Is your company’s existing credentialing solution leaving the front door vulnerable on a nightly basis? Are you regularly re-issuing access card credentials? Do you feel like your security technology is stuck in a 1970’s time warp? Now may be a good time to consider serious digital transformation to ensure your security solutions remain relevant and are future proofed.
Industry figures indicate that 50-60% of the Physical Access Control (PACS) market still relies on the original “granddaddy” of access control: 1970’s proximity (prox) cards via the Wiegand protocol. The cards can be duplicated with ease, leaving your facility with the appearance of security without any real protection. If you can copy your card (or fob) at a grocery store key kiosk, you are not secure. Just like we have abandoned the 8-track, fax machines, and bag phones, it’s time for credentialing to leave behind 1970s technology and embrace innovation!
To protect your businesses from threats in 2023, new forms of identity credentials, access technology and visitor management solutions are needed. These new solutions provide a mobile, touchless, and frictionless experience mitigating security threats. They are rapidly becoming the preferred choice for seamless onboarding and access control.
Let’s cover what you need to know about the changing landscape of alternative credentials for improved access control and better employee/user experiences.
Issuing the right credential is based on multiple factors of identity management: what you have, what you know, what you are, how you behave and where you are.
- What you have refers to an employer issued physical ID card, such as a proximity or smart card. New options include “on device” mobile credentials, key fobs, or wearables like rings, or wristbands. These primary credentials are given by the employer.
- What you know is used along with “what you have,” involving a combination of a username, PIN code, or password.
- Who you are is a physical biometric or unique characteristic that can be compared for an exact 1:1 match. Physical biometric modalities include face, finger, iris, palm/vein, lips, feet, nails and more.
- How you behave is a behavioral biometric including voice, heartbeat, brain waves, eye movements, gait, signature, and others.
- Where you are shows an exact location along with any of the other 4 authenticators. This can include a time stamp record of when and where an event occurred. Examples of the technology used include IP address, NFC, BLE, Geolocation, Geofencing, and Proximity
ID cards can be lost, stolen, or duplicated, and usernames and passwords are often weak, reused, forgotten, or shared. An easy search on the internet will sell you card duplicators or hacking methods if you have the wrong technology. Additionally, a significant amount of time and money is spent on reissuing these credentials, which creates additional security liability if the old credentials are not turned off.
For highly secure environments, the solution lies in upgrading your security game with a second factor of authentication. These credentials provide multifactor authentication (MFA), offering increased levels of identity assurance and zero-trust (absolute trust) access control permissions. Examples include one-time passwords (OTP) via SMS texts and Quick Response (QR) codes that can generate passkeys or software tokens.
Additionally, securing the wire between the card reader and system interface through OSDP protocols to protect you from electronic eavesdropping invading your network.
Combining facial recognition and voice recognition to create MFA is the most natural way for us to communicate and is moving us from a “Flintstones” to “Jetsons” lifestyle. Software for proven biometric liveness detection and detecting deepfakes is already on the market and being tested by DHS to assess its effectiveness in a remote environment. Soon, we will be able to remotely onboard and authenticate human beings at a doorway or desktop computer, verifying their identity with 100% certainty.
The convergence has begun! The transition to zero-trust access control will be a game-changer for the physical security market. Mobile, touchless, frictionless experiences will reduce the reliance on hardware and usernames/passwords.
If you are interested in articles like this, follow D/A Central, Inc. on LinkedIn or visit our website at dacentral.com for more engaging content. Join us today and be part of the conversation!