Home :: Wireless and Biometric Locks

Wireless and Biometric Locks

Biometric Locks

Biometric locks can sample a user’s fingerprints, iris, or use facial recognition technology to allow access to known users. Frequently, they offer convenience in exchange for security. Lower end biometric locks can be easily bypassed or fooled on the biometric sample. Biometric locks are often made by electronic companies who may not have a focus or history dealing in physical and mechanical security. Lower end biometric locks are frequently made with plastic or non-reinforced components, making them vulnerable to direct physical attack. These facts can lead to easy destructive or non-destructive attacks on the locks themselves. There have been many examples of biometric systems being fooled with pictures, gummy simulants, and direct mechanical bypass.


In many cases, higher end biometric locks can offer decent security. However, they generally do so at a much higher cost than a mechanical equivalent, and with far more user frustration. Higher end biometric locks can cost several thousand dollars and require proper configuration for the best security. With all biometric locks there is a degree of tolerance that is allowed between the known valid users and the sample being compared against. This error margin is due to the fact it is rare for a biometric sample to be read the exact same as the original sample. Environmental attributes, pressure, lighting, physical damage, alignment, and aging can all effect a user’s biometric data. The larger the allowed error margin, the less exact a user must be when trying to authenticate, the quicker the system can work, the smaller the chance of a false negative, and the better the user experience overall. However, the larger the error margin, the less secure the system is and the more likely it is to be fooled by non-authentic samples. In order to reduce user frustration, biometric systems are often configured with too much room for error, and without true realization of the security compromise being made.
 

Wireless Locks

Wireless, SmartCard, or RFID (radio frequency identification) systems are also becoming more popular in both residential and commercial environments. Wireless security systems are generally composed of two or more parts: a reader or receiver, and a card or chip that can be read. Readers are almost exclusively continuously powered and attached to the building or door they are used on. The card that is read can frequently be a passive device that is not self-powered. These cards can give off a non-changing identification number that is easily cloned or copied. Specialized hardware can be purchased online for less than a few hundred dollars, and even some modern cell phones can easily clone these sorts of cards. Higher end cards have cryptography embedded in the cards themselves in order to make them harder to clone (MIFARE and similar). However, many of these systems have already been cracked to allow cloning and are also frequently vulnerable to relay attacks allowing an attacker to authenticate when the user’s card is not near the actual receiver. In addition, it is extremely rare for any wireless security system to remain reasonably secure over a decade or more. Mechanical high security systems are frequently reliable for much longer periods of times. Higher end systems also incur a higher cost per user and per device or door that is used for authentication. Cards featuring integrated power (batteries or similar) can frequently use much more complex cryptography, however they can still fall prey to compromise or hackers.

 

Wireless and Biometric systems can have a much higher upfront cost to implement when compared to similarly secure mechanical systems. There are many wireless and biometric products out there and many of them are quite well suited for the needs of some businesses and users. Any dealer will be happy to explain the benefits of these products but they may not outline some of the potential security issues that exist. Customers looking for electronic access control may also be interested in the Abloy Protec2 Cliq system. It is a hybrid electromechanical lock system that combines the benefits of an electronic access system with the added security of a fully mechanical lock.