Sentry Enterprises - Experts & Thought Leaders

Sentry Enterprises, an industry pioneer in decentralised identity and biometric security solutions, proudly announces the launch of SentryCard360—a groundbreaking innovation addressing the escalating risks of employee identity fraud, including the rise of new hire "bait & switch" schemes. In collaboration with Info Security pioneer, Credenti, and biometric identity pioneer, PrivateID. SentryCard360 SentryCard is already recognised for its industry-pioneering security features, including fingerprint enrolment, which securely stores biometric data on the card rather than in a database. Its non-transferable design ensures that only the original user can access their card. Combined with Credenti and PrivateID, SentryCard takes security to the next level with SentryCard360, offering 360-degree biometric verification. This comprehensive solution provides companies with seamless, unbroken identity proofing across the employee lifecycle—from the first interview to lifecycle management to termination.  Unbroken identity verification across the lifecycle Know the Applicant from the Start: SentryCard360 ensures instant identity proofing during the first interview.  Biometric Lock: Lock an applicant’s facial identity to their SentryCard before they even receive it, ensuring that only they can enrol their fingerprints onto their SentryCard.  Fast and Secure Account Recovery: With facial recognition, users can easily and securely recover their accounts in the event of a lost or stolen card.  New level of identity verification "SentryCard360 brings a new level of identity verification to the workplace, securing companies from sophisticated fraud schemes while empowering employees with control over their own biometric data," said John Calzaretta, Co-founder of Sentry Enterprises. "Our partnership with Credenti and PrivateID ensures that we are delivering a robust solution for modern organisations, safeguarding their physical and digital spaces."  Credenti is set to introduce this next-generation solution at the Oktane Conference in Las Vegas, on October 15-17th, 2024. Attendees of the Oktane Conference are invited to explore the full capabilities of SentryCard360.

At GSX 2024, the Physical Security Interoperability Alliance (PSIA) will show an expanded roster of devices supporting its Public Key Open Credential (PKOC) specification. PSIA will be showcasing the latest information and demonstrations for PKOC at the JCI Security Products demo room S230 A&B.  They will be able to see interoperability following open specifications between mobile and physical credentials from multiple manufacturers with multiple manufacturer readers leveraging Bluetooth, NFC and UWB. Products supporting PKOC from JCI Security Products, Elatec, EMSi, Last Lock, INID, ID Machines, Sentry Enterprise, Secure Element Solutions, Taglio, RF Ideas, SAFR Scan, and Kastle Systems will be demonstrated. PKOC over OSDP devices David Bunzel, PSIA Executive Director, noted, “The PSIA held an interoperability event at the JCI offices in Westford, Massachusetts last month, where some of the new PKOC over OSDP devices were successfully tested. These devices will be part of the GSX demonstrations, showing continued progress with the PKOC specification.” PKOC creates truly secure and interoperable credentials. “PKOC solves a 30-year industry challenge which has plagued our industry with complexity, cost, and security issues,” says Jason Ouellette, Chairman of the Board, Physical Security Interoperability Alliance and Director of Engineering and Technology for Johnson Controls Security Products. PKOC-compliant reader Security industry experts attending GSX will be able to find out more about PKOC at the JCI demo room “Interest in PKOC has accelerated and we are excited as PSIA members to demonstrate this in the context of interoperability where any PKOC-compliant credential can work with any PKOC-compliant reader over a secure communication without complexity." Security industry professionals attending GSX will be able to find out more about PKOC at the JCI Security Products demo room S230 A&B. The PSIA has been active in developing and promoting open specifications that support interoperability in the physical and logical security industries.  Realm of physical security Industry publication, Security Technology Executive, declares interoperability “The Next Great Phase of Physical Access Control.” SecurityInfoWatch.com expounds on the predicted demand for PACS interoperability by saying, “Open protocols, standards and industry-accepted conformant products that focus on unbridled interoperability between manufacturers and vendors will be critical as advanced technology, such as analytics and ancillary devices, enter the realm of physical security and access control.”

