Table of Contents 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 IBC OBC

SMART Access & Identity 2024

A guide to access control and identity management in a digital world access & iden i y 2024

2 www.securitysa.com Editor’s note................................................................................................ 4 Trends Access & identity expectations for 2024.................................................. 6 SMART Security Solutions asked several industry players for their thoughts on what they expect in 2024. International access manufacturer sets up shop in SA......................... 10 The South African security market can always use some good news, and this year, STid has obliged. What you can expect from digital identity in 2024............................... 13 Lance Fanaroff expects 2024 to be a year where biometrics evolve and important regulatory conversations occur. Access & Identity Round Table Access and identity in 2024..................................................................... 14 SMART Security Solutions hosted a round table discussion with various players in the access and identity market, to learn more about their market experiences and expectations. Mobile Access Control The promise of mobile credentials......................................................... 22 SMART Security Solutions looks at the pros and cons of mobile credentials and their uptake in the market. Eliminate privacy concerns and enhance security................................ 25 Template on Mobile allows users to protect their privacy, while securely accessing corporate facilities and assets. Access in the Cloud Cloud-based access control systems...................................................... 26 The benefits of the cloud are well-publicised, including scalability, flexibility, ease of use, and more. CONTENTS access & iden i y 2024

www.securitysa.com 3 access & iden i y 2024 OUR COVER Information Security Prepare for cyber-physical attacks...................................................................................28 The cyber landscape and how best to fortify your security response. Zero Trust and user fatigue...............................................................................................29 Implementing Zero Trust and enforcing it can create user fatigue, which only leads to carelessness and a couldn’t care attitude. Passwordless, unphishable web browsers.......................................................................30 Passkey technology provides secure and reliable identification and authentication to browsers using unphishable biometric security. Biometrics selection guide................................................................................................31 Access selection guide.......................................................................................................34 Artificial Intelligence AI in 21st century identity technologies..........................................................................40 A condensed version of an IDEMIA white paper that discusses the significance of AI in contemporary identity and security technologies. Biometrics Five common misconceptions about biometric access control......................................46 CDVI looks at some of the most common misconceptions about biometrics. Unleash the full potential of AI at the edge.....................................................................49 Efficient AI algorithms enable companies to make better use of edge access technologies, quickly and reliably. AI-driven identity verification for access control............................................................50 Facial authentication solutions combine advanced AI and 3D sensing technologies with ease of use to create a frictionless, touchless experience. Global Standards An introduction to NIST FRV.............................................................................................54 A white paper from Paravision and HID Global. Integrated Solutions Cloud-based access for finance.........................................................................................56 Combining protection and streamlined access...............................................................56 A new dawn for physical security in Africa.......................................................................57 Prioritising student safety and operational efficiency...................................................58 IP intercoms for Al Erkyah City in Qatar...........................................................................59 Directory of access and identity management suppliers...............................................60 AI disruption impacts us daily. Fraudsters and their machine-learning friends have not been left behind, infringing on our identities and on us as people. Suprema leads with AI, in algorithms and on the edge, to protect our identities while improving already-stellar performance. With Suprema, AI is our friend. A guide to access control and identity management in the digital world access & iden i y 2024

Andrew SMART Access & Identity 2024 LETTERS TO THE EDITOR Letters to the Editor should be addressed to Andrew Seldon at [email protected]. Sending material to this publication will be considered automatic permission to use in full or in part in our Letters column. Be sure to include your name, e-mail address, city and postal code. We reserve the right to edit all letters. All rights reserved. No part of this publication may be reproduced, adapted, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording or otherwise, without the prior written permission of Technews Publishing (Pty) Ltd, Reg No. 2005/034598/07 A division of Technews Publishing (Pty) Ltd Wild Fig Business Park, Block B, Unit 21, 1494 Cranberry Street, Honeydew Tel: +27 11 543 5800 ISSN 1562-952X Editor Andrew Seldon: [email protected] Advertising sales Tracy Wolter: [email protected] Heidi Hargreaves: [email protected] Subscription Services For address changes, orders, renewal status or missing issues, e-mail: [email protected] Subscribe online: www.technews.co.za Design and layout: Technews Production Department Disclaimer While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements, inserts and company contact details are printed as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material. FROM THE EDITOR’S DESK www.securitysa.com Published by Welcome to SMART Security Solutions’ first print publication of the year, the SMART Access & Identity Handbook 2024. In this issue, we cover various issues relevant to this industry, from digital to physical access and convergence between the two – although this convergence is happening at a snail’s pace. As slow as it may be, more people realise the capabilities of using traditional access control for more than just opening a door. Some ascribe this move to the greater involvement of IT people in the access control and physical security markets, which is a reality. However, some blame business leaders and bean counters who always want more from what they have for less. There is also growing momentum toward securing access and identity applications (physical or digital) as part of the general trend of cybersecurity paranoia – justified paranoia. Part of this trend is adopting standards, lacking in the access control industry where proprietary solutions have and are standard. In our round table discussion, Walter Rautenbach highlighted that the adoption of mobile access control (using mobile credentials), while happening, is hampered by a lack of standards – in most cases, you accept lock-in to the company providing the mobile access solutions. However, as mentioned, standards are viewed as something other than critical in access. I discovered this may change as there is a new standard in the works from Europe — NIS 2. While this is a cybersecurity and not specifically an access control standard, it impacts access control installations. Initially, it applies to Europe, but the influence will spread. Sadly, I found out about it too late to write about it for the handbook, but look out for an article in our new Editor’s Choice email news brief in the near future. Securing your secure access I learned about NIS 2 when I learned about SPAC (courtesy of STid). The Smart Physical Access Control (SPAC) is an alliance or organisation, again born in Europe, designed to “federate Europe” and is worth having a look at https://en.sp-ac.org/. There is a download link to a NIS 2 guide on the site. There will also be an article coming up on the SSCP standard, which seems to be an even more secure and valuable protocol than OSDP — not that OSDP has been adopted everywhere. We also include an HID article (shortened) about the NIST facial recognition test and what it means in simple terms. It is an interesting read for those making decisions about which facial biometric they should choose – or, I should say, those who do not make decisions based on who offers the cheapest reader. I hope the handbook is of interest to readers. If you have any comments or criticisms, please feel free to let me know at [email protected].

