RFID Door Lock – The Right Way

[youtube=http://www.youtube.com/watch?v=XT7E_GEIPVg]

[Pcmofo] has shared a well-built, well-explained example of how to implement an RFID key system for a door. We call this the right way because it is well thought out and functional. In the past we’ve seen doors that unlock via a secret knock, keypads, and RFID, but they are all non-permanent solutions capable being transplanted from one door to another. Rather than building a mechanism to turn the door handle, this implementation uses an electric strike mounted in the framing of the door to allow access. These are used for security doors in buildings and are built to keep your door secure.

The hack in this case is the electronics. Using an AVR ATmega168 running the Arduino boot-loader, [pcmofo] has prototyped a two-part design. An RFID reader is mounted outside the door with data wires running to the inside where the microcontroller resides. A hard-coded RFID card is used as a “master” to train any number of tags for entry. The master puts the device in training mode and the next tag to be read is added to the list of tags authorized to open the door.

We like messy wires and quickly thrown together devices but this is built to last and will look great once mounted in an appropriate enclosure.

40 thoughts on “RFID Door Lock – The Right Way

  1. I agree with Mike’s comment about this being done the “right” way. the OP thought ahead and planned well, so much that this could easily be developed into a simple-to-install kit for just about any diy’er.

  2. I’m always a bit troubled by electric locks. This one requires current to open.
    What is there is no power? You’ll be fucked. Power outage, a water leak, a fire. there are all kinds of reasons when an electric lock will not do.

    How do they handle that in office buildings?

          1. In buildings that use extensive locking systems without hardkey bypass, each lock is independently connected to a battery. Premade keys (“Failsafe” or “Level 4”) will operate locks based on duration rather than current date during an outage. In the event of dead batteries in an “electronic only” building, then “Alternative means” are employed to open the door.

  3. I like the RFID implementation. And very good point about isolating the RFID reader from the control circuit to avoid someone shorting the reader.

    That being said, what happens if, for some reason, the circuit or code fails, and you can no longer read the RFID tag? Or the power to the striker gets cut? How is this better than using a servo to unlock the deadbolt? That method is both Fail-Secure and Fail-AvoidKickingDownTheDoor.

  4. This type of RFID is not secure. The strike plate replaces an existing strike plate. There is currently a normal lock and a dead bolt. The RFID is simply a convenance measure and is no more secure than a normal lock. You can override the RFID by simply using a key on the door. Security is really a deterrent as nothing is completely secure. This RFID circuit can be used on a number of other more secure locks or locations. The primary goal of this circuit and installation was to create easier access for myself and friends who may need to access my garage. The Reader will be mounted near the handle so a RFID card in my front pocket wallet will allow me to unlock and Push open the door while carrying something in my hands.

    I am trying to make a prototype PCB next before having one professionally made. I can make the reader fairly easy, still working on the controller layout though.

    This is the door to my garage brewery. It is where I am working on my current project involving beer + electronics. But its not quite done yet so more on that later.

    If you like my project vote for it this week at instructables!

  5. Dennis: Wherever there’s an electric lock, there’s always a keyed lock that will get you in if the power fails. In the case of electric strikes, the lockset still operates like normal — just use the key to retract the latchbolt, instead of using electricity to open the strike.

    JohnnyTToxic: I’d imagine they’d be pretty difficult to force open. You’re probably more likely to destroy the door frame. It’s often possible to retract the deadlatch with a screwdriver when there’s an electric strike, because the electric strike has play in it that allows the deadlatch to fall into the strike. In the video above, though, the door opens inward, which means you can’t get at the deadlatch bolt from the outside, so it’s not a problem.

    More info on deadlatches: http://www.ehow.com/how_5131900_check-deadlatch-feature-lock.html

  6. Maroc: I listed the cost of everything with links on the instructable. The electronics cost less than $20 for everything BUT the RFID reader which is 30-35$ depending on which one you get. And the door lock which is less than $20 on ebay. Total this project is less than $75 which is less than most electronic door locks you can buy and can work with existing lock setups without needing to replace the entire lock.

    Ozzi: your right about the latch. Your going to need to kick down the door to get around this, which I’m sure you could do with any other lock. But like I said, this could be used with any type of lock, it could replace a safe lock, you could use it to control motorized deadbolts etc. Modify what I have done and make it better! Thats half the fun.

  7. The only thing I’d say needs to be done differently is to only allow new cards to be entered to the system from a different reader that’s physically access-controlled. Otherwise, the master can be easily cloned and any RFID tag can be made to work with this system.

  8. ax0n: I haven’t watched the whole video, so I’m not sure if this is addressed, but you don’t need a different reader for that — just keep the master card secure and only carry a regular access card with you. Your access card can still be cloned, but that’s a whole other problem with RFID in general.

  9. ax0n. This type of RFID card is not secure, having a reader on the inside to read and validate cards so that the master card is not cloned will not prevent anyone from cloning another users card. The master card can be kept in a safe place so it is not out in the open to be cloned. I am using a second card as a master erase to erase all of the stored codes in the event someone loses a key etc. There is no easy way to manually delete cards from the system individually.

    Then again I could add a networking adaptor and have a server record all ID’s and users names in a DB then be able to selectively delete users or limit access time and log everything…. but then again thats far outside the scope of this project. Maybe in the future. Currently making the RFID more secure adds no value to the project as the physical structure is still the weakest point.

