You are on page 1of 56
MorphoAccess™ Parameters Guide Produced by Sagem Sécurité Copyright ©2009 Sagem Sécurité <a href=www.sagem-securite.com MorphoAccess™ Parameters Guide SSE-0000062458-05 November 2009 " id="pdf-obj-0-2" src="pdf-obj-0-2.jpg">
MorphoAccess™ Parameters Guide
MorphoAccess™
Parameters Guide

Produced by Sagem Sécurité Copyright ©2009 Sagem Sécurité

MorphoAccess™ Parameters Guide

SSE-0000062458-05

November 2009

Table of Contents

REVISIONS HISTORY

5

SSCCOOPPEE OOFF TTHHEE DDOOCCUUMMEENNTT

6

CCOONNFFIIGGUURRAATTIIOONN FFIILLEE OORRGGAANNIIZZAATTIIOONN

8

PPAARRAAMMEETTEERR MMOODDIIFFIICCAATTIIOONN

9

NNOOTTAATTIIOONN

9

[[SSEECCTTIIOONN IINN CCOONNFFIIGGUURRAATTIIOONN FFIILLEE]]

9

SSSSLL SSEECCUURRIINNGG CCOONNFFIIGGUURRAATTIIOONN KKEEYYSS

9

WWII--FFIICCOONNFFIIGGUURRAATTIIOONN KKEEYYSS

10

DDEESSFFIIRREECCOONNFFIIGGUURRAATTIIOONN KKEEYYSS

10

AAPPPPLLIICCAATTIIOONN FFIILLEE ((AAPPPP..CCFFGG))

11

 

[[BBIIOO CCTTRRLL]]

11

[[CCOONNTTAACCTTLLEESSSS]]

15

[[RREELLAAYY]]

18

[[SSEENNDD IIDD UUDDPP]]

18

[[SSEENNDD IIDD EETTHHEERRNNEETT]]

18

[[TTAAMMPPEERR AALLAARRMM]]

20

[[SSEENNDD IIDD WWIIEEGGAANNDD]]

20

[[SSEENNDD IIDD DDAATTAACCLLOOCCKK]]

23

[[SSEENNDD IIDD SSEERRIIAALL]]

24

[[FFAAIILLUURREE IIDD]]

25

[[LLOOGG FFIILLEE]]

26

[[LLEEDD IINN]]

27

[[GG..UU..II]]

27

[[MMOODDEESS]]

28

[[DDAATTAACCLLOOCCKK IINN]] ((MMOORRPPHHOOAACCCCEESSSS550000 SSEERRIIEESS OONNLLYY))

30

[[WWIIEEGGAANNDD IINN]] ((MMOORRPPHHOOAACCCCEESSSS550000 SSEERRIIEESS OONNLLYY))

30

[[IINNFFOO]]

31

[[KKEEYYBBOOAARRDD]] ((MMOORRPPHHOOAACCCCEESSSS550000 SSEERRIIEESS OONNLLYY))

31

BBIIOOMMEETTRRIICC SSEENNSSOORR PPAARRAAMMEETTEERRSS ((BBIIOO..CCFFGG))

33

 

[[BBIIOO CCTTRRLL]]

33

AADDMMIINNIISSTTRRAATTIIOONN SSEETTTTIINNGGSS ((AADDMM..CCFFGG))

34

 

[[RREEMMOOTTEE MMAANNAAGGEEMMEENNTT TTCCPP]]

34

[[RREEMMOOTTEE MMAANNAAGGEEMMEENNTT SSEERRIIAALL]] ((MMOORRPPHHOOAACCCCEESSSS550000 SSEERRIIEESS OONNLLYY))

34

[[DDIISSTTAANNTT SSEESSSSIIOONN]]

35

[[RREEMMOOTTEE MMAANNAAGGEEMMEENNTT SSSSLL]]

35

NNEETTWWOORRKK PPAARRAAMMEETTEERRSS ((NNEETT..CCFFGG))

 

37

 

[[BBOOOOTT PPRROOTTOO]]

