Access

On the access screen, it is possible to configure all parameters related to access control and network intelock settings. To access it, just follow the path [MENU]->[ACCESS]. In this menu, you can define the iDFace mode, door opening time, the types of identification used, audio messages for identification, operating mode, validations, Wiegand and OSDP output parameters, and interlock settings via the network.

Access Menu Page 1 Access Menu Page 2

Operating mode

The iDFace can work in the following operation modes: Standalone, Pro (online mode), iDBlock primary or iDBlock secondary.

Standalone

In this mode, the device needs to have its database filled with all the information it needs to identify and authorize access. That is, user enrollments, biometrics/cards, departments, schedules, and access rules.

Pro (Online)

In this mode, when the user initiates biometric identification on the device, it analyzes the captured data using its own biometric algorithm and identifies the corresponding user in its local database.

Only the identified user ID is sent to the server, which processes the access rules and determines whether or not to grant authorization.

For more information, see the Pro Mode Documentation.

iDBlock primary mode

In this mode, the device acts as the turnstile controller. It is responsible for triggering the turn release for the corresponding side, maintaining the access log, and communicating with the server (both in pro mode and standalone mode).

In the same turnstile set, there must be one device configured as primary. Also, only one device must perfom this role in the same set.

When configured as primary, we can also configure the turnstile's default state in four modes:

  • Access always controlled (default): Both sides are controlled by the corresponding device. If the iDBlock Next has only one device, the release direction will always be for both sides.

  • Both turn directions: The iDBlock Next operates with always released passage for both sides. This use case only has practical interest during project configuration/implementation.

  • Turn in clockwise direction released: The right side is always released, and the left side is controlled by the corresponding device.

  • Turn in anticlockwise direction released: The left side is always released, and the right side is controlled by the corresponding device.

iDBlock secondary mode

The device configured as secondary collects the identification data presented to it (face, fingerprint, card, password or other) and sends it to the primary for processing the authentication. The secondary device does not communicate with any software, does not send activation commands to the turnstile, and does not store access logs.

Changing the mode

To change the iDFace's operating mode, press the icon [MENU] -> [ACCESS] -> [OPERATION MODE]. When clicking on this icon, we will see the current operation mode:

Standalone Configuration

Clicking on [RECONFIG.] allows us to decide whether to configure the device as a controller of an iDBlock set or not, just select the desired option and [NEXT].

Reconfiguration Page 1

iDBlock configuration

If the iDBlock Next controller option is selected, we have the primary and secondary mode configuration, as shown in the following image:

IHM Page 1

When selecting the secondary mode and clicking [NEXT], the configuration ends, and a confirmation screen is presented. If we select the primary configuration, we choose the turnstile's default state and then the turning direction.

IHM Page 2 IHM Page 3

Pro mode configuration

Once configured the device in either iDBlock primary mode or normal mode (selecting [NO] for iDBlock configuration in [MENU] -> [ACCESS] -> [OPERATION MODE] -> [RECONFIG.]), we are presented with the screen for choosing whether the online mode is activated or not:

IHM Page 4

When the mode is switched to Online, the icon [MENU] -> [ACCESS] -> [OPERATION MODE] will lead to a page where the Pro mode configuration status can be viewed.

Online Configuration

On the next page, you can change the master password of the device.

Master Password

Identification methods

On the main screen, press [MENU] -> [ACCESS] -> [IDENTIFICATION FORMS]. The screen for configuring the parameters related to the different types of readers that can release access will be displayed:

Identification Forms

Enable/disable readers

To enable or disable a reader that allows access, click on [ENABLE / DISABLE READERS]. The following screen is shown in the image below:

Enable Readers

As it can be seen, there are 5 types of readers that allow access: Facial, Card, QR Code, ID and Password, and PIN.

If the facial reader is enabled, iDFace will start the facial identification process whenever a person is detected by the cameras. If the detected person has an enrolled and authorized face, access will be granted.

Similarly, if the card reader is enabled and a card is brought close to the device, iDFace will check if the card is linked to a registered and authorized user. If it is, access will be granted.

If the QR Code reader is enabled, when a QR Code is detected by the cameras, iDFace will check if the QR Code is linked to a user and will grant access if the user is authorized.

