classic | mobile
Follow us on:
Follow us on Facebook  Share via Twitter  Share via LinkedIn
 

Search...
Hi-Tech Security Solutions Business Directory
Residential Estate Security Handbook 2017


Easy, fast and secure
September 2017, Residential Estate (Industry), Access Control & Identity Management, Integrated Solutions

Let’s face it, biometrics is no longer the big deal it was a few years ago when South Africa led the way in the adoption of fingerprint biometrics. Today the world has caught up with the release of biometrics on smartphones and some incredible developments in face recognition technology as well as other forms of biometrics.

Yet, while it may not be the magical cure-all that was going to change the world it was way back when, biometrics, specifically fingerprint biometrics, is still the staple diet for businesses, governments and estates looking to streamline access control while improving the security of who is allowed in or not.

The key to biometrics is that it is hard to fake. Of course, those who keep tabs on the media know that iPhones (among others) have been ‘hacked’ with fake biometrics, but if you cast your mind back, some very prominent biometrics brands had their readers starring on YouTube a few years ago as people hacked them with photocopied fingerprints. Since then, the technology has improved significantly and you won’t find it quite as simple to fool today’s readers from tier-1 brands that invest in their products.

The key to biometrics is that at the moment of entry to an estate or a building, while you can offer up a fake identity document or driver’s licence and get away with it (unless the document is scanned electronically), it is hard to hand over someone’s finger or a fake finger to scan in real time. Even the most exhausted guard would raise an eyebrow if you told him to wait while you kept trying to get the reader to accept your plastic finger.

So how do biometrics and secure estates go together? Hi-Tech Security Solutions asked a few biometric experts to tell us about the fit between modern biometrics and secure residential estates.

Biometrics and estates?

If you believe the marketing material, biometrics is perfect for the access control to your estate and there are many estates you can use as an example where these systems are working well. But how does an estate know if its particular environment would be an appropriate location to use biometrics?

Deon Janse van Rensburg.
Deon Janse van Rensburg.

Deon Janse van Rensburg from ViRDI South Africa says that virtually any environment is suitable for some form of biometrics. “However, it is very dependent on how the entry and exit gates were designed, i.e. is there provision for goosenecks, can multi-tier goosenecks be deployed for different sized vehicles, how were the contractors’ or workers’ entrances designed etc.”

He mentions the physical design as some, especially contractor and worker entrances, sometimes seem to be set up as an afterthought. Then the question is what type of barrier is being used and, critically, whether the estate is able to afford its chosen biometric solution. As is mentioned in many instances in this publication, Janse van Rensburg is not only referring to the capital cost or affordability of the hardware, but also the hardware maintenance costs and the maintenance of the databases, hosting (if required), the costs of designated employees to manage enrolment and the general management of the system.

Walter Rautenbach.
Walter Rautenbach.

Similarly, Walter Rautenbach from Suprema South Africa agrees that biometrics is beneficial in any gated estate to ensure that true identity is used to gain access to the environment. Of course, he notes that the implementation of the same where the estate is not enclosed with secured fencing or barriers will not serve any real benefits.

“The starting point is usually the implementation of biometrics for residents and employees, as this is normally much easier than implementing and enforcing the same for visitors,” Rautenbach adds. “The main benefits are seen as convenience as well as security, although the element of security is normally diluted by persons accessing the estate without biometrics, be it due to unwillingness or just the practicality of using biometrics for visitors or day-to-day deliveries.

“General visitor access is normally made more difficult by introducing pre-visit booking, real-time host authorisations for entry and visitor management systems which can also use biometric capture as part of the process, but which is not normally used for physical access.”

Hendrik Combrinck.
Hendrik Combrinck.

While Hendrik Combrinck, MD of ZKTeco South Africa agrees with the above, he also cautions that each estate has an ecosystem of its own that needs to be taken into account when considering biometrics. “Probably the most important factor is the logistics at the entrances and exits. The two main issues an estate needs to consider at these points are the speed and security they need.

“I always recommend that estates do a proof-of-concept before making the final decision. The main benefit of biometrics technology is that it replaces other technologies that can be lost, stolen or even passed on to people that must not have access to the estate.”

Weakening your security

This concept is expanded by Rautenbach, who adds that residents not participating, due to fear of sharing their biometrics or due to their being unable to use biometrics, introduce risks biometrics is supposed to avoid. “When issuing one person with a password or a PIN on a biometric controlled infrastructure, it can be argued that the whole security system is compromised as PINs or cards can be shared or lost. In this case, when a syndicate gets hold of your card, it can introduce risks to the entire estate.”

