At a 1998 security symposium sponsored by one the largest manufacturers of access cards in the world, an executive predicted that, by the year 2000, access cards would be a thing of the past. Biometrics, facial recognition, walking style, or some other disruptive technology would eliminate the need for plastic access credentials. More than 20 years later, facility managers are still heavily dependent on plastic access cards and no single technology is poised to become the new access control standard.
Why have things not changed? After all, there are plenty of issues with access cards. They are expensive at $6 to $12 each; they can be lost or stolen, allowing unauthorized personnel to gain access to a facility; they can be somewhat complex to order and program; and it is difficult to attain the utopia of one common access card that allows global access for all employees. Additionally, access cards are not ideal for visitors, vendors, and guests. Printing temporary cards is wasteful as they are typically valid for 24 hours or less.
In the coming decade, facility managers could well witness the end of the plastic access card. There are three form factors that can be used for granting facility access: what you have (access card), what you know (pin), and who you are (biometric). The most secure facilities require two or three factors. The changes will come in the categories of what you have and who you are.
What you have — a smartphone. In the 2020s, facility managers will likely see the plastic access card replaced with smart phone apps. There are several on the market today. The preferred technology will work with all phones, require a simple download by users, work at all readers across the organization, be simple for facility managers to implement, and be secure (with some solutions offering two-factor authentication via pin or biometric from the user’s own mobile phone). The preferred technology will likely also be able to integrate with or be embedded within facility management apps that are used to call in service tickets, manage directories, and manage visitors and guests.
Who you are — biometric readers. There are several successful biometrics access control systems on the market today. These include fingerprint readers, hand geometry readers, vascular readers, iris readers, and facial recognition readers. Most of the companies developing these technologies have overcome the issues of storing personally identifiable information and grant access based on a biometric formula.
Biometric readers can be expensive, and there is part of the population that does not have readable fingerprints. Additionally, some people are uncomfortable with others having access to their fingerprints. Despite these limitations, multiple biometric readers are available on the market, have a high degree of accuracy, are compatible with most access control systems, and have been successfully deployed in large numbers by multiple organizations.
Biometrics might be a logical fit for data centers, IT closets, labs, or other sensitive areas. This requires a smaller installation investment and can add an extra layer of security to protect some of your most valuable assets.
The farthest lagging biometrics technology, yet the most exciting, is facial recognition. The convenience for users could be incredible. This technology has the ability to replace plastic access cards, card readers, and turnstiles, and could eliminate lines. The right technology will permit many people to be allowed access without having to sign in, line up, or otherwise be inconvenienced as they access a facility. Facial recognition success will likely be driven by advances in video imaging and camera technology. Gains over the last decade in IP video technology have increased the quality of video images and decreased the cost and data transfer requirements to a point where facial recognition software should be able to be widely deployed.
Companies such as Facebook and Apple have large amounts of facial recognition data and could be poised to drive facial recognition as an access control technology.
By Daniel O'Neill, founder & CEO of Advanced Data Risk Management (ADRM)