Controlling an action performed by an access control device

By reading identifiers from credential carriers and evaluating override data for validity, the access control device dynamically adjusts access control actions, addressing the inflexibility of fixed systems and ensuring robust security.

WO2026131989A1PCT designated stage Publication Date: 2026-06-25ASSA ABLOY AB

Patent Information

Authority / Receiving Office
WO · WO
Patent Type
Applications
Current Assignee / Owner
ASSA ABLOY AB
Filing Date
2025-12-17
Publication Date
2026-06-25

Smart Images

  • Figure EP2025087626_25062026_PF_FP_ABST
    Figure EP2025087626_25062026_PF_FP_ABST
Patent Text Reader

Abstract

It is provided a method for controlling an action performed by an access control device (12). The method is performed by the access control device (12). The method comprises: reading (40) at least one identifier from a credential carrier (2) over a short-range communication (4), the credential carrier (2) also comprising a credential data item (11); obtaining (42) an override data (10) item associated with the identifier; and performing (44), in response to the obtaining the override data item, at least one override action indicated by the override data item (10).
Need to check novelty before this filing date? Find Prior Art

Description

CONTROLLING AN ACTION PERFORMED BY AN ACCESS CONTROL DEVICETECHNICAL FIELD

[0001] The present disclosure relates to the field of access control devices, and in particular to controlling an action performed by an access control device.BACKGROUND

[0002] Access control systems are commonly used in various environments to regulate entry to secure areas or to control access to specific resources. These systems often rely on credential carriers such as contactless cards, NFC-enabled smartphones, or similar devices. A credential carrier typically stores one or more credential data items, such as unique identifiers, or encrypted access rights, which are used by an access control device to determine whether to grant or deny access.

[0003] The credential data can be read from the carrier via short-range communication technologies such as RFID (radio frequency identification), NFC (nearfield communication), or Bluetooth. The access control device then performs an action based on the credential data, such as unlocking a door, configuring the access control device, etc.

[0004] However, existing systems often operate in a fixed manner, where actions are strictly tied to predefined credential data. While effective for basic use cases, this rigidity can pose challenges in scenarios requiring dynamic or context-specific behaviour. Such challenges may arise in multi-user environments, where access conditions might depend on external inputs or need to adapt to changing circumstances.SUMMARY

[0005] One object is to improve flexibility in defining an action performed by an access control device based on communication with a credential carrier.

[0006] According to a first aspect, it is provided a method for controlling an action performed by an access control device, the method being performed by the access control device. The method comprises: reading at least one identifier from a credentialcarrier over a short-range communication, the credential carrier also comprising a credential data item; obtaining an override data item associated with the identifier; evaluating the override data to determine if the override data is valid by comparing times at which the override data item and the credential data item were generated; and performing, in response to the obtaining the override data item, at least one override action indicated by the override data item in response to the override data item being generated after the credential data item.

[0007] The method may further comprise: performing at least one carrier action indicated by the credential data item in response to no valid override item associated with the identifier being obtained. In this case, one or more iterations of the method can result in the override action indicated by the override data item being performed, while one or more iterations of the method can result in the carrier action indicated by the credential data item being performed. In other words, in this embodiment, the method can be repeated, and in each iteration of the method, it is determined, based on whether a valid override data item is obtained, to perform the override action indicated by the override data item (when a valid override data item is obtained) or to perform the carrier action indicated by the credential data item being performed (when no valid override data item is obtained).

[0008] The obtaining the override data item may comprise requesting the override data item from an upstream node based on the at least one identifier.

[0009] The obtaining the override data item may comprise reading override data item from internal memory of the access control device, based on the at least one identifier.

[0010] The at least one identifier may comprise an identifier of the credential carrier.

[0011] The at least one identifier may comprise a group identifier that is common for a plurality of credential carriers.

[0012] The method may further comprise: writing data corresponding to the override data item to the credential carrier.

[0013] The at least one override action may be performed conditional on a validity time of the override data item not having expired.

