GB2443212A - An access control system using guest entry codes - Google Patents

An access control system using guest entry codes Download PDF

Info

Publication number
GB2443212A
GB2443212A GB0621273A GB0621273A GB2443212A GB 2443212 A GB2443212 A GB 2443212A GB 0621273 A GB0621273 A GB 0621273A GB 0621273 A GB0621273 A GB 0621273A GB 2443212 A GB2443212 A GB 2443212A
Authority
GB
United Kingdom
Prior art keywords
code
access
control system
access control
guest
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
GB0621273A
Other versions
GB0621273D0 (en
GB2443212B (en
Inventor
Robert Francis Mcalister
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to GB0621273A priority Critical patent/GB2443212B/en
Publication of GB0621273D0 publication Critical patent/GB0621273D0/en
Publication of GB2443212A publication Critical patent/GB2443212A/en
Application granted granted Critical
Publication of GB2443212B publication Critical patent/GB2443212B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F17/00Coin-freed apparatus for hiring articles; Coin-freed facilities or services
    • G07F17/10Coin-freed apparatus for hiring articles; Coin-freed facilities or services for means for safe-keeping of property, left temporarily, e.g. by fastening the property
    • G07F17/12Coin-freed apparatus for hiring articles; Coin-freed facilities or services for means for safe-keeping of property, left temporarily, e.g. by fastening the property comprising lockable containers, e.g. for accepting clothes to be cleaned
    • G07F17/13Coin-freed apparatus for hiring articles; Coin-freed facilities or services for means for safe-keeping of property, left temporarily, e.g. by fastening the property comprising lockable containers, e.g. for accepting clothes to be cleaned the containers being a postal pick-up locker
    • AHUMAN NECESSITIES
    • A47FURNITURE; DOMESTIC ARTICLES OR APPLIANCES; COFFEE MILLS; SPICE MILLS; SUCTION CLEANERS IN GENERAL
    • A47GHOUSEHOLD OR TABLE EQUIPMENT
    • A47G29/00Supports, holders, or containers for household use, not provided for in groups A47G1/00-A47G27/00 or A47G33/00 
    • A47G29/14Deposit receptacles for food, e.g. breakfast, milk, or large parcels; Similar receptacles for food or large parcels with appliances for preventing unauthorised removal of the deposited articles, i.e. food or large parcels
    • A47G29/141Deposit receptacles for food, e.g. breakfast, milk, or large parcels; Similar receptacles for food or large parcels with appliances for preventing unauthorised removal of the deposited articles, i.e. food or large parcels comprising electronically controlled locking means
    • AHUMAN NECESSITIES
    • A47FURNITURE; DOMESTIC ARTICLES OR APPLIANCES; COFFEE MILLS; SPICE MILLS; SUCTION CLEANERS IN GENERAL
    • A47GHOUSEHOLD OR TABLE EQUIPMENT
    • A47G29/00Supports, holders, or containers for household use, not provided for in groups A47G1/00-A47G27/00 or A47G33/00 
    • A47G29/14Deposit receptacles for food, e.g. breakfast, milk, or large parcels; Similar receptacles for food or large parcels with appliances for preventing unauthorised removal of the deposited articles, i.e. food or large parcels
    • A47G29/16Combinations with letter-boxes
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00817Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys where the code of the lock can be programmed
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/30Individual registration on entry or exit not involving the use of a pass
    • G07C9/32Individual registration on entry or exit not involving the use of a pass in combination with an identity check
    • G07C9/33Individual registration on entry or exit not involving the use of a pass in combination with an identity check by means of a password
    • AHUMAN NECESSITIES
    • A47FURNITURE; DOMESTIC ARTICLES OR APPLIANCES; COFFEE MILLS; SPICE MILLS; SUCTION CLEANERS IN GENERAL
    • A47GHOUSEHOLD OR TABLE EQUIPMENT
    • A47G29/00Supports, holders, or containers for household use, not provided for in groups A47G1/00-A47G27/00 or A47G33/00 
    • A47G29/14Deposit receptacles for food, e.g. breakfast, milk, or large parcels; Similar receptacles for food or large parcels with appliances for preventing unauthorised removal of the deposited articles, i.e. food or large parcels
    • A47G29/141Deposit receptacles for food, e.g. breakfast, milk, or large parcels; Similar receptacles for food or large parcels with appliances for preventing unauthorised removal of the deposited articles, i.e. food or large parcels comprising electronically controlled locking means
    • A47G2029/145Deposit receptacles for food, e.g. breakfast, milk, or large parcels; Similar receptacles for food or large parcels with appliances for preventing unauthorised removal of the deposited articles, i.e. food or large parcels comprising electronically controlled locking means the receptacle comprising means for identifying a deposit; Deposits carrying identification means, e.g. a bar code
    • AHUMAN NECESSITIES
    • A47FURNITURE; DOMESTIC ARTICLES OR APPLIANCES; COFFEE MILLS; SPICE MILLS; SUCTION CLEANERS IN GENERAL
    • A47GHOUSEHOLD OR TABLE EQUIPMENT
    • A47G29/00Supports, holders, or containers for household use, not provided for in groups A47G1/00-A47G27/00 or A47G33/00 
    • A47G29/14Deposit receptacles for food, e.g. breakfast, milk, or large parcels; Similar receptacles for food or large parcels with appliances for preventing unauthorised removal of the deposited articles, i.e. food or large parcels
    • A47G29/141Deposit receptacles for food, e.g. breakfast, milk, or large parcels; Similar receptacles for food or large parcels with appliances for preventing unauthorised removal of the deposited articles, i.e. food or large parcels comprising electronically controlled locking means
    • A47G2029/148Deposit receptacles for food, e.g. breakfast, milk, or large parcels; Similar receptacles for food or large parcels with appliances for preventing unauthorised removal of the deposited articles, i.e. food or large parcels comprising electronically controlled locking means the receptacle comprising a letter box
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00658Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated by passive electrical keys
    • G07C9/00674Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated by passive electrical keys with switch-buttons
    • G07C9/0069Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated by passive electrical keys with switch-buttons actuated in a predetermined sequence
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/20Individual registration on entry or exit involving the use of a pass
    • G07C9/22Individual registration on entry or exit involving the use of a pass in combination with an identity check of the pass holder
    • G07C9/23Individual registration on entry or exit involving the use of a pass in combination with an identity check of the pass holder by means of a password
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/30Individual registration on entry or exit not involving the use of a pass
    • G07C9/32Individual registration on entry or exit not involving the use of a pass in combination with an identity check
    • G07C9/37Individual registration on entry or exit not involving the use of a pass in combination with an identity check using biometric data, e.g. fingerprints, iris scans or voice recognition

Landscapes

  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Engineering & Computer Science (AREA)
  • Food Science & Technology (AREA)
  • Lock And Its Accessories (AREA)

Abstract

An access control system for controlling access to a facility (e.g. a building or a container) (1) for the secure storage of goods via a closure member(3), includes a computer system (9), an input device (5) for inputting codes, and a locking system (11). Access is allowed through the use of a master/control PIN code or a guest PIN code/(s). Guest codes are authorised by the master/control code. The guest codes can be generated automatically or entered manually and maybe single or multiple use. The control system may include sensors to determine position of the closure member, the approach of a person or a change in condition indicating the delivery or collection of goods. RFID-tags may be used to identify the goods or facilitate the entry of an access code. Anti-key logging is facilitated by requiring a user to enter additional characters. The master/control code may be set up using an activation code. The system may include a tip a bucket or separate compartments to prevent removal of previously delivered goods, a microphone for recording audio messages, a voice recognition system, an alarm, fingerprint recognition device, and a letterbox.