6 www.securitysa.com Access & identity expectations for 2024 SMART Security Solutions asked several industry players for their thoughts on what they expect in 2024. What does 2024 have in store for the access and identity industry? According to the participants in our round table, 2023 was a challenging year for the industry, but a good year as things eventually got back to normal after the pandemic panic. Does that bode well for the year ahead? Will the economy keep crawling along, or can we expect problems, given the political and social challenges here and globally? Are end users ready to adopt the latest technology and extend the value of identity to other areas of the business world, or are we stuck opening doors? SMART Security Solutions asked several industry players for their brief thoughts on what they expect this year. Tarryn Fortune, Inland Business Development Manager, Gallagher Security Over several months, the Gallagher marketing and research teams surveyed end users, channel partners and consultants worldwide to discover what is on the horizon for 2024 and the emerging trends impacting businesses and their security priorities. The security industry has been moving toward a digital change for years, and from what we have learned from our channels across the globe, that change is about to take off. The year 2024 will be a year of escalating transition. Gallagher is focused on the following topics for 2024: • How cybersecurity is affecting budgets and spending going into 2024. • The key integrations end users are prioritising. • How businesses are dealing with staffing and skills shortages. • Why are end users and channel partners at odds with cloud deployment? • How data reporting is changing how businesses use security systems. There is an increasing recognition by channel partners that transitioning to cloud-based solutions is inevitable, but end users are slower to prioritise their adoption. Those who plan to deploy cloud solutions anticipate incorporating them as part of a hybrid deployment strategy with their organisational systems, with minority planning on an all-cloud environment. With a wealth of data at their fingertips, end users are beginning to see the operational benefits hidden within their security data; however, many cite the complexities and time consumption of data collation as significant barriers to extracting trends and insights. There is a growing need for a ‘single pane of glass’ approach to simplify security data management, and many users are hoping AI tools will help speed up the process and reduce the burden on human resources in the near future. There is a real and growing need in the market for the collation, reporting, and analysis of data to aid in decision-making, identification of trends and anomalies, and predictions of vulnerabilities within organisations. Tarryn Fortune. Lumard Groenewald. Continued on page 8 TRENDS

Smart, secure, innovative and easy to install and retrofit, the SALTO electronic smart door locksets need no hard wiring and provide a totally wire-free smart electronic locking solution. Complete mobilecompatible and keyless entry electronic cylinder. Universally compatible cylinder replaces your existing cylinder and fits any door with unlimited models options. Smart keyless access to storage space for mid to large size locker installations requiring a comprehensive locker management solution with maximum convenience and realtime management. Built to withstand all access needs, the Neoxx Padlock series offers a unique solution to control specific doors like gates or storages, without losing a piece of convenience and control. Powering impactful sustainability, technology, products and solutions, while delivering an enhanced user experience, SALTO smart acess solutions are in use worldwide in a never-ending range of challenging and unique applications and facilities. Next-generation access control technology in a proven market solution. SALTO makes smart access possible on any door – however unusual. Convert any door into a fully-featured smart door. saltosystems.com Let’s stay connected with @SaltoSystems - www.saltosystems.com XS4 Original Neo Cylinder Gantner NET.Lock Neoxx Padlock Electronic Locks Electronic Cylinders Smart Locker Locks Electronic Padlock

