AXON SBT-TRF — Smart Touch Button with RFID & Biometric Fingerprint

A next-generation smart access button that unifies a capacitive touch surface, RFID, and biometric fingerprint authentication in a single panel, with optional multi-factor validation and encrypted AXON BUS communication for unified, auditable elevator command through the AXON Master.

01 — What AXON SBT-TRF Does in the System

AXON SBT-TRF is the access surface for the user. Physically it is a panel with a smart touch face, an RFID antenna, and a biometric fingerprint sensor in one assembly. Functionally it replaces the conventional landing button, intercom call surface, or door access button with a single device that recognises who is asking for access, how strongly they have proven their identity, and reports that result on the encrypted AXON BUS for the AXON Master to act on.

Three authentication paths run on the same panel. RFID gives a fast, contactless path for known cards — the typical residential flow, aligned with the ISO/IEC 14443 proximity-card standard used by most building credentials in the region. Biometric fingerprint binds the credential to a person rather than to a card that can be lost, shared, or cloned, with templates structured to the ISO/IEC 19794-2 minutiae-data format; the typical use for restricted areas. Multi-Factor requires both within a configurable window, which is the appropriate mode for high-value or back-of-house access points such as staff-only floors, server rooms, or restricted hospital wings, and lines up with the AAL2 requirements in NIST SP 800-63B.

The architectural separation from the AXON Master is intentional and identical to the rest of the AXON module family. The SBT-TRF authenticates and reports; the Master holds permission logic, time windows, lockdown state, and the audit log. That separation means a credential revoked centrally on the Master takes effect across every SBT-TRF panel without a per-device update, and a new policy — for example a temporary lockdown of staff floors during a building event — is a single Master-side change.

A typical operational flow looks like this: a user approaches the SBT-TRF panel at the landing; depending on configuration, they present their RFID card, place their finger on the sensor, or both; the panel runs the local authentication and produces an authenticated event with the credential identifier (not the raw credential and never the raw biometric image); the panel emits the event as an encrypted AXON BUS frame; the AXON Master receives, decrypts, evaluates against its current permission policy, and issues the elevator command back over the same bus; the audit log records who authenticated, where, when, and how.

02 — Required Components

An SBT-TRF deployment involves the panel itself plus the standard AXON ecosystem around it:

Part	Role	Notes
AXON SBT-TRF panel	Smart access button	Touch surface, RFID antenna, fingerprint sensor, AXON BUS interface.
AXON Master	Authoritative controller	Holds permission policy, time windows, lockdown state, central audit log.
RFID credentials	Card population	Card type to be finalised with hardware spec.
Fingerprint sensor	On-panel biometric
AXON BUS cabling	Communication backbone	Encrypted bus; shared with other AXON modules.
Power supply	Local supply per panel
Mounting plate / back box	Physical install	To be finalised with the panel form factor.

Why these specific parts

Unifying the touch surface, RFID, and fingerprint sensor on one board removes a class of integration bugs that show up when those functions are split across separate devices: clock-skew between events, plaintext interconnect between a reader and a controller, separate audit fragments that have to be stitched together after the fact. With one panel, one authenticated event, and one BUS address, the audit log is single-sourced and the time-stamped event chain is unambiguous.

The Master split is the same split that runs through the AXON family. The panel never tries to be its own access controller because that would scatter the permission state across every floor of the building. The Master is the single source of truth for who can go where and when; the panel is the input surface and the local authenticator. That separation makes large deployments tractable.

03 — How the SBT-TRF Works End-to-End

1. Wake / interaction. The user approaches the panel. The touch surface activates and indicates which authentication factors are required by the panel's current configuration.
2. Credential capture. The user presents an RFID card (RFID mode), places a finger on the sensor (Fingerprint mode), or does both within a configurable window (Multi-Factor mode).
3. Local authentication. The panel matches the credential against its on-device store: RFID identifier against the configured set, fingerprint against the locally stored template. The raw fingerprint image is not transmitted; only the match result and the credential identifier are used downstream.
4. Multi-factor gating. If multi-factor is configured, both paths must succeed within the window. Either failure or a timeout produces a failed multi-factor event rather than a successful one.
5. Frame the event. The panel encodes the authenticated event — device address, credential identifier, factor combination used, timestamp — as an AXON BUS message and encrypts it.
6. Publish to Master. The encrypted frame is transmitted on the AXON BUS to the AXON Master.
7. Master decision. The Master evaluates the event against its current permission policy, time windows, and lockdown state, and issues the appropriate command back on the bus.
8. Elevator command. The Master's command is converted into elevator action — call cabin, allow floor, log denial — through the rest of the AXON topology.

