Access Control: Working Smarter
Access control systems have always had the capabilities to deliver more functionality than simply managing who has access rights to a protected area. Today’s solutions can bring together a diverse range of additional applications to deliver an added value solution for many sites.
When ‘smart cards’ first appeared, many years ago, they brought with them much debate about privacy and security, and met with low acceptance from the general public. The critics of all things technological hailed them as the start of an ID card culture which would result in everyone’s personal details – tax records, banking details, health records, criminal records, travel details and so on – being accessible to a host of various bodies, including the Government. During their early adoption, some countries which embraced the technology found that people demanded a separate and distinct smart card for every application!
It may seem strange today, given the widespread and unquestioned use of smart credentials, that these fears surrounding personal data existed, and that the general feeling towards the technology was so negative. To place this in context, at the time the early debates on the introduction of identity cards for the UK population were underway.
The slower acceptance of the benefits on offer by the general public does go some way to underline the fact that perceptions are harder to disprove and dislodge than realities! This also affected the security sector, not because of the same fears, but because a lack of mass acceptance meant that economies of scale didn’t materialise as quickly as expected. The cost of transition from proximity-based solutions to a smart alternative was hard to justify, because many of the more flexible options available today didn’t exist at that time.
Of course, over the years the technology has grown, and is used increasingly in a diverse range of industries, with many using smart credentials exclusively. The objections to shared data have largely been forgotten, due partly to a better understanding of how the data is kept secure. However, the biggest driver to increased use is a simple one; users are now realising the benefits on offer, and installers and integrators are seeing revenues increase due to the delivery of ever more flexible solutions.
The most significant benefit of smart credentials exists where a site utilises multiple applications which have a requirement for the use of credentials. Typically, this might require members of staff to be issued with a number of cards for different purposes. These might include credentials for general access control, network access control, time and attendance monitoring, cashless vending, asset tracking and logging (such as proof of required training to use a device or remove it from a stores area), as well as portable records of employment, contractual or even medical records where such a requirement exists.
The capabilities of smart credentials can also be employed to enhance security and streamline throughput times for access control. For example, biometric templates can be stored on the credential itself. This means that when access is requested, the system can operate off-line, with the reader comparing the captured biometric element with the stored template, ensuring that the card user is its authorised holder. The one-to-one comparison is faster than seeking matches in a large database, and allows more accurate matching to be implemented.
Being able to interact with various systems and business elements, and carry a range of secure data and other information, on one secure credential makes increasing sense, especially if the data from the various elements can be used to create a smoother and more effective experience for the user. A single card with many purposes will always be more effective than a number of credentials with different uses.
Additionally, the resultant data can also be utilised to assist in the creation of enhanced operational policies. Reduced credential management also can deliver true cost efficiencies!
Right for security?
Many of the ‘smart’ credentials used by the security market have their roots outside of our industry. That the technology has been embraced by a diverse range of other sectors simplifies the integration of systems, and means that stored data can be used by a wider variety of devices. Of course, the secure nature of the cards ensures that one system cannot ‘view’ another system’s data. Indeed, the specific data also cannot be viewed by a third party to discover the credential’s content.
Many smart credential solutions employ encrypted encapsulation of data – effectively this allows the storage and transport of the stored data as a single ‘object’. The encapsulated data can be made up of a number of independent data ‘objects’ for different uses such as access control, cashless vending, etc.. The implemented security can also ensure that devices reading the data are not ‘confused’ by information for other applications, and to add an additional layer of protection, the ‘objects’ can effectively be signed.
For many sites, the transition to smart credentials, whilst desirable, represents an investment both in terms of the cost of replacement credentials, along with the time associated with administering the change. Many manufacturers can supply multi-technology readers. These allow existing credentials to be used, and the company can then roll out the introduction of smart alternatives on a department by department basis. This also allows a wide range of additional applications to be introduced without the pain of changing every system for every authorised user at one fell swoop.
When the credentials are changed, specific details of the access requirements for a department can be supplemented with the required data for other services. These could be cashless vending for cafeterias, a meeting room management system, time and attendance information, etc.. This staged approach allows the credential-borne data to be adapted to meet needs as they arise, without a need to reconfigure general settings through the core system software. Systems utilising an ‘open’ database can benefit as a wider range of information is stored and managed.
The benefits of a single credential implementation are obvious, and can streamline the data handling processes, as well as making operations simpler for on-site users. The flexibility can be further enhanced with higher levels of security too.