Dispelling myths from the past

Access & Identity Management Handbook 2012 Access Control & Identity Management

Gary Chalmers asks if the access control playing field has changed.

Access control has always been a key priority for business. Securing premises, people, possessions and property (the intellectual kind especially) is a non-negotiable requirement that companies overlook at their peril, a requirement around which an entire business sector has grown.

But has the playing field changed? Are the myths of the past holding back the solutions of the future, allowing unscrupulous market players to drive ageing products out to uneducated consumers? The answer to these questions, I believe, is a loud and resounding Yes.

Biometrics is a relatively new player on the security scene, and many people do not realise that the initial systems had significant weaknesses which, when combined with the legacy systems in place, resulted in today’s overly complex solutions.

Originally, security systems were designed around card-based readers, where the intelligence lay in the back-end controller. The better systems linked card readers to controllers in the ceiling which acted as a kind of digital doorman. Requests from readers are passed to the controller, which in turn passes these requests on to the server for verification. The server’s response is returned to the controller which, depending on the result received, would send the signal that releases the door. This meant that taking the card reader off the wall and trying to short circuit the cables had no effect whatsoever on the release of the door – you would need to have a ceiling breach in order to reach the cables that actually triggered the release signal.

When biometric readers first came onto the scene, their communication in a standalone mode was a direct, unsecured electrical pulse sent directly to the relay itself. The little-known yet terrifying flaw in this design is that you can bypass the average biometric device by removing it from the wall and shorting out the correct lines on the signal wire.

To avoid this situation, most security companies use biometric readers as nothing more than fancy card readers. Sitting behind the biometric reader is a connection to a controller in the ceiling, which still talks to a back-end, centralised system, and then sends a signal to the door to release based on the rules in its database.

The biometric reader is, in this case, a dumb terminal that resolves a fingerprint to an identity and sends a card number to the controller using a standard communication protocol called Wiegand.

The issue with this type of design is that it is mostly just smoke and mirrors: using old technology with a new front end to convince customers it is a modern solution. The result is a costly, highly complex solution which has multiple points of failure and requires high-value service level agreements and skilled personnel to maintain.

Modern solutions

With the advances in many biometric systems today, the need for this whole back-end system – and the separate door controllers – is completely redundant. Myth debunked.

Most modern readers have secure, encrypted communications to the relays while running the intelligence they need to deny or grant access internally, only using a back-end database for complex instructions when required. Many companies will tell you that not using a back-end controller means a lack of control, inability to do accurate anti-passback, and reduced security overall.

The truth, however, could not be further from this myth. All the features of the older systems are available with most of the new biometric systems, but without any of the additional overhead in terms of cost or maintenance. By removing the back-end system and the controllers from the equation, products are able to provide a significantly lower cost-per-door than the legacy systems, which is the true comparison a user should be making.

Many companies make the mistake of comparing one biometric reader’s price to another, without understanding that while the more intelligent readers may be similarly priced, or even more expensive than older technology, the overall cost per door is significantly reduced when you factor in the additional costs of the controllers and the back-end system on the legacy product.

Next generation biometric products offer simplicity over legacy systems, which translates to significant cost savings on purchase, support and maintenance of the system. In addition to this, the simplicity of use from an internal maintenance point of view results in system performance increases.

There is simply no reason anymore to tie an organisation into a single legacy system which has a limited life span, despite what the guys in the designer suits say.

For more information contact iPulse, 0860 IPULSE, [email protected], www.ipulse.co.za



Credit(s)




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

A platform for access and identity at Securex 2025
Securex South Africa Access Control & Identity Management Facilities & Building Management
South African companies involved in supplying access control technology, security services, and data management are well-positioned to tap into the expanding access control market at Securex 2025.

Read more...
Background checks: risk levels and compliance
iFacts Access Control & Identity Management Security Services & Risk Management
Conducting background checks is a vital step in the hiring process for employers or when engaging service providers; however, it is crucial to understand the legal framework and regulations governing these checks.

Read more...
Insurance provider uses Net2 For access management
Paxton Access Control & Identity Management Integrated Solutions Healthcare (Industry)
BestMed selected Paxton Net2 for its access control requirements because of its simplicity of installation and ease of navigation for end users, as well as the 5-year warranty.

Read more...
Identity is a cyber issue
Access Control & Identity Management Information Security
Identity and access management telemetry has emerged as the most common source of early threat detection, responsible for seven of the top 10 indicators of compromise leading to security investigations.

Read more...
Embracing contactless access solutions
HID Global Access Control & Identity Management
There has long been a discussion of the perils and virtues of authentication factors. Is it more secure to use something we have (a key card), something we know (a password), or something we are (biometrics)?

Read more...
Smart access for a safer community
neaMetrics Suprema Access Control & Identity Management Residential Estate (Industry) Products & Solutions Commercial (Industry)
Suprema has released its BioEntry W3 facial authentication access control device with multiple authentication options, including RFID cards as well as mobile credentials, designed for durability and resilience.

Read more...
The power of knowing your client
Ideco Biometrics Access Control & Identity Management Integrated Solutions
One of the most effective ways to combat the threat of fraud, identity theft, and financial crime threats is through a robust Know Your Client (KYC) process, which safeguards both businesses and clients.

Read more...
Smarter ways to secure your space
Elvey Security Technologies Access Control & Identity Management Products & Solutions
Ensuring the safety of people and assets has become more crucial than ever, and access control systems provide essential tools to regulate and monitor who can enter specific areas or access sensitive resources.

Read more...
Facial recognition in national security
Access Control & Identity Management Government and Parastatal (Industry)
As global security challenges evolve, facial recognition technology provides a vital edge by turning our unique identities into powerful assets for national defence and changing a sea of anonymity into a line of defence.

Read more...
Federated identity orchestration
Technews Publishing SMART Security Solutions Editor's Choice Access Control & Identity Management Security Services & Risk Management AI & Data Analytics
Understanding exactly who resides at the end of a digital device is key, and simple identity number verification by the Department of Home Affairs is no longer a viable solution on its own.

Read more...