The Canadian firm is the only provider of a high-security access control system certified by the French cybersecurity authority

The demands placed on physical security systems are rising steadily across Europe. Critical infrastructure, energy suppliers, airports, healthcare facilities and public administrations are increasingly confronted with hybrid threats in which cyberattacks and physical security risks are intertwined. Against this backdrop, the independent assessment and certification of security solutions is becoming increasingly important.

The security software manufacturer Genetec has now reached an important milestone: according to the company, it is the only provider of access control systems whose high-security solution has been certified by the French cybersecurity authority ANSSI.

Highest level of trust for access control systems

The certification applies to the Genetec Security Center Synergis access control system, including the Synergis Cloud Link components and a secure I/O module from the company STid, developed specifically for this architecture. Also included in the certification are STid SSCP v2 readers in transparent mode, as well as MIFARE DESFire EV2 and EV3 smart cards.

Genetec had already received the so-called CSPN certification (Certification de Sécurité de Premier Niveau) from ANSSI back in 2025. The qualification now achieved goes significantly further. Whilst certification confirms that a product meets defined security requirements at the time of testing, the qualification encompasses additional technical tests, audits and a long-term commitment to compliance with security requirements.

Significance for Critical Infrastructure

For operators of critical infrastructure, this accreditation is of particular relevance. The ANSSI qualification confirms the solution’s resilience against sophisticated cyber and physical attack scenarios and certifies compliance with particularly high security and trust standards.

Particularly in sectors such as healthcare, energy supply and air transport, there is growing pressure to combine regulatory requirements with effective protective measures. Modern access control systems have long since taken on more tasks than simply managing access points. They are increasingly becoming an integral part of an organisation’s cyber defence strategy.

The certification provides French operators of critical infrastructure with additional assurance regarding compliance with national regulations. At the same time, the certification also sends a strong signal beyond France’s borders, as it is awarded by a recognised state cybersecurity authority and is recognised across Europe as proof of exceptional security standards.

Cybersecurity as an integral part of physical security

This development highlights a fundamental shift in the security market. Access control systems are no longer viewed in isolation, but as networked IT systems with direct connections to corporate networks and cloud infrastructures. Consequently, they must meet the same cybersecurity requirements as other critical IT components.

In this context, Genetec highlights a range of other international security certifications and compliance credentials. These include, amongst others, the ISO 27001 and ISO 27017 standards, SOC 2 Type II, UL 2900-2-3 Level 3, as well as various national security programmes. Furthermore, the company’s solutions meet the requirements of the European General Data Protection Regulation (GDPR) and the current NIS2 Directive.

A signal for the European security market

The ANSSI qualification underscores the growing importance of trustworthy and demonstrably secure access control systems in the European market. In view of increasing regulatory requirements and a rising number of cyber-physical threats, independent security assessments will play an even more important role in the selection of security solutions in future.

For operators of critical infrastructure, public sector clients and companies with high compliance requirements, the certification provides further evidence that modern access control systems not only protect physical access but can also function as part of a holistic cyber resilience strategy.