,(((,QWHUQDWLRQDO&RQIHUHQFHRQ5RERWLFV$XWRPDWLRQ$UWLILFLDOLQWHOOLJHQFHDQG,QWHUQHWRI7KLQJV5$$,&21
1RYHPEHU'HFHPEHU'KDND%DQJODGHVK
IoT and Wi-Fi Based Door Access Control System
using Mobile Application
Rehnuma Reza Deepty
Department of CSE Department of CSE
Jahangirnagar University Jahangirnagar University
Dhaka, Bangladesh Dhaka, Bangladesh
[email protected]
[email protected]
[email protected]
Abstract—With the advent of technology, it is hard to find
such field where technology has not appeared. One of the most
citable area where technology is applied is security. Door access
system is one of the major concern of home security. It has been
enhanced with the days using different techniques such as, mobile
application, real-time authentication system (e.g. audio and video
processing), Bluetooth and other technological inventions. Later,
Internet of Things (IoT) has been introduced to this field as
well. This paper illustrates, an IoT and Wi-Fi based door access
control system, where a user can control the access to the door
using his phone remotely within the coverage area provided
by the wireless Access-Point that is situated inside the home.
This system takes advantage of Biometric feature of the Android
phone which is used to validate authorized user and a cloud based
server as the medium of user verification. The strong point of
our system is multiple layered automated security system where
authentication is performed on both ends (mobile application and
door access controller) beyond user’s perception which prohibits
unauthorized access or manipulation. We have used Raspberry
Pi as the door access controller and other state-of-the art devices
to create testbed of the system and verified its use in practical
environment.
Index Terms—Internet of Things (IoT), Android, Door access
system, Biometric feature.
I. I NTRODUCTION
The security has always been a matter of concern since the
dawn of the evolution of community. The origin of door lock
[1] can be traced back as far as 4000 B.C., in Egypt,Greece
and Iraq. These locks shared the same basic principle of pin
locks today where pins of varying length prevented access
to the door unless the matching key was inserted to line up
the pins and access the door. Then, all the door access system
were provided with traditional deadlock system where a person
needed to keep his keys with himself all the time when he/she
is not at home. This traditional system often leads to the
situation of losing keys and breaking the door to access as
a consequence. Moreover, carrying keys all the time is not a
safe enough. This is when the technology arrived to ease the
door access system.
Security for home appliances has become a challenge
in these present days. Even though lot of techniques and
measures exist to provide security over them, there are still
questions on ease of their uses. The motivation for developing
‹,(((
Authorized licensed use limited to: Auckland University of Technology. Downloaded on May 23,2020 at 22:55:34 UTC from IEEE Xplore. Restrictions apply.
Albina Alam Dr. Md. Ezharul Islam
Department of CSE
Jahangirnagar University
Dhaka, Bangladesh
such IoT-based [2] door access system has been evolved from
there. The Wi-Fi and cloud based door access system will
ensure that only the authorized user can access the door. We
also get encouraged from the fact that, the android app based
door lock system is available everywhere, however, the access
techniques completely depend only on the app which is a
drawback because it can cause system vulnerability. So, The
motivation of our project is to overcome these drawbacks and
create an efficient system that is safe and secured.
In this research, we propose a door access system which
is activated on Wi-Fi [3] TCP/IP communication and is to
be operated using only a mobile application that will take the
biometric feature of the user and then perform another authen-
tication process beyond the user’s perception, using mobile
specific IMEI number by comparing it with the registered one
stored on the cloud server to make sure that only registered
phone is using as a key.
This paper conveys the details of related works done in
this field in section II. In section III, the system architecture
has been depicted with adequate diagrams. Section IV and V
contains the system security and the system implementation
and evaluation respectively. Section VI concludes this paper
with some future works.
II. R ELATED W ORKS
Many door access control based researches can be found
in literature. However, none of them has presented similar
advanced features as our proposed system.
In [4], Kamelia et al. has proposed a Bluetooth based
automation system .The system has been designed to simulate
a Bluetooth controlled electronic key, which is controlled by
a smart phone.
In [5], Britto et al. has given proposal on a Sixth Sense
Door using Internet of Things. They have provided the concept
of sensing movement in front door. An attached camera will
capture image of the person after a motion sensation. The
image will be transmitted to the owner’s phone which will
appear as a push notification.
In [6], Sarika et al. has proposed a smart login system using
biometrics. The system is motivated to use fingerprint scanner
to unlock the door.

