Access control is defined as “the selective restriction of access to a place or other resource”. For an automatic access control system to function, it requires a means of identifying individuals to determine their access rights. The form of identification can be anything from a memorised password or PIN through to biometrics (ie the measurement of a human characteristic). Here, Amer Hafiz reviews the evolution of identity credentials in the sphere of access control.
Since the early days when access was granted (or not) once an authorised PIN was entered into a keypad, access control systems have evolved to support many forms of ‘physical’ credentials. Generally referred to as ‘pass cards’, these credentials have taken many forms.
Barcodes where an identity number is printed on the card in the form of a machine-readable series of variable width bars. Although more secure than a memorised number, a barcode can be easily copied or reproduced
Magnetic Stripe where a magnetic stripe on the card stores an identity number within a designated track. A special magnetic card reader is used to read the number from the track
Proximity Card where an electronic chip on the card holds the identity number and a built-in antenna enables a compatible proximity card reader to read the identity number using radio frequency technology. The card simply needs to be held within a few centimetres of the reader
Smart Card using a similar radio technology to that of proximity cards. Smart cards can hold a variety of data within the chip. The data may be read and/or written to the card using compatible readers/writers depending upon the application. For access control applications, an identity number can be stored on the card and read by a compatible access control card reader.
In each of these technologies, it’s necessary to issue a uniquely numbered card (or key fob) to each authorised individual. The unique number on the card serves as their identity on the access control system. Without the card, they would not be able to gain access to the restricted area(s). This makes it necessary for them to keep their identity cards with them whenever they need to move around the building or installation.
Advances in technology
Recent technological advances have made the need to carry identity cards unnecessary. Two completely different approaches have been used.
Biometric readers The first was the development of biometric readers, where the recognition of unique human characteristics such as fingerprints or retina patterns are used for identification, precluding the need for identity cards. To support these systems, authorised users must ‘enrol’ on the system whereupon their biometric data is read and stored in a database.
Whenever the user needs to access a restricted area, they must present themselves to a biometric reader at the access point (eg place their finger on a fingerprint reader). The data obtained is then compared to the database to find a match to determine their identity and check their access rights before granting entry.
Although this provides a high level of security and avoids the need to issue credentials, the readers are very expensive and the process of looking up complex data with a large database can be slow and limiting.
Virtual credentials The second alternative is to use smart phone-based ‘virtual credentials’ to replace physical cards and fobs. A virtual credential is a unique identity code that can be securely sent from a cloud-based server to an app on the user’s smart phone. Several virtual credentials can be stored on the smart phone for different access applications. A smart phone with its virtual credential can be used to gain access to restricted areas, making it unnecessary for the user to carry cards or fobs.
As most people now carry their smart phones everywhere they go, they are far less likely to lose their credentials or forget to keep them handy.
The app can present the credentials to readers using smart phones’ built-in communication technologies such as low power Bluetooth, NFC or QR code. The technology used would depend on the capabilities of the reader and the type of smart phone.
If Bluetooth is used, it can offer a further benefit as it may be used at distances of up to 15 metres from the reader, effectively replacing long-range, hands-free reader technologies.
Where might credentials go next?
In the short to medium term, identity cards will continue to be used with contactless smart cards gradually replacing older technology proximity cards. Virtual credentials on mobile devices will become far more widespread.
The ever-increasing levels of security being required will most likely lead to a wider use of facial recognition as the main biometric credential.
With advances in Bluetooth technology providing increased bandwidth, more information can be quickly retrieved from smart devices, making the combination of high-security biometrics and smart phone apps a real possibility for controlling access.
Amer Hafiz is Technical Director at Nortech Control Systems