Security and Surveillance Industry News

Biometric Identification has been around for many years. In the beginning, it was extremely expensive and cost prohibitive and would only be found in the highest security applications. Since 9/11, biometric readers have become increasingly popular and subsequently more cost effective.

Current Biometric Readers include Hand Geometry, Fingerprint Door Locks, Iris Scan, Passive Facial Recognition, Active Infrared Facial Recognition, Voice Pattern Recognition and Blood Vessel Authentication.

Biometric readers can be stand alone, networked or part of a large P.C. based solution, but no matter which technology is being utilized, each biometric reader will require that a baseline biometric template be provided for comparison purposes. This means a couple of things.

• Each and every person must enroll in the system to create a baseline template
• Every template needs to be stored for comparison either in the computer software or at the reader

The first biometric readers were standalone controllers that stored all of the templates at the reader itself. When a person presented their “credential”, whether it was a finger, hand or iris, it needed to be compared to the “template” as stored in the reader. In the case of multiple users, this became a “one to many” comparison and the reader had to search through its library of templates until it found one that matched. In larger systems with multiple users, this could take several seconds before a match was confirmed.

To speed up the process, manufacturers started storing the biometric templates on central computers that could sort through the templates faster and provide a quicker match.

Eventually, someone came up with the brilliant idea that a “one to one” comparison would be much quicker than a “one to many” comparison and require less processing time. Keypads were added to the readers and users were issued Personal Identification Numbers (PIN’s) that essentially called up their template for an immediate “one to one” comparison.

This simple innovation made biometric readers capable of much faster throughput times and therefore more widely accepted. No longer were there lines at the reader waiting to get in.

Of course, we live in America, and people are very concerned with their personal privacy. An employer storing your biometric information is dangerous, right…Not to mention that storing individual biometric templates on a computer takes up a lot of room on a server.

Security Equipment Manufacturers have solved this dilemma with the advent of smart card technology. Highly popular in Europe and Asia, smart cards are making a strong impact in America. Manufacturers have begun building proximity non-contact type cards that transfer bi-directional data utilizing radio frequency identification (RFID) technology.

Smart cards are in essence read/writable data chips that are used to store and transfer information. Some of them are capable of holding up to 16-kilobits of data that can only be accessed by readers through the use of a 64-bit encrypted “key”. This recent innovation provides highly secure credentials for access control systems without the need to store and transfer biometric templates for each person enrolled into the system.

You now enroll and carry your identification templates around with you on your own RFID Proximity Smart Card. The readers download the template from your card and compare it to your fingerprint, Iris, or whatever credential you are using for verification.

If they match, and you have access to the door, it unlocks. You see, your finger really can be the key….

The first ever RFID (radio frequency identification) Proximity Card Reader was invented by Schlage Electronics in 1972. It immediately revolutionized the access control industry.

Proximity Card Readers became an overnight success due to their ease of use and the fact that they read through a wallet or purse. Proximity card readers quickly became the most widely accepted and used type of access control reader. You no longer needed to pull your card out to swipe it through a reader. Without moving parts, there is nothing to wear out so proximity readers are extremely durable and maintenance free.

Most proximity type access control cards, including the original RFID tags are passive, and do not contain batteries. They use the power generated by the radio frequency to transmit their unique ID. The cards actually contain very small microchips imbedded in the card that are encoded with unique numbers. The card is activated, or excited when it is in range of the localized radio frequencies generated by the card reader. The field generates a small electrical charge in the card that responds by transmitting the unique ID code to the reader.

With a few exceptions, the number encoded on the card is transmitted to some type of control panel or head end which ultimately makes the decision whether to unlock the door or not.