 In [7], Burns et al. has proposed a RFID controlled door
lock . where the door lock is controlled with an exterior RFID
card input.
In [8], Pang et al. has patented on Bluetooth and Biometric
feature based Access Control System. They have proposed that
the door will be unlocked using the biometric features as an
authentication media and setting a Bluetooth communication
link between app and the controller.
In [9], Kassem et al. has proposed a smart door lock pro-
viding security via WiFi . The system has been implemented
by generating digital keys on user’s phone which is used as
the authentication method for validating the legitimate user’s
identity.
In [10], Hadis et al. has proposed a smart door lock system
using IoT where the door will be unlocked automatically if
the user’s phone has reached within the Bluetooth range.
In [11], Thakur et al. has proposed a door lock system which
is controlled using biometric or facial recognition via mobile
application using WiFi or Bluetooth as the communication
link.
III. S YSTEM A RCHITECTURE Fig. 1. System Architecture

Our system is established on the concept that, the users

phone IMEI number will be registered in the controller. Only
his/her fingerprints applied on the phone in the vicinity of the
Wi-Fi network provided by the router established inside the
home, will unlock the door. On each trial, the IMEIs will be
stored in the cloud for in-query purpose.The whole system
architecture is depicted in Fig. 1.
A. Parts of The System
1) Door lock: We have used Electronic door lock so that
it can get signal from our controller which is given after the
proper verification and authentication
2) Door Access controller: This controller acts as a central
to the door lock by giving command whether to open or close
the door. It is an interface between all other modules used to
develop this system. It also act as a socket server to get signal
from socket client under the same IP address.
3) Cloud Server: A cloud based server is required to store
the encrypted IMEI number in order to perform authentication
on each attempt. It also functions as a storage medium for
keeping required data of a registered user.
4) Mobile Application: When a legitimate user opens the
application, it will lead him/her to a screen asking for finger-
print as the beginning of first authentication. The successful
authentication will allow to establish a TCP/IP socket commu-
nication between the mobile phone and door access controller.
B. System Operation
System starts with the mobile application in which user
needs to go through registration process with the specified
credentials (i.e.name, address, phone number, access scheme
etc.). These information are stored in the cloud which will be
needed for further authentication process. After a successful
registration, the user will be directed to register his/her android
phone’s IMEI number to the door access controller using
keypad.
After the registration process is done, the user can be
able to use the system inserting his/her fingerprint on his/her
phone’s scanner. The system operation is depicted through
Table I.
The operations that take place beyond user’s perception are
classified and they are:
1) Retrievation of IMEI: After an insertion of valid fin-
gerprint into the mobile app, the IMEI of mobile phone is
fetched.
2) Data Encryption and Decryption: After a successful
fetching of IMEI, the unique number is encrypted using cipher
algorithm within the app. The encrypted IMEI is decrypted in
the second phase of authentication process.
3) Cloud Data Storage: The encrypted IMEI is stored in the
cloud server and retrieved by controller during authentication.
4) Authentication: There is two level of authentication in
this project. First one takes place during biometric feature
insertion into the app. And the other one takes place after
the socket communication between mobile and the controller.
C. Special Features
The system is schemed with a special feature that will be
conducted by the user in some special situations, for example,
when the phone gets lost or questioned by security breaches.
When the phone gets stolen or lost, the user can go to
the website designed for this system using any machines
nearby and can change the access scheme from fingerprint to
password scheme. He/she can also set or update password in
that situation. But before doing this, the user has to go through
an account verification process using email and password.



Authorized licensed use limited to: Auckland University of Technology. Downloaded on May 23,2020 at 22:55:34 UTC from IEEE Xplore. Restrictions apply.
 TABLE I TABLE II
S TEPS OF SYSTEM OPERATION D ETAILS OF R EQUIRED S OFTWARE

