Search

US-12621664-B2 - Access control via a mobile device

US12621664B2US 12621664 B2US12621664 B2US 12621664B2US-12621664-B2

Abstract

Systems, devices, and methods for access control via a mobile device are described herein. One method includes receiving location information associated with a mobile device in a facility, determining that the mobile device is within a particular distance of an area of the facility based on the location information, determining whether a user of the mobile device is allowed access to the area, and allowing access to the area via a relay associated with the area responsive to a determination that the user is allowed access.

Inventors

  • Sanjay Roy
  • Frank Lin
  • Bryan Jones
  • Datta Godbole
  • Himanshu Khurana

Assignees

  • HONEYWELL INTERNATIONAL INC.

Dates

Publication Date
20260505
Application Date
20221007

Claims (20)

  1. 1 . A mobile device that has a non-transitory storage medium that stores instructions that when executed by a processor of the mobile device cause the mobile device to: receive a digital identity from a remote device, wherein the digital identity includes access rights that define whether a particular user assigned to the mobile device has access rights and should be granted access to a designated secure area of a facility, wherein the digital identity automatically expires after a predetermined period of time; store the received digital identity, including the defined access rights, on the mobile device; determine that the mobile device is adjacent an access point to the designated secure area of the facility, wherein the access point has an access device that includes an actuating mechanisms that controls a locking device that control access to the designated secure area of the facility, wherein the access device controls the actuating mechanism to unlock the locking device and allow access to the designated secure area of the facility in response to the access device wirelessly receiving an unlock command from the mobile device; in response to determining that the mobile device is adjacent the access point to the designated secure area of the facility: the mobile device verifying that the access rights defined by the digital identity and stored on the mobile device grant the particular user access to the designated secure area of the facility; the mobile device verifying that the digital identity has not yet expired; and in response to the mobile device verifying that the access rights defined by the digital identity and stored on the mobile device grant the particular user access to the designated secure area of the facility and that the digital identity stored on the mobile device has not yet expired, transmit a control command from the mobile device to the access device that when received by the access device causes the access device to unlock the locking device and allow the particular user access to the designated secure area of the facility.
  2. 2 . The mobile device of claim 1 , wherein the instructions that when executed by the processor of the mobile device cause the mobile device to automatically determine that the mobile device is adjacent to the access point to the designated secure area free from user input.
  3. 3 . The mobile device of claim 1 , wherein the instructions that when executed by the processor of the mobile device cause the mobile device to: verify that the mobile device is possessed by the particular user assigned to the mobile device by authenticating the particular user to the mobile device; and in response to the mobile device verifying that the mobile device is possessed by the particular user assigned to the mobile device, that the access rights defined by the digital identity and stored on the mobile device grant the particular user access to the designated secure area of the facility, and that the digital identity stored on the mobile device has not yet expired, transmit the control command from the mobile device to the access device.
  4. 4 . The mobile device of claim 3 , wherein authenticating the particular user to the mobile device comprises receiving one or more inputs made the particular user.
  5. 5 . The mobile device of claim 4 , wherein one or more inputs made by the particular user include entry of a personal identifier number (PIN).
  6. 6 . The mobile device of claim 3 , wherein authenticating the particular user to the mobile device comprises receiving a biometric input from the particular user.
  7. 7 . The mobile device of claim 6 , wherein the biometric input includes one or more of a fingerprint scan and a facial scan.
  8. 8 . The mobile device of claim 1 , wherein determining that the mobile device is adjacent the access point to the designated secure area of the facility comprises receiving one or more beacon signals from a beacon located adjacent to the access point.
  9. 9 . The mobile device of claim 8 , wherein the beacon is Bluetooth low energy beacon.
  10. 10 . The mobile device of claim 1 , wherein determining that the mobile device is adjacent the access point to the designated secure area of the facility comprises reading one or more readable tags adjacent the access point.
  11. 11 . The mobile device of claim 1 , wherein determining that the mobile device is adjacent the access point to the designated secure area of the facility comprises using a camera of the mobile device to capture an image of a code that is located adjacent the access point.
  12. 12 . The mobile device of claim 1 , wherein the instructions are part of an application program loaded on the mobile device.
