Safran MA SIGMA, MA SIGMA WR, MA SIGMA iCLASS, MA SIGMA iClass WR, MA SIGMA Multi Administration Manual
...
COPYRIGHT© 2016-2017 Morpho
MorphoAccess® SIGMA Family
Administration Guide
Osny, France
MorphoAccess® SIGMA Family Administrator Guide
Introduction
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
2
July 17
WARNING
COPYRIGHT© 2016-2017All rights reserved.
Information in this document is subject to change without notice and do not represent a
commitment on the part of Morpho. No part of this document may be reproduced or
transmitted in any form or by any means, electronic or mechanical, including photocopying or
recording, for any purpose without the express written permission of Morpho.
This legend is applicable to all pages of this document.
This manual makes reference to names and products that are trademarks of their respective
owners.
PROPRIETARY RIGHTS
This document contains information of a proprietary nature to Morpho and is submitted in
confidence for a specific purpose. The recipient assumes custody and control and agrees that
this document will not be copied or reproduced in whole or in part, nor its contents revealed in
any manner or to any person except to meet the purpose for which it was delivered.
This caveat is applicable to all the pages of this document.
MorphoAccess® SIGMA Family Administrator Guide
Revision History
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
3
July 17
Version
Date
Description
01
April 2017
First version MorphoAccess® SIGMA Family Administration Guide
Created from:
2014_0000002196_v11- MA SIGMA - Administration Guide
2015_2000010196_v8 - MorphoAccess® SIGMA Lite Series
Administrator Guide
02
June 2017
OSDP support added
Seos card support added
Note about partionned usb key that should not be used
Note about encoding card with only one finger that is not supported
Note about encoded name and first name that are limited to 20
caracters
Note about the behavior during second biometric attempt with MALite
Note about transaction logs that should be erase
Replace alphanumeric PIN by numeric PIN in webserver
03
July 2017
New administrator profile : Limited database admin (refer to Section 5
: MorphoAccess® Terminal Administration Menu)
Update first boot-up for MALITE terminal in LED – Buzzer Sequence
chapter
Revision History
The table below contains the history of changes made to the present document.
MorphoAccess® SIGMA Family Administrator Guide
Introduction
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
4
July 17
Table of Contents
WARNING ............................................................................................................................ 2
REVISION HISTORY ............................................................................................................... 3
SECTION 1 : INTRODUCTION ............................................................................................... 14
MorphoAccess® SIGMA Family Series Terminal................................................................ 15
Scope of the document ................................................................................................... 16
About Biometrics ............................................................................................................ 18
About fingerprint biometrics ............................................................................................... 18
Templates supported ........................................................................................................... 19
Notation ............................................................................................................................... 20
SECTION 2 : CONNECTING THE TERMINAL TO A PC .............................................................. 22
General .......................................................................................................................... 23
Why would one connect the terminal to a PC? ................................................................... 23
Connection methods ............................................................................................................ 23
Network parameter initialization ........................................................................................ 23
Point to Point Ethernet Connection ................................................................................. 24
Connection through only one Ethernet switch ................................................................. 25
Connection through a LAN .............................................................................................. 26
Description ........................................................................................................................... 26
LAN with DNS Server............................................................................................................ 26
LAN without DNS Server ...................................................................................................... 27
Static IP address (DHCP disabled) ........................................................................................ 27
Dynamic IP address (DHCP enabled) ................................................................................... 27
Wi-Fi™ Network configuration ........................................................................................ 28
Requirements ....................................................................................................................... 28
Configuration ....................................................................................................................... 28
Troubleshooting ................................................................................................................... 28
SECTION 3 : TERMINAL CONFIGURATION AND ADMINISTRATION ....................................... 29
Understanding MorphoAccess® Configuration ................................................................. 30
Presentation ........................................................................................................................ 30
Modifying the value of a parameter ................................................................................... 30
Configuring a Networked MorphoAccess® ....................................................................... 31
Introduction ......................................................................................................................... 31
Network factory settings ..................................................................................................... 32
MorphoAccess® SIGMA Family Administrator Guide
Introduction
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
5
July 17
Date/Time settings .............................................................................................................. 32
SSL Securing ......................................................................................................................... 32
Network Wi-Fi™ configuration ............................................................................................ 33
MorphoAccess® Terminal Database Management .......................................................... 34
General ................................................................................................................................ 34
Adding a user to the database ............................................................................................ 34
Removing a user from the database ................................................................................... 34
Database Size ...................................................................................................................... 35
MorphoAccess® Terminal License Management .............................................................. 36
User licenses ........................................................................................................................ 37
Log licenses .......................................................................................................................... 37
Communication licenses ...................................................................................................... 38
Access Control license .......................................................................................................... 38
Time and Attendance (T&A) license .................................................................................... 39
Basic Licenses ...................................................................................................................... 39
Getting a license for a MorphoAccess® SIGMA Family terminal ......................................... 39
Checking licenses installed in the terminal with license manager application ................... 39
Installing a new license ........................................................................................................ 42
Terminal Firmware Upgrade ........................................................................................... 43
How to get latest version of firmware ................................................................................. 43
How to upgrade the firmware ............................................................................................. 43
Firmware upgrade using a USB Mass Storage Key ............................................................. 43
Firmware upgrade tool for expert users .............................................................................. 43
MorphoAccess® SIGMA Family Modes ............................................................................. 45
MorphoAccess® 500 or J Series legacy mode ...................................................................... 45
L-1 Bioscrypt 4G Series legacy mode ................................................................................... 45
MorphoAccess® SIGMA Family native mode ....................................................................... 47
SECTION 4 : MORPHOACCESS® TERMINAL FIRST BOOT ASSISTANT ...................................... 48
Assistant Initialization .................................................................................................... 49
Date & Time Configuration ............................................................................................. 51
Trigger Event .................................................................................................................. 55
Language Configuration ................................................................................................. 57
Show/Hide Language Icon .............................................................................................. 59
Ethernet Interface Settings ............................................................................................. 60
Wi-Fi™ Configuration ...................................................................................................... 63
Protocol Configuration .................................................................................................... 70
MorphoAccess® SIGMA Family Administrator Guide
Introduction
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
6
July 17
Password Configuration .................................................................................................. 72
First Boot Assistance At Next Boot Configuration ............................................................ 74
Recover Corrupted Components ...................................................................................... 76
SECTION 5 : MORPHOACCESS® TERMINAL ADMINISTRATION MENU ................................... 77
Access to Administration Menu ....................................................................................... 78
User Menu ...................................................................................................................... 80
User Enrollment in Database ............................................................................................... 81
User Enrolment in Card........................................................................................................ 97
User Enrolment in Card & Database ................................................................................. 100
Update User Information................................................................................................... 102
Authenticate User .............................................................................................................. 105
Delete User ........................................................................................................................ 106
Card Manager .................................................................................................................... 111
Multimedia menu ......................................................................................................... 146
Audio Settings .................................................................................................................... 147
Video Settings .................................................................................................................... 150
Images Settings ................................................................................................................. 153
System Menu ................................................................................................................ 156
Terminal Configurations .................................................................................................... 157
Network Time Protocol Server (NTP Server) ...................................................................... 160
Transaction Log ................................................................................................................. 178
Miscellaneous Settings ...................................................................................................... 184
Web Server ........................................................................................................................ 188
Error Log Configuration ..................................................................................................... 189
Sensor Log Configuration .................................................................................................. 191
Communication menu ................................................................................................... 193
Security recommendation ................................................................................................. 194
Ethernet Network Configuration ....................................................................................... 194
Wi-Fi™ Network Configuration .......................................................................................... 196
Mobile Network Configuration .......................................................................................... 196
Configure Hostname .......................................................................................................... 200
Serial Parameters .............................................................................................................. 201
Security Menu .............................................................................................................. 204
User Control Settings ......................................................................................................... 205
Anti-Tamper Switch For Terminal Security ........................................................................ 220
Network & Communication Security Settings ................................................................... 224
MorphoAccess® SIGMA Family Administrator Guide
Introduction
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
7
July 17
Terminal Settings > Communication > Communication Channels Configuration ............. 236
Additional User Verification Settings................................................................................. 240
Change LCD Password ....................................................................................................... 243
Additional User Control Settings ....................................................................................... 245
USB Menu..................................................................................................................... 251
Format USB Mass Storage device ...................................................................................... 252
Initialize USB Mass Storage device .................................................................................... 254
Import Data into Terminal ................................................................................................. 256
How to Import User Database ........................................................................................... 257
How to Import Contectless key .......................................................................................... 260
How to Import Language ................................................................................................... 262
Export Data in USB Mass Storage Device .......................................................................... 265
How to Export & View Transaction Logs ........................................................................... 266
How to Export Error Logs ................................................................................................... 269
How to Export User Database ........................................................................................... 271
How to Export Contectless key .......................................................................................... 273
Information Menu ........................................................................................................ 276
View Device Details ........................................................................................................... 277
View Firmware Information .............................................................................................. 279
View Sensor Revision Information ..................................................................................... 280
View Communication Parameters ..................................................................................... 281
View Memory Status ......................................................................................................... 284
View User Status ................................................................................................................ 285
View Transaction Log Status ............................................................................................. 287
Reboot Terminal ........................................................................................................... 288
SECTION 6 : MORPHOACCESS® TERMINAL : VIDEOPHONE FACILITY ................................... 290
Introduction to Videophone .......................................................................................... 291
Configure Video Phone Server ....................................................................................... 292
Viewing Video Phone Server Details .............................................................................. 295
Delete Video Phone Server ............................................................................................ 296
How User can make Video Call ...................................................................................... 298
SECTION 7 : TERMINAL MENU FOR MORPHOACCESS® SIGMA LITE+ SERIES ....................... 301
MorphoAccess® SIGMA Lite+ Series terminal Screens .................................................... 302
Terminal Home Screen....................................................................................................... 302
Terminal Information Menu .............................................................................................. 302
Terminal Details ................................................................................................................. 303
MorphoAccess® SIGMA Family Administrator Guide
Introduction
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
8
July 17
Communication Details ..................................................................................................... 304
Steps to Setup Wallpaper .............................................................................................. 305
Recover Corrupted Components .................................................................................... 306
Display Screens and Actions .......................................................................................... 307
SECTION 8 : TERMINAL CONFIGURATION THROUGH WEBSERVER ..................................... 311
Access to Administration Menu through Webserver ...................................................... 312
Login to Webserver ............................................................................................................ 314
User Enrollment in Database ............................................................................................. 315
User Enrolment in Card...................................................................................................... 321
User Enrolment in Card & Database ................................................................................. 323
Update User Information................................................................................................... 325
Delete User ........................................................................................................................ 327
Card Manager .................................................................................................................... 329
SECTION 9 : USB SCRIPTS .................................................................................................. 343
USB Scripts ................................................................................................................... 344
SECTION 10 : ACCESS CONTROL .................................................................................... 345
Access control presentation .......................................................................................... 346
Typical architecture of an access control system .............................................................. 346
Typical access control process ........................................................................................... 347
Preliminary: adding a biometric template in local database .......................................... 348
MorphoAccess® SIGMA Family terminal operating modes ............................................. 349
Standalone mode or Slave mode ....................................................................................... 349
Standalone mode: Identification and/or Authentication .................................................. 349
Access Control Process in Identification Mode .................................................................. 350
Access Control Process in Authentication Mode ............................................................... 351
Access Control Process for VIP Users ................................................................................. 352
Access Control Result .................................................................................................... 353
Information for the User .................................................................................................... 353
Information for the Administrator..................................................................................... 353
Integration in an Access Control System ........................................................................... 353
Access Granted .................................................................................................................. 354
Access Denied .................................................................................................................... 354
SECTION 11 : ACCESS CONTROL BY IDENTIFICATION ......................................................... 355
Identification Mode Description .................................................................................... 356
Identification Process ........................................................................................................ 356
Access Control by Identification ........................................................................................ 356
MorphoAccess® SIGMA Family Administrator Guide
Introduction
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
9
July 17
Result of the access control request .................................................................................. 356
