ELATEC GmbH - Experts & Thought Leaders

The Physical Security Interoperability Alliance (PSIA) hosted a well-attended cocktail reception and live demonstration during ISC West 2025 to unveil its latest advancement: the PKOC 3.0 specification, an exciting solution for secure, open credentialing in physical access control systems. Jason Ouellette, Chairman of the PSIA and Corporate VP of Innovation and Technical Partnerships at ELATEC, led the presentation. He shared an overview of PKOC’s progress, key developments in the 3.0 release, and demonstrated a range of interoperable devices—including readers, cards, and mobile applications, built on the freely available, non-proprietary PKOC specification. Broad industry collaboration This year’s demonstration highlighted broad industry collaboration, with support and technologies provided by PSIA member companies including: ELATEC, EMSI, INID Readers USA, Johnson Controls, Kastle Systems, Last Lock, rf IDEAS, Sentry Enterprises, Taglio, and Universal Smart Card.  There is a growing list of manufacturers actively supporting the PKOC specification, but these 10 companies showcased products at the event, highlighting its interoperability and real-world applications. Deloitte’s own proof-of-concept The project features PKOC certificates working seamlessly across readers, physical cards, and mobile devices At the reception, Jeff Longo, Director of Software Development at Kastle Systems, announced that the company will officially make the PKOC card its standard card offering—further solidifying its commitment to open, secure, and interoperable access control solutions. Keith Kelly, Chief Security Officer at Deloitte Canada, shared insights from Deloitte’s own proof-of-concept implementation of PKOC at its Toronto office. The project features PKOC credentials functioning seamlessly across readers, physical cards, and mobile devices. Kelly emphasised that PKOC represents “a new generation of access control,” aligned with Deloitte’s priorities around open, flexible, and secure credentialing. Simplicity, security, and scalability David Bunzel, Executive Director of the PSIA, noted, “PKOC is widely recognised as one of the most exciting solutions for secure credentials. Because it is based on an open specification, it is cost-effective—but just as important, it is secure and highly flexible.” Unlike many legacy credential technologies, PKOC is completely open source, with no fees, royalties, or membership requirements. Its simplicity, security, and scalability are fuelling growing interest across integrators, manufacturers, and enterprise users.

ELATEC, a pioneering global provider of user authentication and identification solutions, is beginning 2025 with a significant step forward in its global expansion strategy: the launch of its new office in Dubai. Operating under the name ELATEC Middle East Trading FZE, this new location will serve as a dedicated hub to support the company’s growing customer base and partners across the Middle East. The operations, led by Managing Director Carsten Hoersch, are set to drive innovative, secure, and tailored access control solutions in the region. A strategic milestone in the Middle East Gerhard Burits, CEO of the ELATEC Group, emphasised the strategic importance of this expansion: “Our new presence in the GCC (Gulf Cooperation Council) demonstrates our commitment to strengthening relationships with regional partners and addressing market-specific needs." "This move aligns seamlessly with our mission to provide secure, flexible, and future-ready solutions. The Dubai office is a vital addition to our global network and will act as a springboard for further growth in this dynamic region.” Rapid development and innovation ELATEC’s new office shows the company’s pledge to identification technologies The Middle East is a region of rapid development and innovation, and ELATEC’s new office demonstrates the company’s commitment to identification technologies that empower customers to deliver advanced solutions to their markets. With the launch of ELATEC Middle East Trading FZE, the company aims to foster closer collaboration with OEMs, system integrators, distributors, and other local stakeholders. This local presence allows ELATEC to address specific market demands and offer enhanced customer support and faster response times. Driving localised solutions and collaboration Carsten Hoersch, Managing Director of ELATEC Middle East Trading FZE, shared his vision for the new office: “Establishing a local hub in the United Arab Emirates enables us to work hand-in-hand with our partners and customers, developing innovative solutions that add real value to their businesses." "Our focus is on building trust, delivering top-tier support, and driving advancements in secure and seamless access technology tailored to the region’s unique requirements.”

