This manual represents the knowledge at the above-mentioned time. TKH security works non-stop to improve her products. For the most recent technical information please contact your consultant or dealer.
1. Introduction
20face provides a contactless solution for office buildings using GDPR-proof facial recognition. This document provides an overview of the functionalities and also the steps required to connect 20face and iProtect.
2. Support and license
Below is an overview of support for both the hardware and the software, including the necessary license:
Support | Version | Maximum | License number |
---|---|---|---|
iProtect | >= 10.1.xx | 505-3101 online card reader license | |
Pluto | |||
20face IDbox | Max. 4 per Pluto | ||
Virtual card readers | Max. 8 per Pluto |
When using 20face, the 'calamity card' function cannot be used.
3. How does it work
In iProtect, the 20face facial recognition is handled like a card reader. As a result, most of the functions available for a physical card reader are also available for the 20face solution.
The connection between the Pluto and the 20face IDbox is based on the OSDP protocol via TCP/IP. The IDbox is created within iprotect as Node. Several card readers can be linked to the 20face node, where the card reader is the camera that sends an ID when it recognizes a face.
4. Functionalities 20face application in iProtect
The integration between iProtect and the 20face system offers the following functionalities:
Description | Details |
---|---|
Full integration with 20face cloud solution |
|
Management, completely by iProtect |
|
Advanced functions available like |
|
5. Setup
20face is a cloud-based solution, which means that an internet connection is necessary. Before proceeding with the following chapters, check if iprotect can connect to the internet.
Browse to the Maintenance page or cockpit from iProtect and check:
if gateway address is set
if dns server ip address is set
5.1 Node
Determine to which Pluto(line) the 20face IDbox should be connected.
In iProtect, browse to menu: Installation | Hardware | Line.
Select the Pluto where the identity box should be connected
Right click on the Pluto and add a Node
Only the used fields are described in the table below.
Field | Content | |
---|---|---|
Name | Logical name e.g. 20face | |
Features | Node | OSDP |
OSP compatibillity | Fully compliant | |
General | Name | Logical name is mandatory |
Login 20face | Username | Fill in username |
Password | Fill in Password | |
SSL | Use SSL | Default on |
Aloow self signed | Default on | |
Allow expired | Default on | |
No Hostname check | Default on | |
Client communication type | Less secure client communication | |
Status | Node online | Selection option to activate |
Address | HTTP port | 8888 |
IP address | IP address 20face IDbox | |
URL | Reserved future use (default “/”) |
When using iProtect <=10.2 SSL settings are in de Node dialog. These settings can be determined depending on the situation.
When using iProtect > 10.2 SSL settings are moved to: Installation | Hardware | Secure communication type. These settings can be determined depending on the situation.
5.2 Card data
5.2.1 Card number presentation
Card Number Presentation is needed to determine how to enter- or display the card number.
In iProtect, browse to menu: Access | Settings | Card coding | Card number presentation.
Right click in the search field and choose “add Card number presentation”:
Field | Content |
Name | Logical name, e.g 20face |
Format | Personid as cardnumber |
5.2.2 Card data interpretation
Card data interpretation is needed to determine how to interpret the data from the mobile devices.
In iProtect, browse to menu: Access | Settings | Card coding | Card data interpretation.
Right click on the “Card number presentation” that was just created and choose “add Card data interpretation”.
Field | Content | |
Name | Logical name, e.g 20face | |
Default card data interpretation | cardnumber is personid (press set) | |
Format | Reader communication protocol | ABA |
Card type | Decimal to data lenght |
5.3 Configure the Service / database link
In iProtect, browse to menu: Installation | Settings | Services | Database link:
Right click in the search field and choose “add database link”
Select typ: 20face Face Recognition
Field | Content | Description | |
Name | Logical name. e.g 20face service | ||
Status | Active | “Checked” | |
Remote server | Login name | Enter the login name | Supplied by installer |
Password | Enter the password | Supplied by installer | |
Time out (sec.) | 45 | ||
Parameters | Project id | Default 45 seconds, do not change unless adviced by TKH | Supplied by installer |
Card data interpretation | Select the 20face card data interpretation | ||
Main Domain | The Connection URL | ||
Authorization | Read | Everything |
6. Quick setup
6.1 Add person
In iProtect, browse to menu: General | Person:
Right click in the search field and choose “add person”.
Enter the Name, prefix and first name.
6.2 Add email address
In iProtect, browse to menu: General | Person:
Right click in the search field on the created person (see: 5.1), choose “add contact” .
Select at Contact type “email address”.
Add a description.
Add an unique email address.
There are several ways to create a new contact
6.3 Add card
In iProtect, browse to menu: General | Person:
Right click in the search field on the created person (see: 5.1), choose “add card”.
Select at Card number presentation “20face”.
Select option “Valid”.
Select option “Unlimited”.
Press “Save”.
An additional field is displayed “Email”.
Select the “Email address” and press “Send”.
The invitation has send (default valid for 7 days before it expires and a new invitation ha to be send). It can take a couple of minutes before the email arives. Please follow the instruction in the email to finalize the registration of the face recognition.
Once The face is registered, it will take less than 10 minutes before the complete system is operational.
6.3.1 Adding access rights
In iProtect, browse to menu: Access | Card:
Search for the created card (See 5.3)
Select the card in treeview and open in the treeview the “card group list” and enable the card group(s).
7. Events
Type | Description |
---|---|
System offline | If the network connection is lost between the Pluto and the IDbox, face recognition shall not be functional |
Date / Time | If an event has a * before the date/time stamp, it means that the correct time of the event does not have the expected timestamp. For example, this can be dated 1 Jan. 1970. iProtect will change the time to the current time marked with *. not to lose these events |
User logs in/out events | User log- in and out are the internal connection messages of iProtect with the service that is connected:
|
Webservice | Web server messages are messages about communication with the 20face cloud application:
|
Node events | Node events are messages about the connection between IDbox and Pluto:
|