It is provided a method for controlling access to a physical space using an emergency delegation. The method is performed in a lock device and comprises the steps of: receiving an access request from an electronic key; obtaining a plurality of delegations, wherein each delegation is a delegation from a delegator to a delegatee, the plurality of delegations collectively forming a chain of delegations wherein when two delegations are chained together, the delegatee of one delegation is the delegator of the next delegation; determining that a delegation in the chain of delegations is an emergency delegation, the emergency delegation indicating that access should only be granted when an emergency situation occurs; determining when an emergency situation occurs; and granting access to the physical space when the chain of delegations starts in the lock device and ends in the electronic key; and when the emergency situation occurs.

An authorization approach to physical access uses identity attributes, doors/readers attributes, time of the day, and policies to determine access rights to facilities and physical spaces in real-time, based on three criteria: who, when, and what. Embodiments address the constantly changing physical access needs of companies as those needs evolve.

This disclosure describes a vehicle access card with an integrated display. An example vehicle access card may include a radio-frequency identification (RFID) tag configured to provide a user access to a vehicle. The example vehicle access card may also include an electronic ink display configured to display information relating to the vehicle.

Techniques are disclosed relating to sharing access to electronically-secured property. In some embodiments, a first computing device having a first secure element receives, from a second computing device associated with an owner of the electronically-secured property, an indication that the second computing device has transmitted a token to server computing system, the token permitting a user of the first computing device access to the electronically-secured property. Based on the received indication, the first computing device sends a request for the transmitted token to the server computing system and, in response to receiving the requested token, securely stores the received token in the first secure element of the first computing device. The first computing device subsequently transmits the stored token from the first secure element of the first device to the electronically-secured property to obtain access to the electronically-secured property based on the token.

A primary lock device is provided which is configured to wirelessly communicate with a premises security system hub device and at least one secondary lock device in a premises security system. The primary lock device receives a lock configuration, receives a user input, authenticates the user input, and engages or disengages a locking mechanism based at least in part on the lock configuration and a result of authenticating the user input. The primary lock device determines a lock indication based at least in part on the lock configuration and a result of authenticating the user input, and transmits the lock indication to at least one secondary lock device for engaging or disengaging at least one respective lock mechanism of the at least one secondary lock device.

A system is provided that includes an event site device having a display and an imaging device. The event site device is configured to capture an image of a user's face for identification. The system further includes a server configured to associate ticketing information with an identity of the user, receive the image of the user's face from the event site device, determine the identity of the user based on facial feature information stored for the user, retrieve the ticketing information associated with the user, and transmit the ticketing information to the event site device for presentation on the display.

According to a first aspect, it is provided a method for providing access to a lock for provision of a service. The method comprises the steps of: receiving a request for access to the lock; sending a consumer request to a service consumer device, asking whether to grant access to the lock; receiving a positive consumer response from the service consumer device; determining validity time for a grant token; obtaining a grant token for the service provider, the grant token having the determined validity time; providing the grant token to the service provider; deleting the grant token in the access coordination server; receiving an agent request for access to the lock for a specific service provider agent device, the agent request comprising the grant token; obtaining a credential for the service provider agent device; and providing the credential to the service provider agent device.

Methods, computer-readable media, software, and apparatuses provide a system that may facilitate communications so that parents or other superiors may monitor driving behavior of a vehicle carrying children or other subordinates. The system may allow communications to be sent from a parent computing device to a particular child computing device to set conditions for notifying the parent or superior of the driving behavior of a vehicle. Child computing devices may collect drive data (e.g., vehicle telematics data) for the system to evaluate and determine whether conditions are met (e.g., whether parental restrictions, like a geo-fence, are violated). Further, the system may send notifications to child computing devices and parent computing devices indicating whether the drive data meets the conditions of an agreement between a parent and teen. The system may also provide a web portal for use in forming the agreement between parents and their teens.

The invention relates to an electronic access pass allowing a person associated with the pass to access at least one restricted-access area of a building, and to a method implemented by such a pass for accessing a restricted-access area of a building. According to some embodiments, when a pass reader authorizes access to said area after reading the pass, information selected on the basis of the restricted-access area is temporarily displayed on the pass. This makes it possible to identify the carrier within the area based on the information displayed on the pass, while at the same time limiting the possibility of information being recovered through a simple glance outside the area. Overall security is thereby improved as a result, both within the area and outside it, due to the temporary nature of the display.

A method of operating an access control system containing one or more hierarchies, each of the one or more hierarchies includes one or more access levels is provided. The method including: computing one or more hierarchies; and assigning a primary access level of the one or more access levels within a primary hierarchy of the one or more hierarchies to a first credential; and determining that access levels vertically below the primary access level in the primary hierarchy are implicitly assigned to the first credential when assigning the primary access level of the one or more access levels within the primary hierarchy of the one or more hierarchies to the first credential.