Continued from page 6 Surveillance is the top integration priority for end users who repeatedly identify video as the most needed addition to their current system, with plans to invest in these solutions now and into the year. Lumard Groenewald BDM SA LTO Systems Africa As SALTO Systems is synonymous with innovative solutions, we expect some of our existing product platforms to grow an even stronger market presence with exciting new additions to feature in 2024. The continued widespread shift to cloud-based access control with cloud-based systems’ convenience, scalability, and cost-effectiveness is driving adoption across various sectors. SALTO will likely see this trend continue, leading to increased demand for its cloud-based access control solutions. SALTO Homelok is SALTO’s new cloud-based smart access solution that offers managers and owners a convenient and secure way to control access, improving security across all types of residential properties. We also expect to see a growing focus on mobile credentials as smartphones become increasingly ubiquitous, and we therefore expect the use of mobile credentials (e.g., NFC, Bluetooth) for access control to gain further traction. This aligns with our existing mobile app offerings and focuses on user convenience. Thanks to SALTO’s BLUEnet Wireless technology, SALTO launched t he wireless BLUEnet door controller series that provides a smarter and more flexible alternative to traditional access controllers. There is no need to replace wiring, which reduces installation expenses. Its universal SALTO compatibility allows it to seamlessly integrate with any access point designed to manage automatic door systems and access point connections (input/output), which optimises cabling. SALTO’s BLUEnet Wireless online and SVN-Flex capabilities deliver cost-efficient access control that extends security to non-door openings and doors that would otherwise be too difficult or expensive to secure. SALTO provides a range of wireless electronic access control devices that will become the norm by replacing the conventional controller-based wired access control in some cases, providing more flexibility and cost savings on installation, cabling, and unwanted routing. Andrew Levell Smith, Senior Product Manager, Regal Distributors SA The current trends in access control are moving towards a more integrated and secure approach. This includes the convergence of physical and cyber security, implementing a zero-trust model, and using AI and machine learning to manage and analyse access rights and trends. This allows for dynamic adaptation of threat levels and access policies. Hybrid management models are being used, including Access Control as a Service (ACaaS) and on-premises solutions. Mobile credentials are becoming more prevalent, with mobile phones or wearable devices used for access control. Multi-factor authentication is also being implemented, requiring multiple forms of identification for access control, such as face recognition and licence plate recognition (LPR). System amalgamation or unification is another key trend, integrating various systems for a more streamlined approach. In summary, access control is evolving from a balance between convenience and security to a model that is both convenient and secure. This is achieved by unifying physical, logical, and cybersecurity models, allowing for access anytime, anywhere, by anyone, under a zero-trust model. TRENDS

www.cdvi.co.uk 0800 014 506 [email protected] Powerful, reliable solutions Unrivalled tech support Johlene Selemela, Public Relations Officer, ZKTeco South Africa In 2024, the access and identity management landscapes will witness several transformative trends that shape the way individuals interact with digital systems, with ZKTeco at the forefront of biometric technology. The significant transformations driven by emerging technologies and evolving security needs, have pushed organisations beyond traditional security measures. There is a growing emphasis on biometric authentication methods, such as facial recognition and fingerprint scanning, to fortify access controls, contributing to a shift away from traditional password-based systems. Additionally, the integration of computer vision, artificial intelligence (AI), and machine learning is becoming more prevalent in access management, enabling organisations to proactively detect and respond to security threats by analysing user behaviour patterns. The rise of passwordless authentication methods, like multi-factor authentication, is streamlining user experiences while fortifying defences against unauthorised access. Overall, the access and identity space in 2024 will be characterised by a harmonious blend of cutting-edge technologies and robust security measures. These trends collectively reflect a dynamic shift towards more robust, intelligent, and user-centric access and identity management solutions. It is all about ensuring that it is mart, safe, and easy for people to use. Nicolas Garcia, VP of Marketing & Sales Enablement, Smart Biometrics, IDEMIA The top trend in 2024 will be contactless biometric technologies, AI, and cybersecurity. 1. Demand for facial recognition and contactless fingerprint solutions will continue to grow due to factors such as convenience, security, hygiene, and performance. 2. AI will have a growing importance in the market, especially as it helps boost performance even higher, and improve enrolment quality and identification capabilities. Neural Processing Units are used to multiply the processing power, while remaining affordable (like the VisionPass SP). 3. The need for cybersecurity will become stronger as criminals also use AI to boost their operations. This will be reflected in new regulations being passed worldwide, starting with North America and Europe with, for instance, the Cyber Resilience Act. Due to the complexity of cybersecurity, manufacturers must do their bit and make securing the solution easier, and that is why IDEMIA now embeds ‘Security by Default’ in all its products. This ensures the right level of protection without hassle for the customer. Andrew Levell Smith. Johlene Selemela. Nicolas Garcia. TRENDS

