classic | mobile
Follow us on:
Follow us on Facebook  Share via Twitter  Share via LinkedIn

Hi-Tech Security Solutions Business Directory
Residential Estate Security Handbook 2018

Selecting your biometric solution
September 2017, Residential Estate (Industry), Access Control & Identity Management

We know biometrics can solve many access and identity related problems, but what does one need to know when shopping for a biometrics solution. The sad reality is that all biometrics are not created equal, and while it may be a budget bonus to buy your products over the web at a cheap price with free shipping, you may be buying a world of trouble.

Then there’s the challenge of selecting an installer or systems integrator to advise you and do the installation of the biometric solution. Can you rely on the chap in the bakkie to set up the system properly, including the server and backups (and the security)? Can you count on them to support you over the long term?

We asked a few people to give us some insights into how an estate manager should go about making sure the biometrics and service provider chosen makes the grade. We also asked what needs to be done, or changed, with PoPI (the Protection of Personal Information Act) just around the corner.

Installer selection

So, what does a good biometric (or even a good access control) installer need to know? What questions should the security manager ask to see if they make the grade?

Marius Stoop and Marcel Kooiman from Security & Communication Warehouse say that a sound solution methodology is key to the standard offering. Further, a detailed requirement statement will help clarify the ability to meet the requirement. A good question would be to find out where similar systems have been implemented successfully, as well as:

• Understanding of the terms involved with access control is a good indicator if the installer is knowledgeable in the field.

• All access control systems require a firm understanding of IP networks, hence the installer needs to be able to set up a basic network.

• Operation of the software is easy once the IP setup is complete, if the installer can set the network up, the software training is usually the easiest part of the solution.

Andrew Levell-Smith from Regal Distributors says, “The simplest and most effective way of selecting an installer is to ask for references. Don’t only ask for reference sites, but actually visit them. Quality of installation is largely a matter of taste. Make sure that you like what you see and not only what you hear from others who may have different preferences to you. Ask their previous clients about their experiences.”

Embracing and extending this thought, PinnSec’s MJ Oosthuizen adds that the estate should ask to see the system or product in their own environment. “Enrol two or three users and test it for yourself. Too many products and offerings are made by integrators that work from a datasheet, without realising the true relevance of the product.”

Other issues Oosthuizen raises include whether fingerprint biometrics work in all environments on the estate. Additionally, what is the verification time for a user to be granted access, and what is the longevity, scalability and support on the system?

Selecting the technology and brand

How does one make the decision about which technology and which biometric modality to choose? Every vendor will tell you that their products are fast and secure, which is important, but what makes the technology work in the real world?

“In my opinion, speed and accuracy of the transaction in addition to the quality of the device should be a major consideration for residential estates with many tenants, visitors and contractors,” says Levell-Smith. “It is essential that devices that have international quality certifications, independently tested algorithms that aid in the accuracy and speed of transactions.”

Oosthuizen adds that, whether we like to admit it or not, budget outweighs requirements on many occasions. Considering a vendor requires one to look at the scalability of the system, and the ability to upgrade and grow the system as budget/requirements changes. “The time the proposed system takes for authentication (especially in high traffic or visitor access areas) needs to be considered as well as the longevity of the proposed system.”

Just as reference sites are crucial, so is the ability to develop specialised features the estate may require, note Stoop and Kooiman. “Many advances have been made through development and integration. Some new features, like recording the conversation of a visitor at registration, stored in a centralised database where the visitor can be audited and reviewed, should be considered as valued features.”

They add that access control boils down to three basic flavours:

• Memorised PIN: A very crude and ineffective access control method.

• Card: An intermediate option, card systems provide better security and are easier to install than biometrics, but are not as secure.

• Biometrics: This can be fingerprint, facial, iris scanners and many more. Though difficult to roll out, the system gives excellent security and is easy to use if set up correctly. It is well known that fingerprints are not always viable for all persons, so a mixed biometric/card system is recommended.

Levell-Smith agrees, noting that it is important to note that fingerprints do change as we get older, and even with all the advances in fingerprint technology, there are still fingerprints that simply cannot be captured. “So systems that are able to use multiple token types like cards, PINs and fingerprints should be considered above devices that only authenticate a single token type.”

And as an additional, although (we hope) unnecessary warning, he adds that there is a vast difference in terms of functionality, price and quality between the lower-end devices and top-tier devices. This is clearly evident in the pricing of a biometrics system. The old adage of ‘you get what you pay for’ is certainly apt when considering biometrics devices or systems.

“I would not recommend facial recognition devices for a residential estate until it is a proven method of accurate recognition under multiple environmental conditions. Having said that, there have been some amazing breakthroughs in this method of biometric recognition and it is definitely one to watch for the future.”

When selecting a vendor, Stoop and Kooiman advise that good communication between the vendor and their supplier is the key to a system. Brands that build their own readers and supply their own software are a must, as it eliminates many issues when software or firmware fixes are needed. A good variety of readers is also good, as customers can be very picky about device aesthetics.

Personal information management

When one has made the decision as to which vendor and biometric range to use, the challenges are not over. PoPI has been dragging its heels for many years, but it will eventually become a reality. This means estate managers will be responsible for the way their staff handle personal information – such as fingerprints and other identity data.

Moreover, people are increasingly worried about where and how their private information is stored, notes Oosthuizen. How secure is the data? Where is it stored (on a PC workstation in the guardhouse at the estate entrance)? One needs to ask the question on what the relevance of the requested information is. If there is no live and direct feed to a database to verify details like an ID number, any information, fictitious or real, becomes irrelevant.

Some key aspects of PoPI, according to Levell-Smith, are:

• How is the personal information processed?

