5 Things to Know About Smart Locks

March 1, 2022
The future of electronic security is connected and mobile, so security pros have to get smart to make money.

Although it isn’t true that every electronic locking device made today is a smart lock, it sure seems as though it is.

Smart locks, of course, are locks that do more than just secure a door. Typically, in their most basic form, smart locks are meant to provide information to the end user about who entered what door when (the audit trail) in addition to controlling access to that door.

These days, smart locks increasingly are linked with smartphones. Most end users make the association because of the mobile credential that unlocks the door through either a Bluetooth or near field communication (NFC) connection, either at the lock or the credential reader, but there’s also the issue of being able to grant or revoke access at any point from any location.

But that’s only a starting point — a basic introduction into the world of smart locks. Here are five things security pros should know about today’s smart locks.

1. They’re Getting Dumber

Didn’t see that twist coming? Make no mistake: Today’s smart locks provide more information and features than ever before, but how they do it has changed quite a bit.

These days, it’s all about the credential, says Ron Shaffer, vertical business leader for education at SALTO Systems. Previously, smart locks that weren’t tied into a wired electronic access control (EAC) system were accessed by so-called static credentials — PIN codes, cards and fobs. Any information about who, when and where, had to be stored or verified at the lock, or it had to be part of an EAC system, and with respect to the latter, “your reach is only as far as the copper can go,” Shaffer says, noting that your ability to access data had limits.

Mobile credentials, however, are dynamic, which means that in addition to the information being stored on a mobile app, they’re always connected to the internet. That means you can access the audit trail at any time from anywhere you have a connection as well as update the credential.

“The lock doesn’t have to be as smart,” Shaffer says. “If the lock is dumb, it can be out in the middle of a cornfield or two states away. [Someone] can call me, and I can send access to his cellphone.”

Mobile credentials also satisfy the necessity of key control, which is why they continue to make inroads in the world of security. Smart keys and cards also deliver dynamic credentials, but smart keys and cards still must be accounted for and still tend to be lost more easily.

Lost cards and keys of any type run up to $1 million in replacement costs per year in some cases, says Dave Carbone, sales engineer for ASSA ABLOY Opening Solutions.

“People aren’t going to lose their phone,” he says.

2. Installation isn’t a Big Deal

Not long ago, smart locks required wiring, a hub or both to install on a door and process information. This was true regardless of whether the application was residential or commercial.

Installation still can go that route, and depending on the application, that might be preferable, but smart locks increasingly are going wireless through battery power. A battery-powered lock typically requires less drilling, less time and, obviously, less if any running wires.

That’s all well and good for a new installation, but what about a retrofit when a customer wants to upgrade to mobile-based EAC?

The good news is such an upgrade isn’t necessarily a problem for the installer, according to Christopher Baggett, systems engineer of Loc-Doc Security in Charlotte, North Carolina. The biggest concern likely would be the wiring around a legacy reader.

“It normally comes down to replacing the wiring for the card reader,” Baggett says. That’s because many readers in the field don’t have the proper wiring to handle the increased data exchange between the reader and a smartphone. “They need 22-gauge solid wiring in order to work properly, and they need to be shielded.” Otherwise, the reader might not be able to send the correct data or even receive the correct power to operate effectively.

As far as replacing the locking equipment, what has to be done might depend on the device or devices. For example, a reader by ASSA ABLOY company HID that uses the company’s multiCLASS technology won’t have to be replaced. All that’s necessary in making the jump to mobile is a firmware upgrade, Carbone says, which can be performed remotely over the internet. An HID reader that doesn’t have multiCLASS technology, however, would have to be replaced to recognize the mobile credential.

Other companies might handle a retrofit differently, which is important to note, because mobile credentials tend to be proprietary, says Rob Goff, vice president of product at RemoteLock. “I think the norm is going to be that you’re going to be replacing your readers and locks.”

Even so, Baggett says that isn’t much of an issue for a seasoned security pro, aside from any wiring issues, of course. It’s just a matter of making sure the hole pattern of the lock to the door is correct or adding a remodeler plate as necessary.

3. Enrollment is Easier

More smart locks today are IP locks, which means connecting them and then accessing information is little different from connecting any other electronic device, such as a computer printer or a smart thermostat, to the internet.

Goff outlines the process thus:

  • You create an account through a mobile app or web app on a computer.
  • You register the locking device through the account.

That’s it. The EAC system then “discovers” the lock just as your computer would find an IP printer. After that, the system can begin to generate credentials for that locking device.

The generation process isn’t much different when mobile credentials are brought to bear. The only additional information that’s necessary is an email address for each user. This is necessary for the issuer to send the proper code for the lock in question to the user’s app that handles the credential.

“If an installer is used to crossing over into the registration and setting up PIN codes, what mobile credentials add is almost negligible,” Goff says. “Most of these [mobile EAC] platforms have it built in and make it easy.”

But the real benefit is time. Baggett mentions how an old card-based system would take as much as 20 minutes per credential to enroll a user into the system by tapping the card to the lock and punching in a code. Now, extrapolate that out to dozens if not hundreds of users and multiple locks.

“It could drive you crazy,” says Joey Dalessio, president of Keyincode, of the time taken up during the enrollment process in nonmobile systems. He notes the case of a client that required programming 300 cards into six different locks. “It takes a long time.” With a mobile system, such a process can be handled in minutes.

4. Education is Key

This takes on a couple of forms. Of course, you have to be educated in how the smart locks and mobile credentials that you sell and install operate, and you have to be able to explain that adequately to the customer so they will have a good experience. As with mechanical and other nonsmart locks, there are few standards. Every manufacturer does things a little differently, and you should be aware of the nuances among products.

