In the past, your choices for access control system credentials were essentially between a swipe card or a keypad code. Today, as in every industry, technology has advanced. The options for how users gain access to buildings or areas have multiplied considerably. How do you know which credentials are right for your system, and how do you make the choice?
Scroll to learn more
Access control systems restrict and regulate entry to secure buildings or defined areas. In order to control the access, the systems require a means of identifying individuals and verifying whether they have permission to gain entry. Credentials are that means of identification.
There are three basic categories of credentials:
When you’re considering installing or upgrading an access control system, it’s important to think carefully about the kind of credentials you want to use. Here are some factors to consider.
Technology has advanced in leaps and bounds in the security industry. There are now many different protocols and standards for access control systems. Here are some of the most common technologies widely available for credentials:
There are risks associated with every type of access control credential, but some are greater than others. For example, a password or PIN can be easily forgotten, or stolen if a user writes it down or does not conceal their hand when inputting it. Keys, swipe cards, and fobs are also commonly lost by or stolen from users, and could be used by an attacker to gain access to a building.
Biometric data is intrinsic to individuals. The chance of someone else having identical fingerprints to you is 1 in 64 trillion. It is extremely difficult to steal biometric data from someone, making these kinds of credentials an excellent choice for higher security requirements. However, if biometric data was stolen or cloned from a system, bear in mind that once stolen, it is compromised forever. You can set a new password or issue a new swipe card – you cannot replace your fingerprints, iris, or facial features.
More than anything, day-to-day users of access control systems want whatever is the most convenient solution for them. The less intrusive or disruptive the system, the more they will like it. If they have to carry a key for the front gate, input a PIN to enter the car park, then swipe a card to get into the building, and remember a different PIN for the on-site gym, it’s likely they’ll be unhappy with the inconvenience of the system.
Equally, if the credentials are difficult to use or take too long to respond, it’ll interrupt their daily activities and can encourage misuse. If it takes one person 10 seconds to input a PIN and unlock the door, and you require every user to input the PIN individually, then either queues are going to build up at high-traffic times, or people are going to tailgate and you’ll lose the accuracy of your reporting.
It’s therefore important when choosing the right credentials to find a balance between the requirement for robust security and the impact on users’ day-to-day lives.
Different types of credentials also require different levels of bureaucracy to manage them effectively. Security managers need to consider how much time and budget they are willing to spend on the ongoing administration of the system. For example, systems using physical credentials like cards or tags usually come with a recurring replacement cost because people lose or damage their credentials.
Meanwhile, a keypad code costs nothing to replace, but might need to be changed on a more regular basis to reduce the risk of security breach. Security managers would then have to ensure all users are updated effectively each time the code is changed.
Multi-use credentials are those which can be used at multiple entry points or for multiple purposes. For example, in an office building, you might be able to use an access card to unlock the front door, pay for food in the cafeteria, and access the gym. These systems prioritise the user’s convenience by reducing the amount of different credentials they need to carry or remember.
Multi-factor credentials refer to systems which require more than one credential to validate the identity of users. These systems prioritise security over convenience as they force users to present more than one credential before they can be granted access. High security systems commonly require multi-factor credentials. This might consist of presenting an access card and then inserting a PIN, or scanning a fingerprint and then an iris. Adding required validation methods to a system hugely decreases the likelihood of an intruder gaining unauthorised access by using false credentials.