Description

Access control system and method This invention relates to an access
control system and method for controlling access to facilities such as receptacles, rooms, buildings, and other structures for the delivery and storage of goods, a receptacle including an access control system according to the invention, a method of anti-key logging for access control systems and a method of enabling an authorised user of an access control system to set a control code.
Often it is necessary to have goods delivered to a home, office, or other place for example from a mail order organisation, when internet shopping or when ordering goods or groceries from a shop. However, it is not always convenient, or at times possible, for somebody to be available to receive the goods when they are due to be delivered. In this case, logistics companies typically try to redeliver the goods at a later time or date, sometimes making several attempts. This is time consuming, leads to higher fuel costs for the logistics company and has an environmental impact since there is increased pollution and road congestion. If the goods cannot be delivered, they are returned to a local depot for collection by the addressee at a later time. This is inconvenient for the addressee and also the logistics companies since it is necessary to provide large warehousing facilities to accommodate the goods.
It is known to provide a secure box at a residence or office that includes an access system for limiting access to the box. The box is typically located in a publicly accessible place and can be opened by delivery persons to secure the goods therein until the owner of the box collects them. The box typically has a lockable door or lid that can be opened by entering a Personal Identification Number (PIN) into a keypad. If the PIN is accepted the delivery person can deposit the goods and then lock the door to prevent others from stealing them.
This enables deliveries of goods to be made when the addressee is unavailable to receive the goods.
A key issue with this type of system is security. It is imperative that PINs used for deliveries are generated in a convenient and secure maimer and are provided to the appropriate person(s). Furthermore, for enhanced security, the delivery person should only have limited access to the box, and ideally for that particular delivery only.
Some known systems for controlling access to facilities such as secure boxes depend on a centralised hub and spoke system architecture, often with radio or fixed wire communication links and a central management or operations control centre. For example, one known system provides access to an addressee's porch or garage for the delivery of goods. The delivery person is supplied with a code for the delivery and the control centre programs the access system remotely with that PiN via the communications network after having validated the user's identity. On an-ival the delivery person enters the code that has been provided and deposits the goods in the porch or garage. There are several drawbacks to this type of system, which include high operating costs because of the employment requirements of a central management or operations control centre and the cost of operating a radio and/or fixed wire communications network. A third party generates and controls distribution of the access codes, and ultimately determines access to the facility. When PINs are sent to the box via a centralised hub and spoke type network there is always the possibility that criminals can hack into the system and breach security.
Another issue with known systems is determining whether goods were in fact delivered in the event that the addressee disputes delivery. Some known systems provide a confirmation code as proof of delivery either at the point of use, i.e. where the delivery or collection is made or via a central management or operations control centre. Where this is provided at the point of use, this typically requires the delivery person to electronically scan a pre-printed barcode label that is located within the box. However, this cannot be used as absolute proof of delivery since it only identifies that the delivery person has been to that box. For example, if the delivery person makes a subsequent delivery the same barcode will be scanned and therefore the same number would be used as proof of delivery for multiple deliveries. In the event of a dispute it may justifiably be argued that the delivery or distribution company may have used their earlier record to provide the code for the later deliveiy.
Some systems permit the mailbox owner to hand write several additional characters next to the barcode. Whilst from the perspective of the mailbox owner this provides a mechanism to create a different code for each individual deliveiy, this is not satisfactory from the perspective of the distribution company, since it is not independently verifiable, the owner may forget to alter the code or may not use this facility at all and it relies upon the integrity of the mailbox owner. Therefore this system cannot be considered as proof.
Some known systems permit the system owner to use a pre-printed set of confirmation codes as proof of delivery. A different code must be used for each separate collection or delivery. In a similar way some systems rely upon the owner simply leaving a pre-signed goods receipt note. The drawback with such systems is that the user must administer the allocation and recording of these pre-printed codes manually. This can be time consuming and error prone. These types of system are impractical when used for multiple collections or deliveries. They are open to error in that one delivery driver may mistakenly take the pre-signed goods receipt, that was intended for another delivery. When used for multiple collections or deliveries they rely upon allowing different delivery persons to take the correct receipt from a group of receipts, or upon advanced knowledge of the sequence of outstanding collections or deliveries and / or the precise arrival time of the various deliveries/collections (which would defeat the purpose of the system, since the owner would need to be present at home in order to change the pre-printed proof of delivery code upon completion of each individual collection or delivery).
Of the existing systems that provide a confirmation code at the point of use, none are known to provide proof that is sufficiently secure and which can be reasonably accepted as proof of delivery by the user and distribution companies. Apart from the issues of reading and recording the data mentioned above, these systems also have problems with information content of the data stored within the confirmation codes. Whilst it is true that the confinnation code issued by some systems is sometimes unique to a particular location, receptacle, user name and/or address, it is also the case that it either does not change relative to each individual issue and/or is not independently verifiable, as mentioned above.
In some cases the confirmation code is simply a reference number for the management party. There is no inherent meaning contained in the number or code itself. It is not independently verifiable and relies on a management party to cross reference to another record. Should the record be lost, the reference number has no meaning.
A further problem with known systems is their vulnerability to key logging. The term key logging is used to describe a type of theft associated with systems whose user interface incorporates a keypad. The criminal coats the keys with a clear substance that only shows itself under an ultra-violet source. After a user enters his/her password or PIN, the thief will return with a handheld ultra-violet source and can easily determine the keys pressed. The thief then has limited possible combinations to guess the correct PIN.
For stand alone access control systems a problem arises when the owner forgets the master (control) code. Typically it is necessary to include in the system a factory set override code that can be used to override the system and to enter a new code. However this type of system is vulnerable to abuse since the code is common to all, or a set, of the storage boxes produced. Either the box supplier has to risk the possibility of the owner using the code to access other boxes, or alternatively has to send out an employee to reset the system. Neither solution is satisfactory. Also, if the override code becomes publicly available, for example if stolen by an employee of the manufacturing company, then the entire network of containers may be compromised.
Accordingly the invention seeks to mitigate some of the above-mentioned problems or to at least provide an alternative solution to at least one of the problems.
According to one aspect of the invention there is provided an access control system for controlling access to a facility for the secure storage of goods via a closure member, including a computer system having a memory device, an input device for inputting codes to the computer system, and a locking system for selectively locking the closure member, wherein the computer system is arranged to receive a control code for authorising storage of at least one guest entry code, to store the guest entry code(s) in the memory device for use in a subsequent verification process, to compare codes received from the input device with the guest entry code(s) stored in the memory device, and to issue a control signal for operating the locking system in response to an inputted code matching a stored guest entry code to enable access to the facility.
This provides an authorised user, which is typically the owner of the access control system and/or facility or one of his/her associates, with control of storing guest entry codes in the access control system. For example, the control code may be a master PiN that is issued to the authorised user or selected by the owner, which allows the authorised user to use control functions of the access control system and unlimited access to the facility. This enables the authorised user to provide at least one guest entry code to another party such as a mail order finn, an Internet shopping site, TV shopping channel, telephone shopping service, or at the point of sale of a local shop, to enable that party, or a subsequent party such as a logistics company, to access the facility to deliver or collect goods (collection may be required, for example if the goods need to be returned to the third party).
The control code is entered via the input device. Since it is the same local computer system that controls access to the facility and that stores the guest entry codes after receiving a control code, the access control system does not require a control centre to provide a code to a guest user wanting to gain access to the facility. This obviates the need for a control centre making it a much cheaper, secure and simpler solution. The system also removes the possibility of human error that can occur when people are responsible for supplying codes to users by telephone. Furthermore since the codes are not provided from a remote place, either by telephone or a data transmission system (wired or wireless), the system is more secure since it eliminates some of the ways in which hackers can gain access to the codes.
Also, since the owner has control of generating/selecting and issuing guest codes, it excludes the possibility that exists with some known systems of security breaches by people in the network operations centre. In some known systems the codes supplied are not generated by computer software and hence the possibility exists that the same code will be issued more than once, which reduces the security of the system. Therefore the access control system according to the invention is less vulnerable.
By computer system we mean any suitable programable electronic processing system such as micro-processing units, co-processing units, micro-controllers and other similar devices.
Thus the access control system can be a stand alone unit that is an integral part of the facility or is located adjacent thereto. For example, the facility can be a receptacle and the access control system can be included in or attached to the receptacle to control access thereto. Alternatively, the facility can be a building, room, vehicle, or body for the storage of goods that is accessible by an openable closure member such as a door, lid, hatch or the like and the access control system can be arranged to control the access of the door, lid, hatch or the like. Preferably the closure member can be opened and closed repeatedly for a plurality of collections and/or deliveries.
Advantageously the computer system can be arranged to automatically generate the or each guest entry code in response to receipt of the control code. For example, the guest entry code(s) may comprise random codes, such as randomly generated PINs. The codes may comprise any number of digits and may include alphanumeric characters. Preferably the guest entry codes comprise four digit PINs, for convenience.