Every step is bounded. A multi-factor window expires; a fingerprint sensor timeout returns a clean failure; a missing Master response triggers the configured failure policy rather than hanging the panel.

04 — Communication Architecture

Encrypted AXON BUS

The SBT-TRF communicates with the AXON Master over the encrypted AXON BUS, which is the same backbone used by other AXON family modules. Frames are encrypted before transmission so a passive listener on the bus sees ciphertext only. This eliminates the most common low-effort attack against legacy systems: tapping a Wiegand interconnect between a reader and a controller and replaying a captured card number. There is no plaintext stage between the panel and the Master where that attack could land.

Why the panel is a single bus node

The SBT-TRF appears on the bus as one addressable node, even though it has three input modalities. The reason is that all three modalities produce a single authenticated event from the user's point of view — pressing the button. Splitting them into separate nodes would force the Master to reassemble what should be an atomic action, with race conditions on which modality completed first. Reporting the combination as one authenticated event keeps the Master logic clean and the audit log unambiguous.

What never leaves the panel

The raw fingerprint image and the raw RFID exchange do not cross the AXON BUS. The panel's job is to authenticate locally and report the result; the Master sees the credential identifier and the factor combination, not the underlying biometric data. This keeps the on-bus data minimal and reduces the blast radius of any future bus-level vulnerability.

Crypto parity with the AXON family

The exact crypto parameters used on the SBT-TRF align with the rest of the AXON module family — same encryption posture, same anti-replay model, same key management story.

05 — Interface Layout

The final hardware layout is being finalised in the development phase. The user-facing and installer-facing surfaces are:

Surface	Function	Notes
Touch face	Smart-command interaction	Replaces the mechanical button. Capacitive sensing designed for the EMC immunity requirements of IEC 61326-3-1. Smart-command logic for things like long-press / gesture / floor selection.
RFID antenna area	Card credential capture	Co-located with the touch face for a single presentation gesture.
Fingerprint sensor	Biometric credential capture	Local matching; raw image never leaves the panel.
AXON BUS terminals	Bus communication	Encrypted differential pair to the AXON backbone.
Power IN / GND	Local supply	Voltage and current to be confirmed at release.
Status indicator	User feedback for authentication state	Indicates which factor is being requested and whether authentication succeeded.

06 — Security and Robustness

Multi-factor as a real defence

Multi-factor on the SBT-TRF is enforced by the panel itself within a configured window, not by the Master reassembling events after the fact. That matters: the Master sees one authenticated multi-factor event, not two independent events that happened to come from the same bus address close together in time. A would-be attacker cannot simulate multi-factor by sending two single-factor events in quick succession — the Master rejects single-factor events from panels configured as multi-factor.

Biometric template handling

Fingerprint templates are matched locally on the panel. The raw fingerprint image is not stored persistently or transmitted on the bus in normal operation. The enrollment flow — where templates are first registered — is being finalised in the current development cycle; the design intent is that enrollment is managed through the Master with templates stored on the panel for local matching at the access point.

Encrypted bus as a default

Encrypted AXON BUS communication is the default, not an optional add-on. There is no "diagnostic plaintext" mode that an attacker could trip the panel into; bus traffic is encrypted at all times in production firmware. Diagnostic visibility uses the rest of the AXON family's separate audit channel pattern rather than degrading the on-bus encryption.

Fail-closed behaviour

If communication with the AXON Master is lost, the recommended default for SBT-TRF-protected access points is fail-closed. In a multi-tenant or restricted-access scenario, briefly denying access during a Master outage is far preferable to inadvertently allowing it. The exact failure policy is configurable per channel because a small number of cases — for example a fire-mode override — must explicitly fail open under safety regulation.

07 — Real-World Deployment Scenarios

Premium residential tower in Prishtinë

A new-build premium residential tower in Prishtinë wants tenant access by RFID with the option to enable fingerprint as a second factor for the penthouse and amenity floors. SBT-TRF panels are installed at each landing. Most floors are configured for RFID-only, while the top three floors and the gym/spa floor run in multi-factor mode. The AXON Master applies tenant-to-floor mappings and time windows. A tenant who reports a lost card has it revoked centrally; the next time that card is presented anywhere in the building, the panel reports the event and the Master refuses.

Mid-rise office in Tiranë with controlled floors

A 9-floor office building in Tiranë has open access to the lobby and three tenant floors during business hours, restricted access to two back-of-house floors at all times, and visitor flow through a reception. SBT-TRF panels at the landings authenticate by RFID for tenants. The Master enforces the time-window policy for the open floors and requires multi-factor on the back-of-house floors. Visitor cards are issued from reception with short validity windows.

