Blog

OSDP READERS – PROS & CONS

You have probably come across the new card reader connection standard called OSDP. OSDP stands for Open Supervised Device Protocol and is being endorsed by all major manufacturers. So why is it important? Are there any second thoughts?

PRO1: OSDP is more secure

Previous connection methods (Wiegand and Data Clock) were glaringly insecure. OSDP is the first secure connection method and it is quite amazing that it arrived so late. Why is OSDP more secure? Because of its two-way encrypted communication. This means it cannot be eavesdropped, faked or bypassed. It also cannot be disconnected without detection. Furthermore, OSDP establishes a so-called Secure Channel Protocol which is essential for exchanging secure credentials, such as digital keys. All this is a huge improvement over the Wiegand or Data Clock connection.

PRO2: OSDP wiring is simpler

Instead of using discrete wires, OSDP works over a communication bus and can be used for much more than connecting a single card reader. All kinds of OSDP devices including sensors, actuators, I/O boxes, even controllers can be connected over the same 2-wire cable. This is a huge improvement over the traditional separate wiring which could require 12 pairs or more. OSDP infrastructure is both easier and cheaper to install and maintain.

PRO3: OSDP readers are configurable

OSDP readers are intelligent devices and can be reprogrammed, at least to some extent. That brings along at least two nice benefits. The first one is so-called branding – getting the detailed configuration for a specific type of credentials, range of codes, custom security features, etc. And if something needs to be changed later, the configuration can be updated. The second benefit is the ability of a reader to be upgraded. As with any other digital security device, readers will become obsolete very fast unless they can be upgraded.

All of this is great. So are there any reservations? Let’s see:

CON1: OSDP readers are costlier

This may sound trivial, as all new tech tend to cost more than the old one, right? But unfortunately, there is more. Replacing readers is not enough. To implement OSDP you need to replace I/O devices and controllers. The software will probably also need to be upgraded. So it is not a minor improvement, the cost can be significant. For higher security installations, the cost may be much easier to justify than for ordinary everyday office-grade access control.

CON2: Cards are disappearing

Not only access control badges, all plastic cards seem to be on their way out, being replaced by smartphone apps. The latest generation of readers supports this trend by adding Bluetooth communication with smartphones. The change from cards to smartphones is happening fast and this may be the last generation of card-based access control. In that case, it may be questionable to invest in sophisticated card reader technology. Maybe it would be wise to wait a bit more for pure smartphone readers?

CON3: Readers may be disappearing too

Pure smartphone readers? If we think about it, we don’t need readers for connecting door control to a smartphone. All that is needed is a Bluetooth transmitter which can be an internal part of a door control circuit, not something exposed at the door. Smartphone access does not require anything tangible or even visible. So we may be looking at the last generation of reader-based access control. In that case, OSDP may just be the last chance to breathe some more life into the card and reader industry.

CONCLUSION

If you are installing a new access control system today, it is probably a very good idea to go with OSDP. Especially for higher security installations where we can expect sophisticated attacks on the security infrastructure. The higher cost of readers may be easily compensated with the lower cost of installation.

For existing installations, it is less clear. In any case, non-OSDP readers should be considered as one of the known security vulnerabilities.