SIFER Readers

Overview

SIFER is Inner Range’s proprietary high-security reader technology, based on the Mifare DESFire EV2 platform. It uses 128-bit AES encryption for secure communication between the reader and the Controller. Readers communicate via the non-proprietary Open Supervised Device Protocol (OSDP) over a multi-drop RS485 LAN bus, allowing multiple readers to be connected to a single port.

Minimum Requirements

• Integriti Controller Firmware: V4.0.1 or later.
• Integriti Software: V4.0.3 or later.

SIFER Card Format

SIFER cards use a 56-bit data structure:

• Site Code: 24 bits — configurable from 1 to 16,777,215 (16.7 million). Site codes 1000–1099 (inclusive) are reserved by Inner Range.
• Card Number: 32 bits — configurable from 1 to 4,294,967,295 (4.3 billion).
• CSN: 7 Byte (56-bit) Card Serial Number readable by other MIFARE-based readers.

Credential Ordering Options

1. SIFER-P (Pre-Programmed)

• Encrypted with the Inner Range SIFER Global Key.
• Default site code: 1001.
• Guaranteed unique card number; card number is laser-etched on the card.
• Locked — no credential customisation possible. Cannot be re-ordered.
• Most cost-effective option.

2. SIFER-U (User Programmable)

• Supplied with the SIFER Global Key, default site code 1001, and unique card number.
• Unlocked — allows customisation via the SIFER Programming Station (USB):
  • Custom Card Number (1–4.3 billion).
  • Custom Site Code (1–16.7 million, excluding reserved 1000–1099).
  • Custom Encryption Key (32 HEX digits).
• Changing the card number is possible but not recommended (factory number is already unique and laser-etched).
• A custom encryption key is mandatory when customising — you cannot retain the default Global Key or site code 1001.
• Use SIFER-U cards to create SIFER Reader Configuration Cards.
• Gold Card Service: An alternative where Inner Range provides a guaranteed unique encryption key via a special Gold Key Configuration Card. The key is securely stored and never viewable by anyone (including Inner Range staff).

3. SIFER-C (Custom Batch)

• Factory-configured cards with specified card number range, site code, and printing options.
• Assigned a unique encryption key from the reserved Gold Card range.
• Permanently locked — cannot be re-programmed later.
• A Custom Configuration Card (994614CNF) is supplied; no SIFER Programmer needed.
• At least one Configuration Card should be ordered per SIFER-C site to configure on-site readers.

Part Numbers

• 994720: SIFER Smart Card Reader (Standard)
• 994720MF: SIFER Smart Card Reader (Multi-format) — reads CSN/UID from other 13.56MHz formats including MIFARE Classic, Ultralight, Plus, Felica, ISO15693, Type B and Picopass in addition to DESFire EV2/EV3.
• 994723: SIFER Smart Card Reader (Mobile Access variant)
• 994725: SIFER Keypad Reader (Standard)
• 994725MF: SIFER Keypad Reader (Multi-format)
• 994726: SIFER Keypad Reader (Mobile Access variant)

Identifying Multi-format Readers: All multi-format SIFER readers carry a trailing “MF” suffix on the part number (e.g. 994720MF, 994725MF). Standard readers only support Inner Range SIFER DESFire EV2/EV3 cards.

Technical Details

• Encryption: End-to-end 128-bit AES encryption.
• Interface: Multi-drop RS485 LAN bus (SIFER Bus).
• Ingress Protection: IP67 rated.
• Temperature Range: -25°C to +65°C (Keypad models); Standard models may support down to -35°C.
• Physical Dimensions: 106mm (L) x 63mm (W) x 19mm (D).
• Power Input: 11-14V DC.
• Current Consumption: 65 - 115mA typical, 165mA max (depends on LED/Beeper config).
• Tamper Detection: Built-in optical tamper sensor.
• Mounting: Optimized for non-metallic surfaces. If mounting on metal, use a spacer (>8mm separation) to maintain read range.

Cabling and Distance

• Data (RS485 LAN): Max 1000m total cabling on one “RDR RS485 LAN” port using recommended twisted pair.
• Power (V+/0V): Distances depend on cable gauge and reader count:
  • 24AWG (7/0.2): 100m for 1 reader.
  • 21AWG (14/0.2): 200m for 1 reader.
  • 24AWG (3-pair, 2 pairs for power): 100m for 2 readers.
• Cable Type: 2-pair 7/0.20 (24AWG) twisted pair data cable recommended. Pair 1 for Data A/B, Pair 2 for V+/0V.

