forced to open a door by thieves.
This concept could also be used to trigger a man trap (dual locking doors with enough distance between them to capture unauthorized persons) if the proper gesture was not applied by someone who had stolen the access card and did not know about the gestures or how to perform them correctly.
These same functions could also be applied to chip and pin applications. You may get the card and the pin but would have a difficult time getting the gesture correct if at all.
These gestures could be personalized to act as a sort of signature or PIN as well, much like the rotations of a combination lock.
@Dan P: The concept is interesting, but the engineering behind it seems to be the challenge. There also may be 'prior art' that essentially does the same thing.
If you get all that figured out, don't post it on IPVM first- call a patent attorney! :)
The entire concept of patenting credentials is so quaint. Other worlds (think IT...) matured to the point of using standards-based solutions to eliminate vendor lock-in. The notion of buying a patented access control solution is highly questionable if you're looking at a forward investment from a CIO's perspective (just like any other proprietary == bad design)
I agree to a certain extent, Rodney. However, HID owns such a disproportionate amount of market share in access credentials (even globally), the risk envelope is different than the IT market.