He notes that the new trend of using mobile credentials, such as NFC or Bluetooth Low Energy (BLE) opens up new ways of reducing these risks. With mobile credentials, the ‘secure credential’ is loaded on the user’s mobile and acts as the card for access. The reason why this improves security is the fact that the card is specific to the mobile device, and in today’s mobile-dependent society, one will definitely realise if your phone has been lost, and one does not easily share it with someone else. Standard insurance requirements to block a mobile device if it is stolen also means that the card becomes null and void.

“Although criminals and syndicates will continue to find flaws in security systems, biometrics does make it more difficult when managed correctly, and the deterrent alone does help reduce breaches in security,” Rautenbach says. “The measure of controlling employee, domestic and contractor access through biometrics on its own enhances the safety of the estate without a doubt. For me personally, however, the convenience is enough to win me over.”

Given the publicity around other forms of biometrics, Janse van Rensburg notes that it is important to note that certain biometric technologies are just not mature or robust enough for use in estate applications. “Facial recognition and iris or retina systems, for example, are not optimal for estates as they are not designed for external applications and are reliant on the user being face-on or in the same position every time they transact, which is almost impossible as the biometric system will more than likely be deployed on vehicle access points.

“Basically, this leaves fingerprint biometrics, which has its own set of challenges, but if the correct product is used then the system works wonderfully well. Once again, dependent on the product being used, fingerprint biometrics are secure and it allows the management of the estate to keep a better handle of who has access and who doesn’t. The challenge with any estate access system is always how to handle contractors and workers, as this tends to be fluid once the right biometric technology is chosen and installed and managed properly.”

How to handle refusals

No matter how you promote the benefits of biometrics, whether it be speed or security, there will always be those who can’t or won’t use it. On the one hand, people may see it as an invasion of privacy and refuse to enrol because they don’t know how biometrics works and nothing you say will dissuade them. Then there are those who will balk at fingerprint technology due to, shall we say, a less than sterling past they fear will catch up with them if their fingerprints are checked against a law enforcement database or are ‘out in the wild’, as some people believe will happen when scanning a finger on a biometric reader.

Then there are those whose fingerprints just won’t be read. Elderly people can often fall into this category as their prints are worn, as can people who are involved in manual labour.

The list of people who can’t be fingerprinted, as well as those who should not includes children younger than 7, which Janse van Rensburg explains have little or no friction ridge definition. Additionally, he says children between 7 and 18 have friction ridges that constantly evolve, while people over the age of 65 start losing friction ridge definition due to the skin losing its structure.

Moreover, he says people with diseases such as psoriasis have awful friction ridge definition and people undergoing chemotherapy often have issues with friction ridge details constantly changing. He adds that the Multispectral Response Imaging technology ViRDI uses addresses many of these challenges and has a usability rate of about 98%.

To handle these and other ‘no-read’ scenarios, estates will need to make another plan. Fortunately, Combrinck explains, multi-biometric terminals are becoming a popular option at estates. This can allow a combination of biometric recognition, such as fingerprint and facial recognition combined, or it can also include additional verification modes, be it a type of card reader or PIN pad people can use to access the estate.

At the same time, Rautenbach notes that while there used to be a significant percentage of people who could not be ‘read’, technology has advanced and “over the past 10 years we have seen a 90% decrease in these cases.

“Alternatives that exist include multi-modal biometrics, where either one or the other can be used, such as facial recognition. In the past facial recognition did not work in direct sunlight or fluctuating light conditions, but once again technology has shown that these hurdles can be overcome.”

He adds that not every estate can afford to implement multi-modal systems and therefore the go-to solution is issuing cards or PINs. “Once again the utilisation of mobile credentials does offer some benefits over standard cards.”

Another option would be to use combined fingerprint and finger vein readers, which are more popular today. This technology reads the unique patterns of the veins in your finger, even if your fingerprint is unreadable. Combrinck suggests that an option would perhaps be to use finger vein readers at vehicle entrances and facial recognition at the employee entrances and turnstiles.

He adds that one can’t force someone, such as an employee, to use biometric access systems, but it can be made mandatory depending on the rules of the estate. If the written policy is that all employees need to be vetted, for example, they will have to agree to being fingerprinted at least once if they want the job. Naturally this is a sensitive subject in this country and should be handled with care.

