Problem Solver: The Evolution of Credentials

Aug. 3, 2015
No matter which method is in use, it is still important for the key system to be managed and controlled properly to avoid security risks. Over time, keys, FOBs and even phones are lost, employees leave and passwords are casually shared with those who are

For years, code books were only issued to licensed locksmiths who would use key codes to match a specific pattern of cuts on a metal key to a specific lock. Today, it is increasingly likely that the code for a “key” is stored on a computer that can encode access information onto a range of devices, from key fobs to smart phones.

As with traditional keys, there are varying levels of security provided by access control systems and it’s important to ensure the appropriate type of key is being used. A keypad can be a simple, elegant solution for low level security areas. These systems only require the user to know a passcode, which can be easily changed as needed, but also easily shared with others.

In facilities that require a slightly higher level of security, a keypad can be paired with an RFID or proximity reader, coupling something the user knows - a passcode - with something they have - a FOB or smart card. Smart cards can come in two forms: contact and contactless. Contact smart cards require insertion into or direct contact with a reader. Contactless cards are read when presented in “proximity” to a reader.

Another increasingly popular option utilizes apps to turn a user’s mobile phone into a key. Bluetooth technology allows the reader to recognize the user’s phone within a certain proximity and unlock the door. These products are considered to be slightly more secure than those utilizing a FOB or swipe card because users are far less likely to loan their cell phone to someone than a card.

At the higher end of the security spectrum are systems that use biometrics. These products use something that is unique to the user - typically fingerprints. Biometric identifiers cannot be stolen or loaned to unauthorized users, making them ideal for facilities that require high levels of security.

No matter which method is in use, it is still important for the key system to be managed and controlled properly to avoid security risks. Over time, keys, FOBs and even phones are lost, employees leave and passwords are casually shared with those who are not authorized to have them.

As a locksmith, you play a key role in helping customers establish key management and control. To determine if key control is an issue, ask: 

  • Can you identify who has keys to the facility—and exactly what openings

they have access to? 

  • How do you determine who should receive keys? 
  • How do you restrict certain areas of your facility? 
  • How many individuals are authorized to issue keys? 
  • What do you do if a key is lost? 
  • How do you manage key/card blanks? 
  • Is there a formal process for issuing new or replacement keys? 
  • How frequently are passcodes changed? 
  • How are keys retrieved when there are staffing changes?

Some facilities may simply need to improve their methods of key control while others may find that a more robust access control system is needed to help minimize security risks. As always, a thorough understanding of a facility’s security needs and challenges is the key to finding the solution that will work best for the end user.

Minu Youngkin is the General Marketing Manager for Allegion. For more information, visit allegion.com.