Additionally, or alternatively, the guest entry code(s) can be selected by the authorised user by entering the required guest entry code(s) into the computer system via the input device after inputting the control code. This enables, for example, the authorised user to select a guest entry code, to provide it to a vendor when purchasing goods and then to go home and program that guest entry code into the access control system for later delivery by the vendor or a logistics company.
Advantageously at least one of the guest entry codes can be a single use code. Preferably the guest entry code(s) expire after access has been gained to the facility via the closure member and the closure member has been closed. Alternatively the guest entry code may expire after a predetermined amount of time after it has been inputted to enable repeated access to the facility in that period, for example if a courier allowed the closure member to close accidentally before delivering the goods he would be able to reopen the closure member and make the delivery within the predetermined period.
However some of the guest entry codes can be multiple use codes, for example if a frequently used supplier requires repeated access to the facility indefinitely or over a certain period of time. This enables authorised users to vary the level of security that the access control system uses to suit their own needs. Advantageously the multiple use code may be limited to a predetermined number of uses and/or a predetermined time period.
Advantageously at least one of the guest entry codes may expire if not used within a predetermined period. This prevents large numbers of unused guest entry codes being available to access the facility, and thereby increases the security of the facility. For example, guest entry codes may expire a predetermined number of days from the date of generation, such as between 1 and 100 days.
Advantageously the access control system can include a system for generating a unique confirmation of access code for each delivery to andior collection from the facility. This can be used if a dispute arises between the owner of the access control system and person delivering the goods. Advantageously the computer system is arranged to generate the unique confirmation of access code. This makes the system more secure than when issued from a control centre. A unique confirmation of access code is supplied to the guest user when each delivery or collection is made. The guest user is required to record the confirmation code so that if a dispute arises the guest user can prove that the goods were delivered/collected.
Advantageously the unique confirmation of access code includes a facility code that is unique to the facility controlled by the access control system and at least one of the date and time of the delivery or collection. For example, each facility is allocated a unique serial number, which is always included in the confirmation of access code. This is stored electronically, for example in the computer system memory. This makes it possible to determine whether the goods were delivered to / collected from the correct facility should a dispute arise. Furthermore, including the time and date enables the access control system for a particular facility to issue a plurality of unique proof of access codes that can discriminate between different deliveries/collections to the same facility on the same date.
In the case where no more than one delivery will be made in a single day, the confirmation of access code only need include the serial number and the date to be unique.
Alternatively, the confirmation code does not have to be unique but rather confirmation can be determined based on a probabilistic method. For example, a predetermined number of the digits of the facility code can be used, such as the last four digits, plus the time and date of delivery/collection. A confirmation code using this information will indicate successful delivery/collection in a very high percentage of cases, particularly when considered with other contextual information such as the locations of other facilities sharing the same predetermined number of digits from the facility codes.
Advantageously the system may include an encryption system for encrypting the confirmation of access code. Typically a dispute resolution company would be able to decrypt these codes.
Preferably the access control system includes a display device. For example, the display device may comprise an LCD, LED, graphic display, touch sensitive screen including an input device or other similar visual display. The display device can be used to display codes inputted into the system, the confirmation of access code to the guest user, messages, prompts for information and control menus.
Preferably the input device includes a keypad and the system includes a system for prompting a user to press at least one other key after a code has been successfully entered.
This enables an anti-key logging routine to be performed. This increases the number of code permutations that a thief will have to try in order to gain access to the facility.
Preferably the computer system is arranged to generate and display an anti-key logging code that includes at least one character, and preferably a plurality of characters, that was not included in the guest or authorisation code previously inputted and to prompt the user to press the key corresponding to that character. For example, the anti-key logging code may include a character for each of the keys in the keypad that were not pressed when the guest or authorisation code was entered. Thus anybody checking the keypad subsequently with an ultraviolet light will not be able to tell which characters were included in the guest or control code.
Advantageously the access control system may include a system for shutting down or locking the access control system for a predetermined length of time if a code inputted via the input device does not match one of the stored guest entry codes or the control code within a predetermined number of attempts. For example, the computer system can be arranged to send the control system into a sleep mode if a user inputs the wrong code three times, or any appropriate number of times, typically one to five times. Typically the access control system will remain in sleep mode for around 10 minutes, however any suitable period of time can be used, for example 1 minute to several hours or total denial of access to guest users until the owner inputs the control code.
Advantageously the access control system includes a unique facility code and an algorithm stored electronically, and wherein the computer system is arranged to generate an initial access code by applying the algorithm to the unique facility code for comparison with an initial access code received during an activation process, and when a match is determined to enable the authorised user to set the control code. This obviates the need to include a default code that can be used to access all the control systems manufactured, which would be a major risk to security if a default code was publicly disclosed.
Advantageously the computer is arranged to store a next time access code in memory for use in a control code reset operation for comparison with a next time access code, and when a match is determined to enable the authorised user to reset the control code. This approach enables the owner of the control system to reset the control code, for example if the original code was forgotten, by priming the control system for when it is necessary to do this by storing the next time access code. So that when a reset code is supplied to the authorised user to enable the authorised user to reset the control code, the first part of the reset code will match the next time access code stored in the memory device and the second part comprises a second next time access code. This increases the security of the access control system.
Advantageously the computer is arranged to overwrite the next time access code with the second next time access code when a control code reset operation is performed. This primes the system for a second control code reset operation.
Advantageously the system may include decryption means for decrypting codes received in encrypted format. For example, the activation and reset codes may be supplied in encrypted format.
Advantageously the access control system includes a printing device. For example, the printing device can be used to print the confirmation of access code for a guest user and/or system information for authorised users.
Preferably the input device is a manually operated input device, and preferably includes a keypad. In some embodiments the computer system is arranged to receive codes via the keypad only. This deliberately isolates the system from remote access for increased security.
Advantageously the access control system may include a sensor device to determine the operational state of the closure member. For example, the system may include a micro-switch or sensor to determine whether the closure member is open or closed. Alternatively the sensor device can be arranged to determine the position of the closure member.
Advantageously the access control system may include a sensor device for determining the operational state of the locking system. This can be used in conjunction with the closure member sensor device to inform the computer system, whether or not the facility door or lid is open or closed and locked or unlocked. Preferably the locking mechanism includes one of a motorised locking mechanism or an electro-magnetic locking mechanism.
Preferably the locking mechanism comprises a solenoid type locking mechanism. -Il-
Advantageously the access control system may include a sensor device arranged to detect the approach of a person to the facility. This enables the system to switch electronic systems from a standby mode to fully active mode, or may initiate some verbal output when a person approaches, for example to welcome the person.
Advantageously the access control system may include a sensor device arranged to detect a change in condition within the facility in order to determine whether the goods have been delivered or collected. For example, the sensor device may include a weighing device to measure the weight of the goods within the facility to detect whether the goods are present or not. The sensor device may include a sensor for detecting a change in volume. The sensor device can be connected to the computer system such that the confirmation of access code is not generated until the sensor device has detected that the delivery or collection of goods has taken place. Additionally to record whether a later delivery driver has removed the goods left by an earlier delivery driver.
The facility may include means to prevent a later delivery driver from removing goods delivered by an earlier delivery such as a flap or tipper bucket that restricts access to the earlier delivered goods. For example, the tipper bucket presents a compartment that when closed tips the goods into a part of the facility that is not accessible by a person making a subsequent delivery.
Advantageously the access control system may include an audio output device. For example, the system may include a buzzer, tone emitter or speaker. Preferably the system includes electronic circuitry to facilitate the playing of pre-recorded and digitally stored voice messages. For example, in response to operation of the keypad and/or activation of at least one of the sensor devices.
Advantageously the access control system may include a microphone device. This can facilitate the recording of audio messages, for example a message from the guest user can be recorded to identi& the person delivering or collecting the goods, or to inform the owner of the facility about the condition of the goods, such as if the goods have been damaged, or to notify the owner that only a partial delivery/collection has been made, or that the delivery or collection cannot be made for a particular reason.
Advantageously the access control system may include a voice recognition system. With additional circuitry and/or software, the container would recognise voice commands.
Advantageously the access control system may include Radio Frequency Identity (RFID) technology for the purposes of at least one of acceptance, acknowledgment, reading, recording and verification of guest or proof of access codes.
Advantageously the access control system may include a finger print recognition device.
Advantageously the access control system may include an alarm system. The facility can be fitted with an alarm system arranged to detect somebody trying to force entry into the facility and issues an output signal, when a detection is made.
Advantageously the access control system may include a remote control system arranged to enable the authorised user to interrogate and/or program the computer system from a remote location. For example, the authorised user may use a cellular telephone device to instruct the system to generate and store a guest entry code and have it sent to him/her via a text message (Short Message Service) for use in a transaction. Alternatively, the authorised user can set and store a guest code via the cellular telephone device, preferably by a text message.
