Electronic Access Controls - Readers, Keypads and Proximity Devices

Harold Fink, Locksmith, CRL CPS
Sun, Jan 31, 2010

Electronic Access Controls

Card Readers, Keypads and Proximity Devices

Should you use a card reader, keypad or both? The selection of reader and keypad combination affects the level of security at an entry point. Use of proximity devices may increase convenience, but have drawbacks in security as well.

Keypad Only

Generally, a keypad only installation is considered less secure than a reader only installation. The reason being that users may illegitimately lend their codes to another person but cannot prevent further use (in comparison to getting a card back) unless the code is changed. A user’s code may be seen while entered into the keypad input device and duplicated without any special equipment.

Card Reader Only

A card reader only installation is the most common application but can be susceptible to illegal entry by a person that has found a card outside the protected site such as in a parking lot or on public transport. Usually, a card swipe reader installed outside of a building is more susceptible to vandalism as well.

Reader and Keypad Combination

Adding a keypad to the reader as part of your electronic access control system significantly increases the level of security. The users now require a card plus a keypad PIN (Personal Identification Number). Optionally, this requirement can be scheduled for use only outside business hours rather than during high traffic hours, minimizing bottlenecks and employee frustration.

Long Range Proximity Reader Devices

The most common use for long range proximity readers is for parking entrances and handicap facility requirements. Although several users of your system may demand long range proximity, they are seldom aware or informed of the actual side effects of these readers. For example, a long range reader installed at a door in a corridor may read cards of users walking by the door that have no intention of unlocking and entering that door. The door will actually unlock, and remain unlocked for the preset time, without the knowledge of the user. Another situation that happens frequently at a door is several users are outside the door discussing something and finally one user goes in. There is a possibility the system may erroneously report the user having just entered as an unauthorized entrance. Make sure that the readers are installed in a way to prevent such instances and that a voluntary action from the user is necessary to unlock the door. In most cases, you may revert to a 10cm (4”) reading range. For parking lots, there are other alternatives using wireless transmitters and vehicle tags.

What about site codes or families?

Site codes or families were originally created to provide for the production of a larger number of 26 bit cards by duplicating cards rather than increasing the number of available user codes. The cards were ordered for a specific site and the manufacturers, in the beginning, were keeping track of what had been shipped where. When a new site was installed, the site was provided with a site code that had never shipped to that immediate geographic area, thus maintaining the level of security of the card. Because all the cards on a specific site had the same site code, the control equipment did not have to store the site code in each of the user’s codes, thus reducing memory requirements in the hardware. As the market for access controls grew, it became almost impossible to maintain such a strategy. Although there are still some manufacturers working this way (this change represents considerable modifications to both hardware and software), the trend is to provide cards with a greater number of bits, rendering site codes obsolete. This new method also means faster delivery of cards, even for add ons to existing sites, right out of the manufacturer’s or distributor’s regular stock. As long as the card number is unique, security is maintained. Manufacturers should be requested to provide a written statement certifying that their cards are unique and will never be duplicated.

What About multiple technology cards?

The most common reason for multiple technology cards would be that there is already, on site, a system such as time and attendance, using magnetic stripe or bar code cards. The end user should request higher security proximity cards for an electronic access conrol system. It would be inconvenient for employees to carry multiple cards. The existing cards should be replaced by dual-technology proximity cards with the second technology being bar code or magnetic stripe.