Forced Entry / Duress Access Tutorial

By: Brian Rhodes, Published on May 17, 2018

Even though access control normally keeps people safe, tragedies have revealed a significant issue. If users are forced to unlock doors for criminals, unsuspecting people inside are vulnerable. 

But 'Duress Access' is a common, although overlooked, access system feature to combat the threat.

In this note, we examine the duress options for common types of access readers:

  • Biometrics
  • Keypads
  • Card Readers

And we address how opening design, closed access areas, and physical layering adds strength to perimeter access control for such risks.

Criminals Force Users To Unlock Doors

In general, once entry is made and the criminal is able to enter a building, the primary security boundary keeping people safe has been breached.

Forced entry has been an entry path for criminals in several events, notably in 2015's mass shooting inside French tabloid 'Charlie Hebdo', where active shooters forced an employee holding her child to enter her door PIN code at gunpoint in order to gain access.

Once inside, they murdered 10 people. Armed Responders only arrived in force at the scene more than 30 minutes after the killers fled.

The overall risk includes less violent acts, including theft or burglaries, where armed bandits wait for unsuspecting users as they key in codes or present cards, only to force Tailgating into a facility to commit crimes.

Vulnerability Even In High-Security Deployments

Access control only works when credentials are protected and unable to be misused. Making sure the doors and openings are protected is not enough.

*** *******, ******** ******** at ******* ***** *** not * ****** ******, and *** *********** ****** up ******** *********** ***** **** ******** ******. *** ******** *** a ********* ****** ******* system *** * ********** security **** ********* ** a ******. ****** **** shooting ***** *** **** the ********, *** ****** grabbed ** ******** ** an ****** *** ****** her ** **** *** main ******** ** ********. From *****, **** *** unabated ****** ** *** inside.

** **********, *** ******** of '**** ***** ** done ***********?' ** ***** by ****, ********** ** those ******* ** * similar ****** ****** ** keep ******* *** **** away.

Access ****** ****** *******

** *** **** ** forcing * ******* ** open *****, ** ******** refusal *** ****** ** immediate ***********, *** **** seconds ** ******* *** response *** ** ****. ************* the *** **** ** Charlie *****, ********* ****** undo *******, *** ****** changes ** *** ******** system ***** **** ** the **** ***** ******** the ****** *** *********** lowered *** ****.

** *******, *** **** access ********** ***** ** be ********** ** ******** handle *** ***** **** a '******' ****** ** sent **** * ******. Even ** *** **** access ****** **** *** claim ****** *******, * custom **** ** ****** can ** ********** *** event *****-******* ******** ***** ******* ******* ********* ************* of * ****** *****.

** ********, *** ******** and ************* **** ***** a ********** *** ****** notifications ** ****** **** include:

**********

*** **** ********** *******, if ** ******** ** specially ********** '********* ****' fingerprint ** **** (**: the ****-**** ***** ****** than *** *****-**** *****), the **** ****** ******, but alarms *** ****** ** notifying ********/*********** ** *** system ******* **** ************ or **** ** ****** responders.

** ******* '******' *********** enrollment ** ***** *********'* ***************, *** *** ******* and ******** *** ******* to **** ********* ****** management ********:

** * ********, *** act ** ***** *** appear ** ********* **** what ** ******** ********, but ****** *** ******, officers *** ** ************ acting ** ******* ********* to **** ****** ** a **** ***** ** emergency *** ****.

*******  

******* ****** *** ********** as ***** *** ***** ******* ****, ******* *** *** of *** ******** ** configure *** ******. ** a **** ****** * special ****, **** ** an ********'* *** ** reverse *****, ** * two ***** '********* ****', the ****** ******* *** door, *** **** ****** and ******** ***** *********.

*****, ** * ********, the *** *** ****** no ********* **** ******, and ***** ***** ****** can **** **** *** or ***** *** ******** code *** ********* ** enter **********.

Card *******

*************, *** ** *** most ****** ************** ******* also *** *** ******* 'duress' ******** **************. **** ******* issue ***** ******** *****, one ***** ** '*********' card **** ******* *** same ** * ****** credential ***** *** **** triggers ********* ****** ** used. 