User’s Data required in the terminal ................................................................................. 356
Identification Modes (database extension licenses) ......................................................... 356
Compatibility with Access Control Systems ....................................................................... 357
User Interface .................................................................................................................... 358
SECTION 12 : ACCESS CONTROL BY AUTHENTICATION ....................................................... 359
Authentication Process ................................................................................................. 360
Introduction ....................................................................................................................... 360
Authentication process ...................................................................................................... 360
Access control by authentication ...................................................................................... 360
Contactless Smart Card ..................................................................................................... 361
List of contactless cards validated ..................................................................................... 361
Authentication Process Options ........................................................................................ 363
Manual bypass of biometric control .................................................................................. 363
Automatic bypass of biometric control ............................................................................. 365
Result of access control check ........................................................................................... 365
Compatibility with Access Control Systems ....................................................................... 365
Selection of user’s contactless card type (MIFARE® and/or DESFire®).............................. 366
Biometric check, biometric data on user's card .............................................................. 368
Description ......................................................................................................................... 368
User’s data required in the terminal ................................................................................. 368
User’s data required on the user’s card ............................................................................ 368
Activation key .................................................................................................................... 368
User Interface .................................................................................................................... 369
PIN verification - PIN stored on card .............................................................................. 370
Description ......................................................................................................................... 370
User’s data required in the terminal ................................................................................. 370
User’s data required on the user’s card ............................................................................ 370
Activation key .................................................................................................................... 371
User Interface .................................................................................................................... 372
BIOPIN verification - BIOPIN stored on card ................................................................... 373
Description ......................................................................................................................... 373
User’s data required in the terminal ................................................................................. 373
User’s data required on the user’s card ............................................................................ 373
Activation key .................................................................................................................... 373
User Interface .................................................................................................................... 374
MorphoAccess® SIGMA Family Administrator Guide
Introduction
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
10
July 17
Biometric check and biometric data in local database ................................................... 375
Description ......................................................................................................................... 375
User’s data required in the terminal ................................................................................. 375
User’s data required on the user’s card ............................................................................ 375
Activation key .................................................................................................................... 376
User interface .................................................................................................................... 376
Authentication with local database: User ID entered from keyboard ............................. 377
Description ......................................................................................................................... 377
Activation key .................................................................................................................... 377
Authentication with local database: ID input from Wiegand or Clock & Data ................. 378
Description ......................................................................................................................... 378
Activation key .................................................................................................................... 378
Wiegand Frame Configuration .......................................................................................... 380
Site-code Propagation ....................................................................................................... 381
Wiegand frame example (26 bits) ..................................................................................... 381
No biometric check, no User ID check ............................................................................ 382
Description ......................................................................................................................... 382
User’s data required in the terminal ................................................................................. 382
User’s data required on the user’s card ............................................................................ 382
Activation key .................................................................................................................... 383
User Interface .................................................................................................................... 383
No biometric check, User Identifier in the database ....................................................... 384
Description ......................................................................................................................... 384
User’s data required in the terminal ................................................................................. 384
User’s data required on the user’s card ............................................................................ 384
Activation key .................................................................................................................... 385
User Interface .................................................................................................................... 386
Authentication process specified by User's card ............................................................. 387
Description ......................................................................................................................... 387
User’s data required in the terminal ................................................................................. 387
User’s data required on the user’s card ............................................................................ 387
Activation key .................................................................................................................... 388
User Interface .................................................................................................................... 388
Allowed format for User's identifier .............................................................................. 390
TLV structured data ........................................................................................................... 390
Binary Data ........................................................................................................................ 392
MorphoAccess® SIGMA Family Administrator Guide
Introduction
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
11
July 17
SECTION 13 : MULTIFACTOR ACCESS CONTROL MODE ...................................................... 395
Multi-factor Mode ........................................................................................................ 396
Description ......................................................................................................................... 396
User Interface .................................................................................................................... 396
User’s data required in the terminal ................................................................................. 396
User’s data required on the user’s card ............................................................................ 396
Activation keys ................................................................................................................... 397
SECTION 14 : TAMPER SETTINGS FOR TERMINAL SECURITY ............................................... 398
Tamper Setting for Terminal Security ............................................................................ 399
SECTION 15 : WIEGAND CONFIGURATIONS ....................................................................... 400
Wiegand Parameters Settings ....................................................................................... 401
Wiegand Parameters Configuration through Webserver ................................................. 402
SECTION 16 : THREAT LEVEL CONFIGURATIONS ................................................................ 405
Threat Level Configuration ............................................................................................ 406
Threat Level Configuration through Webserver ................................................................ 406
SECTION 17 : TIME AND ATTENDANCE CONFIGURATION ................................................... 408
Time and Attendance Synoptic ...................................................................................... 409
T&A Mode in MorphoAccess® SIGMA Lite+ Series ............................................................ 411
T&A Mode Mandatory or Optional Scenarios ................................................................... 415
Time and Attendance configuration through Webserver ................................................. 416
T&A - Mandatory Mode Work Flow Diagram ................................................................... 418
T&A - Non Mandatory Mode Work Flow Diagram ............................................................ 419
SECTION 18 : CONFIGURING SCHEDULES ........................................................................... 420
Configuring Schedules ................................................................................................... 421
Define Access Schedule ...................................................................................................... 421
Define Holiday Schedule .................................................................................................... 425
SECTION 19 : CONTROLLER FEEDBACK .............................................................................. 429
Controller Feedback ...................................................................................................... 430
SECTION 20 : OSDP PROTOCOL SUPPORT .......................................................................... 434
Description ......................................................................................................................... 435
Configurations ................................................................................................................... 435
OSDP Commands and Responses ................................................................................... 436
SECTION 21 : USER CONTROL CONFIGURATIONS ............................................................... 441
User Control Configurations .......................................................................................... 442
SECTION 22 : EVENT CONFIGURATIONS ............................................................................ 446
Event Configurations .................................................................................................... 447
MorphoAccess® SIGMA Family Administrator Guide
Introduction
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
12
July 17
SECTION 23 : MMI (MAN-MACHINE INTERFACE) CONFIGURATIONS .................................. 449
MMI (Man-Machine Interface) Menu ............................................................................ 450
SECTION 24 : PROXY MODE .............................................................................................. 452
Presentation of Proxy (or slave) mode ........................................................................... 453
Process ............................................................................................................................... 453
Local signals ....................................................................................................................... 454
Proxy mode use sample ..................................................................................................... 455
Proxy mode activation ....................................................................................................... 455
SECTION 25 : POLLING MODE ........................................................................................... 456
Presentation of Polling mode ........................................................................................ 457
Process ............................................................................................................................... 457
Polling mode activation ..................................................................................................... 458
SECTION 26 : MESSAGES SENDING .................................................................................... 459
Principle ....................................................................................................................... 460
Events .......................................................................................................................... 461
Sending Interfaces ........................................................................................................ 462
SECTION 27 : COMPATIBILITY WITH AN ACCESS CONTROL SYSTEM ................................... 463
Internal Relay activation on Access Granted result ........................................................ 464
Description ......................................................................................................................... 464
Activation key .................................................................................................................... 465
Configuration key .............................................................................................................. 466
External activation of the internal relay ........................................................................ 467
Description ......................................................................................................................... 467
Activation key .................................................................................................................... 468
Configuration key .............................................................................................................. 468
Access Request Result Log File ...................................................................................... 469
Description ......................................................................................................................... 469
Log File management ........................................................................................................ 469
Log File size ........................................................................................................................ 469
Activation key .................................................................................................................... 470
Sending an Access Control Result Message .................................................................... 471
Presentation ...................................................................................................................... 471
Ports and protocols ............................................................................................................ 471
Serial Port (Output only) .................................................................................................... 472
Ethernet port ..................................................................................................................... 474
Wi-Fi™ Channel .................................................................................................................. 474
MorphoAccess® SIGMA Family Administrator Guide
Introduction
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
13
July 17
Note about Terminal Clock Deviation ................................................................................ 475
SECTION 28 : TERMINAL USER INTERFACE ......................................................................... 476
Audio Man Machine Interface ....................................................................................... 477
Audible signal .................................................................................................................... 477
Terminal States .................................................................................................................. 478
Enrolment .......................................................................................................................... 481
LED – Buzzer Sequence ...................................................................................................... 483
SECTION 29 : COMPATIBILITY ACCESSORIES, SOFTWARE LICENSES AND SOFTWARE
APPLICATIONS.................................................................................................................. 486
Compatible Accessories & Software Licenses ................................................................. 487
Compatible software applications ................................................................................. 488
SECTION 30 : RECOMMENDATIONS .................................................................................. 489
Warning ....................................................................................................................... 490
General precautions .......................................................................................................... 490
Areas containing combustibles .......................................................................................... 490
Specific precautions for terminals fitted with a contactless smartcard reader ................ 490
SD card ............................................................................................................................... 491
Ethernet connection .......................................................................................................... 491
Date / Time synchronization ............................................................................................. 491
Cleaning precautions ......................................................................................................... 491
Recommended Conditions for Face Detection .................................................................. 492
ANNEX 1 : FINGER PLACEMENT RECOMMENDATION ....................................................... 493
ANNEX 2 : COMPARISON OF AUTHENTICATION MODE WITH CONTACTLESS CARD ........... 500
ANNEX 3 : BIBLIOGRAPHY ............................................................................................... 503
ANNEX 4 : GLOSSARY, ACRONYMS AND ABBREVIATION .................................................. 511
ANNEX 5 : SUPPORT ........................................................................................................ 515
MorphoAccess® SIGMA Family Administrator Guide
Introduction
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
14
July 17
Section 1 : Introduction
MorphoAccess® SIGMA Family Administrator Guide
Introduction
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
15
July 17
MorphoAccess® SIGMA Family Series Terminal
Congratulations for choosing a MorphoAccess® SIGMA Family Series Automatic Fingerprint
Recognition Terminal.
MorphoAccess® SIGMA Family provides an innovative and effective solution for access control
applications using Fingerprint identification.
Amongst a range of alternative biometric technologies, the use of finger imaging has significant
advantages, i.e., each finger constitutes an unalterable physical signature, developed before
birth and preserved until death. Unlike DNA, a finger image is unique for each individual; even
identical twins.
The MorphoAccess® SIGMA Family Series terminals integrate Morpho image processing and
feature matching algorithms. This technology is based on lessons learned during 25 years of
experience in the field of biometric identification and the creation of literally millions of
individual fingerprint identification records.
Designed for physical access control applications, MorphoAccess® SIGMA Family Series
terminals feature a compact, attractive design, coupled with high reliability and security. These
th
5
generation terminals are both robust and easy to use for a variety of applications, including
office, headquarters and administrative building security, as well as protection of external
access points.
To ensure the most effective use of terminal, an administrator should read this User Guide
thoroughly.
MorphoAccess® SIGMA Family Administrator Guide
Introduction
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
16
July 17
Terminal
Series
Terminal Name
Biometrics
Contactless smartcard reader
Outdoor
iCLASS®
iCLASS®
SE
MIFARE®
DESFire®
NFC®
Prox
®
MorphoAccess®
SIGMA Series
MorphoAccess® SIGMA
MorphoAccess® SIGMA
WR
MorphoAccess® SIGMA
iCLASS®
MorphoAccess® SIGMA
iCLASS® WR
MorphoAccess® SIGMA
Multi
MorphoAccess® SIGMA
Multi WR
MorphoAccess® SIGMA
Prox
MorphoAccess® SIGMA
Prox WR
MorphoAccess®
SIGMA Lite
Series
MorphoAccess® SIGMA
Lite
MorphoAccess® SIGMA
Lite+
Scope of the document
This document is intended to guide administrators on ‘How to setup and use’ the
MorphoAccess® SIGMA Family Series terminal. It also talks about capabilities, and the possible
configurations that can be done along with detailed steps and snapshots. On top of this an
administrator can learn about access control processes, compatibility with access control
systems, Time & Attendance mode and how terminal is configurable through Webserver.
In order to setup and use the MorphoAccess® SIGMA Family terminal in the most efficient way,
it is recommended for the Administrator to thoroughly read this guide.
MorphoAccess® SIGMA Family Administrator Guide
Introduction
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
17
July 17
Terminal
Series
Terminal Name
Biometrics
Contactless smartcard reader
Outdoor
iCLASS®
iCLASS®
SE
MIFARE®
DESFire®
NFC®
Prox
®
MorphoAccess® SIGMA
Lite iCLASS®
MorphoAccess® SIGMA
Lite + iCLASS®
MorphoAccess® SIGMA
Lite Multi
MorphoAccess® SIGMA
Lite + Multi
MorphoAccess® SIGMA
Lite Prox
MorphoAccess® SIGMA
Lite + Prox
MorphoAccess®
SIGMA Extreme
Series
MorphoAccess® SIGMA
Extreme iCLASS®
MorphoAccess® SIGMA
Extreme Multi
MorphoAccess® SIGMA
Extreme Prox
MorphoAccess® SIGMA
Extreme FFD iCLASS®
MorphoAccess® SIGMA
Extreme FFD Multi
MorphoAccess® SIGMA
Extreme FFD Prox
NOTE: Here, WR indicates terminal is Weather Resistant.
