Comparison of Door Access Credentials

Posted on by Bob Mesnik

How Door Access Credentials Work

Access Control Credentials Illustration
Access Control Credentials Illustration

Door access control systems use various credentials to unlock the door. Credentials can include physical cards that we carry, a PIN number we enter, or even the physical aspect of a person (biometrics such as fingerprint or facial recognition).  This article compares the credentials that we carry. They are sometimes called keycards, prox cards, or smartcards.

The card or keyfob responds to an RFID signal from the door access reader and then provides the stored identification code. Each credential provides a unique identification number (ID number) to the door reader that identifies the card credential. There are several types of credentials. Older versions used Wiegand wires, magnetic strips, bar codes technology. Today we use contactless or RFID connections to the door readers. RFID cards are sometimes referred to as prox cards, smartcards, or mobile credentials (Bluetooth to the smartphone). There are various physical formats. For example, there are a thin card, thick card, or key fob format. Different credentials use unique data coding formats and frequency between the credential and the door reader. There are 125 kHz frequency, 13.56 MHz frequency credentials, and mobile Bluetooth credentials (Smartphone).

The Proximity type credentials (or cards) are passive, so they don’t have a battery. They rely on the power broadcast from the reader to turn on. The proximity (or “prox”) credentials use 125KHz frequency while the Smartcard or Mifare technology use 13.56 MHz. It is interesting to note that the industry defines the 125KHz version as a “Proximity card,” while the 15.6MHz cards are classified as “smartcards,” yet both types are contactless credentials that are activated when they are close to the reader (in proximity).

All the credentials have an embedded ID number that is read by the access control reader. The door readers are designed to “read” only certain types of credentials. Some door readers can read more than one type of credential, but you must be careful to select the compatible reader and credential.

There are other types of credentials, such as biometric credentials and PIN numbers. For a review of the security provided by various credentials, take a look at our article, “Comparison of Security Provided by Door Access Systems.

HID Proximity Credentials

hand card door reader

HID was established in 1991 as Hughes Identification Devices (HID). They have become a significant supplier of various credentials. Since they have a large market share, their credentials have become a pseudo standard for the door access control industry. They license their 13.56MHz iClass, MiFare, DESFire, and 125KHz Indala and Prox card technology. The result of the licensing increases the cost of these credentials.

Since the HID credentials are very popular, they can be read by many different door readers. The reader’s specifications have to indicate “HID compatible.” The readers tend to cost more because they have to pay a license fee to HID. There are other RFID credentials available.

HID offers different coding formats but mostly provide 26-bit coding. This coding includes room for facility codes and other information besides a specific ID number. When a 16-bit code is used for the ID, there are 65,535 ID combinations available.

When you order the cards, you can select what the card looks like, for example, the artwork and the material the card is made from (vinyl or PVC). You may want a thin card that fits in your wallet or one that is thick and has a slot for a lanyard.  You can tell the manufacturer the starting ID number of the series, and whether or not you want the number on the label. You also have the opportunity to add a facility code.

Proprietary Proximity Credentials

Proprietary proximity credentials are very similar to the HID type. They both use the 125 kHz frequency. The only difference is the protocol used between the credential and the reader. Since the transport coding is unique to a manufacturer, it is essential to pair the credential with the manufacturer of the door reader. When you order these cards you have similar options as described above.

If you are installing new door readers, then it will cost less to use the proprietary credentials and associated readers. If you would like to be compatible with other buildings in your organization that use HID type credentials then select the HID type readers and credentials.

Mifare or Smartcard Credentials

These credentials operate at 13.56MHz and use 128-bit code that provides a dramatic increase in the number of unique card IDs available as well as encryption.  The smartcard technology also offers additional security and capability. Besides ID information, the cards contain memory storage. The original MiFare cards were first used to keep track of transportation payments.

One important feature is data encryption between the credential and the door reader. This prevents hacking of the credentials. The encryption requires compatibility of the credential and door reader, so you can’t use an encrypted smartcard with any smartcard reader.

The MiFare card includes a number of bytes (8-bits) of data. There is encryption information, and data blocks included in the transmission. When you order these cards, you can specify similar options as described above. There is also an option for the amount of storage, but most door access control systems don’t make use of storage.

Mobile Smartphone Credentials

Bluetooth Mobile Credentials

Access control systems that use Mobile credentials use your smartphone instead of a card or other credential. A mobile credential is an authorization token much like a Prox card or keyfob.  The ID number is held in your smartphone instead of a card. That’s why we call it a mobile credential. Just like other types of credentials, it contains a unique number that can be used as the electronic key to open a door with an electric lock.

The smartphone can connect to a door reader using Bluetooth, NFC, or even WiFi. Bluetooth (BLE) is the most common type of communication used in the security market.

If you want to use your smartphone as the credential, you must select a reader that operates with the Bluetooth connected smartphone. Some of these mobile-enabled readers will support both proximity and mobile credentials. Door readers from Isonas and Hartmann Controls include the mobile credential capability.

How RFID Door Access Readers Work

Card reader concept
How the Card Reader Works

The RFID door readers use credentials that have embedded circuits and an antenna. The reader broadcasts a signal that is received by the credential antenna. The transmitted electrical signal from the door reader contains enough power to energize the circuit in the credential. Once the electric circuit in the credential receives the power, it sends back a signal to the access control reader that includes its identification (ID) number. For more details about this, read the article, How Door Access Control Works.

Biometric Credentials

A Biometric credential is an authentication using the metric of a person such as a fingerprint, vein pattern, or face recognition. The credential is the registered code associated with that biometric and is given a unique ID number in the access control system. Special biometric readers are required to detect the person’s characteristics.

Summary of Door Access Credentials

There are several types of credentials that are used to gain entry using an access control door reader. Thin cards, thick cards for lanyards, and keyfobs or even your mobile phone can be used for a credential. HID and other proprietary protocols are used to transfer the information from the credential to the reader. It is always important to make sure that the door reader and the credential are compatible.

If you would like help selecting your access control system, please contact us at 1-800-431-1658 in the USA, or at 914-944-3425 everywhere else, or use our contact form.