10 www.securitysa.com International access manufacturer sets up shop in SA The year 2024 started with a new wind blowing through the access control industry, with STid Security formally entering the South African market. STid has set up its office and product showcase within the Boomgate Experience Centre in Roodepoort, Johannesburg. The launch team, comprising John Lakin and Jethro Lakin, bring extensive STid knowledge and consistency of messaging to an industry hungry for knowledge and keen to challenge the status quo. STid is a family-owned business, founded in 1996, and it differentiates itself from the competition by placing the customer at the centre of every decision. Its staff are employed with this philosophy at heart, and this ensures the ‘family’ unit is complete. Customers and partners first Messages from company CEOs always seem a little contrived and are written with shareholders and the media in mind. The following paragraph is an excerpt from the CEO of STid, Vincent Dupart. John Lakin feels this best summarises what STid stands for, “In addition to the functionalities of our products, our corporate culture is what makes STid a recognised market leader. Our company’s growth is based on our commitment to putting our partners and clients at the heart of our strategy.” “Our partners particularly appreciate our customised support and desire to develop open and non-propriety solutions. Our business is built on the trust we have earned from our partners as we provide them with the right solutions, letting them stay in charge of their security, processes and industrial flows. It is how we fulfil our mission while promoting reliability and user-friendliness in the digital world. We are happy and proud to share it with you every day.” Jethro is based in the experience centre, where the facility provides the opportunity to see the entire portfolio of products in a tradeshowtype environment and then try the readers in the real world on booms, turnstiles, speed lanes and doors. This flexible approach enables integrators, end users and consultants to gain something from their time within the facility. John is based in the Cape and claims to be very busy. Product portfolio STid’s entire portfolio offering is completely open protocol and is based on DESFire EV3 technology, providing 128-bit AES encryption, which is standard and has an entirely scalable security offering. The openness extends to all the tools with open APIs and SDKs for those clients looking for more. Awards typically follow innovation, and the Architect range of readers, and its brother, the Spectre Nano, have won more than 20 international awards for their design and performance excellence. (See sidebars for more information.) STid’s innovation extends to communication protocols with Wiegand, OSDP and SSCP all being available across the entire range. Security built-in STid is the first RFID manufacturer to have received First Level Security Certification (CSPN) and offer access solutions compliant with European personal data protection (GDPR) regulations. All public encryption algorithms (3DES, AES, RSA, SHA, and more), which are recommended by official data security agencies (such as the French national agency ANSSI), can be used. Cards are not dead The demise of PVC in the access control industry is over-reported, and its presence will loom over us for most of our working lives. What is true is that the alternatives are very much alive The South African security market can always use some good news, and this year, STid has obliged. Continued on page 12 TRENDS

I I Nmnberohirtual&ocessca«J3 Pre<entyoursmartph<>n<!t<>thereaderoru..,another i<18!1tificati0<1mode Saflec Systems Access and time management solutions Phone, CH IT= CT® aLue ■ I Interested in learning more about the exceptional range of STid equipment and the bespoke solutions from Saflec Systems? Connect with us by contacting STid [email protected] or Saflec Systems on [email protected] or +27 11 477 4760

12 www.securitysa.com STid product range in brief STid’s Architect range With its range of Architect readers, STid has created a blend of high security and upgradability. This is the first modular range of secure RFID, NFC (HCE) and Bluetooth readers, offering flexibility and simplicity. Architect readers are based on an intelligent RFID core (Bluetooth optional) to which various interchangeable modules are connected: card reader, keypad, touch screen, biometric fingerprint sensor, 1D and 2D code reader (QR Code) and 125 kHz reader to facilitate your technological migrations. This straightforward and cost-saving modular approach lets you autonomously manage the security of your access points. The concept offers greater availability and services, while optimising your inventory by reducing the number of parts needed by 40%. STid’s Spectre range Spectre Nano facilitates access control for vehicles and drivers with different profiles (visitors, employees, tenants, etc.) thanks to multiple identification technologies. Passive UHF technology: The reader provides UHF identification up to 6 m. The passive credentials (without battery) require no maintenance and have an unlimited life span. and kicking and probably offer real, real-world options for the very first time. Biometrics have led this charge for many years, and now they have a partner in crime in the shape of virtual credentials which live within smartphones. Virtual credentials, using Bluetooth and NFC, have flexibility and compatibility and can bridge the pricing gap between traditional RFID options and complete biometric offerings. Configurable Bluetooth provides much longer read ranges, while maintaining complete security integrity. Stid’s policy of transparency in performance, communication security, and pricing enables the customer to calculate a true cost of ownership with no licensing fees, hidden charges, or pay-to-use features. One payment and the whole solution is yours for life. For more information, contact STid, Jethro Lakin at [email protected], John Lakin at [email protected], www.stid-security.com Bluetooth smartphones: The reader offers many identification modes – long distance, hands-free or proximity - to make your access control both secure and instinctive. Spectre Nano is fully integrated into the STid Mobile ID ecosystem, allowing users to use their virtual card for parking and pedestrian access. Mixed identification: Spectre Nano reads heterogeneous identifiers: • The virtual card for smooth management of visitor and employee access. • The UHF windshield tag for tracking vehicle fleets. • Both simultaneously for vehicle and driver identification. The reader benefits from the highest levels of security, guaranteeing the authenticity and confidentiality of data, using encryption methods recognised and recommended by independent organisations (ANSSI, FIPS, etc.): • Encrypted/signed credentials to ensure anti-cloning and antireplay protection. • EAL5+ certified key storage. • Self-protection function to erase security keys. • Secure end-to-end bidirectional communication using SSCP and Open Supervised • Device Protocol (OSDP) protocols. Continued from page 10 TRENDS

