Enabling transparent mode on STid readers that use the SSCP protocol

2024-05-08Last updated

MIFARE DESFire readers require cryptographic keys to access a card's secured credential. When readers are configured to run in transparent mode, these keys are loaded into the Synergis™ key store or a secure access module (SAM) card.

Before you begin

The door must have a STid reader with a part number ending in AA or AD.
Note: Transparent STid readers with part numbers ending in BB cannot be used in this scenario. For a list of readers that can be used as transparent readers, see Supported STid readers that use the SSCP protocol.

Procedure

  1. Log on to the Synergis™ Cloud Link unit.
  2. Click Configuration > Hardware , and then select SSCP.
  3. Click Edit () on the reader's interface.
  4. In the reader configuration dialog box, from the MIFARE DESFire key location list, select one of the following:
    STid reader configuration in the Synergis Appliance Portal highlighting the MIFARE DESFire key location options.
    Synergis key store
    The key for decrypting credentials is stored on the Synergis unit. This option does not require a SAM card.
    SAM (Software crypto)
    This is the faster of the SAM options, but requires the SessionDumpKey option to be enabled during the SAM configuration process. For more information, see the documentation that came with your SAM card configuration software.
    SAM (Hardware crypto)
    This option does not require SessionDumpKey to be enabled during the SAM configuration process.
    Note: The SAM options are only available if you have the Synergis Cloud Link 312 model.
  5. If you select the Synergis key store option, use the Synergis™ Appliance Portal to access the Synergis key store and enter the keys:
    1. Select an index.
    2. Click Create new version, and enter a 32-character hexadecimal key in the text field.
    3. Click Add.
    The MIFARE DESFire configuration file used for the indexed keys is compatible with both software-transparent and non-transparent STid readers.
    Limitation: There are two limitations with software-transparent readers:
    • Transparent readers currently cannot encode cards.
    • Cards with transparent mode enabled take about 100 ms longer to read.

After you finish

The 32 available indexed keys in the Synergis key store increase security by enabling the entry of keys in components. Clicking Add between components makes it possible for multiple stakeholders to each know only part of the required key.