MorphoAccess® SIGMA Family Administrator Guide
Introduction
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
18
July 17
About Biometrics
About fingerprint biometrics
Fingerprints are permanent and unique. They are formed before birth and last throughout one's
life. Classification and systematic matching of fingerprints for different purposes have been in
use since the late 19th century.
The skin on the underside of fingers is different from the skin on other areas of a human body.
This skin has raised lines called; ‘ridges’.
These ridges do not run continuously from one side to the other, rather they may curve, end, or
divide into two or more ridges (bifurcation and endings). Barring accidental or intentional
mutilation, the ridge arrangement is permanent.
Fingerprints can be divided into three major ridge patterns such as Whorls, Loops and Arches.
Unique characteristics known as Minutiae identify those points of a fingerprint wherein the
ridges become either bifurcation or endings, as illustrated in Figure 1. These minutiae are the
unique features, which form the basis of any system using fingerprint comparison techniques
for identification and verification purposes.
Figure 1: Minutiae are classified in two categories i.e. ridge ending and bifurcation
Fingerprint is a mature biometrics, in use for various applications based on individual’s
authentication or identification, as it offers an excellent trade-off between criterias such as user
acceptance, easiness of use, performance, stability, cost effectiveness and interoperability.
Since the early eighties, Morpho has carried an extensive research in the field of studying
fingerprints and continually refined its expertise in the domain of fingerprint based recognition
systems. It has lead the market in studied fingerprint characteristics and continually refined its
expertise in fingerprint identification technology, developing first AFIS systems (Automated
Fingerprint Identification Systems) and then applying its unique know-how and worldwide
leading position to markets such as physical access control (premises), logical access control
(computers and networks), secure payment transactions and OEM applications.
MorphoAccess® SIGMA Family Administrator Guide
Introduction
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
19
July 17
Templates supported
Morpho terminals are able to manage external templates. Following is the list of supported
templates.
Morpho private fingerprint template formats
PK_COMPV2, fingerprint template format (minutiae).
PK_MAT, little endian fingerprint template format (minutiae).
PK_LITE, fingerprint template format (minutiae).
Morpho private multimodal template formats
PK_FVP multimodal template format.
L-1 Bioscrypt private fingerprint template formats
TEM from 4G, fingerprint template format (pattern) (only used for 1/1 matching)
VUR from 4G, fingerprint template format (pattern) (only used for 1/1 matching)
BUR from 4G, fingerprint template format (pattern and minutiae) (used for 1/1 and 1/N
matching)
Public fingerprint template formats
ANSI INCITS 378-2004, fingerprint template format
ISO/IEC 19794-2 2004, Finger Minutiae Record
ISO/IEC 19794-2 2004, Finger Minutiae Card Record:
Normal Size
Compact Size
Compact Size, minutiae ordered by Ascending Angle
MINEX_A, fingerprint template format
DIN V66400, Compact Size fingerprint template format (minutiae)
DIN V66400, Compact Size fingerprint template format (minutiae ordered by Ascending Angle)
MorphoAccess® SIGMA Family Administrator Guide
Introduction
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
20
July 17
Feature/Function name
SIGMA Series
SIGMA Extreme Series
SIGMA Lite Series
Feature 1
✔
✖
Feature 2
✔
✔
Feature
SIGMA Series
SIGMA Extreme Series
SIGMA Lite Series
Terminal Administration Menu
✔
✖
Webserver Application
✔
✔
Notation
Product support notation:
In this document, the term “MorphoAccess® SIGMA Family terminal” is considered either
“MorphoAccess® SIGMA” or “MorphoAccess® SIGMA Lite” or “MorphoAccess® SIGMA
Extreme” Series terminal, unless it is explicitly mentioned. The term “MorphoAccess® SIGMA
Lite” is also considered “MorphoAccess® SIGMA Lite+” Series terminal, unless it is explicitly
mentioned. The applicability of feature for SIGMA/SIGMA Extreme and SIGMA Lite product is
described using following table format :
As MorphoAccess® SIGMA Series and MorphoAccess® SIGMA Extreme Series have almost the
same functionalities, they are ususally in the same column except when it is necessary to detail.
MorphoAccess® SIGMA Series have a 5’’ touchscreen color LCD in landscape mode.
MorphoAccess® SIGMA Extreme Series have a 5’’ touchscreen color LCD in portrait mode.
For example, “Terminal Administration Menu” is available to SIGMA/SIGMA Extreme Series
product and not available to SIGMA Lite Series product. “Webserver Application” is available
to SIGMA and SIGMA Lite Series.
MorphoAccess® SIGMA Family Administrator Guide
Introduction
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
21
July 17
Parameter name
Value
Description
_ _ _
Parameter name
Value
Description
auth_param.additional_bio_c
heck_nb_attempt
1, 2 or 3
A value of “2” means that after a first incorrect
identification or authentication a second chance
is given to place finger on the biometric sensor.
Set this parameter to “1” to offer only one
attempt to place finger.
Set this parameter to “3” to offer 3 attempts.
Parameter description:
In this document a parameter is described using this format:
For example to allow additional attempt for biometric authentication:
MorphoAccess® SIGMA Family Administrator Guide
Connecting the Terminal to a PC
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
22
July 17
Section 2 : Connecting the
Terminal to a PC
MorphoAccess® SIGMA Family Administrator Guide
Connecting the Terminal to a PC
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
23
July 17
IP address Mode
Parameter
Factory value
Static
Terminal IP address
192.168.1.10
Gateway IP address
192.168.1.254
Sub network mask
255.255.254.0
Host name
MAsigma/MAsigma-lite/MAsigma-liteplus/MAextreme
General
Why would one connect the terminal to a PC?
The MorphoAccess® SIGMA Family terminal is designed to be able to run in standalone mode,
it means without any connection to a master system. But sometimes, a connection with a PC is
useful to perform tasks like:
Configuring the terminal.
Maintaining terminal: firmware upgrade, add a license (to unlock an optional feature)
Managing the database, i.e., adding or deleting or modifying the user data.
Managing log files, i.e., get or delete the log files.
Configuring the Wi-Fi™ connection.
Connection methods
The MorphoAccess® SIGMA Family terminal can be connected to a PC by an Ethernet cable,
either directly or through a LAN. The LAN can be reduced to only one Ethernet switch.
Once physically connected, the MorphoAccess® SIGMA Family terminal can be configured using
an application such as MorphoBioToolbox.
A POE (Power over Ethernet) current injector is mandatory if the MorphoAccess® SIGMA Family
terminal is not powered by the +12VDC/GND wires block.
Network parameter initialization
The ‘default’ network parameters of the MorphoAccess® SIGMA Family terminal are:
If the terminal’s default network parameter values cannot be used, it is recommended to refer
to the “Communication menu” to change these values.
MorphoAccess® SIGMA Family Administrator Guide
Connecting the Terminal to a PC
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
24
July 17
Point to Point Ethernet Connection
The MorphoAccess® SIGMA Family terminal can be connected directly to a PC by an Ethernet
cable.
The administrator needs to consider the points mentioned below prior to connecting the
terminal directly to a PC via an Ethernet cable.
If the Ethernet port of the PC does not support the Auto-MDIX feature, then a crossover
Ethernet cable is mandatory. If no crossover Ethernet cable is available, then a switch can be
used (please refer to “Connection through only one Ethernet switch”).
If the PC that the administrator uses is already connected to a LAN, then it must be either
disconnected from the LAN, or equipped with a 2nd network interface board. This 2nd network
board will be dedicated to the connection with the terminal. The administrator may need to
modify the network parameters of the PC, in that case a Network or LAN administrator should
be contacted for seeking the best solution.
Figure 2: Direct Point to Point Ethernet Connection
MorphoAccess® SIGMA Family Administrator Guide
Connecting the Terminal to a PC
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
25
July 17
Connect an administrator
computer to the Ethernet
(1, 2, 3 or 4) port.
Connect terminal
to Ethernet
Connection through only one Ethernet switch
The MorphoAccess® SIGMA Family terminal can be connected to a PC through an Ethernet
switch. This is useful when no crossover cable is available, in that case the administrator can use
one Ethernet switch and two Ethernet standard cables.
WARNING: an Ethernet HUB doesn’t allow a connection between two of its ports. An
Ethernet switch is really mandatory.
Figure 3: Connection through an Ethernet switch
MorphoAccess® SIGMA Family Administrator Guide
Connecting the Terminal to a PC
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
26
July 17
Connection through a LAN
Description
The administrator can also connect the MorphoAccess® SIGMA Family terminal to a PC via Local
Area Network (LAN) by specifying a unique IP address or host name.
The IP address could be static or dynamically assigned by the DHCP server in the network. If the
administrator chooses to specify the host name of the terminal as its unique identifier, then in
that case the ‘terminal name’ must be added to the DNS server database by the network
administrator.
Figure 4: Connection through LAN
The administrator is recommended to connect MorphoAccess® SIGMA Family terminals on a
dedicated network in order to reduce possibilities of fraudulent access to the configuration of
the terminal. It is advised to contact the network administrator for more information on LAN
security strategies.
Before the administrator connects the MorphoAccess® SIGMA Family terminal to a LAN, it is
necessary to configure the LAN parameters into the terminal. The values of these parameters
are to be provided and/or approved by the network administrator.
LAN with DNS Server
When a DNS server is available in the LAN, the PC can request the connection to the
MorphoAccess® SIGMA Family terminal by using its host name instead of its IP address.
The network administrator must add the MorphoAccess® SIGMA Family terminal host name to
the DNS server database, otherwise a TCP open session request using the terminal’s hostname
will fail.
MorphoAccess® SIGMA Family Administrator Guide
Connecting the Terminal to a PC
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
27
July 17
It is useful to specify the MorphoAccess® SIGMA Family terminal by its host name, when the
DHCP mode is enabled, as the IP address of the terminal can change after a power up.
LAN without DNS Server
This section helps the administrator in connecting the MorphoAccess® SIGMA Family terminal
to a LAN that does not have a DNS server or when host name cannot be added to the DNS Server
database.
The PC is not able to establish a connection with a terminal using its host name. An IP address
of the MorphoAccess® SIGMA Family. terminal is the only way to specify the terminal.
For standard use (excluding unscheduled maintenance operations), it is recommended that the
administrator should not enable DHCP mode in this case. This is because in the DHCP mode the
IP address for the terminal can change each time it is restarted.
Static IP address (DHCP disabled)
This is the easiest way for an administrator to connect a MorphoAccess® SIGMA Family terminal
to a LAN. In this case, the IP address of the terminal remains the same after each reboot and
the Host System needs to know only this IP address in order to establish a connection with the
terminal.
The IP address of the MorphoAccess® SIGMA Family terminal must be reserved in the router by
the network administrator. The network administrator must also provide and/or approve the
network parameter values for the terminal, i.e.:
The MorphoAccess® SIGMA Family terminal IP address,
Gateway IP address,
Local subnet masks value.
WARNING: If the MorphoAccess® SIGMA Family terminal uses an IP address already
assigned in the network, the connection to the terminal will be unstable.
Dynamic IP address (DHCP enabled)
When the administrator enables the DHCP mode in the terminal, the terminal IP address and
other networking parameters are assigned automatically from the DHCP Server (network
routers). This address could be different after each start-up as it depends on the DHCP strategy
defined for the LAN.
MorphoAccess® SIGMA Family Administrator Guide
Connecting the Terminal to a PC
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
28
July 17
Wi-Fi™ Network configuration
Requirements
Wi-Fi™ connection is available under the following mandatory conditions:
The administrator must have plugged in a Morpho Wi-Fi™ USB adapter in the rear USB
port of the terminal.
Please refer to “MorphoAccess® SIGMA Series terminal USB port with a Wi-Fi™ adapter”
for MorphoAccess® SIGMA Series and for MorphoAccess® SIGMA Lite terminal refer to
MorphoAccess® SIGMA Lite Series Quick User Guide.
The administrator must ensure that a Wi-Fi™ license (dedicated to this terminal) must
be present in the terminal (as described in “Communication licenses”),
After the above operations ensure to reboot the terminal.
Configuration
The Wi-Fi™ network configuration is described in the section “Wi-Fi™ Network Configuration”
The Wi-Fi™ configuration parameters are described in the MorphoAccess® 5G Series –
Parameters Guide document.