On this topic, Rautenbach adds that most employers require criminal clearances as part of the screening process, and this applies to estates as well where failure to do so can cause harm to the residents and everyone else on the estate. “Employees are therefore well aware of biometrics, and employers using it for access control are not frowned upon in South Africa.”

The privacy question

Although many raise their eyebrows when questioned about the safety and privacy aspects of using biometrics, and in this instance we focus on fingerprint biometrics, it is a concern for many. The standard argument is that when using a PIN, password, card or mobile credentials to gain access, if your identity is compromised you can block the access and issue a new one. With fingerprints, if someone does manage to copy your prints and somehow manages to use it to identify themselves as you, what can you do? You certainly can’t be issued with a new fingerprint, and the same applies to other biometrics, be it face or finger vein etc. How do the biometrics vendors counter this?

“Your system is only as good as the installation,” says Combrinck, “and this is very true in this context. All the manufacturers take these points very seriously and go out of their way to secure the whole experience, from the hardware, communication protocol and the database storing all the information. This is the same with ZKTeco.”

It all comes down to the product being used, says Janse van Rensburg. “There are some biometric products that will keep a physical image of the fingerprint on the database and these are the ones that are prone to hacking. Most tier-1 products, however, only keep the fingerprint template as a hexadecimal string in the database. These templates only carry information in regards to minutiae points and not the complete fingerprint, so even if the database does get hacked, the complete fingerprint is not there.

“Think of it as GPS coordinates without a map. Add to this that tier-1 vendors encrypt this template to a proprietary AES standard and the whole trope about stolen fingerprints falls apart.

“Many systems are vulnerable to ‘spoofing’ where fake fingerprints can be manufactured from household items such as bathroom silicon or candle wax and it is important that the product being chosen have LFD (Life & Fake Fingerprint Detection) technologies as part of the product specification. It must be noted that in instances where spoofing is involved, the fingerprint was stolen not from the system, but physically – in other words, lifted from glass etc.”

It also helps putting the whole issue in context. Rautenbach counters, “It is far easier to steal your neighbour’s fingerprints off a glass after an invitation for sundowners or for a stranger to do the same while ‘collecting recyclables’ from a dustbin, than trying to hack a fingerprint reader.

“Fingerprints are so widely used because it is what you leave behind at a crime scene, or at your neighbour. If you have concerns such as this you should ensure your fingerprint provider uses certificate-based, industry-recognised encryption and live finger detection, which is now the standard against spoofing, and it counters the fear of your finger being chopped off to get access.”

Technology options

Fortunately, all the interviewees in this article represent tier-1 biometric vendors, meaning that their products will incorporate the latest in terms of security and privacy technologies.

When asked what would be his recommendation for using biometrics on estates, Combrinck says he always recommend a robust and cost-effective solution. “Since the launch of the ZKBioSecurity system, which includes access control, visitor management and camera integration modules, we have seen a dramatic uptake by estates because of the ease of use. This system dramatically cuts costs for estates by integrating to our inBio controllers that only need slave biometric readers to provide access.”

Janse van Rensburg’s recommendations include IP65 rated products that have the necessary user count required for the estate. “From a ViRDI perspective, I would only use our AC2200H and AC5000Plus units for estates. If the user count exceeds the user count capability of the terminal, we can always revert to network authentication (this is a built-in capability on all ViRDI terminals), however, the network infrastructure being used must be of the highest quality and exceed ISO and IEEE standards.”

Products offering speed, suitable for outdoor implementation and offering live finger detection to ensure your identity is not stolen by hackers is Rautenbach’s advice. “Suprema’s BioEntry W2 is a prime example, offering 1 to 150 000 matches in less than a second, an IP67 rating that exceed outdoor requirements, multi-dynamic range optical technology that works in direct sunlight and which is suitable for extreme finger conditions.

“The IK08 vandal resistant rating guards against drunken neighbours and begrudged staff, while multi-card reading allows you flexibility when using cards, and it supports secure mobile credentials if you feel your environment should be secured by multifactor authentication. With simplicity and a beautiful design it seamlessly blends with modern design to suit any lifestyle that demands high security and most of all, convenience.