37

[[PPAARRAAMMEETTEERRSS]]

37

[[DDEEVVIICCEE]]

37

SSSSLL PPRROOFFIILLEESS

((SSSSLL UUSSEE OONNLLYY))

 

38

[[MMIISSCCEELLLLAANNEEOOUUSS]]

38

[[PPRROOFFIILLEE00]]

38

[[PPRROOFFIILLEE11]]

40

FFIILLEE ((GGUUII..CCFFGG))

42

 

[[KKEEYY SSCCRREEEENNSS]] ((MMOORRPPHHOOAACCCCEESSSS550000 SSEERRIIEESS OONNLLYY))((OONNLLYY IINN EEXXTTEENNDDEEDD TTIIMMEE AANNDD AATTTTEENNDDAANNCCEE MMOODDEE))

42

EEXXEE FFIILLEE ((EEXXEE..CCFFGG))

44

 

[[IINNIITT SSTTAATTEE]]

44

[[SSWWIITTCCHH AAPPPP]]

44

WWII--FFIIFFIILLEE

((WWII--FFIIUUSSEE OONNLLYY))

45

[[AACCCCEESSSS PPOOIINNTT:: XXXXXX]]

45

[[PPRROOFFIILLEE:: YYYYYY]]

46

[[PPRROOPPEERRTTIIEESS]]

47

EENNRROOLLMMEENNTT AAPPPPLLIICCAATTIIOONN ((EENNRR..CCFFGG))

 

48

 

[[CCOONNTTAACCTTLLEESSSS]]

48

LLOOGGSS FFIILLEE ((LLOOGG..CCFFGG))

49

 

[[LLOOGGPPAARRAAMM]]

49

[[SSYYNNCCHHRROO]]

50

RREEMMOOTTEE MMEESSSSAAGGEESS ((RREEMMOOTTEEMMSSGG..CCFFGG))

 

51

[[IINNTTEERRFFAACCEESS]]

51

EEVVEENNTTSS ((EEVVEENNTTSS..CCFFGG))

52

 

[[GGEENNEERRAALL]]

52

[[BBIIOO__CCHHGG]]

52

[[LLOOGG__FFUULLLL]]

53

SSUUPPPPOORRTT

54

CCUUSSTTOOMMEERR SSEERRVVIICCEE

54

HHOOTTLLIINNEE

54

RREEVVIISSIIOONNSS HHIISSTTOORRYY

Date

Firmware

Description

July 08

All

Add “bio\bio ctrl\FFD security level” configuration key description

(MA5x1 device only).

New description for “app\failure ID\” configuration keys

2.07

Add SSL configuration keys

Add “app\relay\external control by LED1” new configuration key

2.09

Add “bio\bio ctrl\finger type” new configuration key for compatibility

with the “juvenile option” of MA2xx and MA3xx devices.

Add Idle mode configuration key.

Add “app\modes\timeouts” new configuration key

Add extended Time and Attendance feature configuration keys

Add “app\keyboard\timeouts” new configuration key

Add “app\send ID Wiegand\built frame” new configuration key

Add “app\contactless\event on” new configuration key

Add WiFi configuration keys

June

2.10

Add MA 500+ Series and DESFire TM terminals

2009

October

2.11

Add events, logs, remotemsg files.

2009

Add “exe\init\startup” configuration key

Add “app\log\full handling” configuration key

Add new Wi-Fi™ configuration keys

SSCCOOPPEE OOFF TTHHEE DDOOCCUUMMEENNTT

This guide

relates to the

use

of

MorphoAccess™ 500 and 100 Series

terminals.

MorphoAccess™ 500 Series is a generic appellation which gathers MorphoAccess™ terminals belonging to MA 500+ Series, OMA 500 Series

and MA 500 Series. Corresponding list of products is depicted in the table below.