    As I said before, this project could easily be adapted to many other projects. I wrote the code to handle error checking and validation of the RFID cards so their were no transmission errors etc. You can easily modify my code to make the system do whatever you want when a valid card is read.

    I plan on doing more RFID based projects so their is a chance this will be enhanced in the future. For now I think this would be both a fun and useful project for most people.

  10. the electric strikes come in a vast array of styles, strengths, voltages (12 and 24 most common), and are available ‘fail safe’ and ‘fail secure;’ the fail safe mode allows the latch to open by pulling or pushing on the door, ‘fail secure’ means you’re going to need a key.

  11. Dennis – fail-secure is preferred in places where you want this to actually protect stuff, especially if you can still egress from the inside quickly if needed.

    At a former employer, we were hiring a “security” company to install the HID badge system, door locks, etc. Initially they were all proud of their recommendation to install a system that would just fail open if the power went out, claiming safety. I asked what would happen if the system lost power (breaker tripped, bad power supply, lost utility power, etc) and could I then just walk up and open the door. It took a minute for it to sink in why that might be a bad thing, especially when a fail-secure system can still be opened from the inside with a knob in case of emergency, you just can’t get back in without a physical key.

  12. Depending on the access (public vs private/employee only)fail secure is not legal(by code not law) in many states if the door is designated for public use.Doors designated for private/employee access can in most cases be configured fail secure.I like this little project it does wonders to de-mystify the big bad world of security/rfid.As one who works on these kinds of systems it is really cool to see somebody homebrew one (sorry couldn’t resist)

  13. It’s nice that some readers have good ole’ serial output (no USB fancy). More possibilities to automate the cat flap one day, my beast is already chipped anyway. However there’s no word about range; I would need at least 50 cm.

  14. Great hack! I like it. Does anyone know of a deadbolt or knob that could be unlocked electrically from the door side? (Instead of the jamb side) I’d like to build this controller and use it to unlock multiple doors. (for more than 5 seconds)

  15. Either way its not secure. Someone could walk up rip it off the wall figure out which is the serial line and plug it into a computer via a max232 chip and brute force it. Not much work on the users part.

  16. The hole in the wall will be cut out larger for a 2-gang electrical box to house the reader.

    Range of the ID-20 is about 4-5cm… the ID-12 is less I am sure but I havent tested it yet.

    Their are plenty of electric deadbolts sold by Kwikset etc. Many have numeric keypads for entry. I am not sure about just the motorized deadbolt itself. You can program the length the door stays open or anything else very easily openDoor(seconds);

    Yes no matter what I do short of reenforcing the door this is not going to be secure. It does not make it any less secure than a standard deadbolt. Picking the lock and brute forcing the serial connection are equal. Then again I could easily add brute force protection making a user wait 1 minute after swiping 5 invalid cards and locking them out longer each time additional invalid cards are swiped…. or connect a security camera that sends me a picture when an invalid card is entered…. etc etc….

    Yes I called the transistor a transformer….. I shot the entire footage on the iPhone and edited it on the iphone and uploaded it to youtube via the iPhone so I missed that error. I think the schematic and other details covers this mistake as no one will be building this circuit from the video explanation alone.

    Thanks everyone for the positive comments!

  17. This looks really well done, the status LED is great.

    Forcing it open isn’t that big of an issue, there normally pretty hefty, your much more likely to break the door, lock itself, or door jamb before that would let go.

    There are two different ways to wire an electric strike like that, either NO (normally open) or NC (normally closed). That way either it will open when power is applied, or when power is removed. Depending on the situation you would want it to keep locked or come unlock on when power is removed. In this situation you would much rather have it stay locked and just use your keys than have it just unlock.

  18. Thats funny Josh, I have that exact same one I have played with. It works great but it is a one trick pony. I think my RFID reader has a Card Present signal I still want to play with so that I can use RFID to dispense beer.

  19. Since the serial wires are accessible (By force) from the outside, would it be possible for someone to rig up a laptop to brute force the lock open? Simply asking for curiosity. The time it would take I’m sure would exceed the actual practice of someone trying, unless your on vacation and in an apartment complex where people don’t ask questions..

  20. Yes the single serial wire is accessible from the outside (of the garage door) Something needs to be accessible from the outside to get the data inside to the controller. It would not be that hard to brute force the signal because the reader is sending 10 BYTES of ASCII data with 2 BYTES of ASCII checksum. I assume you would be limited to how fast the arduino could process the requests but like I said before you could add code to prevent brute force attacks.

  21. I have developed a prototype along the same lines for my motorcycle. It is to be wired to a relay that replaces the normal ignition, and is wired to the run/stop switch.

    The reader us to be mounted under the seat, with a tag in your wallet.

    Get on the bikes, flip the switch to run, this enables the reader. It then looks for a card. If found, and valid, it trips the ignition relay and the ‘key’ is in and on. As soon as the run/stop switch is moved to stop, the ignition relay is turned off.

  22. I love your project, just wish I could understand the code. I have worked in electronics all my life but have just started to learn Arduino. Could you tell me where I might be able to find some information on the code part of your project? I need to understand enough to be able to maintain the code and the project as a whole. I would love to put one of these on my garage.

    Thank you for an interesting and well informed project.

Leave a Reply

Please be kind and respectful to help make the comments section excellent. (Comment Policy)

This site uses Akismet to reduce spam. Learn how your comment data is processed.