  13. 13 . A method for access control to a designated secure area of a facility via a mobile device, the method comprising: the mobile device storing access rights that define whether a particular user that is assigned to the mobile device has access to the designated secure area of the facility; the mobile device determining that the mobile device is adjacent an access point to the designated secure area of the facility, wherein the access point has an access device that includes an actuating mechanisms that controls a locking device that control access to the designated secure area of the facility, wherein the access device controls the actuating mechanism to unlock the locking device and allow access to the designated secure area of the facility in response to the access device wirelessly receiving an unlock command from the mobile device; responsive to determining that the mobile device is adjacent the access point to the designated secure area of the facility, an application program running on the mobile device referencing the access rights for the particular user that are stored on the mobile device and determining whether the particular user assigned to the mobile device has access rights and should be granted access to the designated secure area of the facility or not; and responsive to a determination by the application program running on the mobile device that the particular user assigned to the mobile device has access rights and should be granted access to the designated secure area of the facility, the mobile device transmitting a control command to the access device that when received by the access device causes the access device to unlock the locking device and allow the particular user access to the designated secure area of the facility.
  14. 14 . The method of claim 13 , wherein the application program running on the mobile device is configured to verify that the mobile device is possessed by the particular user assigned to the mobile device by authenticating the particular user to the mobile device before allowing the transmission of the control command to the access device.
  15. 15 . The method of claim 14 , wherein the application program running on the mobile device is configured to authenticate the particular user to the mobile device by receiving one or more inputs from the particular user.
  16. 16 . The method of claim 15 , wherein one or more inputs from the particular user include entry of a personal identifier number (PIN).
  17. 17 . The method of claim 14 , wherein the application program running on the mobile device is configured to authenticate the particular user by receiving a biometric input from the particular user.
  18. 18 . The method of claim 13 , wherein determining by the application program running on the mobile device whether the particular user assigned to the mobile device has access rights and should be granted access to the designated secure area of the facility comprises: accessing a digital identity stored on the mobile device that includes the access rights that define whether the particular user that is assigned to the mobile device has access to the designated secure area of the facility, wherein the digital identity automatically expires after a predetermined period of time; verifying that the access rights defined by the digital identity and stored on the mobile device grant the particular user access to the designated secure area of the facility; and verifying that the digital identity stored on the mobile device has not yet expired.
  19. 19 . A system for controlling access to a designated secure area of a facility, the system comprising: an access control system for generating a digital identity that includes access rights that define whether a particular user assigned to a mobile device has access to the designated secure area of the facility; the mobile device storing the digital identify, including the access rights that define whether the particular user assigned to the mobile device has access to the designated secure area of the facility; the mobile device comprising an application program loaded on the mobile device, the application program when executed by the mobile device causes the mobile device to: reference the digital identity generated by the access control system and stored on the mobile device; verify that the mobile device is possessed by the particular user assigned to the mobile device by authenticating the particular user to the mobile device; verify that the access rights defined by the digital identity and stored on the mobile device grant the particular user access to the designated secure area of the facility; in response to verifying that the mobile device is possessed by the particular user assigned to the mobile device and that the access rights defined by the digital identity and stored on the mobile device grant the particular user access to the designated secure area of the facility, transmit an unlock control command from the mobile device that grants the particular user access to the designated secure area of the facility; a locking device for locking and unlocking an entry to the designated secure area of the facility; and a controller of the locking device operatively coupled to the locking device, the controller configured to: receive the unlock control command directly from a mobile device that grants the particular user access to the designated secure area of the facility, and in response, unlocks the locking device, which unlocks the entry to the designated secure area and allows the particular user of the mobile device access to the designated secure area.
  20. 20 . The system of claim 19 , wherein the digital identity automatically expires after a predetermined period of time, and wherein the application program when executed by the mobile device causes the mobile device to: verify that the digital identity has not yet expired; and in response to verifying that the mobile device is possessed by the particular user assigned to the mobile device, that the access rights defined by the digital identity and stored on the mobile device grant the particular user access to the designated secure area of the facility and the digital identity has not yet expired, transmit the unlock control command.