Troubleshooting
If the administrator has configured the terminal to use the Wi-Fi™ connection with the Wi-Fi™
USB adapter plugged in and if there is no WI-FI™ license present, the MorphoAccess® SIGMA
Family terminal will emit a short-low tone.
To solve this issue, the administrator needs to unplug the Wi-Fi™ USB adapter and restart the
terminal.
The Wi-Fi™ configuration parameters are described in the MorphoAccess® 5G Series –
Parameters Guide document.
MorphoAccess® SIGMA Family Administrator Guide
Terminal Configuration and Administration
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
29
July 17
Section 3 : Terminal
Configuration and
Administration
MorphoAccess® SIGMA Family Administrator Guide
Terminal Configuration and Administration
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
30
July 17
Feature
SIGMA Series
SIGMA Extreme Series
SIGMA Lite Series
Terminal Administration Menu
✔
✖
Webserver Application
✔
✔
Distant system Application
✔
✔
USB Scripts
✔
✔
Morpho Bio Toolbox
✔
✔
Understanding MorphoAccess® Configuration
Presentation
MorphoAccess® SIGMA Family terminal has factory default settings or reset values for all the
supported functionalities. The administrator can configure the terminal depending on the
desired level of security using one of the methods described below:
Terminal Administration Menu: The administrator can login to terminal and access
several functionalities under administration menu. This allows administrator to
perform configuration, add users, upload multimedia, download logs, etc. The
complete menus are covered in the subsequent sections of this document;
Webserver Application: Webserver can be termed as a remote configuration panel of
MorphoAccess® SIGMA Family terminal. Using Webserver, the administrator can
configure any parameter of the terminal while connected remotely. Webserver is
connected to the terminal through Ethernet or Wi-Fi™ network. Only an administrator
with full administrative rights can login to Webserver. Webserver also has a ‘Complete
Configuration’ tab from which the administrator can configure all possible
parameters.For detailed description of all the parameters, please refer to
MorphoAccess® 5G Series – Parameters Guide document.
Modifying the value of a parameter
There are two ways an administrator can modify the value of a terminal parameter:
Remotely through Ethernet or Wi-Fi™, with a client application/interface running on
the Host System (such as MorphoBioToolbox or a web browser connected to the
embedded Webserver),
With a USB mass storage key, which contains a script prepared on a PC using
MorphoBioToolBox.
MorphoAccess® SIGMA Family Administrator Guide
Terminal Configuration and Administration
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
31
July 17
Configuring a Networked MorphoAccess®
Introduction
The administrator can manage a MorphoAccess® SIGMA Family terminal by a PC connected
to the terminal, by using an application such as a web browser connected to the embedded
Webserver (in MA5G mode) or MorphoBioToolbox (in case terminal is in MA5G or legacy
Morpho modes).
The remote operations available are mainly:
Time and Attendance configuration
Read and Modify parameter values
Manage access schedules
Manage network configuration
User Management
Log Management
Tamper settings, etc.
The terminal works as a TCP/IP server, which waits for a request from the Host System
application that acts as a TCP/IP client.
Figure 5: Configuration of a MorphoAccess® SIGMA Family terminal by a Host System
To know more on the commands supported by the MorphoAccess® SIGMA Family terminal,
the administrator needs to refer to MorphoAccess® 5G Series – Host System Interface
Specifications document.
MorphoAccess® SIGMA Family Administrator Guide
Terminal Configuration and Administration
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
32
July 17
Network factory settings
By default the IP address of the MorphoAccess® SIGMA Family terminal is 192.168.1.10. The
administrator can change IP address either by the local Administrator Menu or a distant
system connected though an IP link or with a USB flash drive (USB Scripts).
The default server port is 11010.
Date/Time settings
The administrator can update the date/time of the terminal by a distant system, by the local
Administrator Menu or Webserver.
SSL Securing
Secure Sockets Layer (SSL) and its successor Transport Layer Security (TLS) are cryptographic
protocols designed to provide communication security over Ethernet or Wi-Fi™ channels.
These protocols are used to protect the communication between the MorphoAccess® SIGMA
Family terminal and a distant system, such as a central access controller or a terminal
configuration station.
References
Refer to “SSL Configuration” under Security Menu section in this guide, to enable and
configure SSL communication port
MorphoAccess® SIGMA Family Administrator Guide
Terminal Configuration and Administration
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
33
July 17
Network Wi-Fi™ configuration
Administrator can configure Wi-Fi™ parameters, Wi-Fi™ connection is available under the
following conditions:
The administrator has plugged in a Morpho Wi-Fi™ USB adapter. Details of the
Installation procedure are described in the MorphoAccess® SIGMA Series Installation
Guide or in the MorphoAccess® SIGMA Lite Series Installation Guide
The administrator had loaded MorphoAccess® WI-FI™ License in the terminal.
NOTE 1: A DHCP server and a DNS server are mandatory when the Wi-Fi™ interface is
configured in DHCP mode.
The DHCP server automatically attributes an IP address to the MorphoAccess® SIGMA
Family terminal
The DNS server links the terminal hostname to its real IP address
It is also important that the DNS server is updated each time the DHCP server
attributes another IP address to a terminal.
NOTE 2: A MorphoAccess® Wi-Fi™ License is mandatory.
If Wi-Fi™ USB adapter is plugged in and if there is no license present; then on
configuring WLAN, the terminal will display an error message: “license not present”.
See Wi-Fi™ parameters description in “Wi-Fi™ Network Configuration” section.
MorphoAccess® SIGMA Family Administrator Guide
Terminal Configuration and Administration
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
34
July 17
Database Management
SIGMA Series
SIGMA Extreme Series
SIGMA Lite Series
From administration menu of
the terminal
✔
✖
From Webserver Application
✔
✔
MorphoAccess® Terminal Database Management
General
The administrator can manage the database of the MorphoAccess® SIGMA Family terminal
by using administration menu of the terminal or through Webserver application connected
to terminal.
Adding a user to the database
Adding a user means to create a record of the biometric data of two fingers of the user and a
unique identifier. Users stored in the database are of following types:
Normal Users are the ones to whom access is granted or rejected based on access
rights check
Authorized Users are the ones which are checked by the centralized access controller,
before granting access
VIP Users are allowed access without performing biometric/PIN check by the terminal.
Read more about VIP users under “Access Control Process for VIP Users”
Administrators are stored also in the user database. Administrators are allowed
access to the management menu of the terminal and perform configurations.
The user’s enrolment is directly done on the MorphoAccess® SIGMA Family terminal without
managing a database on the PC.
Removing a user from the database
Removing a user means deleting the user’s record from the database of the MorphoAccess®
SIGMA Family terminal.
The user can be removed directly from the MorphoAccess® SIGMA Family terminal without
managing a database on the PC.
MorphoAccess® SIGMA Family Administrator Guide
Terminal Configuration and Administration
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
35
July 17
Database Limits
SIGMA Series
SIGMA Extreme Series
SIGMA Lite Series
Maximum User (Including
Administrator)
5000
500
Maximum Authorized User
250,000
250,000
Maximum VIP User
100
100
Transaction Log
100,000
100,000
Database Size
The MorphoAccess® SIGMA Family terminal database storage is as follows:
Maximum User indicates the basic capacity of terminal users’ database including
administrators.
Maximum Authorized User List Capacity indicates the maximum number of users
which can be added to authorize user list. The default capacity is 250,000 users.
Maximum VIP User capacity, indicates the maximum capacity of the users which can
be enrolled as VIP users. The default capacity is 100 users.
Transaction Log capacity, indicates the maximum capacity of terminal to store
transaction logs. The default capacity is 100,000 users.
The administrator can increase database size by installing licenses. E.g. the user record
storage size can be increased up to 10,000 user records with a MA_10K_USERS license. For
more details on license management please refer to “MorphoAccess® Terminal License
Management”.
MorphoAccess® SIGMA Family Administrator Guide
Terminal Configuration and Administration
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
36
July 17
License type
SIGMA Series
SIGMA Extreme
Series
SIGMA Lite Series
MA_3K_USERS
✖ ✖ ✔
MA_10K_USERS
✔ ✔ ✔
MA_50K_USERS
✔ ✔ ✖
MA_100K_USERS (extends
the maximum size of the
database)
✔ ✔ ✖
MA_250K_LOGS
✔ ✔ ✖
MA_500K_LOGS
✔ ✔ ✖
MA_1M_LOGS (extends the
maximum size of the
database)
✔ ✔ ✔
MA_PAC
✔ ✔ ✔
MA_TA
✔ ✔ ✔
MA_WI-FI™ (allows Wi-Fi™
connection)
✔ ✔ ✔
MA_3G
✔ ✖ ✖
MIMA, VERIF, BCL (Sensor
related licenses)
✔ ✔ ✔
MorphoAccess® Terminal License Management
The administrator can install one or more licenses in the terminal in order to unlock one or
several optional features of the MorphoAccess® SIGMA Family terminal.
The MorphoAccess® SIGMA Family terminal supports the following license types:
The function of each license is described in detail in the following sections.
MorphoAccess® SIGMA Family Administrator Guide
Terminal Configuration and Administration
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
37
July 17
User licenses
Administrator can install user licenses for extending this maximum database limit. User data
are stored with two fingers per user record. In case of duress finger is enabled, it can have
three fingers per user record. These are the license categories to choose from:
The MA_3K_USERS license extends the maximum size of the database to 3,000 user
records. This license is applicable for MorphoAccess® SIGMA Family terminal only.
The MA_10K_USERS license extends the maximum size of the database to 10,000 user
records
The MA_50K_USERS license extends the maximum size of the database to 50,000 user
records
The MA_100K_USERS license extends the maximum size of the database to 100,000
user records
WARNING: It is a pre-requisite that the MorphoAccess® SIGMA Family terminal should
have SD card plugged in it, prior to a license upgrade.
Log licenses
By default, MorphoAccess® SIGMA Family Terminal can store up to 100,000 logs. The
administrator can upgrade the storage capacity of the logs by installing Log licenses. Following
are the types of Log Licenses:
The MA_250K_LOGS license extends the maximum size of the database to store
250,000 logs
The MA_500K_LOGS license extends the maximum size of the database to store
500,000 logs
The MA_1M_LOGS license extends the maximum size of the database to store
1,000,000 (1 million) logs
WARNING: It is a pre-requisite that the MorphoAccess® SIGMA Family terminal should
have SD card plugged in it, prior to a license upgrade.
MorphoAccess® SIGMA Family Administrator Guide
Terminal Configuration and Administration
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
38
July 17
Communication licenses
MorphoAccess® SIGMA Family terminal supports communication to distant system through
Ethernet Connection. There are other networks such as Wi-Fi™ and 3G which can be used for
connecting terminal with distant systems. The administrator needs to install license(s) in
order to enable the communication between the terminal and the distant system. Following
is an overview of the types of licenses available.
Following types of communication licenses are available:
MA_WI-FI
The MA_WI-FI license enables the Wi-Fi™ network (WLAN) which replaces the
standard Ethernet connection. The terminal can communicate with distant systems
through WLAN.
NOTE: The license alone is not enough, a USB Wi-Fi™ adapter compatible with
MorphoAccess® SIGMA Family terminals is mandatory. The adaptor and license can
both be ordered under reference "MA WI-FI PACK".
MA_3G
The administrator needs to install the MA_3G license in order to enable the 3G
network (GPRS/GSM/3G) which replaces the standard Ethernet connection. The
terminal can communicate with distant systems through 3G/GPRS/GSM network. This
license is applicable to MorphoAccess® SIGMA Family terminal only.
Access Control license
MA_PAC
When the administrator installs the MA_PAC license the following functionalities of
the MorphoAccess® SIGMA Family terminal, are enabled:
Single Door Access Control (SDAC)
Wiegand output
Clock & data output
IP output
Serial output
MorphoAccess® SIGMA Family Administrator Guide
Terminal Configuration and Administration
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
39
July 17
Time and Attendance (T&A) license
MA_TA
The administrator needs to install the MA_TA license in order to enable Time &
Attendance (T&A) feature. Only if the license is loaded, an administrator can configure
Time & Attendance parameters and perform T&A actions.
NOTE: Time and Attendance (T&A) license is not supported on MorphoAccess® SIGMA
Lite Series Terminals (it is supported on MorphoAccess® SIGMA Lite+ Series
Terminals.)
Basic Licenses
MIMA/VERIF/BCL are sensor related licenses, without which it is not possible to get the sensor
working.
