Authorisation NFC Code Touch
The Authentication NFC Code Touch block (ANCT) is a block that works specifically with the NFC Code Touch products. This block allows you to set up user codes, alongside also providing them with an expiration date for projects such as holiday homes that might have other people in at various times.
The Authentication NFC Code Touch block stores information about known access codes and learned NFC tags. When a user enters a code into the touch, the device checks whether it is a known and authorised code. If it is, the output requested is switched. If not, it provides negative feedback.
If the module was to get 15 consecutive wrong codes, it locks itself for two minutes. This lock is similar to the “reset” input, except that NFC tags and app requests are still allowed. This monitoring is also available when creating access codes via the app: if a user attempts to create access codes quickly, he is limited to max. 5 codes in 2 minutes.
User-free access codes and NFC tags can be created on a limited time basis. If their validity has expired, they are automatically set to “inactive” and can no longer be used. If a Config user saves a configuration file in where these are not expired (i.e. without first loading from the Miniserver), it can happen that already expired codes are validated again.
To set up the function block double click on the module to enter the setup menu:
Outputs Q1 to Q6 can be named under ‘Outputs’:
In user groups, the authorised user groups and the scheduled times are defined.
Access codes are set via the Config in the Key Code tab:
The NFC tags are managed on the last tab.
NFC TAG SECURITY
There are several ways to secure NFC communication and prevent NFC tags from being copied. The most common method is to write a unique code to an NFC tag when it is first being paired with a reader, or “learnt in”. This code is then used to encrypt subsequent communication and is never transmitted again. The use of this code and encryption ensures that it is not possible to create a replicate tag to gain unauthorised access.
NFC TAG COMPATIBILITY
Many products use NFC technology, unfortunately this does not mean that all will work with the NFC Code touch. The NFC Code Touch needs to write information to the NFC tag, so if the tag is write protected (even if using the same protocol) it is not possible to use this tag with the NFC Code Touch. A common example of this are Bank Cards since these are usually write protected by the bank to prevent changes to the details stored on them.
Many Smartphones are NFC enabled, however the methods in which NFC tags are emulated by phones greatly varies and compatibility can thus not be guaranteed. We therefore don’t support the use of Smartphones as means of authentication with the NFC Code Touch.
The only recommended and officially supported tags are the Loxone NFC Smart tags or NFC Keyfobs. There are two version of NFC Smart Tag both Encrypted and Unencrypted and the Keyfobs are all encrypted. We recommend to use only the encrypted version for access control.
For information the NFC Code Touch uses the MIFARE® EV1 2K protocol operating DESFire high security encryption.
Since NFC communication requires a large amount of power under battery operation the NFC functionality is disabled to preserve battery life.
Codes of up to 8 digits long can be used. A code is entered by touching the digits and then pressing the tick. The status LEDs indicate a “timeout”. If the LEDs go out, too much time has elapsed and the entered digits are reset. In the case of a wrong code being entered, there is no “delete” button simply wait a few seconds for the timeout, then restart the process.
An access code or an NFC tag can be assigned to a user. If the user presents this to the NFC Code Touch, the Miniserver decides whether the user is authorised to enter based on the access settings in the Authorisation NFC Code Touch block. The assignment of a code can be made in the “Edit Authentication” dialogue box under the user properties in config. NFCs can also be entered manually here. Mostly however, NFCs are added to the via the NFC Monitor/Lean window.
The setting for if and when a user is allowed is made in the Authorisation NFC Code Touch block interface. In the “user groups” tab, users can be included or excluded from access because of their group membership. Time-dependent access control is also possible via the timer belonging to each group.
DEVICE SPECIFIC AUTHENTICATION
Access codes and NFC tags can also be assigned directly to an NFC code touch device for dedicated functions. This makes it possible to create user-independent access options, e.g for a postal service, or for special functions; which should be available to all. For this purpose, a code is created in the module pop up box in the tabs “Access codes” or “NFC tags”. Extended settings can also be made here. There is, for example, the possibility to have a code applied only once (it is valid for 90 seconds after initial use). In order to add an NFC tag to the device by learning, the learning mode can be used again in the NFC monitor.
CODES AS DIGITAL INPUTS
It is possible to use codes as digital inputs. For this purpose, a corresponding code must be created in the peripheral area under the heading “Digital inputs”. If for example, the code “1234” is entered there, the input of this code activates the corresponding digital input via the keypad. This can be used freely in the programming. NFC tags can also be learned as digital inputs via the learning mode.
The LEDs of the device give the user feedback about their actions. When any digit buttons are pressed, the four status LEDs light up white and begin to count down to give a time period to enter the code. When the countdown is complete (all LEDs are off again), the last entered digits will be cleared from the memory and it can be entered again.
- On successful code input / NFC authentication, the LEDs turn green.
- Incorrect codes or incorrect NFC tags are reported back via red LEDs.
If the NFC communication fails, the LEDs flash yellow quickly three times. This can happen if the user does not present the tag long enough, uses an unsupported tag or presents several tags at the same time.
A red light means that the reset input is permanently active, or the access code has been entered incorrectly 15 times and the is blocked for 2 minutes (displayed as a countdown).