InstaNFC – Access Control Hardware for Developers
instanfc.comNFC tags aka MIFARE Classic and the like? Those would be susceptible to cloning with something like Chameleon Tiny and to repeater attacks. You need actual contactless smartcard support if you want to use it for something serious. Otherwise be ready for LockPickingLawyer making an example of you of how not to do it, he already has similar videos about it.
PC/SC compatible stuff is out there if you know where to look (not affiliated with them) https://webshop.d-logic.net/products/nfc-rfid-reader-writer/...
(ignore the cards they include with the order, proper contactless smartcards or something like an OMNI ring https://store.nfcring.com/products/omni need to be purchased separately)
Both Ultralight EV1 and NTag 21X are supported and recommended. Cloning is possible for the NTag, but there’s currently no chip out there that can actually lock block 0, which makes detecting and bricking them trivial.
One can make this system as secure as the specs require it to be: brick clones, reject certain tag types, add encryption, add counters, perform analysis server side, etc.
As long as people are warned it's up to them to decide. Personally I like standards and this on the other hand is a bit of a lipstick on a pig situation. It was allowed to go on for far too long already with every vendor just glossing it over, not unlike what happens with actual locks and keys.
RC522 and ESP32 is something an amateur can glue together. I cannot see why is this project a thing. I would expect a TPM alike module at least.
If it comes with the box, then that's reason enough for me.
Consider a "smart" door bell. Sure, it's easy to attach a camera to an RPi and a button, but I don't want to strap that to my front door without a nice box to put it in.
Cost/performance, time to market, IDE, ability for others to understand
Cost will be lower with your own design because you'll integrate other components on the same board. It needs power, probably battery backup too. It needs to control some coil of electromagnetic lock. Access control is more than just flashing LEDs.
It has IDE because ESP32 has IDE.
“Built out of internal necessity” - I didn’t write this for no reason. Here is a little more background: https://inoads.com/articles/2021-07-01-keyRead-Announcement
I see it as similar to a RPi - great for POC or smaller deployments, especially if you have different requirements on different projects because you can share the same knowledge base, but for a large deployment you'd probably invest the time and money into sourcing something more specific.
I've had lots of half-baked ideas for things to do around the house that this would be very cool for, since I'm not 100% sure what functionality (and therefore hardware) I'll really need.
Honestly, it's not THAT hard with Raspberry PI Pico and CircuitPython.
I have experience of programming for ARM M0 with Linaro, debugging over SWD. It was pain.
A few weeks ago I got Tiny2040, flashed with CircuitPython. I believe even a teenager can now do some microcontroller stuff. It's so unbelievably easy.
If I understand this correctly, this project seems to encourage developing AC systems with the authorization logic on the public side.
If so, keep in mind that a hammer would be as effective as any authorized contactless device.
From the website: “Read NFC tags to open doors with electric strikes (integrated 12V relay) or motors (toggle GND). A second board can be used as an antenna for enhanced security.”
For lower security scenarios like access to hotel rooms (where trust has already been established) it is sufficient. Plus using a case with proprietary screws, or even making it inaccessible from the outside can also help with security.
It's not a good idea to have the decision making happening on the outside of the door you want to protect. Ideally, the outside component should just be the antenna and the microcontroller should be on the inside of the door.
As they demonstrate in the video, you can open their example case with a screwdriver, so then you could either short some connections to release the door lock (if it's self-contained), or connect to the ESP to grab a copy of its firmware and configuration to connect directly back to whatever controller it talks to over wifi (if it's part of a larger system).
Bypassing the system is not completely trivial, but for a determined actor, possible. For outdoor or higher security installations, two boards are recommended, where the outside one acts purely as an antenna.
Shameless plug: If this interests you, I am building similar technology for enterprises at Verkada, reach out to me I'm looking for builders
I don't want to be hostile but your camera pricing seems insanely high. It looks like you are competing for the same market as Reolink which has what appears to be a similar product for a TINY fraction of the cost probably 10x or less.
What is the benefit of your product vs theirs?
That's a great question. Hard to answer in a comment. It's sort of apples & oranges. The way I think about it, we are targeting a different customer (enterprise vs small business/home) and we are solving the problem in a different way (no nvr, cloud first, deeply integrated, extremely easy to install and maintain, dedicated customer support). In my mind, it's something like Reolink:Verkada::Self hosting:AWS
I'd be interested in chatting. I don't see an email in your profile, let me know how to get in touch & I'll drop you a line this week. :)
Email sent :)
I’m an industrial design student who would love to learn more!
This looks very cool. No mention of pricing yet -- anyone care to speculate? I can appreciate the request for a distributor at the end means they aren't commercially pumping them out yet but maybe a dev kit for example.
I wonder what kind of success this might have, because this is clearly something they built either internally or for a client and turned it into a off the shelf product.
I have built stuff who could even compete with that.
This would be much more interesting if it had Apple VAS & Google SmartTap support. Although, I suppose that'd require proprietary blobs and a enterprisey admission process.
Those chips and protocols are closely guarded, alternatively the hardware has BLE support. I did already create a proof of concept offline-only Apple Watch access app.