The Physical Security Interoperability Alliance (PSIA) announced its Public Key Open Credential PKOC Bluetooth 3.0 specification at GSX 2024. This is the culmination of a significant amount of work from some of the pioneering access control companies in order to achieve this milestone.  The 3.0 spec features enhanced cryptography, which supports all Bluetooth hardware. In addition, the spec has been optimised to reduce the time it takes to authenticate. Simplicity of PKOC Advantages of asymmetric encryption were some of the drivers that are riveting to counsels “The PKOC technical committee represents all facets of the access control industry, with considerable experience and perspective,” said David Bunzel, Executive Director of the PSIA, “Collaborating to achieve a truly open specification has benefitted from this impressive base of knowledge.” The simplicity of PKOC, ease of integration, and the significant advantage of asymmetric encryption were some of the drivers that are most interesting to consultants, Integrators, and customers.  PKOC EMSi vision “PKOC 3.0 maintains security from the credential to the ACS using industry standards,” said Jon Torre, Sr Director of Applications Engineering for ELATEC. “This is the next logical step in interoperability and security.” Vendors and customers appreciate the platform flexibility and interoperability that PKOC offers. "We are excited to support PKOC from PSIA as it provides a path for Access Control vendors to deliver interoperable products for mobile credentials over Bluetooth. PKOC enables EMS Integrators’ (EMSi) vision to deliver mobile apps on iOS and Android and readers for mobile credentials, logical access, mapping and location-based services on a flexible and interoperable platform," said John Tepley, CEO at EMSi. Concept of PKI Public key-based keys cannot be minimized in their value over formal credential keys PKOC creates truly secure and interoperable credentials. The commercial and security advantages of the asymmetric key based credential over traditional symmetric keys which have been used for decades is finally attainable with the PKOC standard. A public key-based solution cannot be underestimated in its value over traditional credential solutions.  The PKOC specification leverages the concept of PKI without the need for the typical complex, expensive identity infrastructure necessary for PKI. PKOC uses the device itself to generate the private and public key pair (known as Keygen) enabling the private-public key handshake to authenticate the credential. Beauty of PKOC The beauty of PKOC is that the private key never leaves the device, and the public key becomes the “badge #” which can be easily shared with any system or device used to control access.  With PKOC the USER literally “owns” the encryption keys and does not require any complicated process for managing or sharing keys. Furthermore, PKOC enables you to “Bring Your Own Credential” (BYOC).

Collaboration among manufacturers in the physical security industry can result in systems that are easier to install for integrators and that provide a better customer experience for end users. Illustrating the point is the recent collaboration among a turnstile technology company, a supplier of short-range wireless readers/writers, and a biometric business focused on ‘frictionless’ access control.  “The more manufacturers collaborate with each other, the more benefits for end users,” says Steve Caroselli, the Chief Executive Officer (CEO) of Orion Entrance Control. Better collaboration means a better user experience We look for opportunities to collaborate and make sure the experience is above and beyond" Steve Caroselli adds, “Better collaboration means a better user experience. We look for opportunities to collaborate and make sure the experience is above and beyond.” Orion’s collaboration with ELATEC RFID Systems and SAFR touchless biometrics by RealNetworks Inc. highlights the advantages of manufacturers working together to ensure technologies operate smoothly in the real world. Taking ownership of the customer experience When Orion Entrance Control provides a SpeedGate swing-glass optical turnstile, they take full ownership of the customer’s experience. That means ensuring the turnstile application operates as it should, regardless of which component of the broader system might be at fault. To the customer experience, a card reader that doesn’t work is the equivalent of a turnstile that doesn’t work. Which component is at fault is irrelevant, and in fact, invisible, to the overall customer experience. Importance of dependable operation of turnstiles As the most visible element in many access control systems, dependable operation of turnstiles reflects positively on the manufacturer and on the entire system. Orion tests various third-party components with their turnstiles To ensure an optimum customer experience, Orion tests various third-party components with their turnstiles, in order to ensure flawless operation before a turnstile is delivered to a customer. Customers buying an Orion turnstile send the card readers they want to use to Orion’s corporate headquarters in Laconia, New Hampshire, USA, where Orion engineers ensure seamless operation. Ensuring optimum customer experience All readers are designed to be bolted to the wall rather than installed inside a turnstile In addition to scenario-based testing, readers are placed inside the turnstile for a streamline appearance, which can be a challenge given the variety of sizes and types of readers a customer might choose. All readers are designed to be bolted to the wall rather than installed inside a turnstile, which complicates adaptation efforts. In short, historically for Orion, ensuring