   

Contactless Smartcard

False

 

Biometrics

Reader

Finger

Outdoor

MIFARE™

DESFire™

Detection

 

MA 500+

       

MA 500+

 

   

Series

MA 520+ D

MA 521+ D

 
 

OMA 520 D

 

OMA 500

OMA 521 D

Series

OMA 520

   

OMA 521

 

 

MA 500

       

MA 500

 

     

Series

MA 520

MA 521

 

 

MorphoAccess™ 100 Series is made up of following list of products.

   

Contactless Smartcard Reader

Biometrics

iClass™

MIFARE™

DESFire™

 

MA 100

     

MA 100

MA 110

   

Series

MA 120

 

 

MA 120 D

 

CCOONNFFIIGGUURRAATTIIOONN FFIILLEE OORRGGAANNIIZZAATTIIOONN

This document gives an exhaustive description of the MorphoAccess™

500 and 100 Series configuration parameters.

MorphoAccess™ parameters are stored into files organized into sections

and values.

Each section corresponds to a given functionality described by various parameters.

For example a file named “app.cfg” contains all the parameters defining

the main application settings.

[bio ctrl] identification=1 nb attempts=2 … [log file] enabled=1 …
[bio ctrl]
identification=1
nb attempts=2
[log file]
enabled=1

Each file is associated to a “type file” defining the parameter’s type.

[bio ctrl] identification=bo(e) nb attempts=in(1,2) … [log file] enabled=bo(e) …
[bio ctrl]
identification=bo(e)
nb attempts=in(1,2)
[log file]
enabled=bo(e)

NOTE:

Since software version 2.00, some configuration keys have

been renamed or moved. When configuration comes from software updating the previous set key value is unchanged.

PPaarraammeetteerr mmooddiiffiiccaattiioonn

There are two main ways to modify a parameter.

For MorphoAccess™ 500 Series only, directly on the terminal using

the Configuration Application. Please refer to Configuration

Application User Guide for more information about this application.

 

[app]/send ID udp

 
 

host address

 
 

134.1.2.189

 

EDIT

<<

>>

EXIT

Remotely through IP or Serial link with a client application.

P P a a r r a a m m e e t t e
P P a a r r a a m m e e t t e
P P a a r r a a m m e e t t e

NNoottaattiioonn

The notation below is employed:

[[sseeccttiioonn iinn ccoonnffiigguurraattiioonn ffiillee]]

ppaarraammeetteerr nnaammee 11ddeeffaauulltt vvaalluuee [[mmiinn__vvaalluuee--mmaaxx__vvaalluuee]]

Parameter details.

ppaarraammeetteerr nnaammee 22ddeeffaauulltt vvaalluuee

((vvaalluuee__11,,

vvaalluuee__22))

Parameter details.

SSSSLL sseeccuurriinngg ccoonnffiigguurraattiioonn kkeeyyss

Several keys let the administrator configuring the system to use SSL for

remote connections. This feature is enabled for MorphoAccess™ 500 and

100 Series.

To secure using SSL, refer to the specific documentation “MATM SSL

Solution for MorphoAccess™” and use MATM Security Plugin.

Configuration keys marked “SSL use only” have not to be modified

manually. They should be managed only with the MATM Security Plugin.

It is recommended to use Sagem Sécurité’s Active MACI as remote SSL

client communication layer and to configure SSL using MATM Security

Plugin.

Do not configure SSL using another way.

WWII--FFIIccoonnffiigguurraattiioonn kkeeyyss

Several keys let the administrator configuring the terminal to use WI-FI™

USB adapter instead of the classical Ethernet cable.

To configure a WI-FI™ connection, please use the MATM WI-FI™ Wizard

Plugin or use the Easy Setup assistant (on MorphoAccess 500 Series

only)

Configuration keys marked “Wi-Fi™ use only” must not be modified

manually. They should be managed only with the MATM WI-FI™ Wizard

Plugin.

DDEESSFFiirreeccoonnffiigguurraattiioonn kkeeyyss

Special keys only appear on terminals that have a DESFire™ contactless

smart card reader. In that case, these keys are marked as “DESFire™

terminals only”.

