SmartFace Access Controller

SmartFace Access Controller is a standalone module that listens to notifications coming from SmartFace Platform about people matched against watchlists. These notifications are then filtered by a predefined set of rules. Only the notifications that pass these rules are sent out from Access Controller. This component is used for the access control use case, where seamless and friction-less opening of access points (turnstiles, doors, barriers, ramps, etc.) is required.

The rules are defined by a filtering strategy and the logic which can be configured based on your specific use case. The strategy ensures that only an identified person will pass the access barrier in the right time without stoppage or any further action.

Use case description

SmartFace Access Controller module listens to notifications about matched persons sent by SmartFace Platform. When a notification passes the set of rules, it is sent out by the controller as a new notification. When a notification doesn’t pass these rules, then it isn’t forwarded and it is thrown away. The reason behind the filtration is that SmartFace Platform notifies about all detected and identified people in the processed video stream. An identified person can stand in a background or among a group of people who aren’t registered in the watchlist. SmartFace Platform still sends notifications for all the detected people. These notifications are not desired in the access control use case, because the authorized person can stand far from the camera or the access barrier and can be surrounded or stand behind a person that is not authorized for the access. In this case you want the access barrier to be closed so that the unauthorized person can not enter.

Access Controller can recognize use cases (through the predefined filtering strategy), when the access should be denied to a person in front of the camera and the notification from SmartFace Platform should be filtered out. This behavior ensures that only authorized persons may access the barrier.

SmartFace Platform supports the detection of face masks and sends notifications which contain information whether a person wears a mask. Access Controller is able to use this feature and can prevent persons who aren’t wearing a mask from passing the access barrier. This can be used to force rules related to face masks due to epidemics.

Access Controller explained

Access Controller is a simple application which listens to SmartFace’s notifications about identified persons. The application listens to internal SmartFace’s RabbitMQ messages called MatchResults. These messages are available sooner than the publicly provided ZeroMQ notifications.

When Access Controller receives the MatchResult notification, it decides, whether the gRPC AccessNotification should be sent to all connected clients through the gRPC server streaming service. The decision is made by a filtering strategy which consists of multiple filters. A separate documentation about the access strategy and filters is available on request.

Access Controller sends out three types of notifications. The first AccessNotificationGranted notification is sent to open the access barrier, when the person in front of the access barrier is identified and is authorized to enter. The second AccessNotificationDenied notification is sent when person is not identified against any of the watchlists, therefore is unknown. Optionally, AccessNotificationDenied is also sent when a person is identified but doesn’t wear a face mask. The third AccessNotificationBlocked notification informs about the presence of an unauthorized person identified against a blacklist or when the spoof try is detected (e.g. face printed on a paper).

A special PING type of gRPC message is sent every 5 seconds without any further data. If this message type is requested by the client application, it can be used as a keepalive signal to determine if the connection is healthy and optionally try to reconnect to access controller if no PING message was received for the period of time.

The details on how to configure the access strategy via access filters can be provided upon a request.