the optimum customer experience involved extra time and effort, although obviously it was worth it. Providing flexibility for any environment Seeking to simplify the process, Orion has found an alternative to using many different types and models of card readers for its turnstiles. Deploying an RFID reader/writer from ELATEC provides flexibility to operate in a variety of card and reader environments, including almost all 125 kHz and 13.56 MHz contactless technologies. The product is compatible with low-frequency (LF), high-frequency (HF), near field communication (NFC) or Bluetooth Low Energy (BLE) signals. An integrated BLE module supports mobile ID and authentication solutions. There is an integrated antenna for LF and HF to ensure excellent contactless performance. ‘Universal’ configuration of the ELATEC reader hardware Using applicable firmware, the ‘universal’ configuration of the ELATEC reader hardware is compatible with any card system. It works with all the access control protocols, including SEOS, OSDP and other open protocols. “We can stock an open SKU and flash the firmware as per the customer requirement,” says Steve Caroselli. The small form factor (around 1 1/2 inches square) of the ELATEC module lends itself to easy installation inside the turnstile housing. Easy availability of the ELATEC readers helps Orion continue to serve customers, despite recent disruptions in the supply chain. And, ELATEC’s reader hardware has earned global certifications that enable Orion to use their products for customers around the world. Testing to ensure smooth operation ELATEC was responsive at every stage as the relationship evolved, providing sample equipment for testing Before embracing the ELATEC reader module, Orion tested it for several months to ensure compatibility with its turnstiles. ELATEC was responsive at every stage as the relationship evolved, providing sample equipment for testing and working closely with the Orion team. Everyone in the ELATEC sales and engineering team, right up the company’s C-suite, worked to support Orion during the testing phase. In the end, in addition to other advantages, ELATEC’s detection speed and read range compares favorably to competing technologies. “We move really fast as an organisation, so we are looking for other organisations that move very fast,” says Steve Caroselli, adding “We met with ELATEC one week and had the equipment for testing the next week. We like to work with companies that move fast, and they are culturally aligned with how we do business.” Orion turnstiles with ELATEC TWN4 Palon Compact panel The Orion turnstiles incorporate an ELATEC TWN4 Palon Compact panel, a versatile panel-mount reader designed for integration into third-party products and devices. It supports enhanced interfaces, especially RS-485, and reflects the advantages and integrated tool support of the ELATEC TWN4 family. Orion is implementing SAFR SCAN biometric technology using hardware and software from RealNetworks Inc. “The selection of ELATEC products allows Orion to provide their customers and partners with a flexible RFID reader solution that supports numerous credential options and virtually all transponder technologies,” said Paul Massey, the Chief Executive Officer (CEO) of ELATEC, Inc., adding “This is especially valuable in multi-tenet, multi-credential environments.” Orion works with all the various stakeholders – architects, consultants, integrators, and end users – to ensure total satisfaction with an installation. Biometric technology for ‘frictionless’ access control Orion is also implementing SAFR SCAN biometric technology into their turnstiles using hardware and software from RealNetworks Inc. The facial recognition reader technology, designed for mainstream commercial access control, provides a ‘frictionless’ experience, and allows users to pass through turnstiles at a walk. The system can authenticate up to 30 individuals per minute with 99.9% accuracy, despite varied lighting conditions. SAFR’s system provides a good user experience Orion designed a mounting system to incorporate the biometric reader into their turnstile design Orion designed a mounting system to incorporate the biometric reader into their turnstile design. SAFR’s system provides a good user experience, when it comes to enrollment. On each turnstile, the SAFR technology can operate separate from the ELATEC reader or in conjunction with it for multi-factor authentication in higher-security applications. Innovation for new applications A broad approach to the customer experience reflects Orion’s positioning as a technology company, in addition to being a manufacturer of turnstiles. Their Infinity software is the ecosystem ‘nerve centre’ platform to ensure operation and connected through a single ‘pane of glass.’ The need to protect more entrances beyond the lobby led Orion to develop its recently patented DoorGuard, a LIDAR-based solution that detects each person who passes through a doorway and prevents tailgating (like a turnstile) for applications, such as stairway doors, perimeter doors, data centres, IDF closets, etc. The software mimics the advantages of a turnstile to monitor access control and occupancy. Removing friction during installation and beyond Orion’s Constellation is a presence detection system that uses UWB (ultra-wideband) radar to sense where people are in a building for emergency response and building utilisation applications.  “One of our core values is to remove friction and make customers’ lives easier,” says Steve Caroselli, adding “Our people-first philosophy is: What can we do to make your life better? We want to be systematic, and everything must be repeatable in terms of how we react and interact with customers.”

