November 29, 2019 Jeffrey E. Barnhart
While access cards still play a strong role in the access control market, some companies are moving toward smartphone Bluetooth-enabled technology to give residents frictionless access through secured doors, elevators and turnstiles. The introduction of mobile credentials has the potential to revolutionize the access control industry. Instead of carrying and swiping a card, a phone’s technology can help authenticate identity and grant entry.
There has been an uptick in the popularity of mobile credentials, which can be used via a smartphone to interact with an access control reader in the place of a physical card. Mobile credentials are more convenient, allow greater flexibility, improve privacy and can also lower the maintenance costs of credential management for end users.
Biometric technology is also increasing with fingerprint recognition and iris scanning. In some cases, multiple methods of biometric identification are combined with the use of a card (or used in place of a card) for even greater security.
Although technology continues to evolve and advance, when it comes to a trusted identity, physical cards will continue to play a valued role in securely granting or restricting access. Physical cards are an essential part of commercial security systems—keeping buildings and designated areas secure and safe by controlling entry or restricting access within a space. The combination of a physical card with a digital identity is powerful and provides multi-layered security.
Authentication Technology & Security
There are two categories of access control cards—nonsecure and secure—and both provide ways to monitor who is entering or exiting a building. A proximity card is the most common type of access card for commercial and residential buildings; however, they offer little security.
Typically the size of a credit card, an access card usually lasts five to 10 years before it has to be replaced. However, many factors affect the durability and lifespan of the card, such as the type of card substrate and personalization techniques used, how the card is stored and if the card is resistant to chemicals, abrasion, moisture and ultraviolet light.
Although the three types of access control cards – proximity, magnetic stripe and smart – may look the same, the technologies driving them vary significantly.
Proximity (prox) cards can be made of several different materials, but they all work in the same way; by being held in close proximity to a card reader, without needing to make physical contact with the reader. Prox cards are an older technology and a low security card.
Magnetic stripe cards are one of the oldest forms of access cards and offer minimal security. They are copied very easily and are typically used in low security settings like hotels. They work by swiping a magnetic stripe through a card reader (like a credit card).
The most recent advancement in the access control card market segment—smart cards—were developed with the goal of being hard to duplicate. Smart cards offer the most security, operating at 13.56Mhz (compared to a prox card which operates at 125kHz). Smart cards feature an embedded integrated circuit and are capable of writing data in addition to reading it, which allows the cards to store more data than traditional prox cards, supporting a host of credential options. Smart cards can provide personal identification, authentication, data storage and application processing. They can be combined with other card technologies for increased security.
Smart cards are the best fit for commercial and residential building access because they provide greater security with an encrypted credential that must be decrypted by a reader. It’s much easier to clone or spoof proximity and magnetic stripe cards.
Personal Identity Verification & Credentials
For much of history, our identification systems have relied on face-to-face interactions and physical documents and processes. But digital technologies are transforming how identity is authenticated around the globe.
Access cards are tied to a person’s identity through a physical access control (PAC) system, which involves a two-step process that links a card to a person after the card has been printed. Some card personalization software systems can also connect to and update the PAC system after the card has been personalized.
First, a system identifies an individual. Then, his or her credentials are authenticated via a badge, smart card, password, mobile device or biometric (such as a fingerprint). Following authentication, building access control systems grant entry.
Access control begins with a trusted identity, which validates the person who is entitled to the benefits associated with a credential.
The amount of personalization that occurs with access cards depends on what type of information and security is put on the card, for example, encoding a smart card with unique data, certificates and/or credentials.
Trends Shaping the Future of Access Control
In an era of growing security concerns, governments, corporations and property managers must elevate the importance of a trusted identity while balancing the demand for convenient and efficient access. Access control card use has increased globally with the demand for increased security driving growth.
Technological advancements in security systems, including the deployment of wireless technology, are enhancing access control. Security is a top concern for both private and public entities; many industries are transitioning to smart cards. Smart cards are the most secure type of access card and are used most often in government, health care and financial sectors, while proximity cards are commonly used in higher education and enterprise.
Cards will continue to be used for access, but there is a definite shift to mobile credentials and biometrics.
Celebrating its 30th anniversary in 2020, ICMA is a nonprofit association of card manufacturers, personalizers, suppliers and related industry participants. With 205 members globally, ICMA acts as a resource for industry issues, including the production, technology, application, security and environmental issues of cards. More information is available at icma.com.