ARE READERS BECOMING OBSOLETE

As we all know, one of the latest trends in Physical Access Control (PAC) is replacing cards with smartphones. This trend seems very natural. Why would we need cards when we already carry much more capable identification token with us, our smartphone?

The card reader manufacturers are adapting by releasing new generation of readers, capable of reading NFC equipped smartphones, where the phone is emulating a RFID card. Some manufacturers (notably HID) are expanding both the reading range and the choice of smartphones by adding Bluetooth communication to their readers. (NFC is supported only by some Android phones.)

READERLESS ACCESS

But why stop there? Once we start using smartphones instead of cards, why would we still need card readers? Well, there are two immediately apparent reasons:

1. COMMUNICATION– The reader is wired to the system, providing it with the user credentials to be validated.
2. LOCATION– As the location of the reader is fixed, it is inherently known to the system. In other words, the system knows which reader is connected to which door.

The readerless access idea is simple: Let’s turn the roles around and use the smartphone for the communication with the system! Once the phone takes over the communication role, the smartphone location can also be communicated to the system. No need for readers, right?

Let’s not get carried away too quickly. Let’s take a closer look at what the possible obstacles might be, and if there is any workaround:

COMMUNICATION

In order to communicate with the system, the phone needs to be online. And they normally are, aren’t they? So far so good.

But there is more. In order to validate the credentials and open the door, the PAC system itself needs to be online. Offline controllers won’t do. Do we have a show stopper here?

Not really. Fortunately, there is a strong trend towards fully online PAC systems. Online credential validation is becoming the new norm. Traditionally, the vast majority of PAC systems were based on offline controller based validation, with periodic credential synchronisation. More recently, the offline capability is becoming more of an emergency backup solution in case of a communication failure. So we dare to say that these days controllers are normally online. Check!

LOCATION

It could be argued that smartphone location is not accurate enough to distinguish between individual doors in a building. Especially in buildings with many floors and densely packed doors.

Luckily, even in this worst case scenario there is light. A normal user would have access rights for a handfull of doors at the same location, not for all doors. If the location is not accurate enough to distinguish between these few doors, there is a simple workaround – the user can select the right door from a short list. Remember, we are using the smartphone app now!

Let’s stick a bit more to the worst case. What about heavy users, such as janitors or security officers? They could have a much longer list of doors to choose from, no doubt. Even if there was nothing we could do about it, we could accept the long list handling as a reasonable trade-off for such special users. However, we can do something about it. Actually, it’s been already done.

The good news is that smartphone location is becoming increasingly precise through exploiting various microlocation techniques, such as sophisticated Wi-Fi and Bluetooth detection. The location technology does not use just GPS, and it is not limited to outdoors, as some still believe. The use of Wi-Fi and Bluetooth is providing increasingly accurate location, also indoors, sometimes even better than outdoors.

So the likelihood of having to choose from a long list of doors is actually quite small. In many cases, we can expect the location to be spot-on, all we have to do is press the button “Open”. Check!

OK, SO ARE READERS NOW OBSOLETE?

With both communication and location challenges checked off, what does all this mean for good old badge readers? Are they going to become obsolete? Well, probably, sooner or later, yes!

Shocking as it is, especially for the reader and card industry, it will not happen overnight. The good news for the reader industry is that there is a huge installed base of readers and badges which work well and will work well for many years to come. Readers are reasonably secure, they work also offline (most of them), they are fast and reliable, and some of the latest models will even work with smartphones instead of badges.

So we won’t be seeing many readers being thrown away quite soon. What we will be seeing is readerless access becoming increasingly interesting supplement and eventually an important alternative to readers. Ultimately, cards and card readers will meet their fate, just like fax machines did. Nobody really uses them any more, but they can be still found in many offices, just in case.