How to Use the New Feature "Template on Mobile (ToM)"

Affected Version:BioStar v2.9.4 or above
Affected Products & Versions:BioStation 3 & v1.2.0 or above

From v.2.9.4 of BioStar 2, the function “Template on Mobile (ToM)” has been introduced newly.
Thanks to this new function, users can enroll and use the Visual Face as a type of credential in the “Mobile Access Card”.

What you need to know before starting Template on Mobile of BioStation 3:
  1. Once you use the Template on Mobile Feature with your Airfob Pass application, this can only work with BioStation 3. It means that other Suprema devices are not compatible with this mobile card.
  2. Please consider your installation environment and the device type that you have to use mobile.

BioStar 2 and Suprema devices store personal data in encrypted status with a secure key. However, there are users who do not want to store their personal data in BioStar 2 database or device.

In that case, the user can use the Template on Mobile (ToM) feature with BioStar 2.9.4 if the installed device is the latest firmware of BioStation 3. Template on Mobile does not require storing user's visual face data on the device or the BioStar 2 database.

Please find the below major features on Template on Mobile (ToM)

<Feature 1>

The users can use and activate the only one between either CSN Mobile or Template on Mobile.
In short, it means that the Mobile Access Card of “Template on Mobile” IS DISTINGUISHED from the existing Mobile Access Card of “CSN Mobile”.

<Feature 2>

Two types of cards are supported for ToM as ToM_AoC (Access on Mobile) and ToM_SCC (Secure Credential Mobile) and those inherit properties of Suprema's smart card “AoC and SCC”. For more details about AoC and SCC, please refer to the following article.
https://support.supremainc.com/en/support/solutions/articles/24000015986--biostar-2-difference-between-secure-credential-and-access-on-card-smart-card-

For deleting the issued either ToM_AoC and ToM_SCC, you must BLOCK the card firstly.

<Feature 3>

ToM supports both Regular and Dynamic type of Mobile Access Card. For more details about Regular and Dynamic cards, please refer to the “3. New Features” of the following link.
https://mocasystemen.crunch.help/en/admin/site-type

<Feature 4>

There is NO specific license to use ToM but it requires applying the “credit policy” in the existing license rule depending on either Dynamic or Regular Site.
For more details of the “credit policy”, please refer to the following link.
https://mocasystemen.crunch.help/en/admin/site-license

<Feature 5>

When enrolling the Visual Face to the Suprema device or trying to authenticate using ToM, the template of Visual Face IS NOT saved in the device but only sent to the user's Mobile Access Card

<Feature 6>

When trying to authenticate using ToM, Suprema device deletes all information of the Mobile Access Card including the template after matching the template in the card and the face scanned by the device.

  1. You can add the “Visual Face” and do authentication using ToM in “Slave Device” If both Master and Slave devices support the ToM.
  2. For now, BioStation 3 using the specific firmware version (v.1.2.0 or higher version) will support this function only. However, FaceStation F2 will also support this function in the future.

Step 1. Create a site in Airfob Portal

Step 1-1.

Go to Airfob portal (https://portal.airfob.com/signin) and login to the web-site. Then, create a site by clicking “Create Site”.

When creating a site, you need to select a proper Mobile Access Card type between either Regular or Dynamic depending on your needs. For more details, please refer to the following link
https://mocasystemen.crunch.help/en/admin/site-type

Step 1-2.

Check the Site ID for the created site. You can find it at Settings > Site > Site ID.

Step 1-3.

After that, activate the option “Template on Mobile” for the site ID.

Step 2. Configuration of Mobile Access in BioStar 2

Step 2-1.

Login to BioStar 2 and then, go to Settings > MOBILE ACCESS

Step 2-2.

Put the proper information on the page of MOBILE ACCESS referring to the following rules. After the completion, click Connect.

  • Mobile Access Setting : Enable the option by selecting the Use
  • Site ID : Put the Site ID in Step1-2
  • Password : Put the password for login to the Airfob portal
  • Email : Put the Email for login to the Airfob portal

Step 2-3.

To register the device in which the mobile card will be used, Click Add and select the device you want to use. And then click Close

Step 3. Enroll a ToM as a Mobile Access Card in BioStar 2

Before following to Step3, the Email address should be filled in to get the link for the generated Mobile Access Card

Step 3-1.

Select a user who will use ToM and then click Mobile Icon in BioStar 2.

Step 3-2.

On the below pop-up, select Template on Mobile in Card Type and then, select the one between either Access On Card or Secure Credential Card in Smart Card Type. After that, click Enroll.

Step 3-3.

After that, click Apply on the user's page. Then, you can find the below pop-ups in order.

  • <First pop-up>
  • <Second pop-up>

Step 4. How to enroll your Visual Face in ToM and activate the Mobile Access Card

Step 4-1.

Enable the option for Template on Mobile and configure the setting value you want to apply in the device registered in step2-3.

If you want to enroll the Visual Face in ToM via this device, check the box for Visual Face in ToM Enrollment.

Step 4-2.

After accessing the user's mail, activate the Mobile Access Card by clicking the activation mail for using Mobile Access Card.

Step 4-3.

After activating the Mobile Access Card, then tab the Mobile Access Card to the Suprema device. Then, you can find the below pop-up on the device. At this time, please turn off the screen of your mobile and then click Continue.

At this time, please check if BLE or NFC has already turned on in your mobile depending on the configuration in the above step 4-1

Step 4-4.

After that, you can find the screen of the device on which you can enroll your Visual Face. If so, please enroll your Visual Face.

Step 4-5.

Finally, all steps are completed so please try to authenticate by using Mobile Access Card as the below.

  • First, tab the Mobile Access Card to the Suprema device
  • Second, scan your Visual Face on the Suprema device when the device requests you to scan your face