Alternative Cabling

In retrofit scenarios where recommended twisted-pair is not available, the following alternatives are supported within specific limits:

• Security Cable: 4-core or 6-core (24AWG minimum).
• Shielded Data Cable: 4-core minimum (24AWG minimum). e.g., RS232 cable.
• UTP (Ethernet): Cat 5/5e/6. Note: Avoid using single-strand UTP directly in screw terminals; use an adapter or stranded patch lead.

Limits for Alternative Cables:

• Data Distance: Limit of 300m between a reader and the host module for non-twisted pair.
• Total Port Load: Limit of 400m total combined data cabling on a single “RDR RS485 LAN” port.
• Shielding: If using shielded cable, the shield must be connected to ground at the host module end only.

Compatibility and Addressing

Host Module	SIFER Readers per Module	Min. Firmware (Std/MF)	Min. Firmware (Mobile)
ISC / IAC	16 (IAC Only)	V4.0	V23.1
ILAM	16	V2.0	V4.1.0
SLAM	4	V2.0	V4.0.7
Inception	8	V1.0 (Std)	V6.1.0
EliteX	1 (Internal)	V3.0.13	N/A

Card Enrolment

For easy card enrolment into the Integriti software:

• SIFER Enrolment Station: A USB-connected desktop reader that connects to the Integriti client workstation.
• SIFER Programming Station: Used by installers to program custom site codes and encryption keys onto SIFER-U (User Programmable) cards.

Configuration / Programming

• Addressing: Readers are addressed based on their connection order or serial number mapping in software. On Integriti, readers automatically appear in System Designer if OSDP auto-addressing is enabled.
• PIN Mode (Integriti): For Keypad models (Card+PIN, Card or PIN, PIN Only), set ‘PIN Mode’ to SIFER/OSDP/Motorola under the reader configuration. Leave ‘PIN device’ blank.
• Inception Differences: While Integriti uses ‘PIN Mode’ settings, Inception reader mapping is handled within the ‘Door’ configuration under Reader Type.
• Firmware Updates: Firmware can be updated over the system wiring via the host controller. The update process typically takes 10 minutes per reader.

Heartbeat Monitoring

SIFER readers can be monitored for their connection state using dedicated system inputs. If a reader loses connection with the host module (e.g., due to a cable cut or hardware failure), the mapped system input will transition to an alarm state.

System Input Mapping

Host Module	Reader #	System Input
SLAM	Reader 1 & 3	Rxx:S19
SLAM	Reader 2 & 4	Rxx:S20
ILAM	Reader 1 - 16	Ixx:S69 to Ixx:S84
IAC	Reader 1 - 16	C01:S90 to C01:S105

Note: In Inception, reader health is monitored automatically and reported via System Warnings.

Configuration (Integriti)

To enable heartbeat alarms:

1. Identify the system input corresponding to the reader (see table above).
2. Assign the input to a System Area.
3. Set the Process Group to Local Silent or Tamper to ensure the failure is logged and/or alerted to operators without necessarily sounding the main sirens.

Door Open Too Long (DOTL) Buzzer

The SIFER reader’s internal buzzer can function as a local DOTL annunciator, eliminating the need for separate door sounders.

Configuration Steps

1. Reader Programming: In the reader’s properties (Integriti) or Door configuration (Inception), set the Feedback Mode to Show the open/locked state of the door associated with this reader.
2. Door Programming: Set the Door Open Too Long Time to a value greater than 0 seconds.
3. Behavior: When the DOTL timer expires, the reader will play a continuous pulsating tone until the door is closed (reed switch sealed).

Configuration Card Programming

By default, SIFER readers are configured to only read cards with the Inner Range SIFER Global Key. A configuration card (created using the SIFER Programmer) reprograms readers to operate with a custom encryption key.

Programming Sequence

1. Receptive Window: SIFER readers are only receptive to configuration cards for the first 5 minutes after power-up. The reader remains receptive for the full 5 minutes even if a card has already been presented.
2. First Presentation: Present the configuration card. The main LED turns purple and the small LED flashes purple for 5 seconds. If not presented again within 5 seconds, the reader reverts to normal operation.
3. Second Presentation: Present the same card again within the 5-second window. The reader beeps, flashes the main LED green for 1 second, and is now secured with the new encryption key.
4. After 5-Minute Window: Any configuration card presented causes 3 seconds of continuous tone and red flashing main LED — use of the configuration card is not allowed.

