US Patent 10181231 Controlling access to a location

A method of controlling access to a location secured by a lock mechanism. An access control management system (ACMS) administrates electronic keys for multiple locations and users carrying mobile units. A lock mechanism controls the lock mechanism at the location. Each of data records associated with lock control units includes key generation data for generating an electronic key for a corresponding lock control unit. A generated key is communicated from the ACMS to the user mobile unit. The key indicates an access right to the location and has an associated lock control unit identifier. The key is communicated from the user mobile unit to the lock control unit at the location, which authenticates the key and, subject to successful authentication of the key, operates the lock mechanism. The key includes a data item cryptographically protected between the ACMS and the lock control unit using a cryptographic key unknown to the user mobile unit.