Getting a license for a MorphoAccess® SIGMA Family terminal
Morpho Online License Generator allows ordering any type of license for any kind of Morpho
biometric product. The file containing the license is automatically sent by email.
To access the Online License Generator, the administrator requires an account in the
biometric terminals support website. Administrator also needs to create an account in the
License Generator sub website.
www.biometric-terminals.com (see “License Generator" section)
If the administrator does not have an account, the customer support service must be
contacted:
hotline.biometrics@morpho.com
The license is delivered in a file dedicated to only one terminal. Each license file is generated
for a unique serial number, and this is checked by the license installation tool, when the
license is added to the terminal. The file must not be modified.
Checking licenses installed in the terminal with license manager
application
The Terminal Info page of the Webserver on MorphoAccess® SIGMA Lite or Information Menu
of the terminal (on MorphoAccess® SIGMA and SIGMA Lite+) allows to check the installed
licenses: please refer to Information Menu > Device section. If the administrator wants to
MorphoAccess® SIGMA Family Administrator Guide
Terminal Configuration and Administration
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
40
July 17
view the installed licenses or add licenses from a PC, an Ethernet or Wi-Fi™ connection and
License Manager Application are needed. The application can be downloaded from our
biometric terminals website (www.biometric-terminals.com).
Screens & Steps
Figure 6: License Manager, adding a MorphoAccess® SIGMA Family terminal
1. Launch the License Manager application, right click in the main window and select the
“Select a MA2G” operation.
Figure 7: License Manager, enter the IP address
2. Enter the IP address of the MorphoAccess® SIGMA Family terminal in the window that
opens.
MorphoAccess® SIGMA Family Administrator Guide
Terminal Configuration and Administration
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
41
July 17
Figure 8: Licenses installed in a MorphoAccess® SIGMA Family terminal
3. Refer to the screenshot above, the licenses on the MorphoAccess® SIGMA Family
terminal are listed in the “license in hardware" line in the main window.
For further information concerning the license management tool (License Manager PC tool),
please see the document MorphoAccess® SIGMA and SIGMA Lite Series License
Management.
MorphoAccess® SIGMA Family Administrator Guide
Terminal Configuration and Administration
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
42
July 17
Installing a new license
To install a new license, the administrator must follow the steps mentioned below:
Copy the received license file (.lic extension) on the PC
Launch the "License Manager" application then add the MorphoAccess® SIGMA
Family terminal IP address as specified in the previous section.
Click “Add license”, then “Browse…” to select the license file (.LIC).
A specific window will open to indicate whether or not the license has been loaded
successfully.
The main window will then indicate the presence of the new license.
The terminal must be restarted to activate the different functions unlocked by the new
license.
Figure 9: Adding a license in a MorphoAccess® SIGMA Family terminal
For further information on how to use the license management tool (License Manager PC
tool), the administrator needs to refer MorphoAccess® SIGMA and SIGMA Lite Series License
Management document.
MorphoAccess® SIGMA Family Administrator Guide
Terminal Configuration and Administration
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
43
July 17
Terminal Firmware Upgrade
How to get latest version of firmware
The administrator can obtain the latest version of the MorphoAccess® SIGMA Family terminal
firmware on a CD/ROM package from the customer service, or download it from Morpho
Website dedicated to biometric terminals:
http://www.biometric-terminals.com/
The administrator needs to have a login name and a password in order to access the protected
location which contains the firmware. If the administrator does not have the login
information, please ask for it to our customer service using the mailing address below:
hotline.biometrics@morpho.com
How to upgrade the firmware
The administrator can upgrade the MorphoAccess® SIGMA Family terminal firmware when
required. This can be done from PC through an IP link, i.e., Ethernet or Wi-Fi™.
The easiest way to update the firmware is to use MorphoBioToolBox software application.
Find “terminal firmware update” proposed by the interface of the software application, select
the file with the new firmware and validate.
Note: The administrator must not switch the terminal off during a firmware upgrade. The
administrator also needs to ensure that the power supply of the terminal is stable before
commencing a firmware upgrade. Otherwise instability can occurs.
Firmware upgrade using a USB Mass Storage Key
The administrator can also update the firmware, using a USB mass storage key, this is possible
by using USB Scripts created from MorphoBioToolBox software application.
Firmware upgrade tool for expert users
MorphoAccess® SIGMA Upgrade Tool
A software application called RetrofitTool, is available for expert users. This tool allows the
administrators to upgrade the firmware of a specified MorphoAccess® SIGMA Family
terminal, directly. This tool has no graphic interface, firmware can be upgraded via the
command line interface.
MorphoAccess® SIGMA Family Administrator Guide
Terminal Configuration and Administration
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
44
July 17
Options
Description
-h
Displays the help menu.
-v
Verbose mode. This is optional.
-f path
Path to the binary file used for upgrade. This is mandatory.
-e IP_address
IP address of the terminal to upgrade. This is mandatory.
-t timeout
Timeout of the connection (in ms). This parameter is optional. Its default
and minimal value is 10s.
-p port_number
TCP port number to be used to connect the terminal. This is an optional
parameter. Its default value is 11001.
Syntax of the command-line
[-h] [-v] -f path_to_file -e IP_address [-t timeout] [-p port_number]
Samples
The following command upgrades firmware of terminal at IP address 192.168.1.2 using file
new_firmware.bin
-f new_firmware.bin -e 192.168.1.2
Upgrades firmware of terminal at IP address 192.168.1.2 using file new_firmware.bin, with
a 15 seconds timeout
-f new_firmware.bin -e 192.168.1.2 -t 15000
Upgrades firmware of terminal at IP address 192.168.1.2 using file new_firmware.bin using
verbose mode
-v -f new_firmware.bin -e 192.168.1.2.
Note: If the Ethernet connection is broken during the firmware upgrade process, user can replugin the Ethernet cable and relaunch RetrofitTool with the same command line. The
firmware upgrade is restarted from beginning and executes all command including proper
restarting of the terminal.
MorphoAccess® SIGMA Family Administrator Guide
Terminal Configuration and Administration
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
45
July 17
Access point
Access Path
SIGMA Series
SIGMA Extreme Series
SIGMA Lite
Series
Terminal
Menu
First Boot Assistant > Protocol
Configuration > Legacy Morpho
✔
✖
USB Script
MorphoBioToolbox > USB Script >
Legacy Morpho
✔
✔
MorphoAccess® SIGMA Family Modes
MorphoAccess® SIGMA Family (also referred to as MA5G) terminals are standalone biometric
access control terminals that offer advance features for access rights of the users.
MorphoAccess® SIGMA Family terminals are equipped with a facility to emulate (partially)
either the previous generation of the MorphoAccess® terminals, or L-1 Bioscrypt 4G Series
terminals.
When the administrator configures the MorphoAccess® SIGMA Family in any of the legacy
modes; it supports the database structures and configurations of the selected legacy
terminal. When the terminal boots up for the first time, the user can select any of the legacy
modes as described in the following sections.
MorphoAccess® 500 or J Series legacy mode
The MorphoAccess® SIGMA Family terminal can be operated in MA500 mode (also referred
as Legacy Morpho). When the administrator configures the legacy mode, the terminal will
support configurations and operations of MA500 terminals. It can authenticate users enrolled
in the MA500 terminals, using biometric check as well as contactless card. New users can also
be enrolled in MA500 mode.
Access Path
L-1 Bioscrypt 4G Series legacy mode
MorphoAccess® SIGMA Series and MorphoAccess® SIGMA Lite Series terminal can be
operated in Bioscrypt 4G mode (also referred as Legacy L1). When the administrator has
configured the terminal in this mode, the terminal will support limited operations and
configurations that are done using SecureAdmin application. The terminal in L1 mode is able
to authenticate the users enrolled on 4G terminals and contactless cards. However user
enrolment in legacy L1 mode on MorphoAccess® SIGMA Family terminal is possible only when
the SecureAdmin station is equipped with a MorphoSmart™ MSO biometric sensor.
MorphoAccess® SIGMA Family Administrator Guide
Terminal Configuration and Administration
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
46
July 17
Access point
Access Path
SIGMA Series
SIGMA Extreme
Series
SIGMA Lite
Series
Terminal
Menu
First Boot Assistant > Protocol
Configuration > Legacy L1
✔
✖
✖
USB Script
MorphoBioToolbox > USB Script >
Legacy L1
✔
✖
✔
In case, users are enrolled in MA5G mode, the user data cannot be exported when terminal
is configured in the L1 mode. There are certain other limitations, when MorphoAccess®
SIGMA Family terminal is run in L1 Legacy mode. For details about these limitations, refer to
MorphoAccess® 5G Series – Morpho L-1 Bioscrypt Legacy Mode Limitations document.
NB : MorphoAccess® SIGMA Extreme Series cannot be operated in Bioscrypt 4G mode
Access Path
MorphoAccess® SIGMA Family Administrator Guide
Terminal Configuration and Administration
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
47
July 17
Access point
Access Path
SIGMA Series
SIGMA Lite
Series
Terminal
Menu
First Boot Assistant > Protocol
Configuration > MA5G
✔
✖
USB Script
MorphoBioToolbox > USB Script >
Standard
✔
✔
MorphoAccess® SIGMA Family native mode
MorphoAccess® SIGMA Family terminal is by default in the native mode; this native mode is
designed by MA5G, which means MorphoAccess® 5th generation. This mode supports new
features and a remote management application called Webserver.
Access Path
NOTE: When terminal mode is switched from MA5G to any of the legacy modes, the entire
configuration and database is erased, except communication links and the language settings.
The terminal is rebooted on mode change and factory settings are applicable.
MorphoAccess® SIGMA Family Administrator Guide
MorphoAccess® Terminal First Boot Assistant
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
48
July 17
Section 4 : MorphoAccess®
Terminal First Boot
Assistant
MorphoAccess® SIGMA Family Administrator Guide
MorphoAccess® Terminal First Boot Assistant
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
49
July 17
Access point
Access Path
SIGMA Series
SIGMA Extreme Series
SIGMA Lite
Series
Terminal
Menu
System Menu > First Boot
Assistant
✔
✖
Assistant Initialization
First Boot Assistant (FBA) is launched as soon as the MorphoAccess® SIGMA Family terminal is
started for the first time. All the basic configurations can be done by following the simple and
easy to follow menu on the FBA screen. FBA can also set to launch on terminal reboot.
The administrator needs to follow the access path mentioned below in order to access First Boot
Assistant from the Management menu.
Access Path
Pre-requisites
The administrator needs to verify that the battery is plugged in the terminal beforehand.
Battery backup is necessary for preventing data loss in the event of a power cut or a
power loss.
The administrator also needs to ensure that if the terminal is not powered for a very
long time, it will be necessary to change the battery
Screens & Steps
Figure 10: First Boot Assistant Screen displayed on Installation
1. By default the First Boot Assistant screen will open when the terminal is powered up
for the first time. The administrator can also access FBA settings by following the
access path mentioned above.
MorphoAccess® SIGMA Family Administrator Guide
MorphoAccess® Terminal First Boot Assistant
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
50
July 17
2. The administrator can configure the basic parameters via the First Boot Assistant
Screen. For more details, please refer to the sections below:
MorphoAccess® SIGMA Family Administrator Guide
MorphoAccess® Terminal First Boot Assistant
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
51
July 17
Access point
Access Path
SIGMA Series
SIGMA Extreme Series
SIGMA Lite
Series
Terminal
Menu
System Menu > First Boot
Assistant
OR
System Menu > Terminal Settings
> Date and Time Settings
✔
✖
Date & Time Configuration
The administrator must configure the current date, time and time zone in the terminal, on the
first boot or a reboot of the terminal.
NOTE: The time stored in the product is not lost if power supply is removed for up to 48 hours.
Access Path
Screens & Steps
1. Select Date Configuration
Figure 11: Configuring Current Date
2. Scroll up or down to select current Day, Month, and Year
3. Select Date Format in which, the date should be displayed. The available formats are:
a. MM/DD/YYYY
MorphoAccess® SIGMA Family Administrator Guide
MorphoAccess® Terminal First Boot Assistant
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
52
July 17
b. DD/MM/YYYY
c. MMM-DD-YY
d. DD-MMM-YY
e. YYYY/MM/DD (this format is not available, if terminal is set in L1 mode)
4. Click on the Check button “ ” to save the setting
5. Select Time Configuration
Figure 12: Configuring Current Time
6. Scroll up or down to select current Hour, Minute, and Second
7. Set Hour Format as analogue i.e. ‘12 Hour’ or digital i.e. ‘24 hour’
8. Set Time Format in the selection area which is used to select display format. The
available formats are
a. HH:MM:SS
b. HH:MM.SS
9. Use Check button “ ” to save the setting
MorphoAccess® SIGMA Family Administrator Guide
MorphoAccess® Terminal First Boot Assistant
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
53
July 17
10. Select Time Zone Configuration
Figure 13: Configuring Time Zone
11. Select Observe Daylight Saving as ‘On’, in case the administrator needs to auto-
schedule the time during the daylight saving months. By doing this, the terminal’s time
is automatically set to an hour later than the actual time while in the daylight saving
time frame. For example, if the current time is 10 am then in the day light saving
period, the time is automatically set to 11 am.
