When we onboard a new customer, we set up a complete cloud environment for our customer. At Sera4, we can only access to data about your locks, your operations and your users if you explicitly grant us access (sometimes you may choose to do that if you request specific training or support from us. This level of security around user data in the cloud is an industry best practice and is not unique to Sera4. We call each customer’s cloud environment an Organization.
What happens to the locks and controllers on a Teleporte network often gets overlooked by our customers. It is all orchestrated by Sera4 in the background. Each Sera4 lock has firmware that we’ve been developing in-house for years. This firmware includes all the security protocols to reliably and securely communicate with the Teleporte Mobile Application. It also contains a unique digital certificate that we call the Organization Control Code (OCC).
Each active lock and controller has an OCC. This OCC is the same for all locks in an organization. It filters all commands from the Teleporte Mobile Application, so that any requests or instructions that do not come from a matching Organization are ignored. This way no other Teleporte customer can interact with your locks in any way. Only you control your locks. When combined with Teleporte’s off-network architecture, we believe this is the most secure way to secure your assets.
By default, the OCC is setup to be Sera4. When locks and controllers get moved into a new organization, the OCC is automatically updated to reflect the ownership and control of the hardware. Thanks to the magic of Public Key Cryptography, virtual keys and commands from the Sera4 organization are subsequently ignored by the lock – the new organization is the ultimate master.
Most of our customers never know about the OCC. Sometimes our customers have to change the OCC on their locks. An example when this happens is when one telecom networks’ tower assets are sold to a tower company. It’s easy within our software to issue the command to update an OCC, but the command needs to come from the users in the right organization. This requires this users to visit each lock to change the OCC. Notably, this can sometimes be inconvenient – but is required to keep your locks secure in the field. Teleporte doesn’t use any secret or master keys.
This month, we are introducing the option for OCC sharing – the ability for organizations to share their OCC with other organizations. We will be providing the option to customers to give their Sera4 Authorized Integrator access to manage their locks with a second OCC. This means that locks/controllers can be moved between two (or more) organizations without the complication of updating the OCC first. Changes to the OCC will occur on the next interaction with the lock and as always – command and control of your Sera4 locks happens seamlessly.
To learn more about the OCC sharing option, please reach out to cx@sera4.com.