According to another aspect of the invention there is provided a receptacle including an access control system according to any configuration described above. For example, the receptacle may comprise an openable container or box that can be located outside of a home, business, school, etc that is arranged for receipt of deliveries of goods and to store goods for collection and the computer system and locking system are located within the container. Preferably the receptacle is weather proof.
Advantageously the receptacle may include first and second compartments, wherein the first compartment is accessible by the authorised user and guest users and the second compartment is accessible only by the authorised user. Preferably the receptacle includes means for moving goods deposited in the first compartment to the second compartment. For example the first compartment may comprise a tipper bucket that can be opened by guest users to deliver goods, and upon closing the tipper bucket the goods fall into the second compartment, which is only accessible by the owner of the receptacle. Thus if a subsequent delivery is made, the second person accessing the first compartment will not have access to the goods previously delivered.
A set of receptacles may be provided that each have a locking mechanism that is controlled by a common computer system. Preferably the computer system is accessed via a single user interface. For example, a set of containers can be provided for a block of apartments with each apartment owner being the authorised user for his/her container. Each authorised user can control access to his/her container via the user interface byinitially selecting his/her container from a menu or inputting a container number.
According to another aspect of the invention there is provided a method of providing controlled access to a facility for the delivery or collection of goods, including providing a locking system for selectively locking an access port to the facility, providing a control code to an authorised user, using the control code to authorise storing at least one guest code, storing the or each guest entry code in a memory device, issuing the or each guest entry code to at least one guest user, comparing a code inputted by a user with the guest entry code(s) stored in the memory device and opening the locking system to provide access to the facility when the inputted code matches the stored guest entry code.
With the invention access is controlled to the facility 24 hours per day by the computer system. With other known systems the cost of employing a central operations team to be available 24 hours per day, all year round, is very significant. Also a local computer system that generates, stores and compares codes is not prone to human error, which may be present when a human has to prompt a remote computer to program a control system with a particular code over a telephone or dedicated network. Furthermore, centralised systems are more vulnerable to security breaches since there are more opportunities for hackers to access the system and also there are increased security risks when using human operators to control the system. Thus the invention relates to a decentralised system. If there is a security breach it will only affect individual units and not the entire system.
Preferably the method includes providing a computer system at the facility that is arranged to generate the guest code(s). Alternatively, or additionally, the authorised user can set guest entry codes by entering them via the input device.
Preferably the method includes providing a computer system to control operation of the locking system, prompting the computer system to store at least one guest code by inputting the control code via an input device, using the computer system to compare the code inputted by a user with the stored guest entry code(s) in the memory device to determine whether there is a match, if a match is found using the computer system to issue a control signal to a locking system to open the locking mechanism to provide access to the facility.
Preferably the guest entry code is a single use code.
Preferably the method includes using the computer system to generate and issue a unique confirmation of access code.
According to another aspect of the invention there is provided an anti-key logging method for an access control system having a finger operated input device including a plurality of finger operated input system, including generating an anti-key logging code after a user has successfully entered an entry code by pressing a plurality of the finger operated input means, wherein said anti-key logging code includes at least one character that was not included in the code entered previously, and prompting the user to press the fmger operated input means corresponding to the or each character.
Advantageously the entry code includes guest entry and control codes.
Preferably the method includes displaying the anti-key logging code on a visual display device. For example as a number.
Advantageously the finger operated input device can be a keyboard, key pad, or a touch sensitive screen.
Preferably the anti-key logging code includes a plurality of characters that were not included in the code entered previously, and more preferably still includes all of the characters selectable via the finger operated input device that were not included in the entry code.
According to another aspect of the invention there is provided a method of enabling an authorjsed user of an access control system having a computer system to set a control code, including storing a unique facility number and an algorithm in a memory device, providing an activation code to the user from a code issuing organisation, said activation code including a first part comprising an initial access code derived from the unique facility number by the algorithm, and a second part comprising a next time access code, inputting the activation code into the access control system via an input device, using the computer system to generate an initial access code using the algorithm and the unique facility number, comparing the generated initial access code with the initial access code received, and when a match is determined enabling the authorised user to set the control code.
This provides a way of activating the access control system and controlling setting of a control code in such a way that it obviates the need to include a default code in the access control system that can be used to access all the control systems manufactured (or a subset thereof), which would be a major risk to security of all the systems produced if a default code was publicly disclosed.
Advantageously the computer system is arranged to store the next time access code in the memory for use in a control code reset operation for comparison with a next time access code inputted via the input device, and when a match is determined enabling the authorised user to reset the control code.
The method may further include the code issuing organisation supplying a reset code having a first part that comprises the next time access code and a second part that comprises a second next time access code.
The method may further include inputting the reset code into the access control system via the input device, and comparing the first part of the reset code with the next time access code stored in the memory device and when a match is determined, allowing the authorised user to reset the control code.
Advantageously the computer system may be arranged to overwrite the next time access code stored in the memory device with the second next time access code. Of course, subsequent validation and access code storage operations can be performed each time the authorised user requests a new reset code.
Advantageously the activation code and / or reset code is encrypted and the access control system decrypts the code, for example by using decryption means.
An embodiment of the present invention will now be described, by way of example only, with reference to the accompanying drawings in which like references indicate equivalent features, wherein: Figure 1 is a perspective view of a container including an access control system according to the invention; Figure 2 is a schematic of the features of the access control system; Figure 3 is a schematic of a shopping and delivery process; Figures 4a-c are flow diagrams illustrating operation of the access control system; Figures 5a-d are flow diagrams illustrating system activation and master PiN reset processes; Figure 6 shows a second embodiment of a container including an access control system according to the invention; Figure 7 shows a third embodiment of a container including an access control system according to the invention; and Figure 8 shows a fourth embodiment of a container including an access control system according to the invention; Figure 1 shows a perspective view of a storage container 1 (referred to as a PINPOD' box in the Figures) for the collection and delivery of goods from, for example a shop, internet shopping, TV shopping, telephone shopping, mail order and/or groceries from a local store 2. The purpose of the storage container! is to provide a secure storage facility for the goods delivered to or collected from the container, until the arrival of the owner of the container 1 or the person collecting the goods therefrom. The goods may be collected for example, if goods have to be returned to the place of purchase. Accordingly the storage container I provides secure storage of goods and secure access to them.
Typically the container 1 is located in a place 4 that is accessible by the delivery/collection person 6 (hereinafter referred to as the guest user) and is generally located in a place associated with the owner of the container, for example it may be located on an outer wall of a house, office, factory or school or other commercial or non-commercial organisation's premises 4. Alternatively, the container I may be located within a building, for example outside an office in a shared building or within a reception area where deliveries are made.
The container 1 will typically require anchoring to a fixed body, particularly for smaller containers, and therefore may optionally include mountings/fixings appropriate to attach to a wall, ground or post.
The container 1 can be of any size and shape practicable. For example, the container 1 shown in Figure 1 is substantially cuboid and is of a size that is suitable to receive the majority of mail delivered by a postman and relatively small goods such as mobile phones CDs, books etc. If a larger volume of goods are to be stored, a substantially larger container 1 is required, for example if it is necessary to store one week's worth of groceries for a family. The container 1 must be made sufficiently strong to prevent unauthorised access and typical materials that may be used are plastics, glass or other fibre reinforced plastic or steel. For example, the container may include a wire cage like structure that is surrounded by a plastics outer shell. The cage provides additional strength without having the weight ofan entirely metallic box. The choice of finish will in part be determined by the conditions in which the container I is to be used, for example if the container is to be used outdoors then the container 1 would be weatherproofed to prevent damage to the articles stored within the payload volume.
The container 1 includes a door 3 providing access to a payload volume (not shown), an input device comprising a keypad 5 a display device 7, a computer 9, a locking mechanism 11, a micro-switch/sensor 13, a power source 15, and a preferably an audio output device 17 (see Figures 1 and 2).
The computer 9 may comprise any suitable programable electronic processing device such as a micro-controller or micro-processor and any required peripheral devices such as appropriate memory devices (e.g. RAM, a disk drive or solid state memory devices).
The locking mechanism 11 determines whether the door 3 can be opened at any particular time. The locking mechanism 11 is an electro-mechanical device and may be solenoid-type locking mechanism or alternatively a mechanism controlled by a motor. Operation of the locking mechanism 11 is controlled by the computer 9 according to codes entered via the keypadS. The micro-switch/sensor 13 determines whether the door 3 is open or closed and is connected to the computer 9. A similar micro-switch/sensor may additionally, or alternatively, indicate whether the locking mechanism is in its open or closed position. The computer 9 is arranged to use the signal from the micro-switch/sensor 13 to determine whether the door 3 and/or locking mechanism is open or closed.
