Comparing Door Entry Methods for Access Control
As a central part of broader security and surveillance programs, access control is today characterized by the emergence of new technologies, including mobile and cloud, artificial intelligence (AI), biometrics, and wearables, which have quickened the pace of innovation significantly.
In this article, we’ll compare the most common keyed, keyless, and touchless door entry methods for access control. What are the pros and cons of each solution? And how is access control now integrated with the state of the art technologies powering security, surveillance, and IT?
Door Entry with Key Cards and FOBs
With few exceptions, most organizations now use some form of keyless entry system vs. traditional lock and key. It’s more convenient for the end user, easier to manage for operations professionals, and thus more scalable.
Generally, these systems use one of two credentials:
- Key card: A flat, programmable plastic card that can be swiped, scanned, or tapped against a door reader. Sometimes includes the user’s identification (photo, name, employee number, and so on).
- FOB: Very similar to access key cards, FOBs are small, programmable security devices that are waved in front of a proximity reader to gain entry to a secured space.
Pros of Key Cards and FOBs
The technology behind key cards and FOBs readers is simple and reliable. Each uses a radio transmitter to communicate between the credential and the controller. This simplicity and reliability is part of the reason you’ll find key cards and FOBs in a variety of common settings, such as residential and commercial parking garages, corporate office spaces, and hospitality.
Other benefits include:
- Ease of use and convenience
- Simple, affordable technology
- Multiple access points assigned to a single card or FOB
- Minimal maintenance and upkeep
Cons of Key Cards and FOBs
Typically, access controls systems that rely heavily on proximity readers and key cards/FOBs face a scalability problem, for a number of reasons:
- Ongoing headaches associated with replacing lost or stolen cards/fobs
- Lack of central management/remote management options
- Lost, stolen, or copied credentials can create security risks
- Waste associated with printing, issuing, and replacing plastics
- Loss of power (and backup power) can result in doors being unreachable
Door Entry with Keypad and PIN readers
Another common door entry method is the keypad or PIN reader. In this system, end users are issued their own PIN code, passcode, or keyword that they manually enter into a reader at the point of entry. The doors themselves can also have unique pin codes required for entry. A successful entry triggers an electronic door lock, which resets after the door is closed again. Examples include:
- Integrated keypad door locks
- Standalone keypad and pin entry readers
- Combination pin and proximity or keycard readers
Pros of Keypads and PIN readers
Convenience is the main advantage of keypads and PIN readers. Like keycards/FOBs, passcodes, passwords, and PINs can be programmed to unlock multiple doors. They offer a number of additional advantages:
- Retrofitting one or a small number of doors with keypads can be a simple and cost effective security measure
- Can create strong two-factor authentication when used with another security measure (combination keypad and proximity readers, for example)
- Easy to use and do not require the issuance of a physical credential
Cons of Keypads and PIN readers
The primary drawback of this door entry method is its inherent security vulnerability. Passcodes and PIN numbers are easy to share, “pass back,” and can easily be stolen for use by bad actors. Coincidentally, this is why keypads and PIN readers are so commonly deployed alongside other security measures, or for interior spaces already behind additional access control methods.
Other limitations of this method include:
- On-premise staffing required for troubleshooting, and incident response.
- Prone to constant support requests are lost or forgotten passwords and PINs
- Regular password and PIN resets needed to maintain access security
- Doors can be held open to allow multiple people to enter after one successful password input
Door Entry with Smartphone Mobile Credentials
Given the ubiquity of smartphones, many organizations now opt to use mobile credentials (as opposed to issuing keycards, PINs, passwords, or otherwise) for door entry control. This requires the deployment of readers capable of interacting with smartphones and smartphone apps using Bluetooth or Near Field Communication (NFC).
Pros of Smartphone Mobile Credentials
Nearly all mobile credentialing systems are cloud-managed, offering a number of advantages:
- Allows for a user’s existing device to be credentialed via mobile app or mobile badge (as opposed to issuing a company device)
- More secure, as most people password-protect their smartphones and are less likely to lose or lend out their phones (as opposed to a key card). A login might also be required by the organization, adding another layer of security.
