Cloudkey Security

Cloudkey Security is biometric, highly customizable and easy to integrate solution for physical access control.
CloudKey is touch-less physical access control which uses strong biometric authentication. 
It has no fragile parts which would be vulnerable to vandalism and rough weather.

It had no numeric keypad and thus does not spread pathogens during epidemics.
Studies have shown that ATM numeric pads, for example, are among the most proficient contamination distributors.

It uses patented biometric speaker verification method.


Unique Security

CloudKey uses for authentication our audiovisual associative speaker verification method, which is protected by patents FI126129, GB2519609, GB2503292.

Written Opinions PCT/FI2016/050174, PCT/FI2014/050807
Europe and US patents are pending.

APLcomp was member of the H2020 OCTAVE project
Project's fulfilled mission was to produce commercial-grade speaker verification systems, which uses the latest environmental robustness and anti-spoofing technologies.


Potential Users

  • Block building front doors for robust access control environment
  • Offices and factories, in order to have highly adjustable access rules
  • Heath care premises in order to minimize contamination sources
  • Access control for ships and big vehicles
  • Apartment doors
  • Any premise, where it necessary to open the gate or door hands free.


Security - convenience trade-off is unnecessary, since access rules can be modified dynamically.
When need of security assurance is lower, assumed authentication method can be less laborious and vice versa.

Available authentication methods

  • NFC token / near field reader (card, key ring)
  • Face recognition
  • Speaker verification
  • PIN (Person Id Number)
  • OTP (One Time Passcode)

User's own mobile phone is used as a remote numeric keypad for feeding codes.
Integrated display informs dynamically the user at each phase.

Instructions are displayed in each user's defined native language.

System behaviour can be adjusted according to each user's defined preferences.
For example, the door can be kept open for a longer time for a person who uses a wheelchair.

Required authentication level can be set on temporal and individual basis.
For example, outside office hours the system may require more stringent authentication.

The system is backed by policy server, which is accessible by a web browser for user credentials maintenance.

CloudKey is a plugable building element, which is easy to incorporate into an existing door.


CloudKey has an embedded Raspberry Pi  IoT computer. Each access point is connected to a policy server, which can be located on premise or in cloud. The policy server is also running an a Raspberry Pi.

Speaker verification and associated biometric templates are in a secure cloud server.

We are member OpenID Foundation, which develops and defines secure cloud protocols.
Cloudkey is compliant with the emerging OpenID Connect federation protocol, which assures maximum data and communication security.

User mobile phone is paired with the door control unit, after which it can be used as numeric keypad for the IoT computer.
The door display is located behind an armored glass, in order to not expose it to vandalism and prevents it also from propagating pathogens.

The secure HTTPS Internet protocol is used for communication between phone and computer.



In Pipeline

We are currently developing gesture control technique to be applied in access control. It will be replace user's mobile phone, which is currently used for feeding numeric input.

Our dual microphone technology uses audio and throat microphones in parallel. It can be used to enable unbreakable spoofing mitigation and robustness for demanding operation environments.

It has been developed and tested it in cooperation with University of Eastern Finland and Aalborg University. The used antispoofing method brings 100% protection against replay attack -based spoofing. The results have passed peer review in scientific publication
"IEEE/ACM Transactions on Audio, Speech and Language Processing", January 2018, Volume 26, Issue 1, pp 44-56. Digital Object Identifier 10.1109/TALSP.2017.2760243

Above technologies will be selectively implemented in forthcoming CloudKey physical access control products.

Biometric Authentication Web Service

Our is OpenID Connect compatible authentication and identity verification web service.
It uses our patented ZEFA ® Zero Effort Authentication method. It complements voice biometric with behavioral factors, which makes it practically unspoofable.
ZEFA has been granted patent in USA and Europe (EPO) ”Audiovisual Associative Authentication Method, Related System and Device”


Physical Access Control

Cloudkey Security is a biometric, highly customzable and easy to integrate.
Since none of the available identity verification method assumes physical contact, the lockingsystem can not constitute a contamination source for pathogenes. It is also not vulnerable tovandalism, since it exposes no fragile parts to outsiders.

Available authentication methods are:

  • NFC token / near field reader (card, key ring)
  • Face recognition
  • Speaker verification
  • PIN (Person Id Number) *
  • OTP (One Time Passcode) *
  • Dumb calls by mobile phone

* User’s mobile phone is used as remote keyboard or gesture control is used instead.

IP Telephony Realtime Translation

Participants in a conference call, speaking different languages, can authenticate by using biometricidentity verification.
It assures parties that they are speaking with the legitimate persons.
They can sign transcribed discussion digitally at the end of the call.
Identity verification is based on our method, which has been proved to be 100% resilient againstreplay attacks in the scientific IEEE/ACM Article"Robust Voice Liveness Detection and Speaker Verification Using Throat Microphones"IEEE/ACM Transactions on Audio, Speech and Language Processing
JANUARY 2018, Volume: 26, Issue:1
Print ISSN: 2329-9290
Online ISSN: 2329-9304
Digital Object Identifier: 10.1109/TASLP.2017.2760243
When participants use our dual microphone, which captures both audio and throat signals, thequality of voice is enhanced dramatically. The ambient noice is cancelled from the input data andtranslation process can utilize two, complementary voice streams which are synchronized.
Our IP telephony method ”Online Multimodal Information Method, Related System and Device” is patented.