The keypad 5 is preferably a numeric keypad that enables a user to input PINs into the computer 9. The computer 9 can output data entered and messages generated to a user via a liquid crystal display 7, or other similar visual display, or via the audio output 17, which may comprise a buzzer, audible tone emitter or speaker. The computer 9 also controls resetting and generation of PINs, enables manual entering of PINs, produces logs of PINs used, logs of PINs issued and time adjustments, displays current time and date, generates codes for proof of delivery/collection, and controls the operational status, for example switching between powered up and powered down. The computer 9 can also initiate lockout and anti-key logging routines.
In order to access the payload volume of the container via the door 3, it is necessary to open the locking mechanism 11 by entering a PIN via the keyboard 5. There are two types of PIN: a master PIN and a guest PIN. A master PIN is a code, for example a four digit number, known oniy to the owner of the container 1. The master PIN enables the owner of the container to access control functions of the computer 9 and enables the owner to prompt the computer 9 to generate one or more guest PINs, to enter his/her own guest PINs, to determine settings such as the time and date, the level of security, access to a log of guest PINs used, access to a log of issued guest PINs and a log of time adjustments, log of confirmation codes, to open the door 3 and to reset the master PIN. The master PIN also enables the owner to access any other menus or determine any other settings that are available. Thus the master PIN is a multiple use code that enables the owner of the container to operate fully the functions of the container 1 and allows multiple accesses to payload volume.
Guest PiNs are codes, for example four digit numbers, that are issued to persons that the owner of the container I wants to have temporary access to the payload volume of the container. For example, a guest PIN may be a single use code that expires on use that can be provided to a vendor 2 when purchasing goods such as over the Internet or via mail order. The vendor 2 then provides the guest PIN to the delivery department/logistics company/courier 10 so that the code can be given to the individual 6 who travels to the delivery address. Upon arrival, the guest user 6 can enter the guest PIN via the keypad 5.
The computer 9 determines whether the guest PIN is valid by determining whether the code received matches a guest PIN stored in memory and if so then releases the locking mechanism 11 so that the guest user 6 can open the door 3 and put the goods inside the container 1. The guest user 6 then closes the door 3 to provide secure storage of the goods until the arrival of the owner of the container 1 who can access the goods using the master PIN. Preferably the guest PIN expires shortly after the delivery of the goods. Alternatively, a guest PIN may allow multiple use, for example the same guest PIN can be provided to more than one vendor, or the same vendor, for multiple deliveries. However, this reduces the level of security of the container 1. When a guest PIN has been used the computer 9 logs this in the log of used guest PINs.
The guest PINs may be automatically generated via the computer 9 when requested by the owner of the container 1. For example, the owner may select the number of guest PiNs required via the keypad 5 and the computer 9 generates that number of four digit codes. Of course the codes may comprise fewer or greater number of digits. The guest PINs are stored in a non-volatile memory register called the active register and are displayed to the owner of the container via the LCD display 7. When a second guest PiN is generated the computer 9 checks the active register to see whether that number already exists. If the code already exists, a new code will be generated in its place which is then displayed on the LCD display 7. The guest PINs remain active for a predetermined length of time, for example for around days. If the guest PIN is not used within that period it will be automatically deleted from the active register. Similarly, if the guest PIN is used (and it is a single use PIN) the code will be erased from the active register following closure of the door 3 or alternatively a short period thereafter in case the door 3 is closed by mistake. The guest PINs generated by the computer 9 are preferably random numbers.
Alternatively, the owner of the container may enter guest PINs into the active register manually. This enables the owner to select guest PIN codes that are easy to remember.
Similarly the guest PiNs are stored in the active register and a similar checking routine is used to those automatically generated to prevent repetition of codes within the active register. If a guest PIN already exists in the active register the user is provided with an opportunity to enter a new guest PIN.
The owner can override the system to enable the same guest PIN to be entered into the active register more than once, to enable the same guest PIN to be given to more than one party or alternatively for the same guest pin to be used by the guest user 6 more than once.
The computer 9 provides the owner with the option of viewing at least a selection of the guest PINs used, for example the last twenty guest PINs, or at least a selection of the guest PINs issued, such as the last twenty guest PINs issued.
When shopping, for example via the internet, telephone or ordering by post, the guest PIN can be incorporated into the delivery instruction or into the delivery address.
When a delivery has been successfully made, the computer 9 issues a confirmation code as proof of delivery or collection as the case may be. The confirmation code will be displayed for a predetermined amount of time, for example sixty seconds. The confirmation code is either a unique code that is specific to the particular delivery or collection or a non-unique code that on the basis of probability delivery / collection can be assumed to have taken place.
The unique code includes a first part comprising a unique serial number that has been allocated to that specific container 1, which is programmed into the computer 9 at manufacture, and a second part including time of delivery or collection and a third part including the date of delivery. The guest user 6 records this unique code such that if a dispute arises between the owner of the container 1 and the vendor 2 and/or logistics company 10 about whether delivery/collection was made, a third party organisation 8 that holds data relating to the container owner, the serial number of the container and the location of the container, is able to tell from the confirmation code whether the goods were delivered to the correct container 1 and the time and date of delivery.
The non-unique code comprises a predetennined number of digits of the unique serial number, preferably the last four digits, the time and date. In most circumstances this will be sufficient proof on the balance of probabilities of delivery / collection. The level of certainty can be increased by looking at other circumstantial evidence such as the location of other containers 1 having serial numbers with the last four digits in common.
Preferably, the confirmation code is encrypted to improve the security of the system. For example the confirmation code can be converted using a suitable algorithm such as one that converts it to alphanumeric characters. The guest user 6 then records the encrypted code and in the event of a dispute provides the third party organisation 8 with the encrypted code.
The third party organisation 8 decrypts the confirmation code and extracts the serial number, time and date information from it and determines whether the delivery was correctly made.
After receiving the guest PiN from the guest user 6, the computer 9 initiates an anti-key logging routine that is intended to overcome the key logging problem. The anti-key logging routine determines which of the keys on the keyboard were not pressed when the guest or -master PiN codes were entered via the keypad 5 to gain access to the goods. A message is then displayed on the LCD 7 asking the guest or authorised user to input a sequence of numbers that includes each of the keys (or at least a selection of them) that were not pressed. After those keys have been pressed they will disappear from the display. Therefore if a thief illuminates the keypad 5 with an ultraviolet source all of the numerical keys will have been pressed and the thief will not know which keys were pressed in association with the PIN entered. This increases the number of possible code combinations making it extremely difficult for the thief to be able to obtain the PIN used in this way. Of course it is not necessary to press all of the keys to increase security. Each additional key pressed will increase the number of permutations that the thief has to try to obtain access to the container 1. Therefore a subset of the non-pressed keys can be displayed.
A guest PIN will typically become inactive a short while after being used, and consequently presents a low-risk of being key-logged. i.e. the would-be thief would have to arrive and ascertain the combination of the used Guest PIN within minutes of it being used. However multiple use PINs such as the master PIN, are particularly vulnerable to key logging.
If the guest PIN or master PiN is incorrectly inputted by the user after a predetermined number of attempts, the computer 9 initiates a shut-down routine, which powers down the container I for a predetermined amount of time, for example 10-30 minutes before a further attempt at inputting a code can be made. The computer 9 can optionally be arranged to maintain a log of instances when this occurs.
The methods for activating the container I and resetting the master PIN code will now be described with reference to Figures 5a-d.
For security reasons, unlike other systems or products the container I does not have a pre-programmed factory-set PIN or default PIN. Thus there is no single PIN or code that can open all containers. The master PIN is created by the owner of the container 1 after the container has been registered, for example with a third party dispute resolution organisation or the supplier 8. After purchase, the owner contacts the supplier/ dispute resolution organisation 8 and provides the serial number 19 of the container, his name, contact details, password and security questions and answers for future contact and authentication purposes 21. The details are recorded by the organisation 8. The organisation 8 registers the owner's details and applies a confidential algorithm 23 to the unique serial number of the container 1, which is not displayed within the box but is stored in the memory of the computer 9 and printed in the user instruction guide. The resultant activation code consists of two parts: the initial access code and a next time access code. The initial access code is derived from the unique serial number for the container I. The next time access code is not. For example, it may be a random number or generated in some other way. The organisation 8 keeps a record of the next time access code for a future reset operation.
The activation code is encrypted and is supplied to the owner of the container 1, who enters it into the computer 9 via the keypad 5. The computer 9 recognises the format of the activation code entered and then applies the same confidential algorithm 27 used to generate the initial access code to the serial number stored in memory to generate an access code. The computer 9 then decrypts the activation code and compares the initial access code received with the generated access code. If the codes compared match, the computer 9 permits the container owner to create a first master PiN 29. Having set the first master PIN, the owner can then access menu options. The computer 9 overwrites 27 the generated initial access code with the next time access code and the initial access code is no longer valid. The next time access code is stored in memory in the event that the owner forgets the master PIN code and needs to reset the master PiN code.
To reset the master PiN code 31, the owner contacts 33 the supplier/dispute resolution organisation 8 for a reset code. After authenticating the identity of the owner 35, the organisation retrieves the record of the previously issued next time access code 37 and randomly generates the second next time access code 39. The reset code 41 has a first part that comprises the next time access code supplied during the activation process and a second part that comprises a second next time access code for a future reset operation. The organisation 8 keeps a record of the second next time access code for a future reset operation. The reset code is supplied in an encrypted format 43 to the owner. The owner enters 45 the reset code into the computer 9 via the keypad, the computer 9 decrypts the reset code 47 and compares the next time access code stored in its memory with the first part of the reset code 49. If the codes match the computer 9 permits the owner to reset the master PIN and overwrites the next time access code stored in its memory with the second next time code received 51 so that the system is ready for a future master PIN reset operation in the event that the owner should forget the master PIN for a second time.