12. Select Time Zone Type as ‘Predefined’ or ‘Custom’. If the administrator selects
Predefined, the list of Predefined time zones of the entire world will be displayed to
choose from. The administrator must specify a customized time zone when ‘Custom’
has been selected.
13. Administrator must click on the Check button “ ” to save the setting
14. Based on the Time Zone Type, Time Zone selection parameters are displayed next
MorphoAccess® SIGMA Family Administrator Guide
MorphoAccess® Terminal First Boot Assistant
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
54
July 17
Figure 14: List of Predefined Time Zones of World
15. The list of Predefined Time Zones of the entire world is displayed
16. Scroll up or down to select required Time Zone from the list
17. Click on the Check button “ ” to save the setting
Figure 15: Custom Time Zone Setting
18. If the administrator selects the Time Zone Type as ‘Custom’, then an administrator
need to define the below mentioned time zone parameters:
19. Select Time Zone
NOTE: While setting a customized time zone, the administrator needs to ensure that
the GMT offset that is set is the 'Standard GMT Offset' of the region.
20. Start Month, Start Week, Start Day, Start Hour of Day, End Month, End Week, End
Day and End Hour of the Day
21. Click on the Check button “ ” to save the setting
MorphoAccess® SIGMA Family Administrator Guide
MorphoAccess® Terminal First Boot Assistant
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
55
July 17
Access point
Access Path
SIGMA Series
SIGMA Extreme Series
SIGMA Lite
Series
Terminal
Menu
System Menu > First Boot Assistant >
Trigger Event
OR
Security Menu > User Control Settings
> Trigger Event
✔
✖
Trigger Event
MorphoAccess® SIGMA Family terminal will begin checking for access rights upon the
occurrence of a specific event on the terminal. By setting these configurations the administrator
can define as to when the terminal would commence performing access checks. The
administrator can chose from the following events.
Biometric, a finger is detected on the biometric sensor (which starts biometric
identification process)
Contactless card, a contactless card is detected, which starts authentication process
using user's data found on the card
Keypad, a User ID is entered with the keypad
External Port, a User ID is received on Wiegand or Clock and Data input port.
Access Path
Screens & Steps
MorphoAccess® SIGMA Family Administrator Guide
MorphoAccess® Terminal First Boot Assistant
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
56
July 17
Figure 16: Selecting the event(s) that starts access control rights check process
1. The administrator can select from the above stated events. The event can be selected
to be ON or OFF.
2. Click on the Check button “ ” to save settings
MorphoAccess® SIGMA Family Administrator Guide
MorphoAccess® Terminal First Boot Assistant
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
57
July 17
Access point
Access Path
SIGMA Series
SIGMA Extreme Series
SIGMA Lite
Series
Terminal
Menu
System Menu > First Boot
Assistant > Language
Configuration
OR
Home Screen > Language
✔
✖
Language Configuration
The administrator can select the language of the terminal’s display by using this functionality.
Multiple language options are available to select from, e.g. English, French, Spanish and Arabic.
Access Path
Screens & Steps
Figure 17: Configure Language
1. On the FBA screen, the administrator needs to select Language Configuration
2. ‘English’ is the default language selected
3. The administrator can select from the language options such as Arabic, French,
Spanish or English
4. Click on the Check button “ ” to save the setting
MorphoAccess® SIGMA Family Administrator Guide
MorphoAccess® Terminal First Boot Assistant
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
58
July 17
Press Language
to select
Figure 18: Language selection on main screen
1. On the Home Screen, the administrator can select from the language options such as
Arabic, French, Spanish or English.
Results
The preferred language is saved. The text display on the screen will be in the language selected
by the administrator.
Note: The administrator must ensure that the audio messages played on the terminal must be
in the same language as the one chosen. Administrator needs to upload the audio files from
“Audio Settings” under Multimedia menu.
MorphoAccess® SIGMA Family Administrator Guide
MorphoAccess® Terminal First Boot Assistant
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
59
July 17
Language icon is
hidden
Show/Hide Language Icon
The administrator can chose whether to display the language icon on the home screen or not.
This can be done via the Web Server application. The value of this parameter
(misc.language_config_display) can be 0 or 1. The language icon will not be displayed on the
home screen if the administrator sets misc.language_config_display to 0. The default value of
this parameter is ‘1’.
Access Path
Web Server > Complete Configuration > misc.language_config_display
Figure 19: Hide Language Icon
MorphoAccess® SIGMA Family Administrator Guide
MorphoAccess® Terminal First Boot Assistant
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
60
July 17
Access point
Access Path
SIGMA Series
SIGMA Extreme Series
SIGMA Lite
Series
Terminal
Menu
System Menu > First Boot
Assistant > Network Configuration
> Ethernet
OR
Communication Menu > Network
Interface > Ethernet
✔
✖
Ethernet Interface Settings
The administrator can connect MorphoAccess® SIGMA Family terminal to other servers and
door panels via Ethernet channel. Using Ethernet connection, the terminal can make access
request to the access controller and receive result message.
The administrator can configure the terminal to communicate through Ethernet channel by
means of the FBA screen. An administrator can set the IP attribution protocol as DHCP or Static.
The administrator needs to allocate the IP address of the terminal manually when the
selected IP mode is ‘Static’.
When the administrator choses the ‘DHCP’ mode, the IP address is assigned
automatically. There is no need to manually enter it. IP Mode is selected to be Staic , by
default.
Access Path
NOTE:
Terminal can support connection through Ethernet and Wi-Fi™ both simultaneously.
Terminal can support connection through Ethernet and 3G/GPRS/GSM network simultaneously
(for terminal supporting 3G/GPRS/GSM network).
MorphoAccess® SIGMA Family Administrator Guide
MorphoAccess® Terminal First Boot Assistant
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
61
July 17
Screens & Steps
1. Select Ethernet
Figure 20: Selecting Ethernet-Network Configuration
2. Select IP Configuration
Figure 21: Ethernet Configuration
3. Under Ethernet tab, the administrator can select IPV4 or IPV6
4. On next screen, default IP Mode is selected as DHCP. Press on IP Mode for update
MorphoAccess® SIGMA Family Administrator Guide
MorphoAccess® Terminal First Boot Assistant
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
62
July 17
Figure 22: IP Mode Selection
5. An administrator can select IP Mode as ‘Static’ or ‘DHCP’
6. Use Check button “ ” to save the setting
Figure 23: Configuring IP Address under Static IP Mode
The administrator can manually configure ‘IP Address’ of the terminal, ‘Subnet Mask’, 'Network
Mask', 'Gateway Address' and 'DNS Servers under the Static IP Mode.
Results
Once the Ethernet Configuration is done, the terminal can be connected to a distant server. An
administrator can also configure parameters to prevent unauthorized access to the terminal.
These settings can be done from Security menu, refer “Network & Communication Security
Settings”.
MorphoAccess® SIGMA Family Administrator Guide
MorphoAccess® Terminal First Boot Assistant
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
63
July 17
Access point
Access Path
SIGMA Series
SIGMA Extreme Series
SIGMA Lite
Series
Terminal
Menu
System Menu > First Boot
Assistant > Network Configuration
> WLAN
OR
Communication Menu > Network
Interface > WLAN
✔
✖
Wi-Fi™ Configuration
The administrator can connect MorphoAccess® SIGMA Family terminal to other servers and
door panels via WLAN (Wi-Fi™ network). Using Wi-Fi™ connection, the terminal can make
access request to the access controller and receive result message.
The administrator can configure the terminal to communicate through WLAN by means of the
FBA screen. There are two ways to configure WLAN:
Automatic: Administrator can select a ‘specific’ network from the list of available
networks and connect by entering the encryption key.
Manual: The administrator can chose the manual configuration in order to connect to a
hidden Wi-Fi™ network. This can be done by entering SSID, Encryption Mode and
Encryption Key.
Access Path
Pre-requisites
Administrator must ensure that the Wi-Fi™ USB dongle is plugged in.
Administrator must ensure that the MA_WI-FI™ license is installed on terminal
MorphoAccess® SIGMA Family Administrator Guide
MorphoAccess® Terminal First Boot Assistant
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
64
July 17
Screens & Steps
Automatic Configuration
Figure 24: Selecting available Wi-Fi™ network
1. Select from the list of scanned Wi-Fi™ networks
Figure 25: Enter Encryption Key
2. Enter an Encryption Key to connect to the selected Wi-Fi™ network
MorphoAccess® SIGMA Family Administrator Guide
MorphoAccess® Terminal First Boot Assistant
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
65
July 17
Figure 26: Success message is displayed showing Wi-Fi™ network is configured
Figure 27: Connected to Wi-Fi™ network
Manual Configuration
1. Select WLAN Configuration to set up Wi-Fi™ Network
MorphoAccess® SIGMA Family Administrator Guide
MorphoAccess® Terminal First Boot Assistant
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
66
July 17
Figure 28: Selecting Other Network to set up Wi-Fi™ network manually
2. The list of available Wi-Fi™ networks will be displayed. Select Other Network to set up
Wi-Fi™ network manually
Figure 29: WLAN Parameter Configuration
3. Under the Other Networks tab, the administrator needs to configure SSID, Encryption
Mode and Encryption Key provided by the Wi-Fi™ network provider
Figure 30: Setting SSID
4. Enter SSID and click on “ ” button to save. To cancel the operation, use “ ”
button
MorphoAccess® SIGMA Family Administrator Guide
MorphoAccess® Terminal First Boot Assistant
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
67
July 17
Figure 31: Selecting Encryption Mode
5. The administrator needs to select the Encryption Mode, as supported by a Wi-Fi™
Router. In order to avoid unauthorized access, Encryption mode is selected. The
available Encryption modes are:
a. Open (no encryption)
b. WEP
c. WPA Personal
d. WPA2 Personal
Figure 32: Define Encryption Key
6. Administrator needs to enter Encryption Key to connect to Wi-Fi™. Only by entering
Encryption Key, the Wi-Fi™ network can be accessed
7. Click on the Check button “ ” to save the setting
MorphoAccess® SIGMA Family Administrator Guide
MorphoAccess® Terminal First Boot Assistant
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
68
July 17
Figure 33: Entering in WLAN – IP Configuration
8. On WLAN screen select “IP Configuration” to set up the IP which is required to be
connected through WLAN
9. Select IPV 4 or IPV 6
Figure 34: WLAN – IP Configuration
10. An administrator can select IP Mode as ‘Static’ or ‘DHCP’
a. If IP Mode is ‘Static’, then enter parameters such as IP Address, Subnet Mask,
Gateway Address, Preferred DNS Address and Alternate DNS Address
b. If IP Mode is ‘DHCP’, then IP address is allocated automatically to the terminal
11. Click on the Check button “ ” to save the setting
MorphoAccess® SIGMA Family Administrator Guide
MorphoAccess® Terminal First Boot Assistant
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
69
July 17
Figure 35: Success message is displayed showing Wi-Fi™ network is configured
MorphoAccess® SIGMA Family Administrator Guide
MorphoAccess® Terminal First Boot Assistant
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
70
July 17
Access point
Access Path
SIGMA Series
SIGMA Extreme
Series
SIGMA Lite
Series
Terminal
Menu
System Menu > First Boot
Assistant > Protocol Configuration
✔
✖
MorphoBioTo
olbox
MorphoBioToolbox > Device
Settings > Usb Script > Change
protocol configuration
✔
✔
Protocol Configuration
The administrator can configure the terminal to work in any of the following modes by using
Protocol Configuration.
Legacy L1 i.e. Bioscrypt 4G Series Legacy Mode terminals
Legacy Morpho i.e. MorphoAccess® 500 or J Series legacy mode
MA5G i.e. MorphoAccess® SIGMA Family native mode
If the administrator sets the terminals in legacy mode, it will support the legacy terminal’s
features and database.