Un-Securing a Reader

To revert a secured reader back to the default Global Key:

1. Within the 5-minute receptive period, present the same configuration card that secured it.
2. The main LED turns purple and the small LED flashes green (instead of purple) for 5 seconds.
3. Present the card again within 5 seconds. Both LEDs show green for 1 second — the reader returns to the default state.

Card Capabilities

Configuration cards can control:

• Encryption Keys: Securing the reader to a custom site-specific key (SIFER-U or SIFER-C).
• Card Formats: Matching the card profile used on-site.

IMPORTANT

Always document your configuration card sequence before visiting a site. The SIFER Programmer, Gold Card, and any configuration cards created should be kept in a secure location because they hold the custom encryption key.

SIFER Reader States

State	LED Indication
Powered on	Reader beep, single green flash.
Powered, waiting for address / unaddressed / unable to communicate	Main LED alternates White and Grey. Small LED fades in and out blue.
Powered, online	Ascending ‘online’ tone. Main LED cyan, small LED magenta (colours can be changed).

Reader Configuration Options

Option	Description
Serial Number	Factory-set; printed on the back of the reader.
Volume	Configurable between 0 (off) and 255 (loudest).
Maximum Brightness	Configurable between 0 (off) and 255 (brightest).
Feedback Mode	None / Show area state (specified area) / Show area state (same side) / Show area state (other side) / Show open/locked state of associated door.
Main LED Colour	1 of 23 colours (including black/off).
Small LED Colour	1 of 23 colours (including black/off).
Show Area Status — Entry Delay	Slow flash green + slow chime (when Feedback Mode shows an area state).
Show Area Status — Exit Delay	Slow flash green + slow chime.
Show Area Status — Armed/Disarmed	Green for disarmed, red for armed.
Show Area Status — Isolated	Amber when an input is isolated.
Show Area Status — Had Alarm	Fast flash red + repeating two-tone chime.

Allow approximately 10 seconds for SIFER reader programming changes to take effect.

Firmware Updates

SIFER reader firmware can be updated through Integriti software using the same process as Integriti hardware modules. The update takes approximately 10 minutes. Select the firmware file, set “LAN Module Type” to the appropriate module, set “Peripheral Device Type” to “SIFER Reader”, tick the target Controller, and select “Update Selected”.

Troubleshooting

Begin by reviewing the hardware installation manual:

• Ensure readers are installed correctly and connected to the correct port on the reader module.
• Ensure Integriti software, module firmware, and SIFER firmware are up to date.

Common Problems

Problem	Resolution
SIFER reader does not appear in Inside/Outside Reader dropdown	Ensure the Door record belongs to the controller the reader is attached to.
Reader not getting an address / no ‘online’ tone	Check the reader is attached to a “RDR RS-485” port. Do not exceed the module’s supported reader count. Ensure OSDP_DisableAutoAddressing is unticked. Cycle power to the reader.
Reader not updating when settings change	Changes can take ~10 seconds.
Enrolment fails	Confirm controller firmware is compatible with the Integriti version. Ensure cards and readers use the same security key.
Reader not responding to SIFER cards	Ensure firmware on controller and readers is up to date. Verify the security key matches.

Additional Issues

• Sunlight Interference: Direct sunlight can cause housing color fade and potentially interfere with the optical tamper sensor.
• Metal Mounting: Mounting directly on metal significantly reduces read range. Use a non-metallic mounting block.
• Voltage Drop: Ensure at least 11V is present at the reader. Supply voltage drop is approx. 17mV per meter per reader using 24AWG cable.
• Low Voltage / Unreliable Reads: If card reads are unreliable due to long cable runs or voltage drop below 11V, fit an electrolytic capacitor (1000uF – 6800uF, 16V) across the V+/0V connections at the reader.
• Mobile Access Interference: Keep Mobile Access readers at least 200mm away from AC mains wiring (100-240V).

Related Pages

• IR Mobile Access
• IAC Reader Configuration
• Inception Door Configuration
• RS485 LAN System
• Intelligent LAN Access Module (ILAM)
• Standard LAN Access Module (SLAM)