Keypads have been around a long time and will continue to play an important role in access control for the foreseeable future. For certain applications, such as to restrict access within protected premises, a keypad which has only a single entry code is considered adequate security. Most keypad systems utilize individual codes for each individual system user, and may be programmed to also require the use of a credential along with the Personal Identification Number (P.I.N.) during certain high-risk time periods.
Credentials include objects such as cards and tokens. Encoding technologies include magstripe, barcode, Weigand and proximity.
Although most bank cards utilize magnetic stripe encoding, proximity technology dominates the security access control system market, with "smart cards" utilizing a combination of proximity and biometrics promising to gain market from standard prox-only cards in the near future.
Biometrics are such an important development because keys, keypads and access credentials all suffer the same shortcoming of not being able to authenticate the identity of the keyholder, cardholder or person entering the P.I.N.
BIOMETRIC BASICS
Biometrics are used in access control for either authentication or identification. Biometric technologies make a template of some unchangeable characteristic of a person which can be used for a variety of purposes.
Biometric authentication technologies are used to confirm that a credential is being used by the person to whom the credential was issued, long a recognized shortcoming of any automated (and sometimes even manned) access control methods.
When a biometric reader is used in conjunction with a smart card, the biometrics authenticate the identification of the cardholder by comparing the hand or finger presented to the reader with the template stored on the credential. Combining the card with biometrics eliminates the possibility of a stolen credential.
Standalone biometric readers are used for identification. The finger or hand is compared with database of enrolled templates. In some cases, the database is stored right in the door unit. Most systems of this type have a limit to how many templates they can store due to memory constraints. "On-line" biometric readers compare the entrants' biometric profile with those stored in the biometric database.
The factors which the locksmith can take in to consideration when selecting or recommending biometrics include:
Throughput required: This means how many individuals the system will be required to screen, and how fast must this be accomplished without creating delays and user frustration.
Existing system capabilities: Many Biometric upgrades are possible without having to run cabling or changing system head-ends.
User reaction to bodily contact with the biometric reader: Some people don't want to touch things.
Reliability and efficiency of the reader: Every person who will use the system must be enrolled. The identity of every person using the system must be verified. Misreads will cause big problems.
The primary functional differences between a single-door system and a network-connected one have to do with how door activity will be reported and how the database is managed.
Single-door systems, standalone units and networked controllers may be deployed within the same site if hardwiring is not feasible or cost-effective, as long as the credentials are compatible between the various access control units.
If an access control system is installed on a door connected to a premises alarm system, violations can be remotely annunciated. Many single-door systems also record activity logs which can be uploaded by use of a laptop or other data-grabbing appliance. Local audible alarms may also be connected to most single-door systems to signal system abuse.
Vendors are offering readers and controllers which can be operated as single-door, virtual networked, or hard-wired, depending on the site requirements. These enable the installer to meet the client's requirements now and later upgrade and expand the number of doors and the system's capabilities should the clients' needs change.
SOLUTIONS FROM IEI
IEI has been a major supplier of access control solutions for 20 years. Their product line has evolved from basic single-door keypads to include a product roster that offers virtually every feature that can be found in the industry today. In addition, IEI offers tech and sales support that helps a beginner in access control become a pro and provides the a dealer already experienced in access control and advanced set of tools and resources that enable him to focus on service and building his bottom line.
When selecting an access control manufacturer, the installer must ensure the compatibility of products in the line. The support a company offers for a product they supplied you years ago, and the options you have as an installer to repair or upgrade a system, helps a dealer maintain long-term relationships with clients and makes system expansions pleasurable and profitable.
IEI products, and their software suite, HUB MANAGER PROFESSIONAL, provide the installer a flexible group of products which can be readily interfaced, integrated and controlled. A dealer can economically start and grow one door at a time just like most jobs actually do. Dealers and end users can deploy the IEI Hub Manager Professional Software to seamlessly integrate, program and manage the entire mix and match of appropriate access control solutions via this software for an unlimited number of sites. Hub Manager Professional Software works on Windows® 98, 2000, and XP.
