The ID credentials designed for high security environments

The ID credentials designed for high security environments

Share this content

Facebook
Twitter
LinkedIn

Tony Smith, Major Accounts and Marketing Manager, Integrated Design Limited explores what ID credentials work best for high security environments.

The modern heist movie doesn’t centre on stethoscopes and safes. You’re much more likely to see photos of fingerprints and surreptitious recordings to defeat voice recognition systems.

Films notwithstanding, tricks like liveness detection make those biometric approaches very reliable, but no security credential is entirely fool proof.

What security challenges do you face?

For a typical office, minor opportunistic theft may be the main security concern, with turnstiles in place to make sure everyone who gets into the space is a staff member or expected visitor.

That type of environment is typically associated with a single layer of defence at the perimeter, typically involving a single, simple identifying credential.

Even in that ordinary office, however, you may have elements of the location that are more sensitive, such as the private offices of senior management or a data centre.

To keep life simple for most users, consider retaining that simple perimeter security, but coupled with something additional as users try to access the area or floor you need to protect more carefully.

So, what identifying credentials are the best choice, especially for the more security-sensitive situation?

Credentials – what types exist?

All access control systems are based on credentials – things the user presents to identify themselves and thereby gain access to controlled spaces. Credentials can include:

  • Physical objects such as smart cards, RFID fobs or personal devices like a smartphone with a security app or QR code emailed to a visitor
  • Numerical PINs or passwords to be entered by the user
  • Biometric solutions such as recognition of face, iris/retina, palm/fingerprint, voice or signature

Credentials and vulnerabilities

Physical items can be stolen or lost, and PINs are notoriously unsecure, because people tend to write them down or store them on their computer, even if advised not to, and therefore can be vulnerable to opportunistic physical and cyber-attacks.

If you are managing a location with little expectation of determined, malign intent, you may nonetheless conclude that a card, fob or entered PIN is suitable. For a little more security, you might move up to biometric credentials, which are regarded as more secure.

The key point about attacks on biometric systems is not that they are impossible, but that they require more individualised attention by the wrongdoer.

A single biometric credential should be enough to move you out of the reach of the merely unsophisticated or opportunistic bad actor, and also creates a fast, seamless experience for users.

When we were asked to secure the Ministry of Labour in Riyadh, for example, we integrated IDEMIA’s MorphoWave Compact readers into the turnstiles themselves, so those accessing the building could walk in with a simple wave of the hand.

High security environments

For some locations however, biometric credentials may be seen as necessary but even they might not be considered sufficient. The key here is the approach abbreviated as MFA or 2FA:

  • MFA (multi-factor authentication) – the user must present more than one credential
  • 2FA (two-factor authentication) – MFA with specifically two credentials, which is the usual amount for MFA, so more or less the same thing

Biometrics are secure and easy for users, but they have a downside. If a PIN is established as compromised, the user must change it.

If a fingerprint scanner has been somehow fooled, you may have to regard that credential as permanently compromised, at least with regard to that particular user.

This consideration too can argue for using biometrics alongside some additional credential in an MFA approach, at least in higher security environments.

Multi-layered security

Again, presenting multiple credentials obviously takes longer and requires more of users than a simpler system.

Many of those using MFA do not require multiple credentials at the front lobby, with additional checking done when users want to enter more secure parts of the location.

Flexible security solutions

Entrance control manufacturers don’t tend to mandate particular approaches in areas like credential checking, but are now increasingly offering products compatible with a wide range of third party integration products providing customers with adaptable solutions, suitable for different locations and security requirements.

Fastlane turnstiles have long been the favoured choice for integration partners as our design team look, where possible, to incorporate the integration product into the pedestal of the turnstile itself, rather than treating it as a bolt-on.

When we worked with Edinburgh Leisure to upgrade 23 of their sites, for example, we were able to offer a package of elements integrated seamlessly into turnstiles, which allowed frictionless access both to members with RDIF wristbands and pay as you go users with separate credentials.

Integrated Design Limited

To find out more about the Fastlane range, or to arrange a visit to the manufacturing facility and showroom in West London, contact +44 (0)208 890 5550 or email [email protected].

Newsletter
Receive the latest breaking news straight to your inbox