Home
Administrator Guide
Learn about Synergis Cloud Link hardware and software.
Integration-specific configuration
Learn how to configure third-party devices to work with your Synergis Cloud Link unit.
STid readers using the SSCP protocol
Enabling transparent mode on STid readers that use the SSCP protocol
MIFARE DESFire readers require cryptographic keys to access a card's secured credential. When readers are configured to run in transparent mode, these keys are loaded into the Synergis™ key store or a secure access module (SAM) card.

Release Notes
Learn about the Synergis Cloud Link release.
Hardware Installation Guide
Learn how to install and connect your Synergis Cloud Link appliance.
Administrator Guide
Learn about Synergis Cloud Link hardware and software.
- Preface
- Introduction
- General configuration
  Learn how to configure your Synergis Cloud Link unit.
- Integration-specific configuration
  Learn how to configure third-party devices to work with your Synergis Cloud Link unit.
  - Allegion Schlage wireless locks
  - ASSA ABLOY Aperio-enabled locks
  - ASSA ABLOY IP locks
  - AutoVu SharpV cameras
  - Axis controllers
  - DDS controllers
  - HID VertX sub-panels
  - Mercury controllers
  - Allegion Schlage locks through Mercury
  - BEST Wi-Q locks through Mercury
  - SimonsVoss SmartIntego locks through Mercury
  - SALTO SALLIS wireless locks
  - OSDP devices connected to the Synergis Cloud Link RS-485 ports
  - STid readers using the SSCP protocol
    - Configuring and enrolling STid readers that use the SSCP protocol
      For the Synergis™ unit to communicate with the STid readers connected to it, you must configure and enroll the readers in the Synergis™ Appliance Portal.
    - Enabling transparent mode on STid readers that use the SSCP protocol
      MIFARE DESFire readers require cryptographic keys to access a card's secured credential. When readers are configured to run in transparent mode, these keys are loaded into the Synergis™ key store or a secure access module (SAM) card.
    - Changing the default RS-485 communication keys for STid readers that use the SSCP protocol
      You can change the default signature and encipherment keys used for encrypted and signed communication with the STid readers.
    - Configuring STid readers that use the SSCP protocol to prevent relay attacks
      Prevent relay attacks on supported STid readers by enabling the system to detect delays in the RF communication exchanges between cards and readers, and reject access requests from the cards that take too long to communicate.
    - Encoding a credential on an RFID card in Security Desk
      You can encode a credential on an RFID card using Security Desk.
- Maintenance and troubleshooting
  Learn how to troubleshoot issues and keep your Synergis Cloud Link unit up to date.
Glossary
Where to find product information
You can find our product documentation in the following locations:
Technical support
Genetec™ Technical Assistance Center (GTAC) is committed to providing its worldwide clientele with the best technical support services available. As a customer of Genetec Inc., you have access to TechDoc Hub, where you can find information and search for answers to your product questions.

Enabling transparent mode on STid readers that use the SSCP protocol

2024-05-08

MIFARE DESFire readers require cryptographic keys to access a card's secured credential. When readers are configured to run in transparent mode, these keys are loaded into the Synergis™ key store or a secure access module (SAM) card.

Before you begin

The door must have a STid reader with a part number ending in AA or AD.

Note: Transparent STid readers with part numbers ending in BB cannot be used in this scenario. For a list of readers that can be used as transparent readers, see Supported STid readers that use the SSCP protocol.

Procedure

Log on to the Synergis™ Cloud Link unit.
Click Configuration > Hardware , and then select SSCP.
Click Edit () on the reader's interface.
In the reader configuration dialog box, from the MIFARE DESFire key location list, select one of the following:

Synergis key store

The key for decrypting credentials is stored on the Synergis unit. This option does not require a SAM card.

SAM (Software crypto)

This is the faster of the SAM options, but requires the SessionDumpKey option to be enabled during the SAM configuration process. For more information, see the documentation that came with your SAM card configuration software.

SAM (Hardware crypto)

This option does not require SessionDumpKey to be enabled during the SAM configuration process.

Note: The SAM options are only available if you have the Synergis Cloud Link 312 model.
If you select the Synergis key store option, use the Synergis™ Appliance Portal to access the Synergis key store and enter the keys:
1. Select an index.
2. Click Create new version, and enter a 32-character hexadecimal key in the text field.
3. Click Add.
The MIFARE DESFire configuration file used for the indexed keys is compatible with both software-transparent and non-transparent STid readers.
Limitation: There are two limitations with software-transparent readers:
- Transparent readers currently cannot encode cards.
- Cards with transparent mode enabled take about 100 ms longer to read.

After you finish

The 32 available indexed keys in the Synergis key store increase security by enabling the entry of keys in components. Clicking Add between components makes it possible for multiple stakeholders to each know only part of the required key.