Real Time Networks recently announced its new partnership with VIZpin. We’re really excited to offer VIZpin’s mobile credential access control technology as an authentication option in our KeyTracer and AssetTracer management systems!
Digital and physical attacks remain on the rise. That makes the authentication methods that your organization uses to secure its assets and facilities more critical than ever.
It's not if, but when your organization will suffer a security breach. Whether they’re large or small, or protecting from internal or external attacks, every organization must remain vigilant. Even the NSA, arguably the most secure US federal intelligence agency, failed to stop Edward Snowden from releasing an estimated 1.7 million sensitive records
Access control cards may all look the same, but ‘under the hood’ the technologies driving them vary considerably. Different card systems have very different strengths, weaknesses, and price tags.
Choosing the card technology that best fits your business was already going to be challenging. But gone are the days when buying a security system meant that you only had to think about that one system. In our era of universal connectivity it’s essential to consider how a card system integrates with the rest of your security environment.
In this article we’ll take a look at the leading card technologies on the market today. We’ll also highlight some of the access control platforms that Real Time Networks products can integrate with. Our RTNHub management system was designed from the ground up to work smoothly with all of them, and other major business and security platforms, like Verizon Connect fleet management, Windows Active Directory, C-Cure, and S2 Security.
We’ll start with the more simple systems better suited for lower security environments, and then move up to more advanced RFID card systems.
Think scanning items at the grocery store. For access control, barcodes on access cards contain user credentials, which are scanned by card readers at control points. While cards and readers are inexpensive, they’re not very secure. They literally can be duplicated in 10 seconds at the office photocopier. They’re only applicable in very low risk security environments.
These cards use the same technology as credit cards. The magnetic stripe holds credentials as a simple binary code that’s read when the card is swiped. The bad news is that magstripe card copying equipment is readily available online. So this is also best treated as an ‘entry level’ access control method for low risk settings.
Our technology partner Lenel sells magstripe systems for such a need, compatible with their Lenel OnGuard platform, in addition to their wider range of RFID card systems (More on those, below).
This technology exploits a quirk in the behavior of magnetic fields around twisted metal wire to encode information. In access control, ‘Wiegand wires’ are embedded in plastic cards and magnetically encoded with unique credentials. These cards became popular in the 80s as a more secure upgrade to barcode and magstripe cards. Since credentials are encoded at manufacture, Wiegand cards cannot be reprogrammed or erased, and they’re harder to duplicate. While they’re still in use today, generally they’ve been made obsolete by more modern technology, namely…
Radio Frequency Identification (RFID) Cards
RFID cards transmit their credentials via binary computer code over the air. A card does not need to make physical contact with a reader to communicate. They contain small computer chips programmed to hold credentials to specific facilities. Cards receive wireless power when they’re in close proximity to readers. Credentials can also be encrypted in some versions, greatly enhancing security and making the cards much harder to duplicate.
RFID cards are currently the most common access control card type on the market. Two types dominate, each with different advantages.
Low Frequency RFID ‘Prox’ Cards
This is the most common RFID format. Prox is short for ‘proximity.’ These cards send credential information one way: from the card to the reader. The 26-bit version is an open format used by many manufacturers. Blank cards in that format are readily available and inexpensive.
You may have already guessed that this makes illicit duplicating easier. Which it does. Duplicating tools, and even online services, are very easy to come by. And the duplicates are difficult to identify and trace. That said, proximity cards are quite popular at low-to-mid levels of enterprise security. Especially in stable security environments, where needs don’t change year to year. They’re require no contact, which is good for usability and—we’ve found—means less maintenance.
Both AMAG Technologies and Lenel offer a variety of prox card options. Real Time Networks products easily integrate with both of their management platforms.
High Frequency RFID ‘Smart’ Cards
Smart cards were developed with the express purpose of being difficult to duplicate. Equipped with on-board processors, they’re essentially single-function computers, which—thanks to advanced encryption— authenticate the carrier with a unique code generated new for each individual transaction. Because they use two-way communication to authenticate, smart cards are much harder to duplicate. There’s also potential for connecting them to card payment systems and other personal identity-based tools.
AMAG, Lenel, and Genetec are all major carriers of smart card access control systems.
So How Do You Choose?
As with most security technology decisions there’s no one one-size-fits-all answer. Identifying the correct access control card system for you requires consideration of budget, desired security level, and future business directions. Smart cards are highly secure and adaptable if needs change, but are more expensive. They may not be the right fit if your goal for the next 10 years is just to regulate access to one university lecture hall, for example. On the other hand, if your university were investigating chip payment cards that might be able to run on the same standard, then it might make sense.
One specific question we hear a lot is what to do if you have a large install base of older cards. Replacing hundreds or even thousands of access cards in one fell swoop is going to be expensive, not to mention a logistical challenge. In this instance, we generally recommend first replacing legacy card readers with newer, multi-format readers that can accommodate both your legacy system and the new one. Then cards can be replaced simply through attrition. As new cards need to be issued, or old cards replaced, the newer proximity or smart cards are issued instead.
Hopefully now you’re in a good place to start the conversation with your business’s leadership and security providers about the best access control option for your needs. But if you’re looking for further help selecting the right integrated security systems, feel free to contact Real Time Networks today for help.
Editor's Note: This post was originally published on August 28, 2017, and has been updated for accuracy and comprehensiveness.
Plenty of folks have had the experience of being "buzzed" through a door. It happens like this: After checking your ID or recognizing your face, a receptionist presses a button. You hear a buzzing sound indicating that the door is now open. (And by the way, if you’ve never seen the old “door buzzer” skit with Carol Burnett and Tim Conway, open a new tab and Google it. Now. It will add a whole new layer to your understanding of access control). The “door buzzer” experience illustrates the inner workings of an Electronic Access Control (EAC) system. In its simplest form, an EAC system consists of an electronic door lock, a reader (such as a card reader or keypad), and some form of controller. In our example, the receptionist's eyes are the reader that allows her to recognize you. Her brain is the controller. If her brain is convinced that you belong inside, it will send a signal to her finger, ordering it to press a button and release the lock.
Except for the more garish super villains, criminals avoid the spotlight. Most prefer to operate in theaters where they can remain in the shadows and maintain a level of control. Enter Crime Prevention Through Environmental Design (CPTED). CPTED is not a new sensor or camera. Rather, CPTED is a set of design principles intended to take the sense of anonymity and control away from the bad guys; and by doing so, make your facility a harder target. CPTED principles, when properly applied, allow you to anticipate the thought process of potential offenders and reduce the opportunity for crime.
AMAG Technology, the security management system manufacturer, has announced Real Time Networks as the newest certified partner within the Symmetry Preferred Partner Program. As a certified partner, Real Time Networks' KeyTracer Key Management System integrates with AMAG’s latest Symmetry Access Control software. AMAG Technology and KeyTracer cooperatively tested and certified this integration.
Internet of Things (IoT) technology continues to disrupt both the consumer and enterprise sectors, and as each powerful new use is found its adoption is only expected to grow. But many IoT security risks remain.
Editor's Note: Originally published February 15, 2017. Updated in January 2019 for accuracy and comprehensiveness.
It's a new year, and what better time to look at some of the changes over the past year that lead to new trends in 2019. For access control, those trends are moving steadily toward more devices, more points of access and definitely more data.