The smartphone is an integral part of our daily routines. The communication and entertainment device of yesteryear has become a serious player with which we increasingly handle sensitive processes, such as payment transactions. BLE or NFC authentication At the supermarket checkout, more and more customers are pulling out their smartphones instead of their wallets. Apple Pay, Google Pay, or specific banking apps make it possible: to hold the smartphone in front of the reader of the checkout system, and the transaction is completed without contact. In technological terms, either Bluetooth® Low Energy (BLE) or Near Field Communication (NFC) is used to complete the authentication and authorise the payment process. Benefits of smartphone authentication Issuing cards, taking them back, blocking and replacing lost cards all is no longer necessary Smartphone authorisations are also becoming increasingly popular for access solutions. The advantages are obvious. Users do not need an additional medium to gain access to the building or data. For the IT department, the switch is just as convenient. Issuing cards, taking them back, and blocking and replacing lost cards are no longer necessary, saving time and money. Card systems  However, card systems are still irreplaceable in some cases. For example, in manufacturing environments where smartphones are often prohibited. Country-specific regulations also play a role: not everywhere is the professional use of private cell phones permitted. In Germany, for example, data protection is an obstacle; on the other hand, not every employee automatically has a company cell phone. Card or smartphone? The question "card or smartphone?" is not necessarily a matter of choice. There is much to be said for hybrid use, especially since the card and smartphone share numerous strengths: both are suitable for building access and for secure data access, and both can be used for applications such as secure printing and for time and attendance systems, to name just a few examples. This is also the reason that a hybrid system using both media is an excellent solution for many companies. Technological transition The transition from card to smartphone often raises concerns in companies at the beginning As with any technological transition, the transition from card to smartphone often raises concerns in companies at the beginning. After all, seamless security must be maintained at all times, and productivity should not suffer due to technological innovations for example, because users suddenly have difficulty accessing the data and programs they need for their daily work. In addition, deployment scenarios are very individual from industry to industry and organisation to organisation, and a wealth of questions must be clarified in advance. Flexible universal readers ELATEC is at the user's side as an experienced partner and with the appropriate systems, including software. With its universal readers, for example, users remain flexible and can handle cards and smartphones in parallel operation. This "soft migration" is often the best way: take a relaxed approach and see how mobile access authorisations are accepted in an organisation and how they work for user-specific purposes.

Identity management is an important element of both data security and physical security in an organisation. But all ID management solutions are not the same—especially when it comes to security. There are no uniform security standards for the industry, and many off-the-shelf systems fall short when it comes to data protection. To protect people, property, and data, make sure you select a system that maximises security at every stage. What is identity management? Identity management—also known as ID Management (IdM) or Identity and Access Management (AIM)—is a framework for managing digital identities and controlling who has access to what. It includes both policies laying out what types of access different people should have and technologies for enabling and enforcing those access controls. An identity management system makes it easy for IT to define access levels for individuals or groups within the organisation. Each user is assigned a unique identity within the system with specific user rights and restrictions These systems enable companies to increase security and productivity while reducing the costs and labour associated with security efforts. At the lowest level, identity management involves defining what a user is allowed to do on a network, with what devices, and under what circumstances. Each user is assigned a unique identity within the system with specific user rights and restrictions. Specific business system For example, what files, business systems, and programs is the user allowed to access? What are they allowed to do within a specific business system? What physical locations and resources are they allowed to access, and at what times? Access rights and restrictions may be role-based or individualised. An IdM system may provide the backend for a Single Sign-on (SSO) system that controls access to everything on the network with one user identification key. Many security products focus on mobile device management (MDM) systems that control access of devices to the corporate network. As more workers shift to remote and hybrid models, managing what devices are authorised to connect to the network, how users are authenticated when they log on to the device, the activities that can be performed by these devices while on the network, and the data and applications they have access to while offline is essential. Meeting the security challenge Ultimately, the ID management system is only as secure as the access system it connects to In an IdM solution, the user administration system that provisions the roles and rights within the system is linked to an access system that verifies the identity of the user. Ultimately, the ID management system is only as secure as the access system it connects to. Access systems include input screens for passwords or PINs, biometric input systems (such as fingerprint or facial recognition), or readers that connect to identification media (such as an ID badge or smartphone) via Radio-Frequency Identification (RFID), Bluetooth® Low Energy (BLE), or Near-Field Communication (NFC). Some systems may require multifactor identification. RFID and smartphone-enabled BLE and NFC access systems are highly popular for their combination of security, reliability, user convenience, and ease of administration. While there are many access systems available, there are no uniform standards for security—and many standard systems are not very secure. User administration system When evaluating security for an IdM and access system, there are two important aspects to consider. Data storage: How is data stored in the IdM system and on the local reader or input device? Are user identities, rights, and activity logs stored in an unencrypted table on a single server or device? Is a blockchain system used for data storage? Or something in between? Data transmission: How is data transmitted between the access system and the user administration system? Is data transmitted in encrypted form? Is the Advanced Encryption Standard (AES) used? Security starts with the creation of the user ID and identification medium Security starts with the creation of the user ID and identification medium. To protect business data and systems, organisations should look for an IdM solution that uses industry best practices for encrypted data storage and transmission. If using ID badges—as a majority of organisations still do—they also need to consider how and where those badges are produced. Industry best practices For example, our partner evolutionID offers a secure ID-Management system with extended security functions. In-house badge production enhances security by eliminating the need to send sensitive, personalised data to a third-party badge printer. It also streamlines the badge production process, so employees can get their badges right away without waiting. With the creation of the identification medium, individual security features such as biometric properties, user ID, and permissions can be programmed directly onto the transponder card using an RFID reader or distributed to relevant systems by interfaces. This system maximises security and gives organisations the tools they need to customise their security concept for their needs. On top, cost-saving self-service features such as image acquisition or badge management are available for every employee on any device.