Refer to “MorphoAccess® SIGMA Family Modes” section for detailed explanation on supported
modes.
Access Path
Pre-requisites
If the administrator has not ensured to plug in the SD card in the MorphoAccess® SIGMA
Family terminal while changing the protocol from MA5G to Legacy L1(for e.g.), then the
capacity of the terminal to store users and transaction logs will be reduced to 5000 users
and 100,000 logs, respectively.
In absence of SD card, the dynamic message feature will not be available.
MorphoAccess® SIGMA Family Administrator Guide
MorphoAccess® Terminal First Boot Assistant
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
71
July 17
Screens & Steps
Figure 36: Protocol Configuration
1. Select Protocol from the list of modes
2. Click on the Check button “ ” to save the setting
Results
The protocol selected is saved. The administrator needs to reboot the terminal in order to use
it in any of the legacy modes. When the administrator switches from one protocol to another,
all the configuration and user database except the communication links and language settings,
will be erased.
MorphoAccess® SIGMA Family Administrator Guide
MorphoAccess® Terminal First Boot Assistant
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
72
July 17
Access point
Access Path
SIGMA Series
SIGMA Extreme Series
SIGMA Lite
Series
Terminal
Menu
System Menu > First Boot
Assistant> Password
Configuration
OR
Security Menu > Communication >
Change LCD Password
✔
✖
WebServer
Welcome Admin > Change
password
✔
✔
Password Configuration
The administrator can use this function to reset the default login password of the terminal. The
administrator can use this password to access the administration menu and perform required
configurations. It is highly recommended to change the default login password in order to avoid
any unauthorized access to the administration menu of the terminal.
The administrator must change the login password periodically to ensure better security. The
administrator can change password anytime from “Change LCD Password” under Security
Menu.
The password is a numeric value with 4 digits minimum and 8 digits maximum.
Access Path
Screens & Steps
Figure 37: Resetting Device Password
MorphoAccess® SIGMA Family Administrator Guide
MorphoAccess® Terminal First Boot Assistant
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
73
July 17
1. Administrator needs to enter Current Password and use “ ” button to move on
next screen. By default, the login password of the terminal is set as “12345”
Figure 38: Entering New Password
2. Enter a New Password of your choice.
3. Use “ ” button to move on next screen
Figure 39: Verifying New Password
4. Administrator needs to re-enter the New Password for verification
5. Use “ ” button to Save
Results
The administration menu of the terminal can be accessed now by entering the new password.
MorphoAccess® SIGMA Family Administrator Guide
MorphoAccess® Terminal First Boot Assistant
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
74
July 17
Access point
Access Path
SIGMA Series
SIGMA Extreme Series
SIGMA Lite
Series
Terminal
Menu
System Menu > First Boot
Assistant > First Boot Assistance
At Next Boot
✔
✖
First Boot Assistance At Next Boot Configuration
The configuration defined with the First Boot Assistant, can be either permanent or temporary.
This is specified by the "First Boot Configuration Storage Type" parameter as described below:
ON: If the administrator sets this to ON, then at the next startup of the terminal, the
First Boot Assistant (FBA) screen will be displayed with the configurations stored. User
can change the required parameters.
OFF: If the administrator sets this to OFF, then at the next startup of the terminal, the
First Boot Assistant (FBA) screen will not be displayed and the configurations stored
previously will continue to apply.
Access Path
Screens & Steps
1. Select ON or OFF
Figure 40: First Boot Assistance At Next Boot
2. Use Check button “ ” to save the setting
MorphoAccess® SIGMA Family Administrator Guide
MorphoAccess® Terminal First Boot Assistant
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
75
July 17
Results
The preferred value of “First Boot Assistant At Next Boot” is saved. The terminal will display FBA
menu, based on the value this parameter.
MorphoAccess® SIGMA Family Administrator Guide
MorphoAccess® Terminal First Boot Assistant
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
76
July 17
Recover Corrupted Components
There is a mechanism in the terminal to recover corrupted data such as Smartcard Keys,
Terminal Password, SSL Certificate and User Database. This could have been corrupted in the
event of a power failure or interrupt in ongoing operation. When booting up the terminal
device, if corruption is detected in any of these data security components, the following
message will be displayed on the screen.
Figure 41: Protected Data Corrupted Error
The administrator can view the list of corrupted components by clicking on “ ”. This has
been illustrated in the snapshot below
Figure 42: Corrupted Components
The corrupted components will restore to default values when the administrator selects “
”.
MorphoAccess® SIGMA Family Administrator Guide
MorphoAccess® Terminal Administration Menu
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
77
July 17
Section 5 : MorphoAccess®
Terminal Administration
Menu
MorphoAccess® SIGMA Family Administrator Guide
MorphoAccess® Terminal Administration Menu
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
78
July 17
Access point
Access Path
SIGMA Series
SIGMA Extreme Series
SIGMA Lite Series
Terminal Menu
Home Screen
✔
✖
Access to Administration Menu
The administrator can login to MorphoAccess® SIGMA Family terminal using a default password.
The administration menu allows user to perform various actions and configurations on the
terminal, through the categories of menu listed below. This section is about configurations that
can be done via the terminal menu for MorphoAccess® SIGMA Family.
User Menu: For enrolling and managing users
Multimedia Menu: For uploading and managing Audio, Video and Images in the terminal
System Menu: Allows configuration of the Terminal, Transaction Log and perform
miscellaneous configurations.
Communication Menu: For setting network interface and serial parameters.
Security Menu: Allows the administrator to configure Biometric, Communication, Multi-
user verification, LCD password change and additional user control
USB Menu: Allows initialization of USB, the import and export data using USB.
Information Menu: Used for viewing information of terminal.
Reboot Product: The administrator can reboot the terminal from here.
Access Path
Screens & Steps
MorphoAccess® SIGMA Family Administrator Guide
MorphoAccess® Terminal Administration Menu
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
79
July 17
1. Press on key lock icon
Figure 43: Logging in Device
Figure 44: Entering Password
2. Enter Password and Press on validation button
NB Identification policy depends of misc.LCD_login_optionvalue :
0 - Password only (0 - Default)
1 - ID + Password
2 - ID + BIO + Password
3 - ID + BIO
Figure 45: Administrator Menu
3. On successful login, The administration menu is displayed along with the various sub
menus
MorphoAccess® SIGMA Family Administrator Guide
MorphoAccess® Terminal Administration Menu
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
80
July 17
User Menu
User menu offers all functions related to the end users. An administrator can use this to enroll
new user in the system, edit user information, delete users from the terminal database, and
reset user information from contactless smart cards.
The administrator can only access this menu if enrolled with either Full Administrator Rights or
Database Administrator Rights.
Figure 46: User Management Menu
MorphoAccess® SIGMA Family Administrator Guide
MorphoAccess® Terminal Administration Menu
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
81
July 17
Access point
Access Path
SIGMA Series
SIGMA Extreme
Series
SIGMA Lite
Series
Terminal
Menu
User Menu > Add/Enroll User >
Only DB
✔
✖
User
Management
Menu of the
Webserver
User Management > User
Enrollment > Enrollment mode >
DB Only
✔
✔
User Enrollment in Database
By using this feature of MorphoAccess® SIGMA Family terminal, the administrator can enroll
new users in the terminal. The user information such as name, biometric data (e.g. fingerprint),
User ID and PIN, access rights, etc. can be entered and stored in the terminal database.
Terminal will allow access to the user by comparing the data provided by the user at the time
of access request, with the data provided by the user at the time of enrolment.
Access Path
Pre-requisites
Only an Administrator with ‘Full Admin Rights’ or ‘Database Admin Rights’ can enroll
new users
If terminal is in Legacy L1 mode, then enrolment of users can be done only if Secure
Admin station is equipped with a MorphoSmart™ MSO biometric sensor
The data of the users enrolled in MA5G mode cannot be exported in L1 systems
The following sections and screenshots are for MorphoAccess® SIGMA Family terminal
only.
MorphoAccess® SIGMA Family Administrator Guide
MorphoAccess® Terminal Administration Menu
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
82
July 17
Screens & Steps
Figure 47: Entering User Identifier
1. Enter User Identifier (User ID). Numeric value up to 24 digits.
NOTE:
Wiegand protocol doesn't support special characters such as "*" and "#", then is
not recommended to insert these characters in the User ID value.
There is a configuration key, misc.user_id_edit, to make user ID field read only.
With this parameter, the user id can be extracted from the Smartcard and restrict
user to edit this field. misc.user_id_edit is accessible from PC application or Web
Server.
2. Press on “ ” button to save
Figure 48: Adding user information
3. Under Enrolment Information screen, an administrator needs to enter several
parameters:
MorphoAccess® SIGMA Family Administrator Guide
MorphoAccess® Terminal Administration Menu
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
83
July 17
Figure 49: Enter First Name of User
4. First Name of user and Press on “ ” button to move to the next screen.
5. Similarly, on next screen, Enter Last Name of user and Press on “ ” button to move
to the next screen.
6. Press on Capture Fingers to enroll fingerprints of the user
Figure 50: Enrolling Finger Index
7. A user is required to provide the biometric data of at least two different fingers. Select
first finger for biometric data capture
MorphoAccess® SIGMA Family Administrator Guide
MorphoAccess® Terminal Administration Menu
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
84
July 17
Figure 51: Select first finger to capture
8. Select finger for biometric data capture
Figure 52: Biometric data capture
9. Place user’s finger on biometric Sensor. If finger is not placed properly or within the
time limit, an error message is displayed. Refer to “Finger Placement
Recommendation” section to know the correct position of finger.
10. Fingerprint is captured three times and the best quality image is auto-selected by the
terminal
11. Once the fingerprint is stored, the administrator will be redirected to enrolment finger
index screen, wherein the second finger should be selected for capture, The
administrator needs to repeat steps 8 to 10 for enrolling finger 2
MorphoAccess® SIGMA Family Administrator Guide
MorphoAccess® Terminal Administration Menu
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
85
July 17
Figure 53: Set Duress Finger as ON
12. Once the administrator completes capturing fingerprints of the first and second finger,
an option for capturing Duress Finger is enabled.
13. The administrator needs to select ON if it is required to capture duress finger. Follow
steps 8 to 10, for enrolling duress finger
Figure 54: Assigning Access Rights
14. Admin Rights enables the administrator to select the ‘rights’ that can be given to the
user.
a. No Administrator Rights: The user is a regular user who has no right to access
administration menu or modify the terminal configuration.Regular users can
only use the terminal for requests of Access and/or Time & Attendance.
b. Database Admin: The user is an administrator with database administration
rights.He or She is capable of accessing User menu and performing all available
actions in the User menu, except for Update Admin Rights operation.
MorphoAccess® SIGMA Family Administrator Guide
MorphoAccess® Terminal Administration Menu
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
86
July 17
Profile
User Menu
Add
Edit
Delete
Authenticate
Card manager
Update admin rights
No Admin right
✖ ✖ ✖ ✖ ✖
✖
Limited Database Admin
✔ ✖ ✖ ✔ ✔
✖
Database Admin
✔ ✔ ✔ ✔ ✔
✖
Full Admin
✔ ✔ ✔ ✔ ✔
✔
Profile
USB Menu
Initialize
Format
Import
Export
User
Database
Contactless
Key
Language
Transaction Log
Error
log
User
Database
Contactless
key
No Admin right
✖ ✖ ✖ ✖ ✖ ✖ ✖ ✖ ✖
Limited Database Admin
✖ ✖ ✖ ✖ ✖ ✖ ✖ ✖ ✖
Database Admin
✖ ✖ ✖ ✖ ✖ ✖ ✖ ✖ ✖
Full Admin
✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔
Profile
Multimedia
Menu
System
Menu
Communication
Menu
Security
Menu
Reboot
Information
Menu
No Admin right
✖ ✖ ✖ ✖ ✖
✔
Limited Database Admin
✖ ✖ ✖ ✖ ✖
✔
Database Admin
✖ ✖ ✖ ✖ ✖
✔
Full Admin
✔ ✔ ✔ ✔ ✔
✔
c. Full Admin: The user is an administrator with full Admin Rights. He or she can
access all the menus in the administration menu and perform operations. An
administrator with full Admin Rights can enroll regular users, as well as
administrators.
d. Limited Database Admin: The user is an administrator with limited database
administration rights. He or she is capable of accessing User menu and
performing all available actions in the User menu, except for Edit User, Delete
User or Update Admin Rights operation.