www.securitysa.com 13 access & iden i y 2024 As biometric identity becomes a central tenet in secure access to finance, government, telecommunications, healthcare services and more, 2024 is expected to be a year where biometrics evolve and important regulatory conversations occur. Here are some trends we believe will shape the biometric identity market in the coming year. 1. Behavioural biometrics Cybercriminals are increasingly weaponising generative AI tools to spoof human images and voiceprints used for identification at scale. These tools are growing more accessible, with professional criminals strengthening deepfake and bot attacks, and amateurs sourcing fraud-asa-service kits on the dark web. Essentially, AI is able to define and replicate one of the strongest defences companies have had against crime in the past; authenticity. How do we get one step ahead in how we discern a genuine human interaction from a fraudulent one? 4D liveness facial biometrics is a safe and foolproof solution to this challenge, but additional, complementary solutions are entering the market. For example, biometric systems that authenticate users with real-time data such as typing patterns, gait analysis or voice recognition could offer enhanced security that does not require consumers to conduct any authentication actions. Take the case of behavioural biometrics, which analyses a user’s digital, physical, and cognitive behaviour to distinguish whether the person behind the screen is a legitimate customer. A genuine user, for example, enters information in a particular manner. This pattern in human activity is increasingly being identified and analysed through machine learning, aiding in discerning whether an online activity is being driven by a human, or is part of an automated attack. 2. Ethics and privacy in biometrics As biometric data becomes the dominant form of identification, necessary conversations about the ethics of biometric data collection and usage must occur. Consumers are rightfully concerned about how data is being used and if, for example, their identifying features could be used as part of surveillance. If used unethically, biometric tools Lance Fanaroff. What you can expect from digital identity in 2024 By Lance Fanaroff, Chief Strategy Officer, iiDENTIFii. Lance Fanaroff expects 2024 to be a year where biometrics evolve and important regulatory conversations occur. could exhibit biases towards certain population groups or misidentify individuals, leading to, for example, wrongful incarceration. Regulating the biometric space is becoming an issue of national urgency for many governments. The UK government, for example, has recruited new advisors for its Biometrics and Forensic Ethics Group (BFEG), which is responsible for defining how biometric data, forensic material, and large data sets are used in machine learning. In the US, the Department of Justice is creating a board on AI’s ethical and lawful use, including biometrics. What biometric companies should be doing is to save the biometric data used as part of the face identification process, as a reference template. A reference template refers to a set of ones and zeros that match up to what our system deems a user’s face to look like. This cannot be viewed by the naked eye or used by any technology other than the biometrics company itself and is thoroughly protected. 3. Biometrics in the Internet of Things (IoT) The Internet of Things refers to interconnected devices with sensors, processing ability, and software that connect and exchange data with other devices and systems within a network. This results in simplified daily processes for consumers. For example, a smart home in which manual tasks are automated, or a telematics device that measures your essential health data and communicates it with your health insurance provider in return for more accurate risk assessment. As more processes are automated, and more data is shared, a wealth of information needs to be protected. This offers a prime opportunity for biometrics to secure access to various IoT systems and devices. 4. Biometrics in healthcare While banks, telecommunications companies and financial institutions have been exploring the possibilities of biometrics for a long time already, insurance companies, pension funds and employee benefits agencies are investing in biometrics in response to growing threats. A fascinating and essential application of biometrics is in healthcare; from patient identification and access control, to monitoring and managing health data. Biometrics could extend healthcare beyond traditional settings such as hospitals and doctors’ rooms, enabling efficient and secure remote diagnosis and electronic prescriptions. These interventions could revolutionise a sector that is hindered by a maze of logins and fragmented data. Biometric identity could even improve access to healthcare services. For example, Ethiopia’s Ministry of Health has partnered with its national identity programme to integrate the Fayda digital ID with its healthcare sector. This will serve as a patient registry while supporting national health insurance schemes, employee and professional licensing, and the sharing of health records. Kenya has recently announced a biometric vaccination program pilot for newborns, and Rwanda is considering introducing biometrics to ensure that all children participate in routine immunisation campaigns. In conclusion, the technology and ethics discussions around biometrics continue to evolve, resulting in biometric systems that consumers can trust. Ultimately, biometric identity can be a tool for empowerment, especially in Africa. As seen in these use cases, the more people use biometrics, the more they will be empowered to use their biometric identity to access and expedite other critical services such as voting and healthcare, or to protect their savings and data. I believe that in South Africa, we have the technology and the skills to catapult our services far beyond the status quo. This could result in greater protection against fraud in our country and serve as a catalyst for unprecedented growth. TRENDS