For more information contact:

Suprema, +27 (0)11 784 3952, enquiry@suprema.co.za, www.suprema.co.za

ViRDI Distribution, +27 (0)11 454 6006, deon@virditech.co.za, www.virditech.co.za

ZKTeco (SA), +27 (0)12 259 1047, hendrik@zkteco.co.za, www.zkteco.co.za


Credit(s)
Supplied By: Suprema
Tel: +27 11 784 3952
Fax: 086 552 0819
Email: enquiry@suprema.co.za
www: www.suprema.co.za
Supplied By: Virdi Distribution SA
Tel: +27 11 454 6006
Fax:
Email: info@virditech.co.za
www: www.virditech.co.za
Supplied By: ZKTeco
Tel: +27 12 259 1047
Fax:
Email: hendrik@zkteco.co.za
www: www.zkteco.co.za
  Share via Twitter   Share via LinkedIn      

Further reading:

  • Back to the future
    September 2017, Adamastor Consulting, This Week's Editor's Pick, Cyber Security, Integrated Solutions, Residential Estate (Industry)
    The future is not what it used to be. Rob Anderson looks at estate security in 2027.
  • Assessing risks in security technology systems
    September 2017, Adamastor Consulting, This Week's Editor's Pick, Security Services & Risk Management, Residential Estate (Industry)
    Technology used to mitigate physical risks comes with its own risks that need to be addressed.
  • Manage your data appropriately
    September 2017, This Week's Editor's Pick, Security Services & Risk Management, Residential Estate (Industry)
    Home is where one relaxes and forgets about the stresses and demands of day-to-day life, except if your job is managing an estate and the security of its residents.
  • Who’s on your estate?
    September 2017, LexisNexis, Security Services & Risk Management, Residential Estate (Industry)
    Verifying a candidate’s identity is one of the most important checks to conduct as it establishes whether a person is really who they say they are.
  • Are you sure you are living in a secure estate?
    September 2017, SAIDSA (SA Intruder Detection Services Association, Residential Estate (Industry)
    SAIDSA developed a short questionnaire to help you decide if you are living in a secure estate or not.
  • Managing technology risks for effective estate security
    September 2017, Technews Publishing, Residential Estate (Industry), Cyber Security, Integrated Solutions, Conferences & Events
    Hi-Tech Security Solutions and Rob Anderson hosted the Residential Estate Security Conference 2017 in Johannesburg earlier this year.
  • Effective, PoPI-compliant visitor management
    September 2017, Residential Estate (Industry), Security Services & Risk Management
    Establishing the correct identity of visitors to an estate or complex is crucial to effective security, especially with the Protection of Personal Information (PoPI) Act looming.
  • Essential backup power equipment
    September 2017, Eurobyte Technology, Legrand Southern Africa, This Week's Editor's Pick, Security Services & Risk Management, Residential Estate (Industry)
    Planning for unexpected power outages has become an essential part of any security strategy for residential estates wanting to keep their security running.
  • Five safety rules
    September 2017, DEHN Africa, This Week's Editor's Pick, Security Services & Risk Management, Residential Estate (Industry)
    Working on electrical installations can be dangerous as those that are not properly connected or maintained pose a serious risk to both people and property.
  • Deepening the value of surveillance
    September 2017, Hikvision South Africa, Residential Estate (Industry), CCTV, Surveillance & Remote Monitoring, Cyber Security
    Deep Learning has swept through the IT industry, bringing benefits and better classifications to a number of applications. Now it’s changing security as well.
  • From the outside in
    September 2017, Betafence South Africa, Residential Estate (Industry), Access Control & Identity Management, Perimeter Security, Alarms & Intruder Detection
    Global perimeter fencing leader Betafence believes that the perfect residential estate security solution is one that derives from a synergistic integration of various elements.
  • Partnering with estates for security success
    September 2017, Elf Rentals - Electronic Security Solutions, This Week's Editor's Pick, Perimeter Security, Alarms & Intruder Detection, Integrated Solutions, Residential Estate (Industry)
    The team at Elf Rentals considers themselves to be specialist partners in the electronic security sector in terms of the financing, installation and maintenance of security contracts.

 
 
         
Contact:
Technews Publishing (Pty) Ltd
1st Floor, Stabilitas House
265 Kent Ave, Randburg, 2194
South Africa
Publications by Technews
Dataweek Electronics & Communications Technology
Electronic Buyers Guide (EBG)

Hi-Tech Security Solutions
Hi-Tech Security Business Directory (HSBD)

Motion Control in Southern Africa
Motion Control Buyers’ Guide (MCBG)

South African Instrumentation & Control
South African Instrumentation & Control Buyers’ Guide (IBG)
Other
Terms & conditions of use, including privacy policy
PAIA Manual
         
    Mobile | Classic

Copyright © Technews Publishing (Pty) Ltd. All rights reserved.