[0014] The method may further comprise: abstaining, in response to the obtaining the override data item, from performing an action indicated by the credential data item.

[0015] The override data item may comprise an indicator that the credential data item should be considered. In this case, the method further comprises: performing, in response to the indicator that the credential data item should be considered, at least one carrier action indicated by the credential data item.

[0016] The override data item may cause the access control device to perform an unlock.

[0017] The override data item may cause a configuration change in the access control device.

[0018] According to a second aspect, it is provided an access control device for controlling an action performed by the access control device. The access control device comprises: processing circuitry; and memory circuitry storing instructions that, when executed by the processing circuitry, cause the access control device to: read at least one identifier from a credential carrier over a short-range communication, the credential carrier also comprising a credential data item; obtain an override data item associated with the identifier; evaluate the override data to determine if the override data is valid by comparing times at which the override data item and the credential data item were generated and perform, in response to the obtaining the override data item, at least one override action indicated by the override data item in response to the override data item being generated after the credential data item.

[0019] According to a third aspect, it is provided a computer program for controlling an action performed by an access control device. The computer program comprises computer program code which, when executed on the access control device causes the access control device to: read at least one identifier from a credential carrier over a short-range communication, the credential carrier also comprising a credential data item; obtain an override data item associated with the identifier; and evaluate theoverride data to determine if the override data is valid by comparing times at which the override data item and the credential data item were generated perform, in response to the obtaining the override data item, at least one override action indicated by the override data item in response to the override data item being generated after the credential data item.

[0020] According to a fourth aspect, it is provided a computer program product comprising a computer program according to the third aspect and a computer readable means comprising non-transitory memory in which the computer program is stored.

[0021] Generally, all terms used in the claims are to be interpreted according to their ordinary meaning in the technical field, unless explicitly defined otherwise herein. All references to "a / an / the element, apparatus, component, means, step, etc." are to be interpreted openly as referring to at least one instance of the element, apparatus, component, means, step, etc., unless explicitly stated otherwise. The steps of any method disclosed herein do not have to be performed in the exact order disclosed, unless explicitly stated.BRIEF DESCRIPTION OF THE DRAWINGS

[0022] Aspects and embodiments are now described, by way of example, with reference to the accompanying drawings, in which:

[0023] Fig. 1 is a schematic diagram illustrating an environment in which embodiments of the invention can be implemented;

[0024] Figs 2A-C are swimlane diagrams illustrating embodiments of methods for controlling an action performed by an access control device;

[0025] Fig 3 is a schematic diagram illustrating components of the access control device of Fig 1 and Figs 2A-C; and

[0026] Fig 4 shows one example of a computer program product comprising computer readable means.DETAILED DESCRIPTION

[0027] The aspects of the present disclosure will now be described more fully hereinafter with reference to the accompanying drawings, in which certain embodiments of the invention are shown. These aspects may, however, be embodied in many different forms and should not be construed as limiting; rather, these embodiments are provided by way of example so that this disclosure will be thorough and complete, and to fully convey the scope of all aspects of invention to those skilled in the art. Like numbers refer to like elements throughout the description.

[0028] According to embodiments presented herein, it is provided a way for overriding credential data provided on a credential carrier. Specifically, the access control device reads one or more identifiers from the credential carrier and checks whether there is any override data associated with the identifier (s). If so, the override data is used instead (or in addition to) the credential data on the credential carrier. The override data can e.g. be used to allow access, to deny access, to configure the access control device, etc. In this way, it is provided a flexible and simple way to override the credential data on the carrier to control actions performed by the access control device when the credential carrier is provided.