14 www.securitysa.com Access and identity in 2024 SMART Security Solutions hosted a round table discussion with various players in the access and identity market, to learn more about their market experiences and expectations. By Andrew Seldon The end of 2023 saw SMART Security Solutions hosting a round table discussion with various players in the access and identity market. The focus of the round table was to find out what the participants experienced in the market over the last year, as well as their expectations for 2024. While 2023 was a good year for most, it was also a tough year with no shortage of challenges. Looking ahead, 2024 looks to be much the same, with some people expecting significant changes in the market going forward. An interesting occurrence was that, while we had a list of questions we thought would be pertinent to the discussion, the participants took the discussion in other directions as they started to discuss issues among themselves. It became obvious that there was more happening in boardrooms in South Africa than merely technology. Our participants were: • Wouter Du Toit, Business Development Manager – Africa, IDEMIA. • Tarryn Fortune, Inland Business Development Manager, Gallagher Security. • Walter Rautenbach, MD of neaMetrics (Suprema distributor in Africa). • Ilze Blignaut, Regional Sales Manager, HID Global. • Kirby Rae Russell, Regional Sales Manager, Enkulu Technologies (Gauteng region). • Martin Meltz, Manager: Sales Channel, Ideco Biometrics. Starting, we asked everyone to briefly summarise their experiences of 2023 in the access and identity market. While all the participants operate in South Africa, many (if not all) are also involved further up into Africa and include this broader perspective in their summaries. IDEMIA’s Du Toit says that while 2023 was a challenging year, it was a good year, and things seem to eventually be getting “back to normal” following the economic disruptions of the pandemic. He says that the driver behind IDEMIA’s efforts and the new products it will release in future is security. While this may come across as an obvious statement, he explains that it is more than just access and identity. Security permeates everything the company is doing, securing their systems and solutions from the many threats electronic systems face today – software, hardware, communications, etc. Additionally, facial biometrics is a focus area and has become a standard in many companies, many of which are staying with the touchless approach to access. Gallagher’s Fortune agrees that it had been a demanding year, but notes that business improved as the year went on, with more business coming in after a slow start. The business is not only with existing customers and projects, but also with new opportunities as the market picks up. Once again, facial biometrics is a key area for the company. Still, Fortune notes that one of the biggest challenges is educating the market and helping people understand the potential benefits of facial technologies and the risks of cheaper products that look good but carry significant risks. The market is also demanding more from vendors and integrators. Sales are more focused on the solutions they deliver and the return on investment (ROI) than the technology. Providing value is vital, no matter what products or technology is on the table. Rautenbach says neaMetrics is also experiencing a turnaround as more projects get off the ground, and that the company takes a ACCESS & IDENTITY ROUND TABLE

