It is provided a method for controlling access to a physical space using a co-sign delegation. The method is performed in a lock device and comprises the steps of: receiving an access request from an electronic key; obtaining a plurality of delegations, wherein each delegation is a delegation from a delegator to a delegatee, the plurality of delegations collectively forming a chain of delegations; determining that a delegation is a co-sign delegation, indicating that all further delegations need to be cryptographically signed by both the delegator of the respective delegation and by an access controller; and granting access to the physical space when the chain of delegations start in an owner of the lock device and ends in the electronic key; and when all delegations in the chain of delegations after the co-sign delegation are cryptographically signed by both the delegator of the respective delegation and by the access controller.

Aspects of the disclosure relate to electronic access control. An electronic key can access a set of one or more electronic locks according to scheduled access permissions. Access schedules may define one or more authorized time periods during which access to an electronic lock is permitted. Access schedules can be generated based on user input received via a user interface. A key configuration corresponding to an access schedule is transmitted from a server to the electronic key. The set of electronic locks includes at least one lock designated as a conditional access lock. The conditional access lock is associated with access control information including at least one of environment data or personnel data. Responsive to determining that the access control information does not meet one or more criteria, the server automatically adjusts access schedules and generates a corresponding key configuration for the electronic key.

Systems, methods, and apparatuses for location-based automated authentication are disclosed. A system comprises a mobile device, a sensor and a backend platform. The sensor and the backend platform are in network communication. The mobile device is operable to continuously transmit Bluetooth Low Energy (BLE) signals comprising encrypted transitory identifiers. The sensor is operable to receive a BLE signal from the mobile device when the mobile device is within a predetermined range, and communicate over a network connection the encrypted transitory identifier comprised in the BLE signal to the backend platform. The backend platform is operable to extract a unique identifier and a changing encrypted identifier from the received encrypted transitory identifier, generate a changing encrypted identifier, and validate a user identification by comparing the generated changing encrypted identifier and the extracted changing encrypted identifier.

An access control system for electric vehicle charging is provided that includes an access device, a secure reservation interface, a reservation server and a smartphone application installed on the smartphone. The access device includes a short-range wireless communication module connected to a processor having control of an electric vehicle charger. The secure reservation interface receives a reservation request for a reservation at a given destination. The reservation server receives the reservation request for the destination, issues a reservation certificate, and transmits the reservation certificate from the reservation server to a smartphone. The smartphone application has access to a short range wireless communication setting corresponding to the access device. The access device receives the reservation certificate from the smartphone application based on use by the smartphone application of the short-range wireless communication setting. The processor activates the electric vehicle charger based on at least the receipt of the reservation certificate.

Embodiments of a system and method for interactive barcode communication are described. In one embodiment, a mobile device presents a barcode to an information or transaction receptacle associated with the point of entry device. One embodiment provides for a method of transmitting data from an unconnected point of access device using an interactive barcode communication system on a mobile device, where the method comprises accessing a set of data on a point of access device, wherein the point of access device is unconnected from a data network with access to a central system database; dividing the set of data into multiple sections; incorporating the multiple sections into scan images for display during per-user transactions at the point of access device; and displaying the point of access data along with per-user transaction data during an interactive barcode communication transaction.

A physical access control system enables acceptable portal entry codes upon receiving each physical access request by operating on the elapsed time from a previous physical access request to generate a temporal credential. The controller receives a plurality of physical access requests from a plurality of mobile application devices. Upon authenticating the first access request, the controller eliminates repetition from the space of acceptable successor requests from each mobile application device. Monotonic nonces advance the range of temporal code matches. Entry code generation is decentralized to distributed application devices and is inherently unknowable until a successor access request is initiated by the same application device.

A physical access control system enables acceptable portal entry codes upon receiving each physical access request by operating on the elapsed time from a previous physical access request to generate a temporal credential. The controller receives a plurality of physical access requests from a plurality of mobile application devices. Upon authenticating the first access request, the controller eliminates repetition from the space of acceptable successor requests from each mobile application device. Monotonic nonces advance the range of temporal code matches. Entry code generation is decentralized to distributed application devices and is inherently unknowable until a successor access request is initiated by the same application device.

A method includes transmitting, by a handler device associated with a package handler, a message to an access control system requesting access to a secure container secured by an electronic lock mechanism; determining, by the access control system, whether the package handler is authorized to access the secure container based on the received message; transmitting, by the access control system, an unlock command to the secure container in response to a determination that the package handler is authorized to access the secure container; and unlocking the electronic lock mechanism of the secure container in response to successful authentication of the unlock command.

A method of requesting access through a door may involve: causing a mobile computing device to receive an identifier of the door; and causing the mobile computing device to transmit an access request to an access-control system, the access request comprising data representing at least the identifier of the door and an access code. A method of controlling access through a door may involve: receiving an access request from a mobile computing device, the access request comprising data representing at least an identifier of the door and an access code; and in response to the request, allowing access through the door. Systems are also disclosed.

A method of enrolling a user at a biometric lockset is described. The method includes receiving user access information from a mobile device of an administrative user of the biometric lockset. The user access information indicates to the biometric lockset to enter an enrollment mode in which a user identity is associated with fingerprint data in a user entry within a memory of the biometric lockset. A plurality of different light codes are displayed on the lockset, each one of the plurality of light codes representative of a different state of fingerprint data capture. A message is transmitted to the mobile device, and corresponds to the light code displayed at the lockset. The completed fingerprint data is stored in association with the user identity of the user in the user entry.