KEYPADS GO BIOMETRIC
Scanners are devices used in biometrics to measure the biometric trait of an individual and process it for access control purposes. Finger scanners are gaining popularity because they provide a convenient and secure means of controlling an opening at a relatively low price point, as compared to other biometric technologies. The biometric trait (for example the user’s fingerprint) is scanned into memory and is used as a template to which individuals requesting access are validated.
Biometric access controls may store the templates locally at the door, or in a database somewhere on the network. Templates can also be kept on a smart card or an adhesive patch attached to something carried by a user. The user must present both the credential and his or her finger at an entry point when attempting access.
Storing the template at the door offers the advantage of being able to continue to operate if connection to the network is interrupted.
When biometrics are combined with a credential, or the finger scan is indexed with an individual user ID, the biometric comparison is described as one to one (1:1). When a fingerscan is compared to a larger number of stored templates, the process is referred to one too many (1:N). Processing time and reliability may be affected by which method is employed. Comparing a fingerscan to a large database of templates may take longer to process than a one to one comparison. The criteria of the comparison (algorithm used to perform the comparison) may be tuned to the topology of the system, yielding less desirable ratios of False Positives (granting someone who is not authorized access, or false negatives (denying access to someone who is authorized).
Using PINs in conjunction with credentials or biometric templates is referred to as multiple factor authentication, and doing so enhances security dramatically. While it is true that nothing is more secure than an individual’s biometric template, variables such as the algorithm used, hardware issues and user acceptance may affect the success of a biometric deployment.
Accuracy is vital to the acceptance of the biometric type chosen.
The two issues associated with biometrics are false positives, False Accept Rate (FAR), and false negatives, False Rejection Rate (FRR). These occur as the biometric system inputs the biometric signature of the user and attempts to compare it to a template which is either stored in the terminal or resides in a network connected database. These numbers represent a statistical probability that one of these will occur, and the ratio is parameter set by the designer of the algorithm.
FAR ranges from .0001% to 0.1%. FRRs vary from .00066% to 1.0%.
Setting the system to produce a very low rate of false accepts usually causes a higher rate of false rejects. The application determines the acceptable levels of false accepts and false rejects. Since it is virtually impossible to individually verify these stats, it is best to stick to reliable known manufacturers who adhere to recognized industry standards.
The Zodiac-Lite is Cansec’s basic biometric product, meaning that it supports the fewest number of templates (90) and does not support some of the higher network functions, of other Zodiac models.
Cansec’s access control solutions range from single door, stand-alone card access systems to fully-featured and integrated solutions for controlling access to multiple facilities with complex requirements.
Zodiac-Lite can operate in many different configurations. It can connect to a Cansec SmartLock Controller, be used with a Cansec Door Control Module to operate an external electric lock, or serve as a smart Biometric Reader with Wiegand output to an access controller of your choice. Features include:
Use with a door control module to create a completely stand-alone door access control system
Stand-alone system eliminates need for cabling or PC
Enroll and manage up to 90 users right at the reader using the hand-held programmer
Stores up to 90 user templates (both primary and back-up fingers)
No credentials required
No PIN means easier access for users
Offers the rigorous security of biometrics
Ideal for retrofit – upgrade proximity to biometrics in as little as 5 minutes
I recently had a retrofit application for a computer room door. The rest of the facility used networked controllers and traditional credentials. The IT manager decided he wanted biometrics for the Computer Room. He said it would be preferred if no credential or PIN would be required at the door in order to gain access, and only his IT staff would have access to the room.
Programming and enrollment functions are performed at the Zodiac Reader using the ZODIAC Hand-Held Programmer. The system is provided with five i-Button type bypass credentials which can be used for individuals whose fingerprints are not suitable, or just as a means to override the biometrics. Whether you use a finger or a fob, the ZODIAC produces a unique string of HEX data to your access control system, for logging, adding or deleting the individual, just as you would any other credential.
The Zodiac scanner continuously looks for fingers to authenticate. This produces a red stroboscopic light to emit from the finger scanner. The user simply places their finger on the scanner for quick access to the door or device being controlled.
I retrofitted two HID Edge Solo ES400 controllers to existing readers and electric strikes for a client last year, and they recently called and asked if I could upgrade one of the doors to use a keypad in conjunction with the HID reader.
The Essex PPH-PRO-103 Reader Keypad combines an Essex keypad with a specially designed HID reader to create a keypad/ reader that Essex offers separately or with a HID Edge.
The HID Edge is a pint sized access controller that provides network manageable access control which can be located right at the door being controlled. Some of the versions of the Edge are supplied with an integral HID Prox reader. So far I’ve used the ES400 Edge Solo, which is just the controller which can be paired up with your choice of reader.
With the HID Edge ES400, you add a reader, a power supply, and an electric locking device, and you’ve got an access control system. The HID Edge connects directly to a computer or a network. You connect to the Edge, configure and program it, then either leave it connected to the network and open the application to manage the system, or leave it on to view access activity in real-time.
You can also program in the credentials and then take you laptop with you when you go; and charge the client for a service call or service contract to return when a credential needs to be added or deleted. The clients for whom I have provided HID Edge are quite content to manage their own systems, and simply call when they need additional prox FOBs, or as was the case here, a system upgrade. I fabricated a custom backbox for the reader/keypad, and wired up the new reader/keypad same as the old reader.
We powered up, and the existing credentials still worked as anticipated. I told my client to pick out a PIN, enter it into the keypad and then press the # button. (Pressing the ‘#’ button sends the data string to the Edge. On the Edge Solo Activity Screen, the corresponding raw hexadecimal for that particular PIN is displayed. The customer then simply creates a user and applies that raw HEX as the credential and you’re done. The only constraint is the range of possible PINs.
PINs can be any length up to five digits and they cannot represent over 65,350. (So 6-5-3-4-9 is allowed, but 6-5-3-5-1 isn’t).