• What reasonable measures are in place to ensure the personal information collected is secure?

• What reasonable measures are in place to ensure the personal information collected will not be used for or distributed to any third party?

• What reasonable measures are in place to ensure the personal information collected is only held for the necessary period?

In terms of fingerprints, it is important to ask how the actual fingerprint is processed. Is it possible to recreate the fingerprint from the collected template? Is the actual fingerprint image stored or simply the unique minutia information? Has a reasonable effort been made by the manufacturer to ensure that fingerprints cannot be copied and used on a device to gain access? This is commonly known as liveness detection or ‘fake and live detection’.

“What measures are in place to ensure that the personal information is deleted after a certain period or when the resident moves out?” Levell-Smith asks.

Data encryption and a chain of data custody can address most of the PoPI concerns, says Stoop and Kooiman. Also, the flexibility of the enrolment and management software and process should be able to help manage these requirements.

“The estate should always ask the level of the software’s encryption. Encrypted data is safe data. The estate should also be aware that they need to manage their own passwords and access to the system. It is also recommended that the supplier is not a state-owned company, experience has taught us that the state can and will abuse their access to other people’s systems, the WannaCry scandal should serve as a warning here.”

At the end of the day, selecting a biometric solution for an estate (or anywhere for that matter) is different from selecting a boom for your gate. Not to discriminate against booms, this equipment needs to be able to open and close hundreds or even thousands of times per day in large estates. However, your biometric solution needs to work fast, accurately and the estate also needs to secure the information collected and stored in accord-ance with regulations. Choosing the cheapest solution is not an option. You can always revert to a guard opening the boom if the electronics fail, but if your biometrics and data management fail, you will be compromising your security and your legal obligations.

For more information, contact:

• Pinnacle Security Solutions, +27 (0)11 990 6000,,

• Regal Distributors, +27 (0)11 553 3300,,

• Security & Communication Warehouse, +27 (0)12 653 1005,,

  Share via Twitter   Share via LinkedIn      

Further reading:

  • More than locking the door
    April 2019, Technews Publishing, Salto Systems Africa, ZKTeco, Entertainment and Hospitality (Industry), Access Control & Identity Management, Asset Management, EAS, RFID
    Electronic locks offer hotels far more than simply a more convenient way to manage doors, they can be integrated into a host of other systems and services.
  • Wide-area surveillance on estates, farms and other large properties
    April 2019, Protoclea Advanced Image Engineering, Access Control & Identity Management, Integrated Solutions
    Using the right solution to protect large, open areas can be accomplished with the right technology and planning.
  • Visible light facial recognition
    April 2019, ZKTeco, Technews Publishing, This Week's Editor's Pick, Access Control & Identity Management, Integrated Solutions
    ZKTeco recently expanded its reach in the facial recognition market with the launch of its new series of visible light facial recognition (VLFR) products.
  • Split design hotel door
    April 2019, ZKTeco, Products, Access Control & Identity Management
    LH7500 hotel door locks are the latest models from ZKTeco’s Smart Lock series with elegant designs and support for Mifare cards and the EU standard mortise.
  • Slim hotel door lock
    April 2019, ZKTeco, Products, Access Control & Identity Management
    The LH7000 hotel door lock is the latest from the ZKTeco Smart lock series, supporting Mifare cards and the EU standard mortise.
  • Alastair McPhail joins Jarrison
    April 2019, Jarrison Systems, News, Access Control & Identity Management
    Alastair McPhail has taken the position of national marketing manager at time and attendance manufacturers, Jarrison Systems.
  • Access in the mobile era
    April 2019, Suprema, Products, Access Control & Identity Management
    BioStar 2 Mobile Card offers convenience to end-users by storing biometric information, to function as a credential, in their own smartphones.
  • Facial recognition for hotel efficiency
    April 2019, ZKTeco, Entertainment and Hospitality (Industry), Access Control & Identity Management, Products
    Visible light facial recognition technology has been developed for purposes where high-speed facial recognition at an extremely high level of accuracy is vital.
  • Stop hacking of access control ­systems
    March 2019, This Week's Editor's Pick, Access Control & Identity Management, Cyber Security
    Think someone hacking your access control system not a big deal? Scott Lindley suggests that you think again.
  • Secutel partners with Matrix Comsec
    March 2019, Secutel Technologies, News, CCTV, Surveillance & Remote Monitoring, Access Control & Identity Management
    Secutel Technologies announced it is the exclusive distributor of Matrix Comsec access control products and IP video management software in South Africa. Established in 1991, around 40% of Matrix’s ...
  • Countering the threats of retail ­terrorist vehicle attacks
    March 2019, This Week's Editor's Pick, Access Control & Identity Management, Security Services & Risk Management, Retail (Industry)
    Bollard systems operate individually or in groups and are aesthetically pleasing and let pedestrians move between them in non-roadway applications.
  • Shopping with your face
    March 2019, ZKTeco, Retail (Industry), Access Control & Identity Management
    Facial recognition is being used in many businesses to verify payments, grant access and improve existing security systems.

Technews Publishing (Pty) Ltd
1st Floor, Stabilitas House
265 Kent Ave, Randburg, 2194
South Africa
Publications by Technews
Dataweek Electronics & Communications Technology
Electronic Buyers Guide (EBG)

Hi-Tech Security Solutions
Hi-Tech Security Business Directory (HSBD)

Motion Control in Southern Africa
Motion Control Buyers’ Guide (MCBG)

South African Instrumentation & Control
South African Instrumentation & Control Buyers’ Guide (IBG)
Terms & conditions of use, including privacy policy
PAIA Manual
    Mobile | Classic

Copyright © Technews Publishing (Pty) Ltd. All rights reserved.