The provision of a two-part access code, such that one part is used for access validation and the other part is used to overwrite the first in anticipation of the next occasion in which an access validation code is required, provides a secure way of enabling a master PIN to be set initially (activation) in a remote system and to be reset if forgotten. In both the activation and master PiN reset processes the two-part codes are unique to each individual container.
They differ each time they are generated and are used as a means of avoiding the use of pre-programmed or factory-set default PINs with the ensuing security risks. The main advantage of this method is greater security and also the simplicity and convenience of use for the system owner.
Operation of the controlled access system will be described with reference to Figures 3 to 4c. After purchasing the container 1, the owner installs it, for example by attaching it to an outer wall of his house. The owner then registers it with the organisation 8 as described above and obtains an activation code. The computer 9 decrypts the activation code, applies the algorithm to the serial number to generate the initial access code, which is compared to the initial access code within the activation code, and if they match overwrites the generated initial access code with the next time access code, which can be used in a future master PIN reset routine. The owner then sets the time and date and creates a master PIN.
The master PIN permits entry to the function menus.
The owner obtains at least one guest PIN 53. The owner does this by either requesting the computer 9 to generate a random code or alternatively by inputting his/her own guest PIN code. The owner then supplies the guest PIN to a vendor 2 at the point of purchase of goods 55. The vendor 2 forwards the guest PIN to a logistics service provider 10 who includes it in delivery notes or transport labels for the goods to be supplied 57. On arrival at the location of the container 1, the guest user 6 enters the guest PIN into the keypad 5 to gain access 59 to the payload volume. The computer 9 verifies the guest PIN, initiates an anti-key logging routine 59, and unlocks the door 3 via the locking mechanism 11. At this stage the micro-switch/sensor 13 indicates to the computer 9 that the door is open and/or that the locking mechanism is unlocked.
The guest user 6 loads the goods into the container I and then closes the door 3. The micro-switch/sensor 13 detects that the door has been closed and the computer 9 activates the locking mechanism 11 to lock the door. At this stage, or within a predetermined period from this action, the guest PIN expires. The computer 9 displays the confirmation code 61 on the LCD display 7 and the guest user 6 records the confinnation code, and returns a copy 63 to the logistics service provider 10. If the vendor 2 requires a copy of the confirmation code 65 the logistics company 10 can forward a copy 6710 the vendor 2.
If a dispute 69 arises between the logistics company 10 and the owner of the container as to whether the goods were delivered or as to date/time of delivery or collection, a dispute resolution company 8 (typically the company with whom the container details are registered and who issues activation/access codes) is contacted 71. The dispute resolution company 8 decrypts the confirmation code 79 held by the logistics company 1010 determine 81 the serial number of the container 1 where the goods were delivered or collected and the time and date of delivery or collection.The dispute resolution company 8 compares the serial number with the registered name and address of the owner and location of the container then issues the fmdings 83 to the parties to clarify whether the confirmation code came from the correct container I and provides the date and time of delivery/collection.
The container I or system may also include some or all of the following optional electrical/electronic features 85: * In the basic system, proof of delivery or collection is based on successful access of the container by the guest user by detecting opening and closing of the door, and thus actual receipt (or collection) of goods is assumed. The basic system can be modified to include one or more internal sensors to measure a change in condition within the payload volume, for example to detect a difference in weight or volume, to detennine whether a delivery / collection has actually taken place, instead of or in addition to detecting the opening and closing of the door. A camera system such as a digital camera can be included to monitor the delivery/collection of goods. The camera can be activated when the door is opened and can record what happens at the time of delivery. The camera may include a date and/or time stamp.
* External sensor(s) to detect the approach of a person and an electronic system to switch the electronics from standby mode to fully active mode. This can help to save battery power.
* Electronic circuitry to facilitate the playing of pre-recorded and digitally stored voice messages in response to operation of the keypad and/or activation of the sensors or micro switches included in or on the container. This can be useful to visually impaired people and provide and an enhanced user interface for all users.
* A microphone and additional electronic circuitry to facilitate the recording of messages, for example a message from the courier to record the identification of the person delivering or collecting the goods or to indicate facts about their condition, for example if the goods are damaged or if only a partial delivery has been made.
* Voice recognition circuitry. With the addition of circuitry and software, the container would recognise voice commands, and react to these instructions. This is useful for disabled persons.
* Additional power sources, including a backup battery, a solar panel, wind turbine, a mains comiection or other power source together with, or as an alternative, equipment to control power management.
* A different display, for example a touch-screen, a back lit screen, graphic or LED screen can be used.
* The container may include Radio Frequency Identity (RFJD) technology for the purposes of at least some of acceptance, acknowledgment, reading, recording and verification of guest PIN or proof of delivery codes. For example, the container may include an RFID reader as an input device in addition, or as an alternative, to the keypad and goods delivered to the container can include RFID tags. For a delivery, the guest entry code can be progranuned into the tag and the RFID reader can obtain it from the tag when the delivery person is sufficiently close to the reader. The computer determines whether access should be granted to the container by comparing it with guest entry codes stored in its memory. The container may also include means for sending data wirelessly such as a wireless network, a bluetooth system or other radio based technology to transmit a confirmation code to an electronic device carried by the delivery person.
* Different keypads. The container can be fitted with an alphanumeric keypad and configured so that messages could be left for individuals or a keypad having other types of symbols.
Biometric recognition devices such as a finger print recognition device, palm recognition device or eye scanning device. Although the incorporation of this device may not be suitable for deliveries, it would afford owner entry' a greater level of security.
* An on-board printer. The printer can issue a hard copy of the confirmation code for the delivery company or print out stored data, which may be of use to the owner.
An alarm. The container can be fitted with an alarm system, which would detect somebody trying to force entry or remove the box and give either an audible and/or visual warning or can be arranged to send a message to the owner of the container, police or security firm.
* Door and lock position circuitry and sensors. in some cases, the micro-switch may not be adequate to ensure door closure. Therefore for more secure applications, additional door andlor lock positioning circuitry and sensors can be included in addition, or as an alternative, to the existing micro-switch.
A remote control unit and additional electronic circuitry to facilitate the owner of the container being able to interrogate and/or program the computer from a remote location, for example by using a cellular telephone or an infrared device. For example, the container may include a suitable telephone modem or telephonic device that enables it to receive messages from a cellular phone such as Short Message Service (SMS) messages. This enables the owner of the device to set a guest entry code for a delivery without having to return to the container by sending a text message to the device.
* The keypad 105 and display device 107 may be separated from the receptacle 101 for greater convenience or for aesthetic reasons (see Figure 6). For example, the keypad 105 and display device 107 can be near the owner's front door yet the receptacle may be positioned at the side of the house so that it is not too unsightly. The computer controls the locking mechanism via a wired or wireless communications module and remains open for a predetermined amount of time before re-locking itself if no delivery is made.
The container may be arranged as follows or have the following features: * The container may include multiple compartments that are each separately lockable (see Figure 7). This enables access to be controlled with respect to different parts of the container. For example, a container 201 having two compartments 202,204 may have a first part 202 that is accessible to both the guest user and the owner and a second part 204 that is only accessible to the owner, via the master PiN and/or another lock, such as a key operated lock. The container may be arranged such that the first compartment 202 is located above the second compartment and is arranged for receiving goods. A mechanism allows goods deposited in the first compartment to fall into the second compartment when the door 203 to the first compartment is closed. When the first compartment 202 is opened for a second time goods previously deposited therein will no longer be accessible since they have fallen into the second compartment 204, which is only accessible by the owner. This prevents a subsequent delivery person from removing goods placed into the container by an earlier delivery person.
* The container 101 may include a tipper bucket 102 or sliding tray (not shown) for receiving goods (see Figure 6). When the tipper bucket 102 is closed, preferably the goods fall into a second compartment 104 that is only accessible by the owner of the container.
* The container may have two or more compartments that are accessible to guest users, for example one that is accessible to regular guest users 302 and one for occasional guest users 304 (see Figure 8). This enables the authorised user to program the computer to determine which of the compartments a particular guest code will open. The computer then opens the appropriate locking mechanism when the code is received.
* A group of containers may be arranged together, for example to provide individuai storage facilities for each office in a shared building or each flat in a block of flats. Each container may have its own keypad, display and computer, or alternatively a plurality of containers may share those components. In the latter case it will be necessary to identify, which of the containers the user is trying to open, for example via a suitable menu format or entering a number or code into the computer. When the container has been selected it can be opened in a similar manner to that described above. Having a common keypad, display and computer reduces the number components that are required.
* A letterbox (206) to facilitate the posting of standard letters, which may be covered with a cowl to protect from adverse weather (see Figure 7).
* An open ended and non-secure section attached to the main body of the cabinet or box to facilitate the storage of low value items such as newspapers and magazines.
* The container may include appropriate cowling, thermal insulation, seals, etc for use in environments having adverse weather conditions or for maintaining stored goods within a predetermined temperature range. This may include a cover to protect the keypad and may further include an openable flap that provides additional protection when closed.
* The container may include an insulated removable liner, bag or container.
* A mechanical over-ride lock.
It will be appreciated by the skilled person that the access control system can be applied to things other than a container, for example it can be used to control access to a door for a building, particularly offices, factories, warehouses, government buildings or the like, or any other type of facility where people can access, for example via sliding doors, rolling doors 303 (see Figure 8), a pivoting or non-pivoting closure member such as a door, lid, hatch or similar.

