The authentication model, the key card reader, most often installed by integrators today was invented in the 1960s. Hence, in many legacy applications these outdated devices have been rendered vulnerable and therefore violate the promise of trust that the customers have bestowed on installing security contractors.
The single key card access control products so popular for years cannot provide the true identity of the cardholder with an acceptable degree of certainty. Access control cards and related credentials are easily lost, stolen and shared. Additionally, they can now be easily cloned with an inexpensive device that can be purchased for less than $20. The inherent inability of a card system to provide the true identification of an authorized person is failure of the first degree.
Therefore, to mitigate potential security lapses, multimodal biometrics can be applied to use a combination of recognition technologies to compare the identity of a person. Should one of the technologies fail for any reason, the system can still use another one or two biometric technologies to provide accurate identification of a person.
Considering Biometrics? Addess These Challenges
Some people will have privacy concerns with biometrics. In some cases the employees will be concerned that their personal information or fingerprints or facial images will be available either to the employer or an outside entity, such as law enforcement. Employees need to be reassured that images of fingerprints and faces are not saved. The image is converted to a mathematical code for storage and even if the system is hacked, the code will be meaningless.
Notably, a potentially serious liability problem awaits organizations that continue to use card-based systems now that it is common knowledge the cards can be easily and quickly cloned. This can essentially render a system useless and invalid.
The objective of an access control system is to manage where authorized people are granted entry. With a typical credential-based access control system, entry is granted if the card or credential presented is authenticated by the system. The card manufacturers’ solution to this issue of inability to authenticate the actual identity of the user has been to produce new cards with more options that are more expensive. Yet these new credentials still do not and cannot authenticate the identity of the user. Man
agement is still dependent upon the honesty and integrity of the person who holds the card or credential. More bells and whistles for these credentials are not a cure.
Customers are increasingly aware that their card systems do not and cannot authenticate the identity of the user. Embracing biometric technologies can save campuses money, increase security, reduce risk and better safeguard facilities. These are the key reasons why knowing “who” matters in the realm of life safety and security.
Yevgeny Levitov is President of San Antonio-based FaceKey Corp., a provider of biometrics products and solutions.
This article originally ran in CS’ sister publication, Security Sales & Integration.
