Ask the expert: LEGIC

John Harvey and Martin Fiur, LEGIC Identsystems AG, Roman Falke, Fraport AG talk exclusively to Security Buyer about how access control systems in airports 

POQ: You can avoid the biggest security gaps if you think BEFORE the introduction of HOW the ID is programmed and in which environment it is produced. 

POQ: Every use of a token, regardless of the purpose, follows strict guidelines. Only in this way can the security level be kept high. 

POQ: Internal ID card production can be secured in terms of appropriate workspace and personnel; the smartcard master tokens, on the other hand, must be stored with strict physical protection. 

If you want to manage who comes and goes in your buildings, the most vulnerable point of attack is neither the access control system itself, nor physical identification media such as employee badges; it is the cryptographic keys that are used to configure and manage your system. 

In offices, factories, warehouses, universities, hotels, utilities and airports, this most fundamental level of access security is thus of paramount importance. 

Case study: Frankfurt Airport 

Frankfurt am Main Airport is Germany’s largest commercial airport. In terms of passenger volume, it was the fourth largest European airport in 2019 with 70.6 million passengers and is in 15th place worldwide. The company employs around 81,000 people in various locations around the world. To manage access control security for its employees and contractors, the airport authorities have implemented a multi-level security concept for the numerous functions, processes, and applications. Part of this is a uniform access control system for employees and contractors based on contactless ID cards as identification medium. 

Who is monitoring the administrator? 

In order to give Frankfurt Airport full control over its own smartcard-based airside access control solution for employees and contractors, the end-to-end security platform from LEGIC was selected. The system is based on LEGIC’s Master Token System Control (MTSC), a unique key and authorisation management solution from LEGIC.  

The patented system is designed to give end users complete independence and control over the security of their business, including cards and readers. 

The main feature of MTSC is the deliberate avoidance of shared secrets such as passwords. Authorisations are granted using physical tokens in the form of contactless smart cards. Organisations that use a password-based security system usually have no idea how easily they can be compromised. MTSC technology is based on a unique “genetic code” contained in contactless smart cards. The genetic code within this technology guarantees that all required credentials are unique. The code is transmitted to the reader during initialisation of the ID card and during configuration. 

In combination with the physical token, administrators can securely manage their ID population and, if necessary, easily add or remove applications (e.g., access control, time recording, secure printing, cashless payment at machines and in the canteen, etc.). In addition, having their own physical token grants security officers full autonomy in choosing trustworthy suppliers.  

Advantages of MTSC in practical use 

The following practical insights into the advantages of MTSC at Frankfurt Airport come from an interview with Roman Falke, Senior Delivery Manager for Security Systems in the Department Airside Security and Video Management Systems at Fraport AG (Fraport AG is one of the largest global airport businesses which also operates Frankfurt Airport). 

Where do you generally see the greatest potential security gaps in airside access systems such as Frankfurt Airport operates? 

You can avoid the biggest security gaps if you think BEFORE the introduction of HOW the ID is programmed and in which environment it is produced. For the planning, it is highly advisable to consult experienced specialists from the beginning.

What are the main advantages of using the MTSC Key and Authorisation management solution from LEGIC? 

Limited sets of tokens can be created on the basis of LEGIC MTSC. This allows us to retain full control over our ID card structure and decisively minimise any possible security risk. With these individually defined Sub-tokens, responsibility can be assigned and withdrawn at any time! “

How should such an access system be introduced and operated in a controlled manner? 

After we decided on MTSC, we received extensive training on how to handle and take responsibility for smartcard-based master tokens. The entire route of these security elements from LEGIC to the recipient at the airport must be prepared and carried out in a tightly controlled manner. 

On one hand, internal ID card production can be secured in terms of appropriate workspace and personnel; the smartcard master tokens, on the other hand, must be stored with strict physical protection. They can only be removed from secure storage using a documented workflow with different approval levels and, among other things, according to the four-eyes principle.  