AAPPPPLLIICCAATTIIOONN FFIILLEE ((AAPPPP..CCFFGG))

[[bbiioo ccttrrll]]

iiddeennttiiffiiccaattiioonn11 ((00,, 11)) ((ddeeffaauulltt mmooddee oonn MMoorrpphhooAAcccceessss110000 aanndd

550000))

When activated the terminal works in identification mode: captured

fingerprint is matched against the terminal database. The access is

granted if the captured fingerprint matches with one of the templates

stored in the database.

On terminals equipped with a contactless smartcard reader, identification

is disabled by default.

iiddeennttiiffiiccaattiioonn ttiimmeeoouutt55 [[11--6600]]

Time

given

to

the

user

to

present

his finger

after

a

first incorrect

identification.

 

nnbb aatttteemmppttss22 ((11,, 22))

 

A value

of

“2”

means

that

after

a

first

incorrect

identification

or

authentication a second chance is given. Set this parameter to “1” to offer

only one attempt.

bbyyppaassss aauutthheennttiiccaattiioonn00 ((00,, 11))

If set to “1”, the biometric check is disabled (this applies to authentication

modes only).

aauutthheenntt ccaarrdd mmooddee00 ((00,, 11)) ((oonnllyy oonn tteerrmmiinnaallss eeqquuiippppeedd wwiitthh aa

ccoonnttaaccttlleessss ssmmaarrttccaarrdd rreeaaddeerr))

If set to “1”, the content of the "CARDMODE" tag of the contactless card

specifies which optional checks have to be successful to allow the access:

PIN check (yes or no) and Biometric check (yes or no).

Refer to MorphoAccess™ Contactless Card Specification for further

information about the “CARDMODE” tag.

aauutthheenntt PPKK ccoonnttaaccttlleessss11 ((00,, 11)) ((oonnllyy oonn tteerrmmiinnaallss eeqquuiippppeedd wwiitthh aa

ccoonnttaaccttlleessss ssmmaarrttccaarrdd rreeaaddeerr))

If set to “1”, the access is granted if the captured fingerprint matches one

of the templates read on the contactless card (tag "PK1" and “PK2”).

aauutthheenntt IIDD ccoonnttaaccttlleessss00 ((00,, 11)) ((oonnllyy oonn tteerrmmiinnaallss eeqquuiippppeedd wwiitthh aa

ccoonnttaaccttlleessss ssmmaarrttccaarrdd rreeaaddeerr))

If set to “1”, the access is granted if the captured fingerprint matches one

of the templates stored in the terminal database, indexed by the content of

the "ID" tag on the contactless card.

aauutthheenntt IIDD kkeeyybbooaarrdd00 ((00,, 11)) ((oonnllyy iinn MMoorrpphhooAAcccceessss550000 SSeerriieess))

If set to “1”, the access is granted if the captured fingerprint matches one

of the templates stored in the terminal database, indexed by the numeric

value entered on the keyboard.

aauutthheenntt rreemmoottee IIDD ssoouurrccee00 [[00--22]] ((oonnllyy iinn MMoorrpphhooAAcccceessss550000

SSeerriieess))

Specified if the user ID has to be received on Wiegand/DataClock port,

and if yes, in which format: either Wiegand frame or DataClock frame. This

received user ID is used to retrieve the user’s templates in the database.

The access is granted if the captured fingerprint matches one of the

retrieved templates.

Value

Description

0

Signals received from Wiegand/Dataclock port are ignored

1

The user ID is received within a Wiegand frame on Wiegand/DataClock port. The Wiegand frame format to be received is described in [wiegand

in] section.

2

The user ID is received within a DataClock frame on Wiegand/DataClock port. The DataClock signal to be received is described in [dataclock in]

section.

aauutthheenntt ttiimmeeoouutt1100 [[11--6600]] ((oonnllyy iinn MMoorrpphhooAAcccceessss550000 SSeerriieess,, aanndd

MMoorrpphhooAAcccceessss110000 SSeerriieess tteerrmmiinnaallss eeqquuiippppeedd wwiitthh aa ccoonnttaaccttlleessss

ssmmaarrttccaarrdd rreeaa