Introducing PostgreSQL, Windows authentication and further improvements

July 29, 2022

July 29, 2022 marks the release of CredoID v4.9.0 with an essential system-wide change: a switch from Microsoft SQL to PostgreSQL as the default database engine in CredoID.

Moving from Microsoft SQL to PostgreSQL as default database engine

The move brings the following benefits to customers, using CredoID access control platform:

In short, even the large systems with 5000 or more users and millions of events generated per month, can enjoy the benefits of a powerful database engine free of charge even above 10GB of data. Integrators deploying CredoID in the cloud should see their monthly expenses decrease, as service plans including Postgre SQL rather than MS SQL Server, as well as Linux machines rather than Windows ones, are typically priced more favorably. We do recommend to perform regular backups and database maintenance, though, especially as CredoID includes convenient and automated options for those operations.

PostgreSQL
Illustration 1: PostgreSQL is the new default DB engine in CredoID

Microsoft SQL Server support lifecycle

The move to Postgre SQL also marks a count-down for MS SQL support retirement. Below is the timeline of key changes in database support and migration:

OSDP v2 Secure Channel​

Access control system security is top priority at Midpoint Systems. OSDP v2 has long since become de facto standard in reader-controller communication, with multiple benefits, such as increased functionality, bi-directional data transfer, reduced cost per door and improved security, compared to Wiegand-standard connections.

To encourage the usage of advantages offered by OSDP v2, we made Secure Channel setting accessible from the Operator’s interface in CredoID v4.9.0. The setting enables AES-128 encryption of communication between compliant controllers and readers. This essentially means that in case a malicious actor is able to gain access to the reader cabling, they would not be able to cheat the controller with fraudulent or spoofed credentials.

In the product range offered by Midpoint Systems, the setting is available for HID Aero and Mercury LP-series controllers, and it can be used in combination with HID R-series, Signo series, full STid reader range or any other OSDP v2-compliant readers. Suprema CS-40 controller does not support this setting yet, as it is not compatible with third-party OSDP readers, but this should be addressed by an upcoming firmware release.

Windows authentication, Who Is In report enhancements, Anti-Passback exempt setting

Customers using Active Directory integration are getting an additional benefit with CredoID version 4.9. We have added support for Operator authentication via Active Directory, thus making it more convenient for CredoID Operators to log onto the system using their standard domain credentials.

The feature allows Administrators a tighter control over password policies, while Operators have one less password to remember.

CredoID osdp v2
Illustration 2: OSDP v2 Secure Channel encryption settings in CredoID for HID Aero and Mercury LP-series controllers

In Who Is In report we have added the ability to sort the list by Company, Department and Title, so that generated report is more convenient to analyze when multiple vendors are on site.

Anti-Passback exemption setting has been implemented in CredoID v4.9.0 as the means of allowing trusted users to escort multiple guests, bypassing the system-wide Anti-Passback rules.

As always, update to CredoID v4.9.0 is available free of charge for customers within the first 12 months of license activation and also those who have active yearly maintenance updates. Get CredoID v4.9.0 at download.credoid.com and feel free to contact us for a quick chat if you would like to learn more about how the update and move to PostgreSQL may affect your installation.

CredoID Mobile reader / controller app for Android released

We have updated CredoID Mobile app for Android devices with performance and usability improvements.

CredoID Mobile app is meant for use as a portable credential verification tool, used in temporary installations, construction sites, visitor or contractor management and other cases. Once synced with CredoID Access Control service, the device can operate in standalone mode, providing quick and reliable ID verification even in the most remote locations.

CredoID Mobile app can read Mifare / Desfire credentials on NFC-enabled Android devices, HID iClass /SEOS credentials on specialized devices (such as Coppernic C-One2) and verify them against CredoID database. QR and bar codes can also be read, as well as card serial number input by hand.

 

Key features of updated CredoID Mobile app:

CredoID v4.9.0 is now cross-platform

As of version 4.9.0 CredoID is available as a Linux native distribution in Docker container image.