- Cloud-based and cloud-managed, perfect for larger organizations that need the ability to onboard and offboard access at scale
- Remote lock/unlock, device and user group lockdown, alerts, and incident response
- Integration with existing user databases means automatic syncing, real-time updates, and activity monitoring
Cons of Smartphone Mobile Credentials
Smartphones introduce a number of security considerations, especially when a person is using their personal device as the credential. These include:
- Untrustworthy or unverified apps that create security vulnerabilities
- A user’s personal security measures might be weak or non-existent (such as requiring a password, thumbprint, or facial recognition for device access)
- A lost, stolen, or forgotten phone leaves users without access, since the physical phone is often needed at the point of access
- Drained or dead batteries, poor cellular signal, and network downtime can prevent access
As a result, many organizations approach mobile credentials with a so-called zero trust model, meaning they put in place various additional security measures to ensure that verify different “trust signals” (trusted devices, app authorizations, and networks, threat detection, and so on) before granting access to physical or digital spaces.
Door Entry with Keyless Smart Locks
While many keyless smart locks use some combination of fob, keycard, or even smartphone-enabled credentials, they differ in their compatibility with remote access control models.
Pros of Keyless Smart Locks
Keyless smart locks use internet-connected software, which enables connectivity with off-premise access control systems through WiFi internet and Bluetooth (primarily). Like cloud-based access control, keyless smart locks offer all of the advantages of more traditional, on-premise door entry methods alongside all the advantages of remote management, namely:
- Administrators can monitor, lock, and unlock doors from anywhere
- Can be paired with other security and surveillance infrastructure, such as video monitoring, alarm systems, and environmental monitors
- Can be integrated with cloud security systems and mobile credentialing
- Allow for faster incident response
- More flexibility, including compatible devices (smartphones, tablets, etc.), programming access windows, and remote alerts
Cons of Keyless Smart Locks
Keyless smart locks are not without their faults, however:
- Not immune to network and power outages
- Require more advanced maintenance considerations that require an IT professional
- Cybersecurity threats that require ongoing attention to security protocols, patching, device offboarding, and operating system updates
- Additional hardware and installation costs due to the need for underlying software and internet-enabled hardware
Door Entry with Biometrics
The most familiar—and perhaps most common—form of biometric access system is fingerprinting. iPhone users, in particular, have likely set up a fingerprint to unlock their device or to authorize app purchases and downloads. In a biometric access system, a scanner converts some “biological input”, such as fingerprint, palm, retina, or even voice, into a machine readable credential.
Pros of Biometrics
Biometrics are especially prevalent in higher tech, higher security settings, where they are often deployed alongside another door entry method to create a strong two-factor authentication process for granting access. Examples include banks, medical facilities, government buildings, and storage/warehousing. The pros of biometric-controlled door entry systems include
- Ease of use
- The person is the credential, so no need to issue or reissue keycards or FOBs
- Tighter security thanks to how difficult it is to breach a biometric reader, as well as no credential to lose, misplace, or leave at home
- Can in some cases be centrally managed from a remote location
Cons of Biometrics
Typically, with advanced technology comes higher upfront cost. The same is true of biometric readers, one of the primary drawbacks of this solution. Others include:
- Not applicable (and thus not worth the high cost) for some smaller businesses and organizations
- Bad readings, delays, and rejected credentials are common
- No remote authorization capabilities
Which Access Control Door Entry Method is the Best?
Keycards, keyless smart locks, smartphones, and biometrics all have their place. We mentioned how, for instance, biometrics can be cost-prohibitive for smaller organizations—the strength of the technology does not outweigh the significant cost to implement. For other organizations, standalone keyless access methods, such as passcode locks, may not offer enough security.
Most organizations use a hybrid door entry model that’s tailored to their organization’s specific needs. A combination of one of the door entry methods above, video surveillance, and remote monitoring can be quite effective in maintaining the utmost security while minimizing blindspots and vulnerabilities.