Description

CROSS REFERENCE TO RELATED APPLICATION This application is a continuation of U.S. application Ser. No. 17/140,910, filed Jan. 4, 2021, which is a continuation of U.S. application Ser. No. 16/730,450, filed Dec. 30, 2019, now U.S. Pat. No. 10,887,766, which is a continuation of U.S. application Ser. No. 15/615,597, filed Jun. 6, 2017, now U.S. Pat. No. 10,534,125, which is a continuation of U.S. application Ser. No. 14/713,767, filed May 15, 2015, now U.S. Pat. No. 9,713,002, all of which are incorporated herein by reference. TECHNICAL FIELD The present disclosure relates to systems, devices, and methods for access control via a mobile device. BACKGROUND Access control systems are designed to provide access to areas of a building for individuals who are authorized to access such areas, and deny access to those areas of the building to individuals who are not authorized to access such areas. For example, certain individuals may be authorized to access a secure area of a building, whereas other individuals may not be allowed to access the secure area. Previous approaches to access control systems may utilize costly hardware devices located at perimeter(s) of secure areas to verify a user's identity. In some examples, personal identification number (PIN) pads, biometric sensors (e.g., fingerprint sensors and/or physical access cards (e.g., badges) may be used. Carrying a physical access card may be cumbersome. A user may be locked out of an area if the user forgets to carry the physical access card, and an unauthorized user may gain access to a secure area because the access control system cannot verify the physical identity of the user carrying the physical access card. In addition, such hardware devices may not only be expensive to install, operate, and/or maintain, but may soon become obsolete. BRIEF DESCRIPTION OF THE DRAWINGS FIG. 1 illustrates a system for access control via a mobile device in accordance with one or more embodiments of the present disclosure. FIG. 2 illustrates a method for access control via a mobile device in accordance with one or more embodiments of the present disclosure. DETAILED DESCRIPTION Access control via a mobile device is described herein. For example, one or more embodiments include receiving location information associated with a mobile device in a facility, determining that the mobile device is within a particular distance of an area of the facility based on the location information, determining whether a user of the mobile device is allowed access to the area, and allowing access to the area via a relay associated with the area responsive to a determination that the user is allowed access. Embodiments of the present disclosure can effectively replace a user-carried physical access card and access control system hardware devices with a mobile device. By using a mobile device—something most users typically already carry—embodiments of the present disclosure can provide increased security while streamlining user interaction with the access controls system. Additionally, embodiments herein can reduce costs by obviating the need for expensive hardware devices to verify user identities. Increased security can be provided through capabilities offered by mobile devices. In some embodiments, biometric validation (e.g., fingerprint scanning) can be carried out via the mobile device. In some embodiments, users (i.e., the user's mobile device) can be assigned a digital identity (discussed further below). The digital identity can allow the mobile device, instead of a physical hardware access controller, to control access, for instance. User interaction with the access control system can be streamlined via capabilities offered by mobile devices. In some embodiments, global positioning system (GPS), WiFi, and/or other location functionalities provided by the mobile device may allow the automatic determination of user location (e.g., without user input). Thus, rather than physically presenting a card (or other device) for access to an area, the user can simply draw within a particular distance of the area. That is, whereas previous approaches may utilize “card readers,” which typically call for a user to present a card (e.g., badge and/or other token), read the card, then transmit a signal physically to an access controller to make an access determination (e.g., whether the user is allowed access), embodiments of the present disclosure can allow the mobile device itself to effectively become the card. Then, the “card” can be presented to a “reader” by virtue of the mobile device being in a particular physical location (or within a particular distance of a particular physical location). In the following detailed description, reference is made to the accompanying drawings that form a part hereof. The drawings show by way of illustration how one or more embodiments of the disclosure may be practiced. These embodiments are described in sufficient detail to enable those of ordinary skill in t