Doordeck, a cloud-based access control software company, has joined the Board of the PSIA. The company has an innovative product that enables smartphone NFC keyless entry for buildings, regardless of which access control system is installed. The company, based in London, England, was established in 2015, and its products and services have been integrated into buildings throughout the world. It is a subsidiary of Sentry Interactive of Austin, Texas. “Our company is very excited to be joining the PSIA, considering its objective to put interoperability first,” said Marwan Kathayer, Head of Product & Co-Founder of Doordeck. “This aligns perfectly with our mission to provide mobile access software that is easy to integrate into disparate security ecosystems.” PSIA’s PKOC specification Doordeck’s SDK and open APIs allow for interoperability with major access control system works Doordeck’s SDK and open APIs allow for interoperability with major access control system manufacturers, third-party building management and tenant experience applications. The Doordeck software also has the capability to bridge disparate systems within a building or across a portfolio under the one centralised platform. David Bunzel, PSIA Executive Director, shared, “Doordeck is part of a growing number of companies looking to disrupt the access control industry. They recognise that the PSIA’s PKOC specification, with its asymmetric encryption, is superior to many legacy products which continue to rely on symmetric encryption technology. PKOC also offers an NFC card option to support applications where this technology continues to be utilised.”  Understanding of PKOC Smart cards, featuring this specification are already available in commercial products The Physical Security Interoperability Alliance (PSIA) and a number of its partner companies will be present at the GSX show in September of 2024. For a better understanding of PKOC, the PSIA has added an Explainer Video to its site. This video is less than a minute and demonstrates how the PSIA’s PKOC specification works and will disrupt the access control market. The PSIA approved its PKOC NFC Card Specification in December of 2023. Smart cards, featuring this specification are already available in commercial products. PKOC is featured in products from ELATEC, Kastle Systems, INID, JCI, Last Lock, rf IDEAS, SAFR Scan (RealNetworks), Sentry Enterprises, and Taglio Demand for PACS interoperability The PSIA has been active in developing and promoting open specifications that support interoperability in the physical and logical security industries. Industry publication, Security Technology Executive, declares interoperability “The Next Great Phase of Physical Access Control.” SecurityInfoWatch.com expounds on the predicted demand for PACS interoperability by saying, “Open protocols, standards and industry-accepted conformant products that focus on unbridled interoperability between manufacturers and vendors will be critical as advanced technology, such as analytics and ancillary devices, enter the realm of physical security and access control.”

PKOC stands for Public Key Open Credential. It is a new standard that will meet a 30-year industry challenge and strip away much of the complexity and cost involved in protecting and administering credentials for access control. It could also accelerate the transition from cards to mobile access control. PKOC is a standards-based mobile credential that is essentially free, vendor-agnostic, and interoperable across multiple devices and systems. It is a highly secure access credential that can live on a mobile phone, in a plastic access card, or in any device capable of generating a public-private key pair. Access control systems PKOC is the newest standard of the Physical Security Interoperability Alliance (PSIA), a tax-exempt organisation created to define, recommend, and promote standards for IP-enabled security devices and systems. PSIA introduced the Physical Logical Access Interoperability (PLAI) specification in 2013 to normalise identity data across disparate physical access control systems. The PKOC specification was introduced in 2021. We’re convinced this is the future A challenge for PSIA in promoting the PKOC mobile credential is to explain it quickly and in layman’s terms “We see the benefit of implementing the PKOC technology and doing it well,” says Sam Siegel, Senior Field Applications Engineer for ELATEC, a manufacturer of credential-agnostic readers/writers. “We wanted to get involved and join the discussion.” ELATEC has been participating in PSIA for more than a year. “This is a better way to do things,” says Siegel. “The PSIA, myself included, are convinced this is the future. The challenge is to get enough people to understand that it is a seismic shift away from what has been in place for so long.” A challenge for PSIA in promoting the PKOC mobile credential is to explain it quickly and in layman’s terms. The explanation spans the concept of public key infrastructure (PKI) and the difference between symmetrical and asymmetrical digital keys. Protecting symmetrical keys A symmetrical key system, which has been used historically in the access control market, involves the use of a single proprietary digital key to both encrypt and decrypt information. This means that digital public keys must be incorporated into each access control reader in the form of a module or a license, which the reader uses to read any compatible cards. Protecting symmetrical keys has been an expensive technology challenge the access control world The need to share these digital keys (in effect, the ability to read every compatible card) securely among access control manufacturers, integrators and end users involves extra administration and costs to ensure the security of the system. Protecting symmetrical keys has been an expensive technology challenge the access control world has borne for decades. The use of proprietary keys also promotes dependence on a single