Understanding an access control system

November 2004 Access Control & Identity Management

Access control is the management and control of people through secured areas. These areas could be within a building or a group of buildings, or even through a parking lot. Unlike keys and locks, access control defines the times and days of the week that persons are allowed access and provides a record of who went where and when.

Events considered part of a complete access control system may include controlling and monitoring the entry points to secured areas, or reporting doors being forced to propped open.

Access control systems begin with small standalone systems controlling access through single doors and expand to large computer based systems controlling hundreds of doors in multiple buildings from a centrally located host computer.

Access control systems are made up of four basic components; cards, readers, controllers and software.


There are three common types of cards: magstripe, Wiegand and proximity. Of the three, magstripe is the most common due to low price and availability. Although proximity cards are becoming more popular because of ease of use and recent price reductions closing the gap between proximity and magstripe. Proximity availability is still a problem.

Magstripe security cards are plastic cards with a magnetic stripe on the back similar to credit cards. Today's quality security cards use high energy stripes which are chosen over low energy cards (such as credit cards) because they are difficult to accidentally erase.

Magnetic stripes generally have three tracks on which information can be recorded. The security industry standard is to record information on track two.

When you purchase an access control system, the system security cards are commonly encoded for you with the customised coding of the system purchased. If you are changing system manufacturers, check with your new systems installer to see if cards from the system being replaced are acceptable for use in the new system. This is important, especially if photo ID cards are being used.

Wiegand cards are manufactured with tiny magnetic wires embedded in them that form a binary coded card number. When a card is passed through a Wiegand card reader this unique card number is read and sent to the systems controller.

Proximity cards are read when the card is passed close to the card reader. Standard proximity card readers read from distances of 7,5 to 18 centimetres. Other types of proximity readers will read at greater distances (some reach as much as 9 metres) and their price reflects this. Proximity readers are generally more costly than magstripe readers, however, their prices are coming down. Ease of use is the major attractor to this technology.

Card technology

In many instances, technologies may be changed, or even shared within access control systems. For instance, depending on the manufacturer, Wiegand systems may be easily changed over to proximity or magstripe and vice versa by changing out the readers and cards and still retaining the same controllers and software.


Controllers are an important part of any access control system because they control access through the door, monitor alarms and in some cases provide timed control of doors. When distributed processing is supported in a controller, decisions are made at the controller to let cardholders through secured doors from databases downloaded from the computer and stored at the controller. Not only does this make the processing of card data very speedy, but if the computer fails or communication between the computer and controller breaks down, access control will still function at 100% and not in some degraded, reduced capacity mode.


This is the final component to your system. It is the operator interface which can make you comfortable with your systems operation, or sorry that you ever got rid of your keys and locks. This software is where you or your installing company will program your many custom databases into the system. They will set up your cardholder access parameters, define timed automatic door control, map input points to output points, enter phone numbers for dial-up sites, and customise various other 'things' allowing you to take over and manage your system.


This is a feature which sets the well-designed systems apart from the pack. Automation will simplify your system so that operators can spend their time managing the system instead of trying to figure out which controllers get the data for a new or deleted cardholder or making sure that the data being downloaded has been sent to all of the proper controllers. Automation will map input points to output points, not allow controllers to overflow their logging memories, perform downloads when database editing has been completed and not allow excessive telephone calls to buildings with communications problems. Automation provides a 'set it up and it will perform' attitude. It does what you do not want your security personnel to worry themselves about, and it does it exactly as you directed it when you set up your system, every time.


What do I do when I want to expand? This is an often overlooked point in selecting an access control system. In the initial selection process, the ability to inexpensively expand your number of doors, personnel, or alarm points at some future date, often years away, does not seem important; but it is. What if your wildest dreams were realised and you found a need for doubling the number of doors or securing other buildings became important. Planning it from the start, will provide you with your upgrade when the need arises without spending serious money in upgrade penalties.

Specifying your system

At the start, many system planners do not really know what they need. They read the ads and rely on canned specifications from access control companies who only want to sell their product, and thereby lock out well meaning competition by placing 'things' in the specification which their company sells and others do not.

Plan your system to fit your own needs by writing down what you can use today, and try to determine what your future might need. Remain flexible. Do not overspecify unless you do it to satisfy your future requirements; and then use that guideline, 'plan it now, buy it later'. Do not fall for bigger is better, instead fall for inexpensive expansion is better.


Your system, if properly chosen and managed will be of a minimum inconvenience to the people that you are trying to protect. Certain logistical guidelines must be integrated with the physical system for it to run at optimum effectiveness. These guidelines contain such things as not propping doors open, or carrying cards at all times. The most important factor is to communicate the guidelines to the cardholders. This should be done both verbally as well as in written form.


Although price is always on your mind when purchasing a system, think of how you will support your system once it is installed. Do not sacrifice ease of system use or support maintenance for price. Your installing company will educate you on how to use your system. This may be the most critical 'piece' of all! Price is always a consideration when buying a system, but do not let it blind you. What you are really paying for from a company is their knowledge of how to install and more importantly, maintain a quality access control system. Just about any company can pull wire and hang readers. Tying the whole package together and making it work, as well as providing education and maintenance should be a top priority.

David Longworth is president of Synergistics, a Natick, Massachusetts-based company that manufactures access control systems.

Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

Smart parking management platform
Access Control & Identity Management Asset Management, EAS, RFID
Parket builds a seamless bridge between supply and the ever-increasing, but fluid – and often temporary – demand for parking bays.

Visible-light facial recognition terminal
ZKTeco Access Control & Identity Management Products
The SpeedFace-V5L [P] is a visible-light facial recognition terminal using intelligently engineered facial recognition algorithms and the latest computer vision technology.

Facial and palm verification
ZKTeco Access Control & Identity Management Products
The ProFace X [P] supports both facial and palm verification, with a large capacity and rapid recognition.

Glide Master High Security 90° Sliding Gate
BoomGate Systems Access Control & Identity Management Products
Boomgate Systems was asked to make a sliding gate that can turn 90 degrees. The gate had to offer high security and be vandal-proof.

Informing, entertaining and communicating across your landscape
Evolving Management Solutions Access Control & Identity Management
For the first time, the attraction of large shopping malls with many stores, entertainment and food courts no longer offers enough appeal to attract customers.

Suprema’s new BioStation 3
Suprema Access Control & Identity Management Products
The brand new BioStation 3 is not only Suprema’s smallest face recognition device to date, but it also comes packed with the largest variety of features.

Suprema renews international privacy and security standard certifications
Suprema News Access Control & Identity Management
Suprema has simultaneously renewed two important international standard certifications regarding information security management (ISO/IEC 27001) and privacy information management (ISO/IEC 27701).

SuperVision biometric access control
Integrated Solutions Access Control & Identity Management Products
SuperVision is a time & attendance (T&A) biometric access control system Fourier IT has been developing and enhancing for 18 years.

Manage energy usage with Paxton access control
Paxton Access Control & Identity Management Products
Paxton provides access control systems that can integrate with existing infrastructure and manage a building’s energy-consuming activities to save energy and costs.

Why Multi-Factor Authentication, universal ZTNA and Zero Trust matter
Access Control & Identity Management Cyber Security
Malicious cyber actors are experimenting with new attack vectors and increasing the frequency of zero-day and other attacks, according to Fortinet’s 1H 2022 FortiGuard Labs Threat Landscape report.