Correct configuration of readers in the field forms the basis of secure ID solutions. In the latest version of LEGIC Orbit, the option to restrict configuration data to specific reader ICs is a very powerful new feature.
LEGIC Orbit offers the possibility to transmit cryptographic keys and other configuration data from the management system securely to readers in the field. This works via so-called versatile configuration packages (VCP), which are generated in a hardware security module (HSM) and distributed to readers in the field via smartphones or management system.
With this new feature, one can now restrict the validity of each VCP to specific reader devices based on their chipID which uniquely identifies every LEGIC reader IC. This feature provides additional protection against abuse of configuration data and can help prevent configuration errors.
For example, a cryptographic key for a specific building is generated in the secure LEGIC Orbit environment. Subsequent distribution of this key via VCP can now be restricted to readers installed only in that building. This feature makes it impossible to wrongly configure readers not belonging to that building.