[0029] Fig. 1 is a schematic diagram illustrating an environment in which embodiments of the invention can be implemented. Access to a restricted physical space 16 is controlled by an openable physical barrier 15, which can be selectively unlocked. The physical barrier 15 separates the restricted physical space 16 from an accessible physical space 14. It should be noted that while the accessible physical space 14 is accessible relative to the barrier 15; the accessible physical space 14 may itself be a restricted space in other contexts. The physical barrier 15 can be implemented as a door, gate, hatch, cabinet door, drawer, window, or similar structure. To control access to the restricted physical space 16, an access control device 12 is provided. The access control device 12 comprises an electronically controllable lock for implementing selective locking and unlocking. The access control device is operable to transition between a locked state and an unlocked state. In the locked state, the physical barrier 15 is secured, preventing entry into the restricted space 16. When in the unlocked state, the physical barrier 15 can be opened, allowing access to the restricted space. The lock device 12 maybe provided mounted to the physical barrier 15, as shown in Fig 1, or the access control device can be mounted to a structure 17 surrounding the physical barrier 15, not shown.

[0030] A user 5 is shown carrying a credential carrier 2, which can act as an electronic key. The credential carrier 2 enables communication with the lock device 12 via short-range communication channel 4, e.g. based on RFID, NFC, Bluetooth, etc. The credential carrier 2 may take various forms, including a contactless card, NFC-enabled smartphone, key fob, or hybrid mechanical / electronic key. In conventional operation, the access control device 12 reads a credential data item from the credential carrier 2, and evaluates whether to grant access based on the credential data item. For instance, the credential data item can be an encrypted or cryptographically signed set of data comprising an indication that the access control device 12 is to unlock.

[0031] The access control device 12 can communicate with a backend device 7, which can be a backend server or similar. The communication between the access control device 12 and the backend device 7 can be based on wired communication e.g. via Ethernet and / or wireless communication, e.g. via Wi-Fi. Alternatively, the access control device 12 communicates via a gateway device 6. When provided, the gateway device can communicate with one or more access control devices 12 over a short-range wireless interface, such as Bluetooth or Zigbee, on one end, and with the backend device 7 via e.g. Wi-Fi or Ethernet on the other end. The gateway 6 and / or the backend device 7 can contain memory, where override data items can be stored.

[0032] According to embodiments presented herein, the access control device 12 reads one or more identifiers from the credential carrier 2. The identifier(s) can e.g. comprise any one or more of an identifier of the credential carrier 2, an identifier of the user 5, and a group identifier. Depending on the identifier(s) obtained from the credential carrier 2, the lock device 12 checks whether there is an override data. The override data item can be item from the gateway 6, the backend device 7, or from internal memory of the access control device 12. Both the gateway 6 and the backend device 7 are located upstream from the access control device 12, whereby these are collectively referred to as an upstream node.

[0033] When a valid override data item is obtained, the access control device 12 performs at least one override action that is indicated in the override data item. Such an override actin can e.g. be to unlock the barrier 15, to deny access, or to apply a specific configuration to the access control device.

[0034] It is to be noted that while Fig. 1 depicts a single user 5 with a single credential carrier 2, the system may accommodate multiple users, each carrying a respective credential carrier.

[0035] Figs 2A-C are swimlane diagrams illustrating embodiments of methods for controlling an action performed by an access control device 12. The swimlane diagrams can be considered to comprise a flow chart for methods in the gateway 6 or the backend device 7 on the left and a flow chart for methods in the access control device 12 in the middle and a flow chart for methods in the credential carrier 2 on the right. Selected communication between the various entities is also shown. As mentioned above, either one of the gateway 6 or the backend device 7 can be referred to as an upstream node.

[0036] First, embodiment illustrated by Fig 2A will be described.

[0037] In a store override data step 140, the gateway 6 or the backend device 7 stores override data. When stored in the gateway 6, the backend device 7 can provide the override data e.g. over MQTT (message queue telemetry transport), for a reliable yet bandwidth-efficient transfer. The override data is associated with one or more identifiers and can contain information or instructions specific to individual users or groups of users. The override data item can be configured by operational personnel according to any preferred scenario. The override data item can be stored in the gateway 6 which is topologically close to the access control device 12, reducing any latency when the override data item is requested by the access control device 12. Alternatively, the override data item can be stored in the backend device 7, whereby the override data item does not need to be propagated to any other device.