The ID and Password mode, if enabled, makes the use of PIN mode impossible. If activated, when the user clicks on the main screen, iDFace will check access through the ID and password linked to the user and grant access if the user is authorized.

Finally, the PIN mode, if enabled, makes access by ID and Password impossible. If activated, when the user clicks on the main screen, iDFace will check access through the PIN linked to the user and grant access if the user is authorized.

Note: by default, all access readers are enabled, except for the PIN mode.

Configure QR Code

To configure the QR Code operating mode, click on [CONFIGURE QR CODE]. The following screen is shown in the image below:

Configure QR Code

In Numeric Only mode (Default), the QR Code content must be 64-bit numeric. The QR Code will be recorded as a cards type object.

In Alphanumeric mode, alphanumeric characters are accepted in the QR Code representation and the object used for storage will be of the qrcodes type. iDFace is also compatible with USB QR Code readers. Wiegand QR Code readers are not supported in this mode.

In Hexadecimal Numeric mode, the QR Code content must be 64-bit hexadecimal numeric. The QR Code will be recorded as a cards type object.

The default reading mode is Numeric Only.

Card reading

To configure the card reading mode, click on [CARD READING]. One of the following screens will be shown considering each of the supported card types:

Mifare card reading

Mifare Card Reading

The possible options are related to the byte order in which the reading will be done: Standard, W26, LSB, LSB64, LSB W26.

ASK card reading

ASK Card Reading

The possible options are related to the area size and user code size. Values for area size: 0 bits or 8 bits (default). Values for user code size: 16 bits (default), 24 bits, 32 bits, or 40 bits.

Note: To use a 40-bit user code size, the area size must be 0 bits.

Hide name on access

To configure whether the name on access will be hidden or not, just click on [HIDE NAME ON ACCESS].

Identification mode

By clicking on the option [IDENTIFICATION MODE], we can configure identification in 1:1, 1:N modes or Match on card.

Audio messages

On the home screen, press [MENU] -> [ACCESS] -> [AUDIO MESSAGES]. The screen for configuring the audio response of identification events will be displayed.

Definitions of audio events

There are 4 events with an audio response: "Not identified", "Authorized", "Not authorized", and "Wear mask". This menu has 3 screens that can be accessed via the "Next" button:

Audio Messages 1

The above screen allows configuring the audio response for the events "Not identified" and "Authorized". By default, all audio messages are disabled.

It is possible to change the audio messages to "Default" or use an audio file with a custom message.

Note: the audio file can be loaded onto the iDFace via the WEB interface or API requests. For more information, see the API Documentation.

In the figure below, the following screen is shown, where the audio messages for the events "Not authorized" and "Wear mask" can be configured.

Audio Messages 2

Volume

Finally, by advancing to the last screen, you can adjust the volume of the audio that will be played. The 3 volume levels are: normal, medium, or high. The default volume is normal:

SecBox

On the main screen, press [MENU] -> [ACCESS] -> [SECBOX]. The screen for configuring the parameters related to door opening will be displayed:

  • Door Sensor: This button allows you to activate or deactivate the door sensor.

  • Sensor Mode: Defines the mode of the door sensor: Normally Open or Normally Closed.

  • Intelligent Closing: This parameter indicates if the relay should close when the door sensor opens.

  • Time of Opening (ms): Represents the relay opening time of the SecBox in milliseconds.

  • Open Door: Allows you to open the door relay by pressing the button.

Pressing [NEXT] will present the following page:

  • Standard: In standard communication mode, the SecBox can communicate with any device.

  • Advanced: In advanced communication mode, the SecBox can only communicate with the iDFace that configured it.

Pressing the [NEXT] button, a new SecBox configuration page is shown.

  • Emergency (Always Open): Allows the door to remain always open.

  • Blocked: Keeps the door always closed.

  • Disabled: There is no special treatment for this type of scenario.

Pressing the [NEXT] button, the last SecBox configuration menu is presented.

In this menu, you can update the SecBox firmware.

Validations

On the main screen, press [MENU] -> [ACCESS] -> [NEXT] -> [VALIDATIONS] to enter the validation configuration screen.

The "Anti-Passback by time" is a feature that allows a user with authorized access not to be authorized again within a predefined time interval.

  • Time: The default time interval is 720 minutes. On this page, you can enable or disable this anti-passback feature and set its operating time interval.