Hospital wing with role-based access

In a hospital, SBT-TRF panels guard staff-only wings. Medical, administrative, cleaning, and contractor classes each have their own time windows on the Master. Multi-factor (RFID + fingerprint) is enforced on a small number of high-sensitivity entry points such as the pharmacy floor. Audit logs feed the hospital's compliance reporting from a single source rather than from separate reader and controller logs.

Boutique hotel with staff-only floors

A boutique hotel uses SBT-TRF in cabin and at staff-floor landings. Guests authenticate by RFID with their room card; staff use multi-factor on back-of-house floors. The unified audit log shows exactly who accessed where, which is the operational concern the hotel actually has — incidents are investigated against a single source of truth, not a collection of reader logs.

08 — Installation Requirements

• Power: a stable DC supply at the panel location. Voltage and current draw will be finalised at release.
• AXON BUS cabling: a dedicated twisted pair from the panel back to the AXON backbone. Keep the bus away from mains and motor cabling.
• Mounting: the panel is intended for fixed installation at landings, cabin walls, or building entrances. Final form factor and back-box dimensions are part of the development phase.
• Antenna and sensor clearance: avoid mounting the panel behind metal trim that would attenuate the RFID antenna, and avoid placement where the fingerprint sensor will be exposed to direct sunlight or moisture beyond its environmental rating.
• Enrollment workflow: plan the biometric enrollment process before deployment. Enrolling tenants at the moment of building handover is far simpler than chasing them individually later.
• Commissioning: confirm that every panel registers on the AXON BUS with a unique address, that the Master sees authenticated events from each, and that the configured authentication mode matches the policy expected for each access point.

09 — Recommended Topology

Like the rest of the AXON family, the SBT-TRF is one node on the shared AXON BUS. The recommended deployment shapes are:

1. Per-landing panels on a single bus. One SBT-TRF panel at each landing in a multi-floor building, all on a single AXON BUS running through the riser back to the AXON Master in the building services area. This is the common case in residential towers and mid-rises.
2. Mixed-modality topology. SBT-TRF panels at landings for user-facing access, AXON Nodes for floor-level access where appropriate, and AXON CCU-32 in the cabin. All report into the same Master and share a single audit log.
3. Selective multi-factor. Most landings run in RFID-only mode; a small number of high-security access points are configured for multi-factor. Mode is a per-panel configuration, not a hardware variant.

Keep the bus topology linear with short stubs to each panel. Avoid star topologies. Terminate the bus at both physical ends only. Do not run the AXON BUS pair parallel to mains feed cables or contactor coils — induced noise eats into the bus error budget on any industrial bus, including this one.

10 — Troubleshooting Guide

The panel does not wake on user approach

The touch surface or proximity activation may be miswired or the panel may not be powered. Confirm DC supply at the panel terminals first; then verify the touch-face calibration in the panel's configuration. If the panel boots but the touch surface is unresponsive, escalate as a hardware issue with the unit's serial.

RFID cards are not recognised

First confirm the card type matches the panel's supported RFID standard. Mismatched card stock is the most common cause of "the reader is broken". Second, check that the panel is not mounted behind metal trim that attenuates the antenna. Third, look at the panel's audit output for whether the card is being read but rejected by the Master — that is a permission issue, not a reader issue.

Fingerprint authentication fails repeatedly for one user

Re-enrol the fingerprint. Skin condition, sensor wear, and original enrollment quality all degrade the match rate over time. The Master should show a pattern of failed fingerprint attempts for one credential ID; that is the cleanest signal to act on. If many users are failing simultaneously, the sensor itself or its calibration is the suspect.

Multi-factor never succeeds even though both factors work individually

The multi-factor window may be too short for real-world user behaviour, or the second factor may be requested before the first is fully released. Tune the window and the input sequencing in the panel configuration. The Master should report failed multi-factor events with a reason code indicating which factor expired.

Authenticated events are not reaching the Master

Either an AXON BUS physical-layer problem — missing or excess termination, noisy parallel run with motor cabling, marginal connector — or a panel addressing conflict. If two panels share the same bus address, both will fail to deliver cleanly. Each panel must have a unique address on the bus.