[0038] In a read identifier(s) step 40, the access control device 12 reads at least one identifier from a credential carrier 2 over a short-range communication 4, which is provided by the credential carrier 2 in a provide identifier(s) step 240. The credentialcarrier 2 can also comprise a credential data item 11. By reading the identifier(s) from the credential carrier 2 over short-range communication, a reliable localisation of the credential carrier 2 to the vicinity of the access control device 12 is achieved. Moreover, the short-range communication provides secure and localised transmission, reducing the risk of unauthorised access or interception. Optionally, the access control device 12 also reads the credential data item 11 from the credential carrier 2 in conjunction with reading the identifier. In this way, the credential data item 11 is available in the access control device 12, regardless of whether an override is to be performed, which might not be known at this point in time. The credential data item 11 is then available in local storage of the access control device 12, if needed, for the perform carrier action step 48 (see below). Moreover, by reading the credential data item 11 at this point in time, the risk is reduced of the user needing to present the credential carrier 2 again for provision of the credential data item 11 if the check for an override data item takes time and the credential data item 11 is needed at a later point.

[0039] The at least one identifier may comprise an identifier of the credential carrier 2, and / or the user 5 carrying the credential carrier 2. For instance, the identifier can be a UID (unique identifier), which is a practically unique identifier that is written to the credential carrier 2 during manufacture and cannot typically be changed. The at least one identifier may alternatively or additionally comprise a group identifier that is common for a plurality of credential carriers 2. Group identifiers enable efficient management of access rights for multiple credential carriers, such as granting temporary access to a shared space for a predefined group of users, such as employees of a company, a role (e.g. emergency personnel), people of the same reservation in a hotel (e.g. a family), etc.

[0040] One or more of the identifiers can be read as an identifier of the credential carrier 2, being separate from the credential data item 11. Alternatively or additionally, one or more of the identifiers can be extracted from the credential data item 11. The credential data item 11 may (or might not) need to be decrypted to be able to extract the one or more identifiers. This can be a flexible way to include a group identifier in a format that is readable by the access control device 12. Optionally, also an identifierassociated with the credential carrier 2 and / or the user can form part of the credential data item 11.

[0041] In an obtain override data step 42, the access control device 12 obtains an override data 10 item associated with the identifier. This may comprise sending a request 9 to the upstream node 6, 7 requesting the override data item 10, based on the at least one identifier. In other words, the request 9 for override data to the upstream node 6, 7 can comprise the at least one identifier. The upstream node 6, 7 responds with the override data 10 by performing a provide override data step 142. By obtaining the override data from the upstream node 6, 7, the upstream node can store override data that is applicable for multiple access control devices 12 and / or multiple identifiers. Moreover, the upstream node 6, 7 might have more storage available than the access control device 12.

[0042] In an optional conditional valid override data step 43, the access control device 12 evaluates the override data to determine if the override data is valid. One way to check validity is by comparing the times at which the override data item 10 and the credential data item 11 were generated, e.g., by checking a timestamp indicating the generation of the override data item (10) against a timestamp indicating the generation of the credential data item (11). When the override data item 10 has been generated after the credential data item 11, this indicates that the override data item is valid. Conversely, when the override data item 10 has been generated before the credential data item 11, this indicates that the credential data item is newer and supersedes the (now obsolete) override data item. Alternatively or additionally, the validity is checked by ensuring that a validity time of the override data 10 has not expired. For instance, the validity time of the override data item 10 (with a time stamp that is later than the timestamp of the credential data item 11) might be valid for only 15 minutes. During this time, the override data item 10 overrides the credential data item 11. However, after the validity time of override data item 10 has expired, the credential data item 11 is the only valid data item even if its timestamp is before the timestamp of the override data item 10. Optionally, the validity of the override data item is checked by the upstream node 6, 7. In this case, the request can comprise the credential data item or at least a timestamp indicating when the credential data item was generated.