www.securitysa.com 15 access & iden i y 2024 different approach to its distribution business in that it customises the technology for customers and also makes sure the products it supplies work in the African context. Facial recognition is, again, a growing area for the company, but he sees interest in mobile credentials expanding as well as a more significant focus on privacy issues than ever before. HID’s Blignaut believes 2023 was the busiest year she has experienced in her four years at HID, with more “getting out into the market” than before. Following the component shortages as part of the supply chain challenges in the past few years, which HID could deal with through its scale of operations as part of ASSA ABLOY, stock levels are back to normal now, and the focus is on delivering orders on time, which has been challenging as HID posted excellent growth in 2023. She also says there is a focus on education, letting the market know about different credentials and options for the access and identity industry, as well as the issue of security – which credentials are secure and which are best for various scenarios. The education drive will continue in 2024 with the added component of explaining why cheaper is not always better. Enkulu’s Russell agrees that 2023 was a good year, and the company posted solid growth over the year while also noting the challenges of juggling time between the various aspects of the industry, which is constantly evolving. Once again, the education of partners is key for her, helping people understand the changes in the market and what solutions are appropriate for their projects and customers. Building trust in the market is also critical to doing business and creating long-term relationships. Meltz from Ideco Biometrics also ranks 2023 as a good, but challenging year, as it assists partners in making decisions in the identity space. Once again, educating the market is critical for Ideco, not only in terms of helping integrators and installers deliver quality work for their customers, but also in terms of understanding what they are installing and the technology’s full capabilities. Security in its broader context is also part of the company’s focus as even a simple access control reader becomes part of the wider IoT infrastructure companies are implementing – even if they do not see it as such. Interestingly, Meltz notes that many microtrends have been popping up in his customer base in the recovery from the COVID-19 period. Companies are not looking at technology for technology’s sake, but are more closely examining what they have to get more out of their existing solutions and to be more critical in deciding what they may additionally require. While facial recognition is also a key element of Ideco’s work, Meltz says many people are working on innovative identity solutions, and more are including mobile credentials in their plans. The need for education As seen above, educating partners and end users is a crucial principle for access and identity companies today. These firms want to provide facts that allow customers to discern why the cheap brand that looks like it does the same as a premium brand (opening a door is opening a door, after all), is not the same. When the customer needs to know that only authorised people can open the door and someone holding up a colour printout of a picture or an image on their phone cannot, things get a little more complicated. The essential aspects for the buyer to consider are the reliability and capabilities of the technology (including False Acceptance Rates and False Rejection Rates), what integration capabilities exist, and, above all, the system’s security. The term security is a catch-all that includes the software, firmware, privacy protection, connectivity, physical installation, and more. Meltz says that buying something ‘good enough’ is a poor investment as one needs to buy for the future, making sure the systems you have can adapt to whatever may be required in the future. The sudden need for touchless access control when COVID -19 hit was a prime example of needing solutions to meet an unforeseen need – although a pandemic is not something one can plan for. Fortune agrees, noting that one must, for example, explain how the algorithms work in tier-1 products and how they can be integrated and expanded beyond simply opening the door. This is key to delivering value and helping users and channel partners understand the return on investment they can obtain beyond merely opening a door. According to Du Toit, this is where educating channel partners is all the more important, as the manufacturers do not have enough feet on the ground to assist every end user in their decisions. IDEMIA is focused on providing accurate information and training to its partners to ensure they can sell viable Martin Meltz. Kirby Rae Russell. Wouter Du Toit. Continued on page 16 ACCESS & IDENTITY ROUND TABLE

16 www.securitysa.com and value-adding solutions to their customers, assisting them in knowing what they need and what they get, and that the products have a future roadmap that caters to any new requirements or market changes. According to Russel, it is about “asking the right questions”, helping clients understand their requirements correctly and then looking at what products they need. When it comes to quality and longevity, it is also about comparing products on the same level with the same capabilities, instead of just looking at the price tag. She notes that high-end products may cost more, but the user is also buying the assurance of long lifespans, and that warranties will be honoured (and that the company will be around in a year or two) as well as an investment in efficient support services. The challenge in educating the user channel and community is that sales cycles are longer as clients want to be sure that they get value for the long term if they pay for higherend products, adds Rautenbach. He says most tier-1 companies bring out new products every year, so after a long and drawn-out sales cycle, there are often newer technologies that would suit the client’s needs better, but they have just been through a procurement cycle for the previous range of products. While the low-cost products are always a stumbling block, he says the move to Software as a Service (SaaS) is a positive move for reliable technology. SaaS providers are not paid for the hardware in one big payment, but rather sell their services for a monthly fee where they recover their investments over time. Using poor-quality products significantly increases these companies’ support costs due to frequent callouts, leading them to opt for better products they can rely on for longer. A natural consequence of buying tier-1 products is that customers, whether users or channel partners, expect better service and more support from their manufacturers. Blignaut says this is where making it easy for people to obtain recognised certifications, whether in sales or technology, is key. Having a range of recognised courses online allows people anywhere to obtain a certification. It assures them and their employers that they know what they are doing in their field. Companies that cut their margins to the bone have to make up for the loss in some way, and this is often experienced in poor support and technicians who are not trained and certified correctly. The rapid development of software, something HID is focused on, also allows users to use their access and identity products for more than door opening and closing. Not only does this expand the scope of the technology, but also what integrators can offer to the client to increase their revenue. All the companies on the round table have online training and encourage their installers and integrators to ensure their staff are certified and remain certified whenever new hardware or software is released. While doing business through the channel is the norm, most appreciate being able to deal with customers directly (with partners) and assist them in asking the right questions. This permits them to focus on a specific project, for example, and assist in determining the optimal solution out of all the available options. The importance of services Another point a few of the participants made is that of supplying services. There are many benefits in selling services, such as the obvious need to obtain some form of recurring revenue – since selling quality products means it takes a long time before the client needs to buy new products. In addition, it also allows the manufacturers to provide some form of quality control when installations are done and will enable them to expedite solutions to unforeseen challenges quickly. Services also allow these companies to retain the end user as customers (without bypassing the channel) because they will be available with the relevant skills should the installer or integrator not be around in a few years, or when the required skills, both technical, design and project management, are lacking. This customer-centric approach is not always about revenue; however, when a problem arises, the user often sees the brand name and associates the issue with the brand, not the installer. If the manufacturer can’t jump in and resolve the situation, the brand is damaged. An integrator can always switch brands, but the manufacturer is not that lucky. Services are more important in the era of digitisation, especially as digital credentials such as mobile credentials are adopted. While an overused buzzword, digitisation takes access credentials (mobile and visual) beyond the door to a host of other functions, whether logging into a computer or making payments at vending machines and so on. This opens the door for identity solutions beyond access control, but also requires a more serious focus on the security of the whole process, from start to finish. Just as the IT world tries to secure all parts of its infrastructure, from the endpoint laptop to the servers and databases, identity-enabled functionality requires security to ensure that Ilze Blignaut. Walter Rautenbach. Tarryn Fortune. Continued from page 15 Continued on page 18 ACCESS & IDENTITY ROUND TABLE

