What is Tapkey¶
Tapkey is an open platform for mobile access. It comes with open Web APIs, a Mobile SDK and a Lock SDK, for partners to seamlessly integrate smartphone-based access into existing apps and create new access solutions for a connected world. The easy-to-use and highly secure technology provides instant and reliable access to doors, cars, houses, delivery boxes, furniture and much more. Access is physically controlled via Tapkey-enabled locks. It allows users to manage access permissions to physical resources in the cloud. Each lock belongs to exactly one owner account. An owner account typically has exactly one user who is the owner and is allowed to manage the account's locks.
Owners will use a Tapkey application, usually the Tapkey mobile application or the web-based Tapkey management portal, to manage access permissions. Those permissions are stored in the Tapkey Trust Service.
Access permissions are assigned to an owner account's contacts, which are identified via their email addresses. Permissions can also be assigned to access cards which can be written using NFC-enabled smartphones.
Once a contact was granted an access permission, Tapkey takes care of delivering the according access key to the respective user's smartphones. When the affected smartphones are online, Tapkey will issue an individual key for each smartphone, based on the permissions described in the according grant and deliver the key to the user's smartphone. The user can then use this key to access the lock they were granted access to.
When a grant was issued for an access card, Tapkey will generate the according key as soon as the card gets synchronized. This usually happens by tapping the card with an NFC-enabled smartphone with the Tapkey mobile application installed. Tapkey then uses the smartphone and its internet connectivity to deliver the key directly to the access card.
Tapkey locks are not connected to the internet themselves but instead indirectly use connecting smartphones' internet connections. That implies, that Tapkey cannot push changes to affected locks live. This is of special relevance when revoking keys. If a key has been revoked, Tapkey triggers several mechanisms to invalidate it, including:
- Push notifications are sent to relevant smartphones, requesting it to delete the according key. * The keys are included in affected lock's revocation lists and the revocation lists are pushed to other smartphones which will deliver them to the locks on the next contact. Once a lock receives a new revocation list, all keys listed in the list are immediately considered invalid. * Smartphone-based keys always have a limited lifetime and therefore expire automatically. * Key stored on access cards are deleted from these cards on next contact.
More information about the revocation process can be found in the descriptions of the revocation-related endpoints below.
Tapkey locks maintain a log about certain events like unlocking. This logs is read by smartphones on each contact with a lock and in turn delivered to the Tapkey Trust Service. As the uplink via smartphones is potentially unreliable and might have significant latency, logs might arrive at the Tapkey Trust Service with significant delay and possibly out of order. However, even while arriving out of order, clients will still be able to display entries in correct order, based on their entry number. Nonetheless, certain entries might be missing in between and arrive at a later point in time.