[0043] By comparing the timestamps of the override data item 10 and the credential data item n, the access-control decision reflects the most up to date security state of the system. More specifically, comparing the generation timestamps of the credential data item and the override data item enables efficient and effective revocation of stale or compromised credentials. Consider a case where a credential was cloned or stolen, which is reported and the permissions of the credential is subsequently removed in an override data item. The newer override record immediately blocks use of the older credential data, preventing unauthorised entry. Moreover, the timestamp comparison provides an unambiguous, machine-implementable rule for selecting which of two potentially conflicting data items (credential vs. override) is the valid data item, thereby eliminating inconsistent credential states.

[0044] If the override data is valid, the method proceeds to a perform override action step 44. Otherwise, the method proceeds to a perform carrier action step 48.

[0045] In the perform override action step 44, the access control device 12 performs at least one override action indicated by the override data item 10. The override data item can, for example, cause the access control device to perform an unlock or deny access. Alternatively or additionally, the override data item can cause a configuration change to be applied in the access control device 12. For instance, the override data item could instruct the device to modify its operational settings, such as how long to be in an unlocked state after opening, changing access schedules, enabling additional security features, or switching operational modes.

[0046] In an optional abstain from credential action step 46, the access control device 12 abstains, in response to obtaining the override data item, from performing an action indicated by the credential data item. This ensures that the override data takes precedence, allowing the system to prevent potentially incorrect or unauthorised actions derived from credential data reflected in the credential data item. It is to be noted that this step does not need to involve any action being performed by the access control device 12, as long as the access control device 12 does not perform any action indicated by the credential data item.

[0047] In an optional write override data to carrier step 49, the access control device 12 writes data corresponding to the override data item to the credential carrier. In this way. The carrier is up-to-date with the latest valid override data, preventing stale and invalid carrier data from being provided to any access control devices. This enables a distributed update mechanism, reducing reliance on network availability for access decisions at other access control devices. Furthermore, writing the override data to the credential carrier can allow subsequent access control devices to evaluate or verify the override state locally, even in the absence of a reliable connection to an upstream node, i.e. when such an access control device is in an offline state. In systems where access control devices are deployed across sites with limited connectivity, this mechanism improves system robustness by synchronising relevant security information directly at the point of interaction.

[0048] It is to be noted that the write override data to carrier step 49 can also be deployed to any other embodiment, including those illustrated by Fig 2B and Fig 2C, even though this step is not shown there.

[0049] In the optional perform credential action step 48, the access control device 12 performing at least one carrier action indicated by the credential data item. The credential data item could have been received in the read identifier(s) step 40 or could be requested and received in a separate step (not shown).

[0050] The method can be repeated for each credential carrier that is presented to the access control device 12.

[0051] Looking now to Fig 2B, only new or modified steps compared to embodiments covered by Fig 2A are described.

[0052] In an optional credential data indicator step 45, after the perform override action step 44, the access control device 12 evaluates whether there is an indicator that the credential data item should be considered. This indicator can form part of the override data. Alternatively, the indicator can be a configuration for the access control device 12. When there is an indicator that the credential data item should be considered,the method proceeds to the perform credential action step 48. Otherwise, the method proceeds to the abstainfrom credential action step 46.

[0053] Using embodiments illustrated by Fig 2B, it is possible for an operator to define whether the override action(s) should replace any credential actions, or whether the override action(s) should be performed in addition to the credential actions.

[0054] Looking now to Fig 2C, only new or modified steps compared to embodiments covered by Fig 2A are described.

[0055] In this embodiment, the upstream node 6, 7 provides the override data item 10 to the access control device 12 in a provide override data step 142. The access control device 12 then stores the override data item 10 in a store override data step 38. This can occur at any time, far in advance or just before, prior to the read identifier(s) step 40. In this way, the override data item 10 is pre-stored in the access control device 12 ahead of the credential carrier 2 being presented to the access control device 12.

[0056] In this case, the obtain override data step 42 comprises reading override data item 10 from internal memory of the access control device 12, based on the at least one identifier.

