OSDP: A New, Open Standard for Strengthening Security

The weaknesses identified in the Clock-and-Data and Wiegand protocols have pushed the security industry to adopt a new protocol, bolstering the protection of critical collected through a PACS.

The result was OSDP: an access control communications standard first developed by Mercury Security and HID Global in 2008. The Security Industry Association (SIA) adopted OSDP as a standard in 2011 to improve interoperability among access control and security products. 

Why Implement OSDP as a Standard?

It is common knowledge that today's organizations value system interoperability — especially with regard to security. The rise of IP-networked devices, such as video and physical access control, has opened up a world of possibilities; however, the security of the data collected from these devices is paramount to keeping the organization safe from attack. OSDP is the only protocol that is secure and open to communication between readers and controllers. Currently, it is being widely adopted by manufacturers, including the industry-leading manufacturers for readers and controllers. 

The fact that OSDP is also an evolving, 'living standard', similar to many others that streamline the development of connected devices, makes it a safer, more robust, future-proof option for governing physical access control systems. 

However, a continued need for awareness and education around the vulnerabilities of the Wiegand protocol and the advantages of upgrading to OSDP is required. In a recent HID Global survey, of those respondents that did not have OSDP-enabled devices, lack of awareness was significantly high as 80 percent of respondents said they had never heard of OSDP, while 20 percent said they had, but opted for a system using an alternative protocol.

 

The tide may be turning, however. Of those respondents aware of OSDP, 33 percent reported a plan to install or upgrade to OSDP-enabled devices (45 percent did not know of plans and only 22 percent said they did not plan to do so).