It is provided a method for controlling access to a physical space using a co-sign delegation. The method is performed in a lock device and comprises the steps of: receiving an access request from an electronic key; obtaining a plurality of delegations, wherein each delegation is a delegation from a delegator to a delegatee, the plurality of delegations collectively forming a chain of delegations; determining that a delegation is a co-sign delegation, indicating that all further delegations need to be cryptographically signed by both the delegator of the respective delegation and by an access controller; and granting access to the physical space when the chain of delegations start in an owner of the lock device and ends in the electronic key; and when all delegations in the chain of delegations after the co-sign delegation are cryptographically signed by both the delegator of the respective delegation and by the access controller.

It is provided a method for enabling remote unlock of a lock securing access to a physical space. The method is performed in a server and comprises the steps of: receiving, from a first mobile device, an access request to unlock a lock, wherein the request comprises an identifier of the lock and a user identifier associated with an access requester, being a user of the first mobile device; finding a remote credential device being associated with the lock; and transmitting an access request to the remote credential device, the access request comprising an identifier based on the user identifier.

It is provided a method for enabling distribution of a mobile key for obtaining access to a physical space. The method is performed in a mobile key agent and comprises the steps of: receiving a booking signal from a booking agent, the booking signal being associated with a booking of physical space, wherein the booking signal comprises a property identifier, an allocation time, and a name of the user; obtaining a system booking reference associated with the booking of physical space; providing the system booking reference to the booking agent; establishing contact with the mobile key repository, yielding an identifier of the mobile key repository; receiving a space allocation message comprising an identifier of a physical space and the system booking reference; and transmitting a key allocation command to an electronic access control system associated with the property, the key allocation command comprising the identifier of the mobile key repository, the identifier of the physical space and the allocation time.

The present systems, devices, and methods relate to managing shared vehicle access. Vehicle access can be provided to a candidate user based on whether the user is included in a list of at least one user associated with a respective virtual key. Virtual keys can be created, or lists of at least one user can be updated to include the candidate user, to in turn provide vehicle access. Virtual keys can be stored in a plurality of virtual key slots, with vehicle access being provided based on a virtual key stored in an active key slot. Status reports can be sent to a reservation management device, for updating virtual keys or lists of at least one user.

A key information sharing system includes a delivery device that delivers key information as first information for a control device equipped in an object and a user terminal that receives the first information delivered from the delivery device. The delivery device adds second information that allows the first information to be transferred between the user terminal and a third-party terminal without the delivery device, to the first information to be delivered to the user terminal. The user terminal transmits the first information to the third-party terminal in response to an input operation by a user, when the user terminal receives the first information to which the second information has been added.

A method according to one embodiment includes receiving, by an access control device, a credential token from a mobile device, wherein the credential token includes an access credential, a credential identifier, and a caveat that instructs the access control device to perform an associated action, determining, by the access control device, a credential type associated with the access credential based on the credential identifier, determining, by the access control device, a set of caveat rules associated with the credential type, wherein the set of caveat rules identifies one or more actions authorized for an access credential of the credential type, and performing, by the access control device, the associated action identified by the caveat in response to a determination that the associated action is an action authorized by the set of caveat rules associated with the credential type.

The present disclosure generally relates to providing electronic locking systems. Using novel designs and network technology, the present systems, methods, and apparatuses can provide a secure alternative to a cam lock or a lock box for storing items that may be left unattended, without the use of a physical key. For example, in certain embodiments, the present systems, methods, and apparatuses can facilitate the locking and unlocking of a cam lock or a lock box by using a digital construct, an encryption system, and various native and/or third-party software components.

A system for credential authentication comprises an interface configured to receive a create indication to create a badge credential representing an employee badge and receive a claim indication from an authentication device to claim the badge credential, and a processor configured to provide the badge credential to the authentication device in response to the claim indication, receive a proof response from the authentication device comprising the badge credential and a lock identifier, validate the proof response using a distributed ledger, and provide a token for unlocking a lock associated with the lock identifier to the authentication device.

A method of asset access control includes: storing, at an access control server: an asset record corresponding to a physical asset and containing an asset identifier corresponding to the asset; and an account record corresponding to a user of the physical asset and containing an account identifier; receiving, at the access control server from a client computing device, an authorization request containing the asset identifier and the account identifier; determining, based on a comparison between the asset record and the account record, whether to authorize the request; when the determination is affirmative, transmitting an instruction to a collector device mounted on the physical asset to permit subsequent access to the asset.

Merchandise security systems and methods are provided. In one example, a merchandise security system includes a plurality of electronic keys and a plurality of merchandise security devices located within a retail store. Each electronic key and each merchandise security device is configured to store one or more serial numbers. In addition, each electronic key is configured to be authorized for communication with one or more merchandise security devices within the retail store. An electronic key is configured to communicate with a merchandise security device for locking, unlocking, arming, and/or disarming the merchandise security device when the serial numbers match.