Claims (53)

  1. Claims 1. An access control system for controlling access to a facility
    for the secure storage of goods via a closure member, including a computer system having a memory device, an input device for inputting codes to the computer system, and a locking system for selectively locking the closure member, wherein the computer system is arranged to receive a control code for authorising storage of at least one guest entry code, to store the guest entry code(s) in the memory device for use in a subsequent verification process, to compare codes received from the input device with the guest entry code(s) stored in the memory device, and to issue a control signal for operating the locking system in response to an inputted code matching a stored guest entry code to enable access to the facility.
  2. 2. An access control system according to claim 1, wherein the computer system is arranged to automatically generate the or each guest entry code in response to receipt of the control code.
  3. 3. An access control system according to claim 1 or 2, wherein guest entiy code(s) can be selected by the authorised user and entered into the computer system via the input device after inputting the control code.
  4. 4. An access control system according to any one of the preceding claims, wherein at least one of the guest entry codes is a single use code.
  5. 5. An access control system according to any one of claims 1 to 3, wherein at least one of the guest entry codes is a multiple use code.
  6. 6. An access control system according to claim 5, wherein the multiple use code is limited to a predetermined number of uses. -
  7. 7. An access control system according to claim 5 or 6, wherein the multiple use code is limited to a predetermined time period.
  8. 8. An access control system according to any one of the preceding claims, wherein at least one of the guest entry codes expires if not used within a predetennined period.
  9. 9. An access control system according to any one of the preceding claims, including a system for generating a unique confirmation of access code for each delivery to and/or collection from the facility.
  10. 10. An access control system according to claim 9, wherein the computer system is arranged to generate the unique confirmation of access code.
  11. 11. An access control system according to claim 9 or 10, wherein the unique confirmation of access code includes a facility code that is unique to the facility controlled by the access control system and at least one of the date and time of the delivery or collection.
  12. 12. An access control system according to any one of claims I to 8, including a system for generating a non-unique confirmation of access code for each delivery to and/or collection from the facility
  13. 13. An access control system according to any one of claims 9 to 12, including an encryption system for encrypting the confirmation of access code.
  14. 14. An access control system according to any one of the preceding claims, including a display device.
  15. 15. An access control system according to any one of the preceding claims, wherein the input device includes a keypad and the system includes a system for prompting a user to press at least one other key after a code has been successfully entered.
  16. 16. An access control system according to claim 15, wherein the computer system is arranged to generate and display an anti-key logging code that includes a plurality of characters that were not included in the guest or authorisation code previously inputted and to prompt the user to press the keys corresponding to those characters.
  17. 17. An access control system according to any one of the preceding claims, including a system for shutting down or locking the access control system for a predetermined length of time if a code inputted via the input device does not match one of the stored guest entry codes or the control code within a predetermined number of attempts.
  18. 18. An access control system according to any one of the preceding claims, including a unique facility code and an algorithm stored electronically, and wherein the computer system is arranged to generate an initial access code by applying the algorithm to the unique facility code for comparison with an initial access code received during an activation process, and when a match is determined to enable the authorised user to set the control code.
  19. 19. An access control system according to claim 18, wherein the computer is arranged to store a next time access code in memory for use in a control code reset operation for comparison with a next time access code, and when a match is determined to enable the authorised user to reset the control code.
  20. 20. An access control system according to claim 19, wherein the computer is arranged to overwrite the next time access code with a second next time access code when a control code reset operation is performed.
  21. 21. An access control system according to claim 18 or 19, including decryption means for decrypting activation or reset codes received.
  22. 22. An access control system according to any one of the preceding claims, including a printing device.
  23. 23. An access control system according to any one of the preceding claims, wherein the input device is a manually operated input device, and preferably includes a keypad.
  24. 24. An access control system according to any one of the preceding claims, including a sensor device to determine the operational state of the closure member.
  25. 25. An access control system according to any one of the preceding claims, including a sensor device for determining the operational state of the locking system.
  26. 26. An access control system according to any one of the preceding claims, wherein the locking system includes one of a motorised locking mechanism or an electro-magnetic locking mechanism.
  27. 27. An access control system according to any one of the preceding claims, including a sensor device arranged to detect the approach of a person to the facility.
  28. 28. An access control system according to any one of the preceding claims, including a sensor device arranged to detect a change in condition within the facility in order to determine whether the goods have been delivered or collected.
  29. 29. An access control system according to any one of the preceding claims, including an audio output device.
  30. 30. An access control system according to claim 29, including electronic circuitry to facilitate the playing of pre-recorded and digitally stored voice messages.
  31. 31. An access control system according to any one of the preceding claims, including a microphone device.
  32. 32. An access control system according to claim 31, including a voice recognition system.
  33. 33. An access control system according to any one of the preceding claims, including Radio Frequency Identity RFID technology that is arranged to perform at least one of the following functions: detect the presence of RFID tags attached to goods, read a guest entry code stored in an RFID tag, issue proof of access codes.
  34. 34. An access control system according to any one of the preceding claims, including a finger print recognition device.
  35. 35. An access control system according to any one of the preceding claims, including an alarm system.
  36. 36. An access control system according to any one of the preceding claims, including a remote control system arranged to enable the authorised user to interrogate and/or program the computer system from a remote location.
  37. 37. A receptacle including an access control system according to any one of the preceding claims.
  38. 38. A receptacle according to claim 37, wherein the receptacle is weather proof.
  39. 39. A receptacle according to claim 37 or 38, including first and second compartments and the receptacle is arranged such that the authorised user and guest users can access the first compartment and only the authorised user may access the second compartment.
  40. 40. A method of providing controlled access to a facility for the delivery or collection of goods, including providing a locking system for selectively locking an access port to the facility, providing a control code to an authorised user, using the control code to authorise storing at least one guest code in a memory device, storing the or each guest entry code in a memory device, issuing the or each guest entiy code to at least one guest user, comparing a code inputted by a user with the guest entry code(s) stored in the memory device and opening the locking system to provide access to the facility when the inputted code matches the stored guest entry code.
  41. 41. A method according to claim 40, providing a computer system to control operation of the locking system, prompting the computer system to store at least one guest code by inputting the control code via an input device, using the computer system to compare the code inputted by a user with the stored guest entry code(s) in the memory device to determine whether there is a match, if a match is found using the computer system to issue a control signal to a locking system to the locking mechanism to provide access to the facility.
  42. 42. A method according to claim 41, including using the computer system to generate the guest entry code(s).
  43. 43. A method according to any one of claims 40 to 42, wherein the guest entry code is a single use code.
  44. 44. A method according to any one of claims 40 to 42, wherein the guest entry code is a multiple use code.
  45. 45. A method according to any one of claims 40 to 44, including using the computer system to generate and issue a unique confirmation of access code.
  46. 46. An anti-key logging method for an access control system having a finger operated input device including a plurality of finger operated input system, including generating an anti-key logging code after a user has successfully entered an entry code by pressing a plurality of the finger operated input means, wherein said anti-key logging code includes at least one character that was not included in the code entered previously, and prompting the user to press the finger operated input means corresponding to the or each character.
  47. 47. An anti-key logging method according to claim 46, including displaying the anti-key logging code on a visual display system.
  48. 48. An anti-key logging method according to claim 46 or 47, wherein the finger operated input device is a keyboard, key pad, or a touch sensitive screen.
  49. 49. An anti-key logging method according to any one of claims 46 to 49, wherein the anti-key logging code includes all of the characters selectable via the finger operated input means that were not included in the entry code.
  50. 50. A method of enabling an authorised user of an access control system having a computer system to set a control code, including storing a unique facility number and an algorithm in a memory device, providing an activation code to the user from a code issuing organisation, said activation code including a first part comprising an initial access code derived from the unique facility number by the algorithm, and a second part comprising a next time access code, inputting the activation code into the access control system via an input device, using the computer system to generate an initial access code using the algorithm and the unique facility number, comparing the generated initial access code with the initial access code received, and when a match is determined enabling the authorised user to set the control code.
  51. 51. A method according to claim 50, wherein the computer system is arranged to store the next time access code in the memory for use in a control code reset operation for comparison with a next time access code inputted via the input device, and when a match is determined enabling the authorised user to reset the control code.
  52. 52. An access control system according to claim 51, wherein the computer system is arranged to overwrite the next time access code with a second next time access code when a second control code reset operation is performed.
  53. 53. An access control system according to any one of claims 50 to 52, wherein the activation code and / or reset code is encrypted and the access control system decrypts the code.
GB0621273A 2006-10-26 2006-10-26 Access control system and method Expired - Fee Related GB2443212B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
GB0621273A GB2443212B (en) 2006-10-26 2006-10-26 Access control system and method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
GB0621273A GB2443212B (en) 2006-10-26 2006-10-26 Access control system and method