Most Proximity Cards are encoded with an industry standard 26-bit number utilizing the Wiegand protocol. A standard security feature built into the 26-bit Wiegand code is referred to as a facility or site code. The facility code or site code is a 3-digit number that identifies the card as belonging to your facility. Due to the mathematical limitation of a 26-bit binary number, there are only 256 possible facility codes and card numbers are limited to less than 65,535 for each facility code. This equates to a combination of 16,776,960 possible card numbers in the 26-bit standard.

p>This is simply not enough security for some customers, so 36-bit and other custom Wiegand formats have been added recently which greatly decrease and in some cases completely eliminates the possibility of duplicate cards being created.

With the advent of the larger format card numbers, manufacturers have been able to assign, or delegate entire facility/site codes for larger customers.

Standard proximity cards do not have any security features, other than the facility/site code built in to the number. In other words, if the card is within range of the correct radio frequency, it will spit out its card number time and time again.

The card does not authenticate, or interrogate the source of the radio frequency; it simply charges up and sends the number. It will continue to send the number (several times a second) until the radio frequency disappears.

Someone with the proper equipment could theoretically copy the information on a proximity card and then duplicate the card in order to bypass an access control system.

There is an unsubstantiated story circulating the internet about a group of college students at MIT creating a reader the size of a backpack, and using it to walk down a hall and copy peoples cards without their knowledge.

In my role as a Security Consultant, I have been on countless appointments at companies that do not have a comprehensive key management plan in place. It’s not really that uncommon of a problem and it can quickly get out of control.

Almost every home and office is secured with a lock and a key. Most people have a key chain to help them keep track of these important symbols of modern society. House keys, office keys, garage keys and several car keys usually rattle around in most people’s pockets or purses.

Even though lock and key mechanisms incorporate many modern security features they are still susceptible to being lost, stolen or copied. Another inherent weakness in lock and keys is that anyone with a key can enter your building any time they want.

Each year, companies spend hundreds of thousands of dollars re-keying buildings because someone lost a set of keys or an employee was fired who did not return a set of building keys?

Do you know how many grand master keys have been issued in your building? Can you reasonably say with confidence that none of your keys have been copied by less than ethical employees? Do you have employee’s entering your office at odd hours? Has your building ever been left unlocked?

If you have experienced any of the preceding issues, perhaps an Electronic Access Control System is the “key”. An Electronic Access Control System can provide you with an effective solution to your key management nightmare while providing a very potent tool in your overall security management plan.

Take back those keys! A properly deployed electronic access control system will allow you to secure your facility and deter crimes by limiting access to authorized personnel and separating public from private areas.

The capabilities of electronic access control systems vary greatly. They range from single door stand alone systems that you program through a keypad, to medium sized computer based systems, to the top of the line enterprise systems that have the ability to communicate control thousands of card readers on multiple continents.

Electronic Access Control Systems have some very basic things in common. Each of them will allow you to control who goes where and when in your facility by requiring the presentation of a unique credential at a Card Reader or a PIN pad and they can be set up to provide you with a report of who has entered your building.

There are several manufacturers that provide 1 to 4 door solutions that are programmed through a keypad or a remote software package. Some of the higher end burglar alarm systems can also control access on up to 4 doors.

These smaller systems provide fully controlled access to individuals based on the door, the date and the time. Some of them allow you to hook up a form feed dot matrix printer directly to the controller in order to get reports. Most of these systems are limited to less than 4 doors and a couple of hundred users/credentials.

Many people who use the 1-4 door systems will usually program cards to work 24 hours a day because it can be difficult and time consuming to manage multiple time groups or limit an individual’s access.

That’s not to say that you cannot provide full date and time limited access control with a 1-4 door system, but if your application requires periodic updates and multiple users, you may want to consider a more sophisticated solution. A good application for a 1-4 door system would be a remotely managed multi-tenant building without an on site manager.

Lower to mid range P.C. based solutions can be provided that control access on 1 to 32 doors of access. Systems in this range can provide controlled access to several thousand users. They are a good choice if your intention is to allow keyless entry on a limited number of doors at a single site and run some limited reports.

Most electronic access systems in the low to mid range are Windows based software applications that use MSDE or other off the shelf database software; therefore the reporting features are fairly limited.