To illustrate the flexibility of the IEI product line when dealing with real-world installation situations, we asked Neil Licht, IEI's Product Marketing and Dealer Relations Manager, to talk us through a couple of application cases. Here are out questions and Licht's answers.
What solutions does IEI offer for a single door with existing electric lock?
Solution #1. HubMiniMax can run the entire system. Connect the reader to it, the REX and the Contact. Connect the lock to the main relay. The IEI system will operate either Fail Safe or Fail Secure by connecting to the appropriate terminals. Connect alarm shunt, door forced, door ajar and you have a standalone system.
The power transformer shipped with the unit wires to the HubMiniMax and delivers power for everything, even an auxiliary like a powered REX. Plugging in the transformer uses the building's grounding to ground the entire system, so no finding and connecting a ground to a cold waterpipe is needed.
The software and required connectors ship with the unit, but you can also program with the keypad located in the door control module of the MiniMax. Activity reporting can be done via a local printer, but we feel using the Hub Manager Professional Software System to log and print is a lot more efficient.
IEI Solution #2: Use an IEI Prox.pad. It's a self-contained system. A printout can be obtained via the Infrared output to a Palm Pilot. The Prox.Pad can also be wired as a ‘front end' reader to the HubMax or HubMiniMax and get the same results as in Solution #1.
IEI Solution #3: Use LS2 Series-Integrated lock set. This has an integral lock, so the existing electric release may be used for a remote door release if required for the application. The LS2 Can be programmed via Palm Pilot. HubManager Professional software loads the various access levels, etc into the Palm. The end-user takes the Palm Pilot and, via the infrared, program and also retrieve the log. Its all user and door serial number handshake protected for security of the data and or non-authorized use of the palm.
IEI Solution #4: Of course, every 232 keypad can fulfill your original application on its own, without any PC.
How about adding Biometric entry control?
Our BioRead is fingerprint-based and can run alone or as just another reader in our Hub-based system. It needs a card but the reason is security.
The fingerprint and card number is enrolled onto the card. This means that the fingerprint is stored only on the card, not in the reader or the database. It's more secure in that nobody can hack and steal the fingerprint. If stored in the reader, just move the reader to a door where you aren't allowed in and it will let you in!
IEI recognizes the fingerprint, validates it and then sends only the card number to the Hubs for access decision-making based on the card number only, just like prox or mag. The card is industry-standard HID and Mifare. Existing non-fingerprint cards can work if you apply a wafer thin press apply smart card onto the existing card.
If you want to take home the money, you must get the hardware to work together, the system to operate and the end-users to be able to get through the door. In other words, you must integrate the technologies and the people. Here are some additional products from IEI that could help you accomplish your mission.
BioRead features Integrated Enrollment, which means access control and biometric enrollment are integrated in Hub Manager Professional software. It eliminates the hassle of launching multiple software applications. The fingerprint template is stored only on the smart card. The Reader or Database has no record of the print, so no template theft or transferal is possible. Additionally, a reader cannot be removed from the wall and moved to another location and "get in" (BioRead reader doesn't store the fingerprint). A unique Card number can be created and enrolled onto the card.
• IEI Basic: includes enrollment station hardware, reader
• IEI Reader: reader only
• Wiegand Kit: Wiegand panel deployment, includes BioRead enrollment software
In September IEI will release the Prox.pad Plus, which is a Prox.Pad that is a complete controller, fully installable, networkable and managed by Hub Manager Professional Software, one door at a time.
For more information on IEI's full line of biometric products, call 1-800-343-9502 or visit the website www.ieib.com.
Tim O'Leary
Tim O'Leary is a security consultant, trainer and technician who has also been writing articles on all areas of locksmithing & physical security for many years.