printer friendly version

Preventing biometric breakdown

Michael Horvitch, technical advisor at Regal Security, discusses some solutions for preventing biometric reader tampering and destruction.

The past few years have seen a steady increase in the demand of biometric readers for access control systems. The reasoning is simple, if a person’s fingerprint is not registered on the system then he cannot open the door. There are no cards or keys to be lost, stolen or duplicated. There are no PIN codes that could be given to somebody else.

While the above is true, it is only true when people are using the system as intended. Criminals are only concerned with gaining access, not with following rules. They will try anything to find a way in.

A common scenario is to have a fingerprint reader at the main access to a building. The relay inside this reader is then wired up to control an electronic lock. Simple, quick, cheap.

But, what happens if this reader is broken off the wall? All the wires are exposed, and the would-be intruder just has to cut or short the correct wires to unlock the door. And most readers are made of plastic and held closed with one or two screws that can be easily removed. Often, neither the installer nor the client realise the risks of a seemingly secure installation, until the worst happens.

Securing security equipment

Fortunately, there are ways to secure this installation. Firstly, many fingerprint readers have anti-tamper sensors. These can, and should be wired up to some sort of warning system such as a siren in the security office, or a zone on the alarm panel. This will not prevent people from vandalising and overriding the system, but it will ensure a speedy reaction to deter or apprehend the intruder.

The second step would be to connect the fingerprint reader to a proper access control system. Most biometric readers have a Weigand output. This is an industry standard communication protocol for readers to communicate with access control systems.

Most access control systems have Weigand inputs. The reader now no longer controls the electronic lock. All the reader does is send a user ID code to the controller. The controller then makes the decision about this user and decides whether or not he can enter. The controller then switches the lock if access is granted. The controller is securely located inside the premises and nobody can gain unauthorised access to it. If the reader were broken off the wall, the intruder could cut or short wires, but this will not activate the lock.

Companies offer various controllers that can control one, two, four or eight doors. Multiple controllers can then be linked together to control any number of doors on a premises. Software packages would even allow one to expand this system nationally or internationally. And the humble fingerprint reader can be linked to these controllers just by a simple, yet secure interface.

When specifying an access control system, a proper access control backbone should always be included in the quote. Biometrics on its own is not always secure.

Share this article:

Further reading: