Salto Access Control Reviewed

Salto's access control system, using credential based networking, claims to be at least 50% less expensive than traditional access control offering. While the company's strongest market has traditionally been Europe, the company is pushing into the Amercias and beyond. Will Salto's credential based networking disrupt the access control market? In this note, we examine the company and weigh its strengths and weaknesses.

Overview

The feature Salto most distinguishes itself on is its use of credentials as a 'virtual network'. We will dig into the particulars of the system, but watching the manufacturer's video first provides a good overview:

Key Claims

The 'data on-card' system has several differences compared to 'traditional' hardwired access systems:

• People Transport Data: While the credential card itself stores system information, movement of that data through the system and to the head-end database use the movement of people within a facility and combinations of hotspots/offline locks to update.
• (Mostly) Offline: The majority of door locks can be kept offline and powered by batteries, with only a few strategic online 'hotspot' control units to 'phone home' to the head end management system.
• Global Updates: System configuration changes, like turning off lost cards or updating schedules, are pushed to each user's card and subsequently pushed to individual doors, even when those changes are not related to the specific user's ID.
• Inexpensive: Because traditional system infrastructure is not necessary (ie: controllers, interfaces, cabling, power supplies), a Salto system is less expensive than those platforms. We break down those costs in a section below.

While mixed deployments of both offline and online wireless locks are possible, the way Salto uses the credential card as 'read/write' media to update the locks within a system is where it differs compared to other systems.

System Design

Salto recommends placing a 'hotspot', or a wired (online) controller placed at primary entrances. Doing so allows the access system to push updates to each user as they enter a facility.

The updates pushed to the card from these hotspots include:

• Renewal: The user's credential is renewed as valid for another 24/36/48 hour period. Cards automatically expire after a predetermined time, so lost or stolen cards are automatically invalidated.
• User Access Level/Schedules: Changes to each user's access levels are pushed at the hotspot, updating special or temporary permissions.
• Global User Updates: If users/cards have been turned off or disabled in the system, these details are pushed to each credential for subsequent push to door locks.

However, updates about the system are pulled from the cards as well:

• Audit Trail: A door lock uploads it's catalog of events to each card, and the card dumps this catalog back to the head end at each hotspot.
• Battery Status: All Salto locks are battery powered. If the battery level is low on a respective door, an alarm noting the door's ID is pushed to the card, and the card uploads this alarm at the hotspot.

From there, each door in the system must be furnished with a Salto specific lockset. This hardware typically replaces existing hardware on the door, and includes a reader, handles, and latching hardware, but does not include mechanical locks. The hardware is battery powered and typically offline. However, certain locks are available as 'online' models using a proprietary Zigbee type network.

Retrofit Cylinders

Full hardware replacement is not always required. Salto offers replacement 'retrofit locks' for rim and mortise hardware sets like exit devices and sliding glass doors. However, switching over to the Salto system removes the potential for mechanical keys:

Credential Formats

Salto cards are proprietary, and one must buy replacements from Salto for use in a system. However, credentials are compatible with all major data formats, including iClass, MiFARE, and DESfire. Systems other than physical access can be configured to work with these formats (ie: Logical Access, Financial Systems) and Salto credentials can be used for these integrations.

Pricing

Salto claims that its uncommon use of the credential eliminates much of the infrastructure typically needed by an access control system.

• Software: Salto's management software ranges from ~$1600 - $2800, depending on simultaneous online hotspots. The least costly version supports four online points, while the most costly moves to unlimited points.
• Hotspots: The cost of 'control units' varies between ~$800 and ~$1000, based on whether or not they are furnished with enclosures and power supplies. While ethernet connected, none of the hotspots support PoE power.
• Locksets: Most Salto locksets cost less than $1000, with an average of ~$550. Cost is driven by credential format, ZigBee network compatibility, and device trim type (ie: exit device, levers, or padlocks)
• Lock Cylinders: Retrofit cylinders are priced at ~$350, and once installed function as standalone (offline) locks.
• Credentials: Salto specific cards range in price between ~$3.50 - $12.50/ each, with the most expensive format being HID iClass.

Salto offers a blanket one year warranty on all products, although extended warranty periods can be purchased.

Comparative Costs

Outfitting most doors for a Salto system will range between $800 - $1000 per door. By comparison, most 'hardwire' access systems range between $2000 - $4000 per door, however neither cost figures in credentials.

By comparison, Salto credentials are higher per unit than generic offsets. For example, Salto's iClass card costs ~$12.50, while non-specific alternatives cost ~$5.00 each.

Pricing is a relative strength of Salto's system, with the average door costing ~50% - 80% less per door. Salto offers the ability to control doors without the expense of expanding power and data networks.

Drawbacks

However, the system will not be the right choice for all applications. Several notable drawbacks include:

• No More Keyed Access: A potential showstopper is that Salto completely removes mechanical locks from all controlled doors. While some may view this as a great way of taking mechanical keys out of service, traditional door cylinders often provide security redundancy and a backup method of entry should the access system fail.
• No Lockdown Feature: Because the lock is only updated when it interfaces with a card, features like 'facility lockdown' of all doors are not possible with offline systems.
• Weak US Presence: Salto's traditional home market has been Europe, and while global expansion into North America and Asian markets have taken place in the last decade, the company is still scaling. Distribution, tech support, and sales support may not be fleshed out in all regions. Compared to incumbent EAC providers, Salto is still relatively unknown to many specifiers, architects, and consultants.

Hotel Style Access

In many ways, Salto's system can be compared to hotel-type access, where the credential carries data and essentially is what instructs a door whether or not to open. Both systems rely on the credential to update the settings in the lock, both are offline, and both rely on battery power. For more details, see our Hotel Access Control Explained post.

However, Salto's system offers key advantages over the traditional hotel system, notably:

• Hardware Compatibility: A hotel system requires exchanging existing hardware over to a specific system, while Salto allows retrofitting of existing hardware when using the 'Geo' series locks.
• Lock-based Notifications: Salto's system queries the lock and 'pulls' audits to the credential, noting important conditions like low battery or invalid entry attempts. A hotel system only 'pushes' commands to the lock and there is no polling back to the credential.
• Credential Format: Many hotel systems are essentially limited to magstripe cards, based on cost. While the ultra-low-cost of contact magstripe cards make sense for temporarily issued credentials, commercial access systems use durable contactless data formats, and credentials that encrypt and store sizeable amounts of data.