11 — How AXON SBT-TRF Compares to Alternatives

• Mechanical button + separate Wiegand reader. Cheap, ubiquitous, and vulnerable: the Wiegand interconnect between reader and controller is plaintext and trivially cloneable. SBT-TRF unifies the surface and keeps everything inside one panel that speaks encrypted AXON BUS directly to the Master.
• OSDP reader with Secure Channel. A genuine step up from Wiegand. Adds encryption between reader and controller, but ties you to OSDP-compatible readers and does not, on its own, give you a touch surface or biometric. SBT-TRF integrates all three modalities and lives on the AXON BUS rather than yet another protocol family.
• Reader + biometric + button as separate devices. Workable but expensive in cabling, addresses, and audit-log fragments. SBT-TRF collapses them into one panel with one bus address and one event per authentication.
• Mobile-only credentials (Bluetooth/NFC). Convenient but inherits the trust model of the user's phone, which is not under the building owner's control. SBT-TRF can complement a phone credential — phone for RFID-equivalent path, fingerprint as the second factor on restricted floors — but the panel itself does not require a phone, which matters in residential buildings with a wide demographic.

12 — Current Implementation Status and Roadmap

What is confirmed today

• Smart panel with capacitive touch surface and smart-command logic.
• RFID + biometric fingerprint on the same device.
• Three authentication modes: RFID, Fingerprint, Multi-Factor.
• Encrypted AXON BUS communication.
• Integration with AXON Master for unified elevator command and central audit.

What is being finalised

• Exact RFID standard, frequency, and supported credential format.
• Fingerprint sensor model, template format, and template storage strategy.
• Operating voltage, current draw at peak, and environmental rating.
• Panel form factor, back-box dimensions, and mounting hardware.
• Crypto parameter parity with the rest of the AXON module family on the AXON BUS.
• Resolution of the catalogue title-vs-content mismatch flagged at the top of this page.

What is planned beyond v1

• Optional mobile credential path (NFC / BLE) alongside RFID and fingerprint, where the deployment justifies it.
• Expanded touch-surface gesture set for floor selection and intercom integration.
• Per-device keys via a secure element, consistent with the wider AXON roadmap.

13 — Key Takeaways

14 — Frequently Asked Questions

What is the AXON SBT-TRF in one sentence?

A smart access panel with touch, RFID, and biometric fingerprint, with optional multi-factor validation, communicating with the AXON Master over the encrypted AXON BUS for unified and auditable elevator command.

How does multi-factor work on a button?

Both authentication paths — RFID and fingerprint — must succeed within a configurable window on the panel. The panel reports a single authenticated multi-factor event to the Master only if both succeed. Either failure or a window timeout reports as a failed multi-factor attempt.

Why combine touch, RFID, and biometric in one device?

To collapse the cabling, the addresses, and the audit fragments of a multi-device installation into one unified, auditable surface — and to eliminate the plaintext interconnect that exists between a separate reader and a separate controller in legacy designs.

What does encrypted AXON BUS communication mean here?

All traffic between the panel and the Master is encrypted on the bus. A passive listener sees ciphertext, not credentials or authentication results. This neutralises the most common cloning attacks on legacy installations.

Are fingerprints stored locally or centrally?

Templates are matched locally on the panel; raw fingerprint images do not cross the bus. The enrollment and storage workflow is being finalised in the current development cycle; design intent is Master-managed enrollment with local matching.

How does the panel integrate with the AXON Master?

As an addressable node on the encrypted AXON BUS. The panel publishes authenticated events; the Master evaluates them against permission policy and issues elevator commands back on the same bus.

Where is the panel installed?

At elevator landings, in cabins, on building entrances, and at controlled doors — anywhere a mechanical button or access surface would normally live.

What is the development status?

In development. Role and authentication model are confirmed. Hardware-level specifications and the catalogue title-vs-content mismatch are being resolved.

How is this different from a reader + button design?

One panel, one bus address, one authenticated event per access attempt, encrypted end-to-end. No plaintext Wiegand interconnect, no split audit log, no race between which device completes its event first.

Can the panel run without the AXON Master?

Not in production. The Master is authoritative. The exact failure policy if the Master is briefly unreachable is configurable per channel, with fail-closed as the recommended default for restricted access points.

15 — Related Guides and Products

16 — Specify SBT-TRF for Your Building

Planning a new build or refit in Kosovo, Albania, or the wider region where you need a unified access surface with multi-factor capability and central audit? Because SBT-TRF is in development, please contact AXON to confirm timing, align on the authentication mode required for each access point, and resolve the catalogue title-vs-content mismatch noted at the top of this page before committing budget.

References and Standards

• ISO/IEC 19794-2 — Biometric data interchange formats: Finger minutiae data
• ISO/IEC 14443 — Cards and security devices for personal identification: Contactless proximity objects
• IEC 61326-3-1 — EMC requirements for safety-related systems and equipment intended to perform safety-related functions
• NIST SP 800-63B — Digital Identity Guidelines: Authentication and Lifecycle Management