We redesigned access control to bring physical security up to the IT standard.
Devices implement secure boot, ensuring that no code is run by the embedded CPU unless code signatures match. Code is run from memory on the same die as the CPU, and all debug interfaces are permanently disabled.
Devices connect to the Kisi Cloud over TLS 1.2 with mutual authentication and ephemeral key exchange to ensure privacy and integrity with full PKI chain validation.
Any communication between Kisi devices, Kisi apps and Kisi services is encrypted in-transit using HTTPs.
Local network communication over UDP signed and AES / HMAC encrypted.
Database encryption in-transit and at-rest.
Passwords hashed with a widely used password hashing algorithm.
Automatic data backups and failovers to guarantee availability.
Rate limiting to mitigate DoS attacks.
Two-factor authentication (2FA) or Single Sign-On using SAML 2.0 with signature verification for organization users.
Credentials only in secure storage on Android and iOS.
Role-based access control with complete audit logs.
At Kisi we build our readers and controllers based on established, battle-tested security standards starting with our design for the hardware and systems that store data on the device.
For our publicly mounted devices there is no physical access to the chip, which is hidden beneath a secure layer that can only be removed by destroying the reader. Housings are secured with security screws and proprietary algorithms, including a built-in accelerometer in the reader that is specifically tuned to detect physical sabotage. In addition, the hardware has built-in tamper detection.
Embedded Software Security
Since all Kisi devices have their own OS, to update and operate independently, we execute critical code in a secure environment that is physically and cryptographically secured and completely on-die with no debug ports (hardware disabled at time of manufacturing). This means each app update we ship is protected by TLS 1.2 with mutual authentication and ephemeral key exchange to ensure privacy and integrity with full PKI chain validation, and also protected in local storage with per-device keys and AES-GCM-AEAD.
Devices connect to the Kisi Cloud over TLS-secured IP channels to ensure privacy and integrity with full PKI chain validation.
Over the Air (OTA) Updates
Kisi’s devices are designed to apply firmware updates automatically during off-hours (to keep bandwidth usage low). The updates we run are Over the Air (OTA) with near seamless uptime and are RSA signed with an HSM-hosted RSA key and AES encrypted. Typically we run updates every two weeks and downtime is usually below 10 seconds. That means you’ll never miss new features or critical security updates.
Secure Boot (Chain of Trust)
One of the biggest threats to device security is to run a different firmware without the device knowing it. To prevent this, Kisi uses (aside from industry best practices including 2FA for any deployment accounts) a method called “secure boot” with encrypted code loading. Storage is encrypted with a per-device key meaning that each time a Kisi device starts, it can only run previously verified firmware—an absolute novelty in the physical access industry.
Our hardware is manufactured and assembled by trusted partners in Europe and the United States who adhere to the same stringent security policies as we do.
Network security is one of the most critical components for cloud-connected infrastructure and any communication between Kisi devices, Kisi apps and Kisi services is encrypted in-transit using HTTPs.
Kisi is a future-proof product that works on the IP layer. This means that Kisi operates on the same local network as your other devices, so you don’t have to pull specific cables for your access control system. One of the reasons we built Kisi is because access control is one of the last domains that does not use IP devices. We believe this must change, as exploitation of physical access vulnerabilities becomes more common.
Controllers and Readers communicate with each other through the Kisi Cloud over TLS. Where available, Controllers and Readers also communicate over the local network using AES-encrypted UDP channels. Network communication over UDP signed and AES / HMAC encrypted.
Required Network Settings
All Kisi-powered security ecosystems are configured to follow our network protocol guidelines.This is how we offer industry-leading security practices, even on your local or personal network.
Because of our commitment to security and durability, we are compliant with some of the strictest electronic hardware standards. Out of the box, we are GDPR compliant and Privacy Shield certified, Kisi is also configured to comply with HIPAA.
Kisi data is hosted on Google Cloud Platform's servers (GCP), which features the best data security and reliability in the world.
Google Cloud Platform Security Measures
Google has an exceptional security protocol for their web services. Read more about security, one of Google's four pillars of its secure storage of data with end-user privacy safeguards.
At-Rest and In-Transit Encryption
We encrypt data in-transit and at-rest
Automatic Cloud Backup
Kisi devices automatically sync their local storage to the cloud. That means no matter what happens on-site, or even to the device itself, your data will be safe and sound and enables failovers to guarantee availability.
GCP and our cloud architecture eliminate any single point of failure in your security system. We also utilize Web Application Firewall to mitigate DoS attacks.
GDPR Compliance & Privacy Shield Certified
Security starts with Kisi, but it extends to each user who logs into our software. Kisi gives you the tools you need to control who has access to your system, and what they do with that access.
Passwords hashed with commonly used password hashing algorithm.
Single Sign-On using SAML 2.0
We partner with the most trusted single sign-on (SSO) providers in the industry using SAML 2.0 with signature verification for organization users, including Okta, OneLogin, Google Business Apps and Azure Active Directory—not only for administrative access but for end-user access as well. This means that your doors are secured with SSO.
Two-Factor Authentication (2FA)
If you prefer not to use SSO, we also offer a robust Two-Factor Authentication system. Even if physical credentials (access cards) are shared, the user has to confirm receipt of these cards via the email associated with the user to prevent abuse.
Role-Based Access Control
Easily customize individual and group access settings to thoughtfully assign access to the right people and to share sensitive data. Since many of Kisi’s admins utilize centralized access control for many different facilities spread out across the country, Kisi provides the possibility to add administrators per place and global admins.
Comprehensive audit logs specify who has accessed your system, and any changes they have made. Kisi also provides event logs via RESTful API so they can be pulled in corporate system logging or audit control tools.