AXON URX-Secure

Pershkrimi

Lexues i unifikuar per perdorim brenda dhe jashte kabines. Mbeshtet modalitetin Counter Mode per tranzicion dhe Encrypted Validation Mode per siguri te avancuar.

Ky model eshte projektuar per migrim praktik nga sisteme ekzistuese drejt validimit te enkriptuar. Ne modalitetin e avancuar, lexuesi perfiton nga praktikat moderne te kartelave secure (si DESFire) me autentikim dhe menaxhim celesash, duke ulur ndjeshem rrezikun e klonimit krahasuar me formatet tradicionale RFID.

Specifika Teknike

• Mbeshtetje per kartela MIFARE / DESFire (opsionale)
• Counter Mode
• Encrypted AXON Protocol
• Anti-clone detection logic
• Secure key storage
• Komunikim: RS485 me masterin, Wiegand compatibility mode (opsional)
• Furnizimi: 9V-15V DC, konsum <2W
• IP Rating (version jashte): deri IP65

Pajisje te tjera

AXON CCU-32 AXON URX-Secure AXON ICM-GE AXON ICM-LR AXON RBN-2 AXON SC-E AXON W2R-N

Card Compatibility — Dual-Mode DESFire EV3 and MIFARE Classic

AXON URX-Secure supports both MIFARE DESFire EV3 (recommended for security) and MIFARE Classic 1K/4K (for migration and low-security tiers) on the same physical reader. The card technology is selected at provisioning and at the per-door policy level, not by swapping hardware. This dual-mode design is deliberate: it lets buildings already deployed with Classic cards begin a migration without replacing every credential on day one.

Per-door policy

The site administrator can configure each access point with one of three card-acceptance policies at the master:

• DESFire only — high-security doors, server rooms, executive floors, hospital restricted wards. A Classic card presented at the reader is rejected before authorisation is even considered.
• Classic only — low-risk doors during legacy operation (e.g., a storage door in a building still rolling out new cards). Accepts UID-based identification with the understood security limitations.
• Both accepted — migration window. The reader will authenticate a DESFire card using AES-128 mutual auth and fall back to Classic UID for any card that does not respond to DESFire authentication. This lets a building issue DESFire credentials to new tenants while existing tenants finish using their Classic cards.

Why dual mode matters

In practice, no medium-sized building rekeys 200+ residents or 50+ office staff overnight. The realistic upgrade path is: install URX-Secure readers, set per-door policy to "Both accepted" at low-risk doors and "DESFire only" at high-security doors, issue DESFire cards as the new default, and let Classic cards age out as people lose them or move out. Without dual-mode support the only option is a hard cutover, which is operationally expensive and tends to get postponed indefinitely — leaving the building on Classic forever.

Honest disclosure about MIFARE Classic

MIFARE Classic uses the legacy CRYPTO1 algorithm, which was publicly broken in 2008 and can be cloned with €30 hardware in under one second. We support it because many existing buildings in this region deployed Classic cards and replacing all at once is impractical. If you are starting a new deployment with security requirements, choose DESFire EV3 from day one — there is no cost reason to start a new site on Classic in 2026.

Read our DESFire EV3 vs Classic deep-dive →

Full Technical Deep-Dive Available

Anti-cloning architecture, DESFire support, Counter Mode vs Encrypted AXON Protocol comparison, RS-485 interface details, integration with CCU-32 and ICM-GE, IP65 outdoor deployment, FAQ, and troubleshooting. Approximately 3,600 words of technical documentation on the AXON URX-Secure RFID reader.