In addition, the low to mid range systems have limited abilities to monitor alarms, provide video badging, integrate with 3rd party databases or interface with other systems such as CCTV or Burglar Alarms.

There are literally dozens of manufacturers flooding the small to mid range market and their offerings vary greatly. You would be wise to perform some due diligence and ask for local references from any vendor that you may be considering.

Enterprise Level Access Control Systems occupy the top tier of entry control systems. There are only a handful of manufacturers that can truly call themselves an “Enterprise Level” solution. These highly sophisticated systems are true security management systems that can easily and effectively handle thousands of card readers, hundreds of thousands of cards, and a multitude of workstations spread all across the globe.

An Enterprise Level Solution has integrated single point of entry video badging, seamless integration to CCTV systems and Digital Video Recorders, true real time alarm handling with live on line graphics pages and full blown database solutions like SQL Server or Oracle.

Enterprise Level Access Control systems utilize door processing units or access control panels that can communicate via RS422/485 and TCP/IP Protocol. Enterprise Level Systems are only sold through factory trained and authorized systems integrators who have a proven track record and fully staffed service departments.

If you need an Enterprise Level Access Control System, I highly recommend that you perform your due diligence on both the manufacturer and the security companies that you are considering. Make sure that you choose a reputable Security Company or a Systems Integrator that has a strong computer networking background to perform and support the installation. Ask for several references of projects of a similar size and scope from both the manufacturer and the Systems Integrator. Interview each reference thoroughly before you make a purchasing decision.

You will thank me later!

Highly popular in Europe and Asia, RFID smart cards are making a strong impact in America.

Originally requiring contact with the reader in order to transfer information, manufacturers such as HID have begun building proximity, non-contact type cards that transfer bi-directional data utilizing RFID technology.

By encoding the cards and the readers with 64-bit encrypted “keys”, manufacturers are able to provide highly secure credentials for access and simultaneously open up a whole new world of possible applications for proximity cards.

The data chips on smart cards can be segregated into separate application areas. Some manufactures provide as many as 16-different application areas. Each application area can be provided with its own unique 64-bit “key” so that only specific readers can access the information in that area.

In other words, you can have a reader in the library that has the 64-bit key to application area 4 where the card stores all of your library information including which books you have checked out and not returned. A reader in the cafeteria has the 64-bit key to application area 6 which debits money from your account for food purchases. The reader on the student housing building has the 64-bit key to application area 1 where your card access level information is stored which grants you access into the dormitory.

With the advances in smart card technology, manufacturers are working on stand alone readers and locksets that are essentially “off-line” but they will still be able to integrate with P.C. based electronic access control systems.

The stand alone “smart” locks will incorporate smart card readers with the ability to write the transaction back to the smart card. A person could visit hundreds of the “off-line” readers and when he reads his card at an “on-line” reader, the stored transactions would be downloaded to the database. If a person is fired, or taken out of the database for any reason, the “on-line” system can write the necessary information deleting the card, to each card that it reads. In this way, the information is transferred to the “off-line” readers telling them to delete the access privileges of the card.

Theoretically, this will allow large users of access control systems to customize their solutions and provide a mix of on-line and off-line readers that can be centrally managed while taking advantage of their existing communication infrastructure.

Another popular feature of smart cards is the ability to store biometric access control templates which allows faster response from biometric authentication readers. This innovative approach to biometric technology allows you to carry around your biometric template with you, rather than having it stored on the computer or the reader itself.

Because the template comparison becomes a one to one versus a one to many, it frees up valuable processor time and hard drive storage space, which allows the new breed of biometric readers to work very quickly.

Very soon, when you use your credit card at a point of sale, you might have to present your finger to a biometric reader to verify your identity. Not long after that, even internet transactions will be authenticated using some form of smart cards and biometric identification.

Get ready America, as all of these transactions are sure to use some type of Smart Card Technology!