[0057] In embodiments covered illustrated by Fig 2C, the override data is pushed down to the access control device 12, making the override data available locally when the credential carrier 2 approaches the access control device 12. This reduces latency and reliance on communication ability at the time that the credential carrier 2 approaches the access control device 12.

[0058] Using embodiments illustrated by Figs 2A-C, it is possible to manage access dynamically and flexibly, enabling quick updates to override permissions without requiring changes to the credential carriers themselves. For example, access rights can be revoked or modified by updating the override data, rather than reissuing new credentials.

[0059] A few examples illustrating how override data items can be used are now presented.

[0060] In one example, consider a hotel where an elderly person forgot to bring their sunglasses when intending to go out. A bell boy could then go up to the room and get the sunglasses. However, the bell boy should only temporarily be able to have access to the room. In this case, an override data item can be created that is associated with an identifier of the key card (being a credential carrier), with a validity period of 15 minutes. The override data item defines an unlock action for the access control device of the room. The override data item is then stored in the upstream node 6, 7 (or potentially in the access control device 12). The override data item does not need to be stored on the key card of the bell boy, so the bell boy can immediately run up to the room while personnel at the desk configures the override data item.

[0061] In another example, consider a hotel where a guest has behaved poorly in the spa area. The personnel would like to prevent the guest from entering the spa area, but still allow the guest to enter their room. In this case, personnel can create an override data item that is associated with an identifier of the keycard or smartphone key app of the guest, where the override data item defines that the access control device controlling access to the spa area should deny access for the identifier associated with the keycard or smartphone key app. This override data item is then stored in the upstream node 6, 7 (or potentially in the access control device 12). Again, the override data item does not need to be stored on the credential carrier of the guest, allowing personnel to implement the denied access to the spa without requiring that the physical credential carrier of the guest is presented to the personnel.

[0062] In another example, consider a multi-company shared office facility, where a group of credential carriers associated with a tenant company has booked a conference room. The personnel can then define an override data item that reconfigures the access control device to stay unlocked for two minutes after each unlocking event, e.g. to accommodate some people of the tenant company being in wheelchairs. The override data item can be associated with a group identifier stored on the keycards of the employees of the tenant company, and the override data item is stored in the upstream node 6, 7 or in the access control device 12. When an employee of the tenant company arrives at the access control device of the conference room, the configuration of the override data item is applied, and the override data item can be removed. In this case,actions defined by the credential data item of the credential carrier are also performed by the access control device, e.g. to unlock the access control device.

[0063] In another example, consider an access control system for senior care. If an alarm is triggered, this requires that emergency help personnel (e.g. medical personnel, police, etc.) is provided with access to the space of the senior person that triggered the alarm. An operator of the access control system receives the alarm, and an override data item, for unlocking the access control device for the space of the senior person, can be configured for the credential carrier of the emergency personnel or for a group identifier that is included on credential carriers of emergency personnel. The override data item is made available for the access control device. When the emergency personnel arrive, the identifier of the credential carrier 2 or of the group is used to find the override data item, causing the access control device to unlock.

[0064] Fig 3 is a schematic diagram illustrating components of the access control device 12 of Fig 1 and Figs 2A-C. Processing circuitry 60 is provided using any combination of one or more of a suitable central processing unit (CPU), graphics processing unit (GPU), multiprocessor, neural processing unit (NPU), microcontroller, digital signal processor (DSP), etc., capable of executing software instructions 67 stored in memory circuitry 64, which can thus be a computer program product. The processing circuitry 60 could alternatively be implemented using an application specific integrated circuit (ASIC), field programmable gate array (FPGA), etc. The processing circuitry 60 can be configured to execute the method described with reference to Figs 2A-C above.

[0065] The memory circuitry 64 can be any combination of random-access memory (RAM) and / or read-only memory (ROM). The memory circuitry 64 also comprises non- transitory persistent storage, which, for example, can be any single one or combination of magnetic memory, optical memory, solid-state memory or even remotely mounted memory.