Device Steps Modules Visibility Method Software/Environment Specification

Name to user
1 Registration Visible Storing user credentials Android Studio Android Studio 3.1
in the app to the cloud storage. Operating System Raspbian
2 Log In Visible Verification with the stored Programming Language Python 2.7, Java 8
data in the cloud.
Android 3 Fingerprint Visible Fingerprint scanned and
matched with the
registered one.
Phone 4 Retrieving Invisible App dials *#06# to retrieve V. S YSTEM I MPLEMENTATION AND E VALUATION
IMEI IMEI number and
encrypts it. In this section, we present the detail procedure of the step
5 Sending IMEI Invisible Encrypted IMEI is sent
to the to the cloud server
by step implementations.
cloud server
6 Wifi Invisible A TCP/IP socket connection A. Building Android app
communication request is sent as client.
Door 1 Wifi connection Invisible A TCP/IP socket connection The software part of this system grandly implemented in
with the app request is accepted as server.
Access 2 Retrieving the Invisible Decrypting the data building android app. To enhance the features required for
last IMEI stored (IMEI) stored in the cloud.
in the cloud
this app are described below-
Controller 3 Authentication Invisible Run verification between 1) BiometricPrompt API : To enable the fingerprint fea-
two data (stored
and retrieved) and if ture on the app, the BiometricPrompt API [12] has been
matched, leads to step 4 used.Android version 6.0 or higher can only have the Biomet-
4 Door Visible Passing signal to the lock
unlock and gets unlocked. ricPromot API. Minimum API level 23 is required for enabling
the BiometricPrompt API.
2) IMEI Number Retrieving : To fetch the IMEI number
The website also offers the user to check the activity logs, we required TelephonyManager [13] class that asks user
that is, how many attempts have been made to unlock the door permission to access the contacts to fetch the IMEI number.
and their schedules. 3) Firebase: Firebase platform [14] has been used in order
IV. S YSTEM S ECURITY to store the user credentials during registration and also the
IMEI of user’s mobile phone for facilitating further authenti-
We have retained most of the important operations such as
cation process.
retrieving IMEI number, establishing Wi-Fi communication
between client and server device, comparison etc. beyond B. Configuring Raspberry PI
user viewpoint to make the system more secure as well as
user friendly. And this feature made our system to prevent The system is implemented using Raspberry Pi [15] as
unauthorized access from any dishonest system manipulation the door access controller. The Pi has been configured with
or intrusion. different useful libraries such as Rpi.GPIO , pad4pi, python-
For securing the system we have used the following firebase, to integrate with other components.
features-
C. Interfacing Keypad
A. Biometric A 4x4 matrix keypad has been interfaced with the controller
Biometric feature is used in mobile application to ensure for the purpose of pre-registration.
that the phone is on the correct hand (i.e. legitimate user).
D. Establishing TCP/IP Socket communication
B. IMEI Number
For establishing communication link between the android
To prevent any unauthorized attempt we have used IMEI app and the controller, A TCP/IP socket communication [16]
number to match with the one stored on the door access data link has been used. TCP/IP socket communication system
controller during installation process. This will ensure only establishes connection between client and server who are using
user specified mobile phones to initiate any attempt. common IP address of IPv4.
C. Cryptography
E. Connecting the Lock to the Raspberry pi using relay
Since IMEI number from mobile application is stored on the
cloud server, so had to make it secure so that no overhearing A 12 volt solenoid electric lock has been interfaced with
can occur. the PI to demonstrating the lock/unlock. The lock has been
interfaced via 5 volt relay module with the controller for safety.
D. TCP/IP socket communication The full specification of required software and hardware is
In socket communication the user or mobile application acts summarized in Table II and Table III respectively.
as client and the door controller acts as server in the network.
Whenever the communication link is established, door access The complete diagram of our implemented system is shown
controller will start authentication process. in Fig. 2:



Authorized licensed use limited to: Auckland University of Technology. Downloaded on May 23,2020 at 22:55:34 UTC from IEEE Xplore. Restrictions apply.
 TABLE III Fi communication to conduct all form of communication and
D ETAILS OF H ARDWARE signal passing.
Device Name Specification
Door Access Controller Raspberry Pi 3 Model B
VI. C ONCLUSION
Keypad 4X4 Matrix keypad In this paper, we have introduced a robust and secured sys-
Door Lock 12 volt solenoid electric lock
Relay Module 5 volt Relay module tem with a simple user interface. This system is implemented
Resistor Red and Green (Optional) using raspberry pi as the controller, mobile application as user-
access device and firebase as cloud data storage. One of the
most signicant characteristics of this mobile application is
that it automates the generations of IMEI to the Raspberry
Pi beyond the user’s perception. This makes the mobile
application more adaptable and feasible because users do not
need to memorize the whole chunk of patterns or password
to automate the access system. In future, we would like to
enhance the system to support multi-user and extend it as one-
spot home automation and security system.
R EFERENCES
[1] T. Young, “The Evolution History Of Smart Door Locks,” WiredS-
mart, 25-Nov-2018. [Online]. Available: https://wiredsmart.io/smart-door-
locks/evolution-and-history-door-locks/. [Accessed: 27-Aug-2019].
[2] R. Buyya and A. V. Dastjerdi, Internet of Things: principles and
paradigms. Amsterdam: Morgan Kaufmann, 2016.
Fig. 2. Implemented System [3] M. Gast, 802.11 wireless networks: the definitive guide. Sebastopol, CA:
OReilly, 2005.
[4] L. Kamelia, A. Noorhassan S.R, M. Sanjaya and W. Mulyana, ”Door-
F. System Evaluation Automation System Using Bluetooth-Based Android for Mobile Phone”,
ARPN Journal of Engineering and Applied Sciences, vol. 9, no. 1819-
We have compared our proposed system with few other 6608, pp. 1759-1762, 2014.
papers which we have reviewed to clearly depict the robustness [5] J. Britto, V. Chaudhari, D. Mehta, A. Kale, and J. Ramteke, “A Sixth
Sense Door using Internet of Things,” International Conference on
of our system. A comparison table based on used features is Computer Networks and Communication Technologies Lecture Notes on
shown in Table IV. Data Engineering and Communications Technologies, pp. 545–555, 2018.
Through comparing our system with others, we found that [6] C. G. Sarika, A. B. Malakreddy, and H. N. Harinath, “IoT-Based
Smart Login Using Biometrics,” International Conference on Computer
no one ever have implemented any authentication process Networks and Communication Technologies Lecture Notes on Data
for user specific mobile even though mobile phone has been Engineering and Communications Technologies, pp. 589–597, 2018.
used as an important factor. But we have added a “Mobile [7] Burns, D. Dahlinger, B. Guenther and T. Johnson, ”RFID Controlled
Door Lock”, Mechatronics Final Projects., vol. 9, 2018. [Accessed 12
Specific Authentication” which makes our proposed system July 2019].
more robust. This system can be easily deployed in any place, [8] K. Loong Pang and H. Seng Teh, ”MOBILE - BASED ACCESS
such as, home, vault locker, hostel etc. where security and CONTROL SYSTEM”, 16 / 059 , 537, 2019.
[9] A. Kassem, S. E. Murr, G. Jamous, E. Saad, and M. Geagea, “A smart lock
confidentiality is a matter of concern. system using Wi-Fi security,” 2016 3rd International Conference on Ad-
Also most of the researches shows that they had used vances in Computational Tools for Engineering Applications (ACTEA),
both the Wi-Fi and Bluetooth as communication link from 2016.
[10] M. S. Hadis, E. Palantei, A. A. Ilham, and A. Hendra, “Design of smart
Android device to controller and cloud server that could lock system for doors with special features using bluetooth technology,”
make the system more ill-shaped. We have used Only Wi- 2018 International Conference on Information and Communications Tech-
nology (ICOIACT), 2018.
[11] P. Thakur, A. Shetty, M. Parvadia, O. Pokharkar, and S. Shinde, “IoT
Based Portable Smart Lock,” SSRN Electronic Journal, 2019.
TABLE IV [12] “BiometricPrompt,” Developers. [Online]. Available:
C OMPARISON OF OUR PROPOSED SYSTEM WITH PREVIOUS WORKS https://developer.android.com/reference/android/hardware/biometrics/Bio-
Researches Biometric Wi-Fi Bluetooth Mobile Based Real-time Android
metricPrompt. [Accessed: 02-Aug-2019].
Features Identification Database Application [13] “IMEI.INFO,” IMEI.info, 08-Apr-2019. [Online]. Available:
Kamelia       https://www.imei.info/faq-what-is-IMEI/. [Accessed: 27-Aug-2019].
et al. [4] [14] ”Retrieving Data — Firebase Realtime Database”, Firebase, 2019. [On-
Britto      
et al. [5] line]. Available: https://firebase.google.com/docs/database/admin/retrieve-
Sarika       data. [Accessed: 25- May- 2019].
et al. [6] [15] C. Dow, Internet of things programming projects: build modern IoT
Pang      
et al. [8]
solutions with the Raspberry Pi 3 and Python. Birmingham: Packt Pub.,
Kassem       2018.
et al. [9] [16] “TCP Server-Client implementation in C,” GeeksforGeeks, 12-
Hadis       Sep-2018. [Online]. Available: https://www.geeksforgeeks.org/tcp-server-
et al. [10]
Thakur       client-implementation-in-c/. [Accessed: 27-Aug-2019].
et al. [11]
Our Proposed      
System



Authorized licensed use limited to: Auckland University of Technology. Downloaded on May 23,2020 at 22:55:34 UTC from IEEE Xplore. Restrictions apply.