manufacturer or vendor to expand the ecosystem. The use of asymmetrical keys takes away these challenges. Advantages of using asymmetrical key pairs PKOC embraces the principle of PKI (public key infrastructure), a two-key asymmetrical system used to ensure confidentiality and encryption. In effect, there are two digital "keys," one public and one private, that are used to encrypt and decrypt information, in this case, a credential for an access control system. The secure credential standard is generated independently of a third-party credential issuer. It is generated within the device. In the access control scenario, the smartphone generates a key pair in the secure element of the phone, including a private key, which is stored on the smartphone, and a public key, which serves as the user’s ID number in the access control system. Sharing the public key is not a security risk because it is worthless without the private key that is locked away on the smartphone. PKOC-enabled smartphone The smartphone must contain the private key in order to interface with the access control system When a PKOC-enabled smartphone approaches a PKOC-enabled reader, the reader sends a one-time random number (a ‘nonce’) to the smartphone, which then encrypts it using the private key, and sends it along with the public key back to the reader. The reader uses the public key to decrypt the random number, which confirms the authorised access associated with the smartphone. The signals are sent via Bluetooth Low Energy (BLE).  Importantly, the private key never leaves the smartphone and is never shared with any other elements of the access control system. Therefore, there are no administrative or technical costs associated with protecting it. The smartphone must contain the private key in order to interface with the access control system using the public key. Mobile credentialing system For ELATEC, embracing PKOC provides a new way to highlight the company’s value proposition and promote it to a new group of companies; i.e., those who adopt the PKOC approach to mobile credentialing. The ‘universal’ configuration of the ELATEC reader hardware is credential-agnostic “PKOC serves as a great way to show off our value and what we do best,” says Siegel. ELATEC provides credential readers/writers that operate in a variety of card and reader environments, incorporating an integrated BLE module to support mobile ID and authentication solutions, including PKOC. Using applicable firmware, the ‘universal’ configuration of the ELATEC reader hardware is credential-agnostic and so compatible with any RFID card or mobile credentialing system, all in a small form factor (around 1 1/2 inches square). How readers and smartphones interact The PKOC standard addresses the variables of how the reader and the smartphone share information. Currently, the PKOC standard addresses communication via BLE, but the principle is the same for systems using near-field communication (NFC), ultra-wideband (UWB), or any future protocols. PKOC also defines how device manufacturers can enable devices (readers, locks, control panels, biometric devices, etc.) to securely consume the credential for authentication and access. PKOC can be used with smart cards as well as with smartphones. In the case of a smart card, the public and private keys are contained on the smart card, which communicates via NFC with the reader. The encryption/decryption scenario is exactly the same. PKOC enables users to ‘bring your own credential’ (BYOC). Public key number ELATEC is proud to have played an instrumental role with the PSIA in the implementation of PKOC" BLE offers a broader read range than NFC; the read range can be managed using software and/or by signalling intent or two-factor authentication. Because private keys remain secure inside a smartphone, they do not have to be incorporated into a digital wallet for security purposes, although they could be incorporated for matters of convenience.  To simplify administration, the public key number can be used as a badge number. If badge numbers have already been assigned, a column could be added to the database to associate badge numbers with public key numbers. “ELATEC is proud to have played an instrumental role with the PSIA in the implementation of PKOC,” said Paul Massey, CEO of ELATEC, Inc. “End-users should not be limited in their solution mix to one or two vendors due to their proprietary technology. PKOC now provides the ideal combination of security, convenience, interoperability, and cost for industry participants, by industry participants.” ‘Experience PSIA’ will promote PKOC at ISC West ISC West participants include PSIM manufacturer Advancis Software and Services The flexibility of PKOC will be on display at ISC West 2023, where ‘Experience PSIA’ will register attendees and provide them with a PKOC credential that can be used with a variety of readers throughout the show. Also showcasing the PLAI standard, PSIA’s presence at ISC West will include ELATEC along with several other vendors/manufacturers. A special PSIA event will be held from 5:30 to 7:30 p.m. on March 29 at the Venetian Ball Room B&C in Las Vegas. ISC West participants include PSIM manufacturer Advancis Software and Services, which acquired Cruatech software in 2012; and Idemia, specialising in identity-related security services including facial recognition and other biometrics. Integrated security systems Also involved are Johnson Controls (JCI), an integrated security systems provider that offers a range of security products and services; and Siemens, which offers its own range of security solutions and systems. Other participants include Last Lock, which has a unique spin on internet-enabled locks; while SAFR from Real Networks offers accurate, fast, unbiased face recognition and additional computer vision features, and Sentry Enterprises provides the SentryCard biometric platform for a privacy-centric, proof-of-identity solution. Finally, rfIDEAS manufactures credential readers.