Skip to main content

Intrusion detection

Intrusion Detection is an integrated cloud-based solution that gives organizations a new dimension of control in their facilities. The synergy between Kisi's intrusion detection and access control functionalities minimizes manual alarm-related operations and reduces false positive alerts.

Intrusion Detection helps address two problems:

  1. Unauthorized entries: Intrusion detection will monitor, register and inform its alert subscriber about policy violations, e.g. when a door is forced open. Optionally, an output on the controller can be used to trigger a siren or alarm light.
  2. Secure door scheduling: If you don't want scheduled unlocks to start until the first unlock has taken place, you can assign doors to zones and define when schedules are allowed to activate. This solves the "Vacation/First to Arrive" problem, when you don't want your unlock schedule to start until the first user has arrived at your facility. To know more, check out the Door scheduled unlocks documentation.

Add a zone#

The Intrusion Detection functionality is based on the setup of zones with specific access policies that will apply when the zone is armed and will trigger specific events when certain actions take place.

In the Kisi dashboard, administrators will have a list with the status overview of the zones.

Zones status overview

They can also check the zone list in the mobile app.

Intrusion Detection Zone List Android
Intrusion Detection Zone List iOS

Create a new zone through the API, knowing your place_id:

curl '' \
-H 'Accept: application/json' \
-H 'Authorization: KISI-LOGIN {authentication_token}' \
-H 'Content-Type: application/json' \
--data-raw '{"zone":{"name":"New zone","arming_delay":300},"place_id":"8610"}'

When a zone is created, also an alert_policy is created. In the response of the previous call you will find an alert_policy_id that you will need later if you want to create an alert_policy_subscription.

Add a door#

Zones are composed of doors that can be exterior or interior to the zone. Doors requiring monitoring must have contact sensors installed and exterior ones must be equipped with Kisi readers. They can optionally add a siren that will be shared between the zone doors.

Add door

Once you have created your zone, you have your zone_id, and you need to know your lock_id to create the new lock through the API. The door can be exterior by setting interior to false, or interior by setting it to true. You'll need also the inbound_reader_ids.

curl '' \
-H 'Accept: application/json' \
-H 'Authorization: KISI-LOGIN {authentication_token}' \
-H 'Content-Type: application/json' \
--data-raw '{"zone_lock":{"lock_id":18824,"interior":false,"inbound_reader_ids":[12345]},"zone_id":126}'

Add alert policies subscribers#

Add the subscribers that will receive the notifications. Add the users' emails one by one, as in this example:

curl '{alert_policy_id}/subscriptions' \
-H 'Accept: application/json' \
-H 'Authorization: KISI-LOGIN {authentication_token}' \
-H 'Content-Type: application/json' \
--data-raw '{"alert_policy_subscription":{"email":"","send_email":true,"send_push_notification":true}}'

The alert_policy_id is the one you obtained when creating the zone.

Add alarm schedules#

Each zone will have an alarm schedule where administrators can set up policies (or alarm schedules) based on weekday and time. Each policy will have a default mode and, optionally, an override mode. If an override mode is defined, the default mode will be overridden after an authorized access to a reader of an exterior door.

Alarm schedule

Zones can be scheduled to be in one of three different modes, with security level ranging from lowest to the highest:

  • Disarm - the alarm is deactivated.
  • Stay - users with valid credentials are allowed to enter and stay in the facilities, and the zone state changes to policy violated in case of unauthorized zone entry.
  • Away - nobody allowed inside, including users with valid credentials, and the zone state changes to policy violated in case of opened door activity detected for any door, including the interior ones.

In the general settings of each zone, admins can configure a delay before the zone changes to an arming mode. This amount of time is called arming delay. When the system is scheduled to change to away mode, the siren will produce a warning sound to notify that it will switch to the away mode after the arming delay. This is a sign to the people still present in the facility to either leave or to make sure to override the mode by accessing an exterior door reader.

The minimum amount of time a policy can apply is 60 minutes. Override modes can last 60 or 120 minutes.

Add alarm schedule

When an override mode is added, users can add extra time to it by entering the zone through a specific exterior door. The extra time will always be 30 minutes, starting from the next 30 minutes aligned with the full hour. If the current interval has less than 15 minutes left, the extra time will be the sum of the remaining minutes plus the next 30 minutes.

The alarm schedules are internally named as zone_policies. To create a zone_policy through the API, you will need the zone_id and specify the mode, override_mode and time fields:

curl '' \
-H 'Accept: application/json' \
-H 'Authorization: KISI-LOGIN {authentication_token}' \
-H 'Content-Type: application/json' \
--data-raw '{"zone_policy":{"mode":"stay","starts_at_day":1,"starts_at_time":"10:00","ends_at_day":1,"ends_at_time":"11:00","override_mode":"disarmed","override_duration":3600},"zone_id":126}'

When a zone enters policy violated state, notifications are sent to chosen recipients and, if installed, an alarm siren is triggered. The notifications will be always shown in the dashboard interface and email or mobile notifications can be configured for each user.

When the default mode is overridden or when the alarm is triggered, administrators will have the option to reset the zone to the default mode.

Admins can reset to default mode from the zone list, through the web or through the mobile app.

Reset alarm
Intrusion Detection Android
Intrusion Detection iOS

The siren can be stopped by restoring the zone to its scheduled mode. While the zone is in policy violated state, authorized unlocks will be allowed regardless of the scheduled mode.

Activate Intrusion Detection#

Send a request to the zones endpoint passing the zone_id and setting the zone to enabled:

curl '{zone_id}' \
-X 'PUT' \
-H 'Accept: application/json' \
-H 'Authorization: KISI-LOGIN {authentication_token}' \
-H 'Content-Type: application/json' \
--data-raw '{"zone":{"enabled":true}}'