Of course, this also applies to the use of each token. When using a system that works with passwords or shared secrets, for example, the key that has been removed from a safe remains in a person’s memory. With a smartcard-based physical token, there is no permanent knowledge in the hands of a single person.

Falke: Can an auditable handling of tokens be implemented? 

Fraport: “The structured, documented planning of the specified workflow of how tokens are dealt with is crucial for this. Every use of a token, regardless of the purpose, follows strict guidelines. Only in this way can the security level be kept high from the beginning, and auditable security be implemented.”

According to which internal and / or external security requirements did you have the mentioned procedure assessed? 

Of course, we meet requirements such as those published in Annex 9 of ISO-27001. This is continuously monitored via internal audits conducted by our own, independent departments. The MTSC concept supports us in meeting these demanding requirements according to practical process descriptions.

How important is direct contact with LEGIC for Fraport AG? 

Direct and immediate information from LEGIC on questions and topics is crucial for operation. In addition, direct contact offers us timely planning for upcoming security developments.  

Further information on how you can take full control of your access control system with LEGIC MTSC can be found at www.legic.com/mtsc or contact LEGIC at www.legic.com/contact 

 

To stay up to date on the latest, trends, innovations, people news and company updates within the global security market please register to receive our newsletter here.

Media contact

Rebecca Morpeth Spayne,
Editor, Security Portfolio

Tel: +44 (0) 1622 823 922
Email: [email protected]

About Security Buyer

Security Buyer is the leading authority in global security content, delivering expert news, in-depth articles, exclusive interviews, and industry insights across print, digital, and event platforms. Published 10 times a year, the magazine is a trusted resource for professionals seeking updates and analysis on the latest developments in the security sector.

To submit an article, or for sponsorship opportunities, please contact our team below.

Rebecca Spayne picture 2025

Rebecca Spayne

Managing
EDITOR

Georgina Turner image

Georgina Turner

Sales
Manager

Afua Akoto image - Security Buyer

Afua Akoto

Marketing Manager

Read the Latest Issue

Follow us on X

Follow us on X

Click Here

Follow us on LinkedIn

Follow us on LinkedIn

Click Here

Advertise here

Reach decision makers and amplify your marketing

Advertise here

Click Here

Related News

IDIS

IDIS launches Edge AI Plus Camera Range

IDIS’s new Edge AI Plus Camera range gives users more flexible, affordable options to upgrade their video systems with advanced AI…
OneLink

Product Spotlight – Gallagher’s OneLink

Gallagher Security presents, OneLink – the product that is elevating remote security through the power of the cloud 
Pinaccle systems

Pinnacle Systems further supports Installers and System Integrators

Pinnacle Systems has launched the Pinnacle Partner Programme, a new initiative designed to provide enhanced support for installers…
Stephen Tickle

Comelit-PAC Appoints Stephen Tickle as Regional Sales Manager

Comelit-PAC has appointed Stephen Tickle as its new Regional Sales Manager.  Stephen will focus on supporting PAC’s access control…
Intersec Saudi

Intersec Saudi Arabia returns with record exhibition space

Intersec Saudi Arabia, the premier industry platform for security, safety and fire protection, will return to the Riyadh…
Abloy UK

Abloy Academy breaks attendance records

Abloy UK has achieved record breaking attendance at its Academy, with more professionals than ever attending its…
Hikvision

Hikvision Introduces X-ray Baggage Inspection System

Hikvision India has recently introduced X-ray Baggage Inspection System with AI- enabled Intelligent Recognition Capabilities…
GBV

IFPO Column: The Quiet Signals of Danger

Yoyo Hamblen of IFPO and Gary Simpson, Nonverbal and Behavioural specialist discuss the important topic of Gender-Based Violence..
Doorbird Carousel

Product Spotlight – Door Communication for the “Neue Wallufer”

 A customised solution case study for a residential complex is presented by DoorBird and CompuNet Systems GmbH 
suprema

Suprema Achieves EN 60839 Certification

Suprema, a global provider of AI-powered access control and security solutions, has achieved EN 60839-11-1:2013 Grade 3 certification
Scroll to Top