  • Access Log Level: Defines whether the logs shown in the Access Log will have a low or high level. In the low level, the device does not record failed access attempts. In the high level, the device records all attempts.

Pressing [NEXT], a new page will appear, allowing you to choose how expired users will be handled:

  • All: All expired users will be deleted without exception.
  • Visitors: Only visitors will be deleted.
  • Disable: No expired users will be deleted.

Wiegand

On the main screen, press [MENU] -> [ACCESS] -> [NEXT] -> [WIEGAND]. The screen for configuring parameters related to Wiegand protocol output settings will be displayed:

  • Mode: Configures the type of data output: ID transmission, authorized card transmission, or any card transmission.

  • Size: Defines the number of output bits for the Wiegand protocol. Possible values: 26 (default), 32, 34, 37, 40, 66.

Pressing [NEXT], the user will be redirected to the following screen:

  • Byte Order: Defines the position of the most significant bit in the Wiegand protocol: MSB (most significant bit is on the left) and LSB (most significant bit is on the right).
  • Transaction Denied: Configures return codes for denied transactions.

OSDP

On the main screen, press [MENU] -> [ACCESS] -> [NEXT] -> [OSDP]. The screen for configuring parameters related to OSDP protocol output settings will be displayed:

Addressing

As shown in the image below, after enabling the OSDP protocol, you can configure the communication module's address. Then, through the Baud Rate, you can choose the data transmission rate in bits per second.

Format

You can also choose the format of the transmitted data: Binary (default), Wiegand, or ASCII. If Wiegand format is selected, you can define the number of output bits for the OSDP protocol. Possible values: 26 (default), 32, 34, 56 and 66.

Mode

As shown in the image below, you can enable the Mandatory Secure Channel and the Installation Mode. To enable Installation Mode, you must wait for the mandatory OSDP activation restart. After that, Installation Mode will be enabled until one of the following conditions occurs: - Key change; - After 30 minutes; - Restart.

Finally, you can configure the data output type: ID transmission (default), Authorized Card transmission, or Any Card transmission.

After defining the OSDP parameters, press the [OK] button to save the settings.

Network interlocking

On the main screen, press [MENU] -> [ACCESS] -> [NEXT] -> [GLOBAL NETWORK INTERLOCKING]. The screen for configuring network interlocking parameters will be displayed, including options to ignore interlocking when opening the door via Button or API, as well as the button that leads to the interlocking rules registration screen.

The network interlocking functionality involves this device (referred to as the local device) checking the status of doors from other registered devices (referred to as remote devices). If the door(s) of the registered device(s) are closed, the local device will grant access (assuming successful identification); otherwise, access will be denied, and a message will be displayed guiding the closure of any other open doors.

Enable remote interlocking

Allows you to enable or disable the remote interlocking functionality. When interlocking is enabled, door opening via both API and REX button will be subject to interlocking.

Bypass interlocking when opening door via API

Enabling this functionality will ignore interlocking when sending a door opening signal via API, i.e., the door will open regardless of the status of any other registered doors.

Bypass interlocking when opening door through REX

Enabling this functionality will ignore interlocking when opening the door via the REX button connected to the SecBox, i.e., the door will open regardless of the status of any other registered doors.

Edit interlocking rules

Pressing this button will display the following page for listing remote interlocking rules:

Initial considerations

You can register various devices to be remotely interlocked: this device will check the status of the door of each registered device with the rule enabled.

Pressing [ADD] will display the following screen:

This screen has the following fields:

  • Rule Name: The Rule Name is the name given to this registration on the local device. It is for organizational purposes only.
  • Remote Device IP: The IP of the remote device to be interlocked with this local device.
  • Remote Device Login: The login for the remote device to be interlocked with this local device.
  • Remote Device Password: The password for the remote device to be interlocked with this local device.
  • Enable Rule: This button allows you to enable or disable this interlocking rule, allowing you to deactivate just this rule without having to disable interlocking or delete the rule.
  • Test Connection: This button allows you to test if it is possible to connect to the remote device.

Similarly, pressing on the name of a registered rule will allow you to edit it, opening a screen similar to the registration screen. In this screen, if you wish to delete the rule, press [DELETE].

Press [OK] to save the rule. If you wish to cancel the changes made, press [CANCEL].