Moving to a New Paradigm of Access Control (ACaaS) without Readers or Cards
Most networked access control doors employ proximity card readers. The user presents the card to the reader which reports the card’s unique code to the control panel and if the code corresponds with a valid permission, the door unlocks. In the last several years, readers have been upgraded to work with smart cards which include a microprocessor and data storage and offer a range of benefits including better credential security and support for other applications like Biometrics, Time and Attendance, Equipment and Material Check-out etc.
I think we can all agree that these card-based technologies are a vast improvement over traditional locks and keys. Keys are easy to copy and they’re hard to recover when you want to take them away from someone, even if they didn’t make any copies. Also keys can’t work on a schedule or do things like automatically enabling or disabling alarm systems or uniquely identify which of the many copies of a key were used to unlock a door.
However, advances haven’t stopped with smart cards. Even more recently, we are seeing a move to Near Field Communications (NFC) readers which allow a mobile phone to fill in for the smart card. This provides even more potential benefits. With more powerful processors and more memory available, credential security is improved even more and the range of related applications that can be supported becomes almost limitless. In addition, the provisioning of credentials no longer requires physical cards. Credentials will be able to be granted and revoked from a central server over phone’s network connection.
What we are essentially seeing is rapidly increasing intelligence and sophistication in the credential devices (smart cards, phones) and the readers at the door. With a cloud-based Access Control as a Service (ACaaS) system, you really have to wonder…
Do you really need a card reader anymore? If your phone acts as your card, why do you need a card reader to open a door?
With a simple app (lets call it SmartKey) you could simply choose a door and it would unlock. There are lots of different ways to do this. For example: SmartKey could periodically poll the ACaaS server and maintain a list of doors that you are allowed to unlock. When a door is chosen from SmartKey, it could either connect to the ACaaS panel via an off-the-shelf Bluetooth/NFC transceiver (for a local door) or the ACaaS server (for a remote door) and make the request to unlock the door. The panel or the server checks to make sure that the user’s permission is currently valid and if so, sends a command to unlock the door (and do anything else that needs to be done like disarm an alarm system, turn the AC on, log the arrival, notify a manager via SMS etc…)
To make it even easier, you could use Location Based Services in the phone (GPS location, to which wifi access point the phone is talking, etc.) to give the user an abbreviated list of doors near them to open, with the door right in front of them at the top.
This scheme would support a wide range of security levels. SmartKey could be password protected. With an iPhone, particular doors could be protected by fingerprint biometrics or dual method authentication.
Essentially, you replace both the access card and the proprietary reader with your mobile device – no need to install readers or have users carry cards – reducing installation costs and increasing security.