But, as with other locking solutions, you have to educate yourself as far as what the customer wants the lock to accomplish. This is perhaps the most important education, Dalessio says, because it will help to determine the type of lock selected, the credential, the type of connection (battery power is problematic in cold temperatures) and even the administration of the EAC system.

“It’s no longer one size fits all,” he says. “It’s ‘what do you want to do?’”

Key questions to ask include:
  • Where will the lock be located?
  • How will it connect with the system?
  • How many people will use the lock?
  • How frequently will they use it?
  • How do you plan to manage the system?

Goff says “flexibility” might be the most valuable feature of a smart lock, and it’s good to keep “an arsenal” of smart locks on hand to best match the lock with the application.

Finally, you might have to educate the customer about expectations and the big differences between a DIY smart lock that they might have installed themselves at home and a professional smart lock for their office.

It should go without saying that there’s a huge difference between residential and commercial smart locks. However, Glenn Younger, president of Grah Lock & Safe in San Diego, notes that not all customers grasp the differences, particularly when they look at the typical difference in price between a residential lock bought online or at a big-box store and a professional-grade lock bought from a security pro.

“It creates an expectation that ‘for $59, $100, I can put a lock on there, and it works great on my house, and that’s exactly what I want on my office,’” he says. “But when they actually go to put it on their office, they say, ‘How come it's working great on my home, but I’m having to replace the batteries every month?’ Well, it’s your office. It’s getting used 50 times a day. At home, it’s getting used twice a day.”

Younger also notes the corresponding differences in durability, connectivity and performance. Simply, commercial-grade smart locks last longer, are more flexible as far as installation with Power over Ethernet (PoE) or wired options and can do more.

Baggett says performance is of particular importance with his customers.

“Can I get the event tracking that I need out of it? Can I get the activity tracking that I need out of it,” he says of the wide spectrum of smart locks that are available. “If I can’t assign different PIN codes or a different fob to a bunch of different people and be able to keep track of that easily, what good is it really doing me?”

5. There’s Money to be Made

Again, there’s an obviousness to this: If you sell and install any locking device, there’s money to be made during the transaction for the product and your labor.

However, when you sell a smart lock, there’s an additional opportunity for that all-important recurring monthly revenue (RMR), typically in the form of an EAC software subscription service.

In such a subscription, the price of the software is paid out in small increments over time instead of one lump sum. This keeps the price of entry low, and it allows the security pro to charge more and pocket the difference. Dalessio notes that in some cases, it might make it so the customer pays the price of the smart lock twice over but is satisfied because of the service provided.

The same thing can be applied to lock maintenance as well. The biggest drawback for a battery-powered smart lock is that batteries have to be replaced at some point. So, you can build that into a lock maintenance service agreement where you provide new batteries annually, along with other items, such as lubricant for the lock or door hardware.

“Fifteen percent of the people will absolutely do it, and up to 30% will do it if they see value,” Dalessio says. “All of a sudden you have a nice recurring revenue.”

Now that you’re smarter about smart locks, depending on what your customers are looking for, here are a few options to consider:

Corbin Russwin/SARGENT IN Series

The IN Series by ASSA ABLOY companies Corbin Russwin and SARGENT is aimed at providing flexibility in potential solutions. The series of smart locks pairs an electrified lock with an HID multiCLASS reader.

The series includes different battery-powered options (IN100 and IN120) or PoE (IN220) and allows for different methods of connectivity to the internet. IN120 locks connect wirelessly to a customer’s standard internet system, while IN100 locks use ASSA ABLOY’s Aperio technology to connect with an Aperio hub that then connects with the customer’s internet via Wiegand, RS-485 or IP. The Aperio technology also means that the installation at the door is wireless.

Each series within the IN Series comes in cylindrical, two mortise, exit device trim and even multipoint locking variations, with different trim options between the Corbin Russwin and SARGENT brands.

As for credentials, the IN Series supports a wide range of high- and low-frequency credentials, including mobile. The IN120 and IN220 also have a keypad option for PIN codes or dual authentication.

More info: www.corbinrusswin.com, www.sargentlock.com

Keyincode 4510, 5510, 6510

Keyincode’s battery-powered smart-lock lineup allows for multiple credential types, including PIN via the locks’ built-in keypad and mobile. Management can be handled remotely through Keyincode’s K3 app for added flexibility.

However, the locks have different ANSI grades and, thus, different prices, which allows for flexibility with respect to a customer’s budget, Dalessio notes. The KIC6510 is a Grade 1 cylindrical latchbolt aimed at high-traffic and exterior applications. The 5510 is a Grade 2 mortise tubular latchbolt aimed at standard-duty applications, while the 4510 is a Grade 3 mortise tubular latchbolt meant for low-traffic doors, such as utility rooms or storage closets.

All three locks come with manual key override and field-reversible handing.

More info: keyincode.com

SALTO XS4 Original+

The XS4 Original+ is SALTO’s latest smart lock, and as you might suspect from the name, it’s an update of the XS4 Original.

It has the same mechanics and mostly the same design. (The reader has been streamlined.) As with the XS4 Original, the XS4 Original+ is compatible with standard ANSI cylindrical or mortise locks.

What’s different is the XS4 Original+ is embedded with SALTO’s BLUEnet wireless and SVN-Flex technologies. These provide for faster transmission of data, better battery life and improved EAC performance, so credentials can be updated at the door.

Another difference: The XS4 Original+ is compatible with SALTO’s JustIn mobile credential for Bluetooth or NFC, as well as several versions of MIFARE card credentials. It also is compatible with all SALTO EAC platforms present and future, Shaffer says.

“The same look and design, just more compatibility,” he says.

More info: www.saltosystems.com/en-us

About the Author

Will Christensen | Senior Editor

Will Christensen is senior editor at Locksmith Ledger International. He has been an editor and reporter at magazines and newspapers for more than 30 years.