18 www.securitysa.com there are no weak links in the process, from the reader to the server or cloud systems – and every point in between. Rautenbach adds that we often automatically associate the term ’services’ with the cloud. While the cloud makes many services possible and efficient, it does not always have to be a cloud-based solution. Cloud is available, but many companies in South Africa are still somewhat nervous about keeping their data on ‘someone else’s computer’. Returning to return on investment The services required in digitising companies go beyond physical security and require the ability to design and integrate a variety of products and technologies (there is a big difference, says Blignaut, between integrating and interfacing). This provides integrators and manufacturers with additional value streams but also demands a broader skillset than simply using their own products. Fortune adds that, while Gallagher or any other vendor, wants to differentiate themselves and get customers to use their products, integration beyond security is where they can add value and demonstrate a greater return on investment. So, while one wants to have the access and/or perimeter managed from a single interface, the ability to pull in other systems – HVAC or power consumption, for example – and manage them from the same interface is vital. This leads to an ideal situation where, once a person gains access to the premises, the lights and air-conditioning in their work area will be activated to ensure they are not consuming power when nobody is there. The same automated routines can be used to power office systems (a printer, for example) when people are there using them, deactivating them when they are not required. These additional integration services offer more to the integrator and vendor and save the customer money while improving the ROI of what used to be just an access control system. While this sounds good (and profitable), Meltz notes that the adoption of solutions like this is slow; very few companies are looking beyond the siloes of functionality, possibly because job descriptions are still siloed, and physical security, IT and facilities management staff have to tiptoe around each other so as not to be seen as intruding. Innovative business processes that incorporate these features are rare. Du Toit agrees, noting that only a few organisations are thinking in this manner, adding that one of the reasons is the lack of knowledge of what can be done and the skills to make it happen. This is where consultants should educate their clients, but most of them have an engineering background and need to be better versed in the possibilities of a digitised world. The migration is, therefore, slow. This raises the question of who will assist companies in leveraging the many benefits of digitisation. There is some movement, however. Rautenbach says IT departments are getting more involved in access control (and physical security in general), and they have a better understanding of the potential of digitisation and have “started asking questions” around integrated solutions – with an eye on improved ROI. Until now, their interest has not evolved into a drive to make it happen as other parts of their organisations are focused on different areas. A move to mobile? There are endless promotions and articles around mobile credentials wherever one goes; enough to make you think having access credentials on your phone is the standard globally. Of course, this is not the case, and mobile credentials, while growing, are not threatening the existence of cards or biometrics – not yet, anyway. Mobile credentials have obvious benefits, from having all your access credentials on your smartphone and being able to provision or de-provision access in real-time – which is great for visitor management and allowing contractors access to a site between certain hours for a specific number of days, etc. And, probably, the most significant benefit is that people rarely forget their phone at home, and most of us don’t leave home without being sure our phones have the required battery power for the day. (It’s worth noting that in countries where Google or Apple Wallets are available, credentials stored in the wallets will still open the door, etc., even if the battery is dead. Users must, however, note that Apple Wallet, for example, might not be available globally, and there may be an extra charge to activate the credential in the wallet.) Du Toit warns that many customers expect mobile credential usage to reduce costs and are often disappointed when that doesn’t happen. When it comes to costs, while the initial purchase costs may be higher, Blignaut notes that when comparing the ROI over time, the initial, higher cost and annual fees can pay for itself in three to five years. Another benefit of using mobiles is privacy. Many privacy laws are being enforced or, at the Martin Meltz, Wouter Du Toit, Walter Rautenbach, Kirby Rae Russell, Ilze Blignaut, Tarryn Fortune. Continued from page 16 Continued on page 20 ACCESS & IDENTITY ROUND TABLE

RkJQdWJsaXNoZXIy MjEzMjU=