New line of ZKTeco, Armatura access control devices OSDP verified

Access control standards are shifting as OSDP gains traction. ZKTeco USA and Armatura have confirmed OSDP Verification for several devices, while the Security Industry Association (SIA) has appointed new leadership to its OSDP Technical Subcommittee. HID is also urging the industry to move beyond legacy Wiegand systems, citing vulnerabilities and rising cyber threats.

ZKTeco USA and its sister company Armatura have confirmed that a range of their access control products have been certified as OSDP Verified, confirming compliance with the Security Industry Association’s (SIA) Open Supervised Device Protocol standard.

The newly listed devices include the EP series of readers, six Atlas controllers, three IO boards, and four new access control panels scheduled for release in 2026. OSDP verification involves independent testing to ensure devices meet interoperability and encryption requirements set out in version 2.2.2 of the protocol, including its Secure profile.

“With a myriad of security vulnerabilities found with Wiegand, it’s extremely important that organizations look for manufacturers that are OSDP Verified,” says Esteban Pastor, product manager at ZKTeco USA. “This ensures that data is secure when encrypted from the access control reader back to the panel.”

Standards-based interoperability and encryption in access control systems is of growing importance. As biometric verification becomes more widely integrated into physical security, adherence to protocols like OSDP is increasingly seen as a baseline requirement to ensure trust and resilience in identity-linked infrastructure.

SIA shakes up OSDP subcommittee

The Security Industry Association (SIA) has appointed new leadership to its Open Supervised Device Protocol (OSDP) Technical Subcommittee, the group responsible for advancing the access control communications standard.

Constantine Tremouliaris of Assa Abloy has been named chair, while Jon Uren of Cypress Integration Solutions will serve as vice chair. Together, they will oversee the subcommittee’s work on editing and revising the OSDP standard, coordinating research, and providing technical guidance on interoperability and secure communication in access control systems.

Tremouliaris, who manages alliances and standards at Assa Abloy, has long contributed to OSDP development and industry standards initiatives. Uren, president and CEO of Cypress Integration Solutions, brings more than 16 years of experience in product innovation and operations.

SIA CEO Don Erickson said the appointments will help ensure OSDP continues to evolve as the benchmark for secure, interoperable access control. The new leaders succeed outgoing chair Tony Diodato and vice chair Steve Rogers.

HID head advocates for OSDP in a world of data breaches, outdated protocols

Networked devices have led to a greater range of possibilities but this wider technological world also means bad actors looking to exploit weaknesses.

Steve Katanas, a regional head, and who oversees Physical Access Control Solutions at HID, believes the security of organizations, including physical access to buildings, requires moving toward integration and interoperability.

“Physical access control systems (PACS) have been used for many decades, but a lack of common standards has brought widely divergent access methods dominated by proprietary systems that don’t interact with other systems,” Katanas writes in DefSec.

“Many of these systems do not support the level of integration that industries or new technology demand, nor can they withstand hacking attempts.”

Advocating for the Open Supervised Device Protocol (OSDP), he notes the outdated landscape of current PACs, which rely on the Wiegand protocol. Named after John R. Wiegand, who developed it in the 1970s, the protocol became widely used in access control systems in the 1980s.

OSDP was developed by Mercury Security and HID in 2008 as a response to vulnerabilities in the Weigand and other legacy protocols. OSDP is free of intellectual property and was donated to the U.S. Security Industry Association to bolster interoperability among access controls and security products. It became an International Electrotechnical Commission (IEC) standard in 2020.

On the dark web, “off-the-shelf” hacking devices and software can exploit legacy protocols, with data breaches not an uncommon occurrence as private details, passwords and other data are stolen and sold.

OSDP standards are increasingly seen as critical for modern access control, offering encrypted communication through AES-128 secure channel protocol and protecting against “man-in-the-middle” attacks where intruders intercept data between readers and controllers.

The protocol enables bidirectional communication, allowing real-time information exchange between devices and central systems, which improves responsiveness and control. Its open, scalable design is supposed to support integration of hardware from multiple manufacturers, giving organizations flexibility as threats evolve and new technologies emerge.

By unifying physical and digital access systems, OSDP addresses vulnerabilities in legacy infrastructure. It is designed to support software-driven convergence of functions such as video surveillance, access control and intrusion detection. With cyberattacks growing more sophisticated, OSDP is positioned as a key standard for enterprises prioritizing secure, interoperable identity and access management.

Article Topics

access control  |  Armatura  |  biometrics  |  HID  |  Open Supervised Device Protocol (OSDP)  |  Security Industry Association (SIA)  |  ZKTeco USA