The following tables sum up available features according to the administrator profile :
User related features
USB related features
Others features
15. Press on “ ” to save setting
MorphoAccess® SIGMA Family Administrator Guide
MorphoAccess® Terminal Administration Menu
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
87
July 17
Figure 55: Enter User PIN – Alphanumeric/Numeric
16. The administrator has to enter User PIN which can be either numeric or alphanumeric
based the LCD_configuration.PIN_keypad_type. Default value of this parameter is 1
which enables Numeric keypad for User PIN. On setting value to 0, terminal will enable
Alphanumeric Keypad. The value will be of up to 15 digits alphanumeric/numeric. This
PIN can be used by user, when PIN based authentication mode is enabled. The user
will be required to enter PIN along with fingerprints, for authentication.
17. Press on “ ” to save setting
Figure 56: Setting Job Code
18. The administrator can set a Job Code in a user profile. On access request, user has to
enter job code along with fingerprint and PIN. Only on successful authentication of the
user, the access is granted. Press on Job Code
NOTE:
1. The administrator can enable the Job Code as a parameter for authentication. This
can be done from the Biometric Security tab.
MorphoAccess® SIGMA Family Administrator Guide
MorphoAccess® Terminal Administration Menu
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
88
July 17
2. When the Time and Attendance mode is enabled, entering job code during
authentication is optional despite the Job Code Check being enabled. It is based
on the value of parameter time_and_attendance.jobcode_by_key and selected
time and attendance key during authentication.
Figure 57: Setting Job Code in user profile
19. The list of Job Codes configured in terminal is displayed. An administrator can select a
job code to associate with the profile.
NOTE: The Job Codes are configured in terminal using MorphoBioToolbox, webserver
or distant command.
20. Press on “ ” to save setting
Figure 58: Assigning Access Schedule
MorphoAccess® SIGMA Family Administrator Guide
MorphoAccess® Terminal Administration Menu
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
89
July 17
21. The administrator can select an Access Schedule, if the access is to be allowed within
a particular time period of the day. By default, the access schedule is selected as
Schedule 63 which means access is allowed at any time of the day.
NOTE: Refer to “Define Access Schedules” under Configuration through Webserver
section to know more about access schedule.
22. Press on “ ” to save
Figure 59: Enrolment Information Screen – Configuring parameters
23. The administrator can configure the Observe Holiday Schedule as ON or OFF. If this
parameter is set as ON, then access on a holiday will be provided as per the defined
holiday schedule. If this parameter is set as OFF, then authentication is done without
any check on holiday schedule.
NOTE: Refer to “Define Holiday Schedule” under Configuration through Webserver
section to know more about access schedule.
24. The administrator can select Dynamic Message Configuration as OFF or ON. Dynamic
Message can include images or plain text. This message can be different for each user.
When User access is granted, dynamic message is played on LCD screen.
NOTE: It is a pre-requisite to attach an SD card to the terminal, in order to configure
and use Dynamic Message functionality.
MorphoAccess® SIGMA Family Administrator Guide
MorphoAccess® Terminal Administration Menu
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
90
July 17
Figure 60: Configuring Dynamic Message for User
25. Set Dynamic Message as On
Figure 61: Setting duration for dynamic message
26. Select the duration for which the Dynamic Message is to be displayed on LCD screen
by selecting the Start Date and End Date
27. Press on “ ” to save
MorphoAccess® SIGMA Family Administrator Guide
MorphoAccess® Terminal Administration Menu
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
91
July 17
Figure 62: Configuring Dynamic Message for User
28. The administrator can select the type of dynamic message as “Normal” or a “Picture
Message”
a. If Normal Message is selected, then on the next screen the message to be
displayed, needs to be entered by the administrator. Press on “ ” icon to save
message
b. If Picture Message is selected, then the image uploaded in Multimedia Menu >
Images will be displayed on terminal LCD screen every time when access is
granted to the user.
NOTE: Refer to “Images Settings” section in this document to know how the
dynamic message can be uploaded.
29. Press on “ ” to save
Figure 63: Configuring Door Open Time Out
30. The administrator can configure Door Open Time Out in seconds. The door stays open
for the time duration defined here.
MorphoAccess® SIGMA Family Administrator Guide
MorphoAccess® Terminal Administration Menu
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
92
July 17
Figure 64: Enrolment Information Screen
31. The administrator can configure Infinite Expiry Date as OFF or ON. This parameter
indicates whether user account is active for specific duration or will be active forever
a. If Infinite Expiry Date parameter is OFF, then select Expiry Date
32. The administrator can configure Authorized List User as ON or OFF. Only if the user is
in the Authorized list, access will be granted. This parameter is set as ON, by default.
NOTE: The authorized list parameter will be effective only if the parameter “Authorized
List Check Mode” is set as ON, under Additional User Control settings.
33. The administrator can configure VIP User as ON or OFF. If the user is enrolled as a VIP
user, then at the time of authentication, the terminal will not ask for biometric or PIN
or BIOPIN.
34. The administrator can configure User Rule. This configuration panel allows the
administrator to modify the general authentication rules that are applied to all users,
into user specific settings.
Figure 65: Defining User Rule
35. The User Rule settings includes below parameters:
MorphoAccess® SIGMA Family Administrator Guide
MorphoAccess® Terminal Administration Menu
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
93
July 17
Figure 66: Defining User Rule – Trigger Source
36. Trigger Source: The administrator can configure which of the following triggers the
terminal for the access.
a. Set Biometric as ON, if the administrator wants to allow user to access by
fingerprint identification. If trigger event through biometric is OFF, then user
cannot initiate the access rights check using fingerprint. And Biometric Check
will be bypass for the particular user.
NOTE: In case the MorphoAccess® SIGMA Family terminal is configured in the
Legacy L1 mode, a generic user rule is required to be set as authentication using
Card Only. The administrator can set this from the following access path
Biometric Security > Trigger event.
And biometric check of the users, except the ones whose biometric check has
been bypassed, is required to be enabled using specific user rule configuration.
b. Set Contactless Card as ON, if the administrator wants to allow the user to
request access by presenting card authentication
c. Set Keypad as ON, if the administrator wants to allow the user to request access
by entering User ID and PIN using keypad. The authentication is done by
matching provided PIN with the stored data of the same user.
d. Set External Port as ON, if the administrator wants to allow the user to request
access by providing his User ID through External port
MorphoAccess® SIGMA Family Administrator Guide
MorphoAccess® Terminal Administration Menu
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
94
July 17
Figure 67: Defining User Rule – Record Reference Source
37. The administrator can configure whether user’s information should be looked up in
the Terminal database and/or on the Smart Card using Record Reference Source
a. Select Terminal as ON, if it is required for the terminal to look up the user’s
profile in database
b. Select Smart Card as ON, if it is required for the terminal to look up the user’s
profile in smart card
Figure 68: Defining User Rule – Control Mode
38. The administrator can set the following parameters under Control Mode.
a. PIN mode as ON, if PIN based authentication is required
b. Biometric as ON, if Biometric authentication is required
MorphoAccess® SIGMA Family Administrator Guide
MorphoAccess® Terminal Administration Menu
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
95
July 17
Figure 69: Defining Control Mode - Face Detection Mode
c. Face Detection Mode: The administrator can configure face authentication
check rule as depicted in the snapshot above. Please refer to “Additional User
Control Settings” to understand Face Detection workflow.
39. The administrator can set Allow Bio Substitution parameter as ON. It indicates that
instead of Biometric, the user can be authenticated through a substitute such as BIOPIN
Figure 70: Defining User Rule – Biometric Substitution
40. Press on “ ” to Save user information
Results
A confirmation message is displayed showing User is enrolled successfully. The user information
is stored in the database.
Whenever user tries to access by providing fingerprint, terminal will match the fingerprint with
the records stored in the database and allow access on successful identification.
MorphoAccess® SIGMA Family Administrator Guide
MorphoAccess® Terminal Administration Menu
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
96
July 17
Recommendation: In case of authentication failure due to bad biometrics, the administrator
can re-enroll the user. In case of L1 mode, the re-enrolment can be done using Secure Admin
station equipped with a MorphoSmart™ MSO biometric sensor only.
MorphoAccess® SIGMA Family Administrator Guide
MorphoAccess® Terminal Administration Menu
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
97
July 17
Access point
Access Path
SIGMA Series
SIGMA Lite
Series
Terminal
Menu
User Menu > Add/Enroll User >
Card Only
✔
✖
Webserver
User Management > User
Enrollment > Enrollment Mode >
Card Only
✔
✔
User Enrolment in Card
The administrator can encode a contactless smartcard for a user, using this functionality. The
user's data are saved only on the card, and not in the terminal database. It means, that the
authentication of the user is done by checking the user's data stored in the card. For example,
when user place finger on biometric sensor, the terminal will check the biometric provided by
the user with the biometric stored in the users card.
Access Path
Pre-requisites
Only an Administrator with ‘Full Admin Rights’ or ‘Database Admin Rights’ can enroll
new users
User name and first name stored in cards are limited to 20 characters. By consequence
even if user name and first name until 40 characters are authorized for local enrolment,
encoding card will be not possible if they are longer than 20 characters.
If terminal is in Legacy L1 mode, then enrolment of users can be done only if the
biometric sensor is a MorphoSmart™ MSO terminal
The data of the users enrolled in MA5G mode cannot be exported in L1 systems
MorphoAccess® SIGMA Family Administrator Guide
MorphoAccess® Terminal Administration Menu
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
98
July 17
Screens & Steps
Figure 71: Select Card Data Format
1. The administrator can use the Card Data Format to select the data that will be used
for user authentication. Following are the options available:
a. ID + Template: When the administrator selects this format, it implies that the
user authentication is done by verifying the User ID and biometric template (i.e.
fingerprint registered by user) Three biometric templates can be stored for a
user including two mandatory biometric templates (fingerprints) and one duress
finger
Figure 72: Enrollment Finger Index in Card
b. ID + BIOPIN: When the administrator selects this format, it implies that the user
authentication is done by verifying the User ID and BIOPIN (i.e. PIN that is used
in place of biometric data)
MorphoAccess® SIGMA Family Administrator Guide
MorphoAccess® Terminal Administration Menu
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
99
July 17
c. ID Only: When the administrator selects this format, it implies that the user
authentication is done by verifying the User ID
d. ID + PIN + Template: When the administrator selects this format, it implies that
the user authentication is done by verifying the User ID, PIN, and Biometric
Template
e. ID + PIN + BIOPIN: When the administrator selects this format, it implies that
the user authentication is done by verifying the User ID, PIN, and BIOPIN
f. ID + PIN: When the administrator selects this format, it implies that the user
authentication is done by verifying the User ID, and PIN
2. According to the selected Card Data Format, next user’s data will be captured and stored
in the card. The below screens are for ID + Template format
3. Please refer steps 1 to 11 of section “User Enrolment in Database”
4. A message to place card at terminal is displayed.
5. Place Smart Card on the card reader. You may have to place card for 1 to 10 seconds, till
the success message is displayed showing the user's data is stored in the card
Results
The user is enrolled successfully and user's data is stored in the Card. The user can initiate access
request by placing a card at terminal. The terminal will read User ID and ask user to enter
required data, i.e. biometric/pin/biopin.
Note: The user’s data stored on card are not editable or viewable.
MorphoAccess® SIGMA Family Administrator Guide
MorphoAccess® Terminal Administration Menu
2017_2000025464-v03
This document and the information therein are the property of Morpho. They must not
be copied or communicated to a third party without the prior authorization of Morpho
100
July 17
Access point
Access Path
SIGMA Series
SIGMA Extreme
Series
SIGMA Lite
Series
Terminal
Menu
User Menu > Add/Enroll User >
Card + DB
✔
✖
Webserver
User Management > User
Enrollment > Enrollment Mode >
Db+Card
✔
✔
User Enrolment in Card & Database
An administrator can use this functionality to enroll a new user and store the user data in a
contactless smartcard as well as in the database of the terminal. This implies that the
authentication of the user is done by checking the details stored in the card as well as in terminal
database. For example, when user places finger on biometric sensor, the terminal will check the
biometric provided by the user matches with the biometric stored in the users card.
Access Path
Pre-requisites
Only an Administrator with ‘Full Admin Rights’ or ‘Database Admin Rights’ can enroll
new users
If terminal is in Legacy L1 mode, then enrolment of users can be done only if Secure
Admin station is equipped with a MorphoSmart™ MSO biometric sensor
The data of the users enrolled in MA5G mode cannot be exported in L1 systems
Screens & Steps
Loading...