[0066] A data memory 66 is also provided for reading and / or storing data during execution of software instructions in the processing circuitry 60. The data memory 66 can be any combination of RAM and / or ROM.

[0067] The access control device further comprises an 1 / O interface 62 for communicating with external and / or internal entities. Optionally, the I / O interface 62 also includes a user interface.

[0068] Other components of the access control device 12 are omitted in order not to obscure the concepts presented herein.

[0069] Fig 4 shows one example of a computer program product 90 comprising computer readable means. On this computer readable means, a computer program 91 can be stored in a non-transitory memory. The computer program can cause processing circuitry to execute a method according to embodiments described herein. In this example, the computer program product 90 is in the form of a removable solid-state memory, e.g. a Universal Serial Bus (USB) drive. As explained above, the computer program product could also be embodied in a memory of a device, such as the computer program product 64 of Fig 3. While the computer program 91 is here schematically shown as a section of the removable solid-state memory, the computer program can be stored in any way which is suitable for the computer program product, such as another type of removable solid-state memory, or an optical disc, such as a CD (compact disc), a DVD (digital versatile disc) or a Blu-Ray disc.

[0070] Here now follows a set of enumerated embodiments from a complementing perspective.

[0071] 1. A method for controlling an action performed by an access control device, the method being performed by the access control device, the method comprising: reading at least one identifier from a credential carrier over a short-range communication, the credential carrier also comprising a credential data item; obtaining an override data item associated with the identifier; and performing, based on the obtaining the override data item, at least one override action indicated by the override data item.

[0072] 2. The method according to embodiment 1, further comprising: performing at least one carrier action indicated by the credential data item based on no valid override item associated with the identifier being obtained.

[0073] 3. The method according to embodiment 1 or 2, wherein the obtaining the override data item comprises requesting the override data item from an upstream node based on the at least one identifier.

[0074] 4. The method according to embodiment 1 or 2, wherein the obtaining the override data item comprises reading override data item from internal memory of the access control device, based on the at least one identifier.

[0075] 5. The method according to any one of the preceding embodiments, wherein the at least one identifier comprises an identifier of the credential carrier.

[0076] 6. The method according to any one of the preceding embodiments, wherein the at least one identifier comprises a group identifier that is common for a plurality of credential carriers.

[0077] 7. The method according to any one of the preceding embodiments, wherein the performing the at least one override action comprises performing the at least one override action based on the override data item being generated after the credential data item.

[0078] 8. The method according to any one of the preceding embodiments, further comprising: abstaining, based on the obtaining the override data item, from performing an action indicated by the credential data item.

[0079] 9. The method according to any one of embodiments 1 to 7, wherein the override data item comprises an indicator that the credential data item should be considered, wherein the method further comprises: performing, based on the indicator that the credential data item should be considered, at least one carrier action indicated by the credential data item.

[0080] 10. The method according to any one of the preceding embodiments, wherein the override data item causes the access control device to perform an unlock.

[0081] 11. The method according to any one of the preceding embodiments, wherein the override data item causes a configuration change in the access control device.

[0082] 12. An access control device for controlling an action performed by the access control device, the access control device comprising: processing circuitry; and memory circuitry storing instructions that, when executed by the processing circuitry, cause the access control device to: read at least one identifier from a credential carrier over a short-range communication, the credential carrier also comprising a credential data item; obtain an override data item associated with the identifier; and perform, based on the obtaining the override data item, at least one override action indicated by the override data item.

[0083] 13. A computer program for controlling an action performed by an access control device, the computer program comprising computer program code which, when executed on the access control device causes the access control device to: read at least one identifier from a credential carrier over a short-range communication, the credential carrier also comprising a credential data item; obtain an override data item associated with the identifier; and perform, based on the obtaining the override data item, at least one override action indicated by the override data item.

[0084] 14. A computer program product comprising a computer program according to embodiment 13 and a computer readable means comprising non-transitory memory in which the computer program is stored.