Publications (3)

Publication Number Publication Date
GB0621273D0 GB0621273D0 (en) 2006-12-06
GB2443212A true GB2443212A (en) 2008-04-30
GB2443212B GB2443212B (en) 2009-09-16

Family

ID=37545993

Family Applications (1)

Application Number Title Priority Date Filing Date
GB0621273A Expired - Fee Related GB2443212B (en) 2006-10-26 2006-10-26 Access control system and method

Country Status (1)

Country Link
GB (1) GB2443212B (en)

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2449734A (en) * 2007-04-23 2008-12-03 David Prescott Secure Parcel Reception Unit With Separate Lockable Reception Compartments and proof of delivery
GB2454944A (en) * 2007-11-24 2009-05-27 Roy William Edwards Protecting the security of an access code such as a PIN or password
GB2549465A (en) * 2016-04-13 2017-10-25 Sydney Willcox Brian Parcel depository
CN107301701A (en) * 2017-06-16 2017-10-27 合肥讯邦网络科技有限公司 A kind of access control system based on Internet of Things
IT201600070797A1 (en) * 2016-07-07 2018-01-07 Angiolini Gilberto DEVICE FOR THE PURCHASE OF POSTAL PACKAGES AT HOME
WO2020240038A1 (en) * 2019-05-31 2020-12-03 Boks Sas Systems and methods for distributing parcels
ES2803724A1 (en) * 2019-07-23 2021-01-29 Alarcon Ricardo Sanchez Transitory supply warehouse (Machine-translation by Google Translate, not legally binding)
IT202000024487A1 (en) * 2020-10-16 2022-04-16 Daniele Aresu EQUIPMENT FOR THE RECEPTION OF MAIL AND PARCELS AND THEIR RESPECTIVE METHOD OF OPERATION

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4532507A (en) * 1981-08-25 1985-07-30 American District Telegraph Company Security system with multiple levels of access
US5872513A (en) * 1996-04-24 1999-02-16 The Chamberlain Group, Inc. Garage door opener and wireless keypad transmitter with temporary password feature
US6414587B1 (en) * 1998-03-13 2002-07-02 The Chamberlain Group, Inc. Code learning system for a movable barrier operator
US20030121968A1 (en) * 2000-05-25 2003-07-03 Miller Michael Robert Method and apparatus for the secure delivery of goods
US20040252018A1 (en) * 2000-07-11 2004-12-16 Shuster Gary Stephen Electronically controlled lockbox

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4532507A (en) * 1981-08-25 1985-07-30 American District Telegraph Company Security system with multiple levels of access
US5872513A (en) * 1996-04-24 1999-02-16 The Chamberlain Group, Inc. Garage door opener and wireless keypad transmitter with temporary password feature
US6414587B1 (en) * 1998-03-13 2002-07-02 The Chamberlain Group, Inc. Code learning system for a movable barrier operator
US20030121968A1 (en) * 2000-05-25 2003-07-03 Miller Michael Robert Method and apparatus for the secure delivery of goods
US20040252018A1 (en) * 2000-07-11 2004-12-16 Shuster Gary Stephen Electronically controlled lockbox

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2449734A (en) * 2007-04-23 2008-12-03 David Prescott Secure Parcel Reception Unit With Separate Lockable Reception Compartments and proof of delivery
GB2454944A (en) * 2007-11-24 2009-05-27 Roy William Edwards Protecting the security of an access code such as a PIN or password
GB2549465A (en) * 2016-04-13 2017-10-25 Sydney Willcox Brian Parcel depository
IT201600070797A1 (en) * 2016-07-07 2018-01-07 Angiolini Gilberto DEVICE FOR THE PURCHASE OF POSTAL PACKAGES AT HOME
CN107301701A (en) * 2017-06-16 2017-10-27 合肥讯邦网络科技有限公司 A kind of access control system based on Internet of Things
WO2020240038A1 (en) * 2019-05-31 2020-12-03 Boks Sas Systems and methods for distributing parcels
FR3096567A1 (en) * 2019-05-31 2020-12-04 Boks Sas PACKAGE DISTRIBUTION SYSTEMS AND METHODS
ES2803724A1 (en) * 2019-07-23 2021-01-29 Alarcon Ricardo Sanchez Transitory supply warehouse (Machine-translation by Google Translate, not legally binding)
IT202000024487A1 (en) * 2020-10-16 2022-04-16 Daniele Aresu EQUIPMENT FOR THE RECEPTION OF MAIL AND PARCELS AND THEIR RESPECTIVE METHOD OF OPERATION

Also Published As

Publication number Publication date
GB0621273D0 (en) 2006-12-06
GB2443212B (en) 2009-09-16

Similar Documents

Publication Publication Date Title
US20200387862A1 (en) Systems and methods for control of electronic parcel lockers
US11636721B2 (en) Access management and reporting technology
GB2443212A (en) An access control system using guest entry codes
EP1237445B1 (en) Secure delivery or collection system
US6897767B2 (en) Multiway control system for keyset
US8509944B1 (en) Self-storage kiosk
US20180091503A1 (en) Networked storage system and method
US20070256615A1 (en) System and method for unattended access to safe deposit boxes
US20120235786A1 (en) Intelligent Enclosures
WO2008097506A2 (en) An electronic or automatic identification method to remotely manage a lock or access point to a secure distribution receptacle, via the internet or wireless communication network
WO2007123554A1 (en) A remotely managed lock or access point, via the internet, to a distribution receptacle or secure location
GB2443829A (en) Secure container with random code generating means providing proof of delivery
CA2496240A1 (en) Tangible security asset management system and methods thereof
US20150193995A1 (en) Secure charging stations and methods for operating the same
KR102149729B1 (en) A parcel service management system for occupants of buildings with smartphone parking location and one-pass system
JP4812371B2 (en) Image display control system, authentication system, and application management apparatus
US20010027525A1 (en) Remote access device and system
US20220383680A1 (en) Touchless smart storage box with face recognition system
JP3834056B1 (en) Authentication system, reader / writer device and storage
US7826464B2 (en) Communication system
US20060088192A1 (en) Identification system
US11893846B2 (en) Devices, systems, apparatuses, and methods for smart cam locks and key lock boxes
US20040190756A1 (en) Biometric enabled mailbox system
US11466506B2 (en) Touchless smart storage box with face recognition
JP2004284708A (en) Home delivery object custody device management system

Legal Events

Date Code Title Description
PCNP Patent ceased through non-payment of renewal fee

Effective date: 20201026