Skip to main content

Offline support

Should your space lose access to internet, Kisi supports two fallback mechanisms for unlocking doors or elevators:

  1. Offline cache on the reader: with offline caching for credentials, Kisi allows users to unlock doors even without internet connectivity.
  2. Offline cache on the phone: with mobile data enabled on your phone, the Kisi reader will receive a certificate from your phone through Bluetooth or NFC to unlock the door.

Offline cache on the reader

With offline cache (also "edge cache") on the reader, access rights are cached offline-accessible on readers. Whenever a user unlocks a door, Kisi will use these cached access rights before attempting to call the Kisi cloud. If the user is in the cache, an internet connection is not required. Currently, we are covering internet outages for up to 36 hours, but this will be increased in future updates.

Key features

  • Fully encrypted and authenticated offline support for both cards and phones, simultaneously assuring the confidentiality and authenticity of access rights.
  • High memory and bandwidth efficiency, caching up to 1000 access rights and up to 250 groups in less than a megabyte.
  • Near real-time updates of changed credentials by synchronizing with the reader cache within minutes.
  • Fully supported on Wiegand-enabled third-party readers

Networking protocols

Kisi controllers and readers will send messages over the local network using the User Datagram Protocol (UDP) port 62435 for accessing doors, updating state and more.

Important
  • Offline cache is always active, whether the reader is online or offline.
  • Offline cache works both with Wi-Fi and Ethernet connections, as long as the controllers and readers are on the same network. To verify that controllers and readers that share the same doors are on the same network, note their IP addresses and subnet mask. Calculate the network prefix of the IP addresses. For the devices to be on the same network, the prefixes must be identical.

Supported unlock methods

Status indicators

When no interaction is ongoing:

  • Blue (Reader Pro 1.0) / White (Reader Pro 2.0): the reader is ready to process an unlock (whether connected to the internet or not)
  • Red: the reader is offline and cannot reach the controller

When an access attempt is ongoing:

  • Blinking red: the credential presented cannot be authorized, either because the user does not have access (when the device is online), or because the user is not in the offline cache (when the device is offline)
  • Green: access granted

Offline cache on third-party readers

In the landlord scenario with mobile and physical credentials, access rights are cached on the controller, allowing offline accessibility. This caching process functions similarly to the reader. When a user unlocks a door using a legacy reader, Kisi will use these cached access rights before sending an unlock request to the legacy controller.

In this scenario, offline cache only covers unlocks with physical credentials.

Offline cache on the phone

When the controller is unable to re-establish a network connection for five minutes, it goes into offline mode. In offline mode, the controller, via the reader, receives authenticated unlock requests from the user's phone to authenticate with Kisi and unlock a door. This requires the phone to be online.

Prerequisites

  • A Kisi Controller and a Kisi Reader, on the same network
  • 4G/5G access
  • The Kisi mobile app on the latest version
Last updated on by KatalinH16