[0085] The aspects of the present disclosure have mainly been described above with reference to a few embodiments. However, as is readily appreciated by a person skilled in the art, other embodiments than the ones disclosed above are equally possible withinthe scope of the invention, as defined by the appended patent claims. Thus, while various aspects and embodiments have been disclosed herein, other aspects and embodiments will be apparent to those skilled in the art. The various aspects and embodiments disclosed herein are for purposes of illustration and are not intended to be limiting, with the true scope being indicated by the following claims.

Claims

CLAIMS1. A method for controlling an action performed by an access control device (12), the method being performed by the access control device (12), the method comprising: reading (40) at least one identifier from a credential carrier (2) over a short-range communication (4), the credential carrier (2) also comprising a credential data item (n); obtaining (42) an override data (10) item associated with the identifier; evaluating (43) the override data to determine if the override data is valid by comparing times at which the override data item (10) and the credential data item (11) were generated; and performing (44), in response to the obtaining the override data item, at least one override action indicated by the override data item (10) in response to the override data item (10) being generated after the credential data item (11).

2. The method according to claim 1, further comprising: performing (48) at least one carrier action indicated by the credential data item in response to no valid override item associated with the identifier being obtained.

3. The method according to claim 1 or 2, wherein the obtaining (42) the override data item (10) comprises requesting the override data item (10) from an upstream node (6, 7) based on the at least one identifier.

4. The method according to claim 1 or 2, wherein the obtaining (42) the override data item (10) comprises reading override data item (10) from internal memory of the access control device (12), based on the at least one identifier.

5. The method according to any one of the preceding claims, wherein the at least one identifier comprises an identifier of the credential carrier (2).

6. The method according to any one of the preceding claims, wherein the at least one identifier comprises a group identifier that is common for a plurality of credential carriers (2).

7. The method according to any one of the preceding claims, further comprising: writing (49) data corresponding to the override data item (10) to the credential carrier (2).

8. The method according to any one of the preceding claims, wherein the at least one override action is performed conditional on a validity time of the override data item (10) not having expired.

9. The method according to any one of the preceding claims further comprising: abstaining (46), in response to the obtaining the override data item, from performing an action indicated by the credential data item.

10. The method according to any one of claims 1 to 7, wherein the override data item comprises an indicator that the credential data item should be considered, wherein the method further comprises: performing (48), in response to the indicator that the credential data item should be considered, at least one carrier action indicated by the credential data item.

11. The method according to any one of the preceding claims, wherein the override data item causes the access control device to perform an unlock.

12. The method according to any one of the preceding claims, wherein the override data item causes a configuration change in the access control device.

13. An access control device (12) for controlling an action performed by the access control device (12), the access control device (12) comprising: processing circuitry (60); and memory circuitry (64) storing instructions (67) that, when executed by the processing circuitry, cause the access control device (12) to: read at least one identifier from a credential carrier (2) over a short-range communication (4), the credential carrier (2) also comprising a credential data item (n); obtain an override data (10) item associated with the identifier; evaluate the override data to determine if the override data is valid by comparing times at which the override data item (10) and the credential data item (11) were generated; and perform, in response to the obtaining the override data item, at least one override action indicated by the override data item (10) in response to the override data item (10) being generated after the credential data item (11).14- A computer program (67, 91) for controlling an action performed by an access control device (12), the computer program comprising computer program code which, when executed on the access control device (12) causes the access control device (12) to: read at least one identifier from a credential carrier (2) over a short-range communication (4), the credential carrier (2) also comprising a credential data item (n); obtain an override data (10) item associated with the identifier; evaluate the override data to determine if the override data is valid by comparing times at which the override data item (10) and the credential data item (11) were generated; and perform, in response to the obtaining the override data item, at least one override action indicated by the override data item (10) in response to the override data item (10) being generated after the credential data item (11).

15. A computer program product (64, 90) comprising a computer program according to claim 14 and a computer readable means comprising non-transitory memory in which the computer program is stored.