*******, **** *******, ****************'******* *' ********** *******, ***** ** a **** ***** ***** badge ***** ***** ** rapid ********** * '****** event' ** ********* *** may ****** ***********.

*******, ****-***** ******* *** ***** to ***** ******** ** extra ***** ** ***** of ******** *** *********, and ****** *** **** readers ******* ***** ** implement **** *** **** effectiveness ** ***** *******. 

Building ****** ******* ****** *****

*******, *********** *** ******* or ***** ***** **** specific ******** ** ******** the ********* ****** ** forced ***** ** ********.

* *** ** ****** time, ** ****** ***** occurs, ** ** **** more **** *** ********** exit *** ******* ** segregate ******. ****** ******* like ******** *** **********, *********** *** ******* internal ******** (**: ***** rooms, ********, ****** *****) with ********** ******* ****** can **** ****** ** unprotected ***** *** ******** emergency ********** **** ** potential *******.

Avoiding ***** ***** ** ********

********** ** *** ****** or ****** ****, ******** managers *** ********* ****** absolutely ***** ********* *** true ********** ** *** systems **** ******.

****** **** '***** *** victims' *** *** ************ a ******* ***, *** lesson ** *** ** misgauge *** **** ********** value ******* ** ****-**** security *******. **** * modern ****** ****** *** not ****** ** ******** all ***** *** ******* Hebdo *** **** ** duress *********, *** ********* may **** **** **** even *****.

*** ***** ****** *** security ******** *** **** assessment ******** *** ** evaluate ********** ************ **** current *** ******** *****.

Comments (3)

Undisclosed Manufacturer #1

05/21/18 04:41am

I brushed past this and decided to read it.  We used to sell duress as the “security between the outside and the inside”.

Although it has been problematic for people to remember how to use it on that rare occassion, and more often the creation of a false silent alarm due to the methods used such as changing the last digit by one up or down.

Added to that is the common requirement for no verification by the dispatchers.

Of course, how many alarms use the years 1950 to 1999 for codes still or the default 1234!

Undisclosed #2

IPVMU Certified | 05/21/18 03:10pm

Again, to a criminal, the PIN may appear no different than normal, and users under duress can even give out or share the alarming code for criminals to enter themselves.

Pro tip: Always try PIN in reverse first...

Robert Shih

Independent
05/25/18 06:36pm

I'm beginning to wonder if duress reactivity should involve some sort of force based response mechanism. What better way to put down animals like that than by a machine?

Maybe I'm being extreme. Maybe I'm politically biased and driven by my complete anti-religiousity. However, the Charlie Hebdo incidents are among the most infuriating in respect to terrorism and Islam in general.

Speaking of which, are there any interdiction systems that are effective and readily available through proper channels that are worth talking about for a commercial (non-industrial) application?

Read this IPVM report for free.

This article is part of IPVM's 6,534 reports, 880 tests and is only available to members. To get a one-time preview of our work, enter your work email to access the full article.

Already a member? Login here | Join now

Related Reports

Keypads For Access Control Tutorial on Jul 28, 2020
Keypad readers present huge risks to even the best access systems. If...
Forced Door Alarms For Access Control Tutorial on Aug 17, 2020
One of the most important access control alarms is also often ignored....
Exit Devices For Access Control Tutorial on Aug 25, 2020
Exit Devices, also called 'Panic Bars' or 'Crash Bars' are required by safety...
Drain Wire For Access Control Reader Tutorial on Sep 23, 2020
An easy-to-miss cabling specification plays a key role in access control, yet...
Door Fundamentals For Access Control Guide on Aug 24, 2020
Doors vary greatly in how difficult and costly it is to add electronic access...
AHJ / Authority Having Jurisdiction Tutorial on Aug 06, 2020
One of the most powerful yet often underappreciated characters in all...
Access Visitor Management Systems Guide on Jul 22, 2020
"Who are you, and why are you here?" Facilities that implement Visitor...
Face Masks Increase Face Recognition Errors Says NIST on Aug 04, 2020
COVID-19 has led to widespread facemask use, which as IPVM testing has shown...
Free Online NFPA, IBC, and ADA Codes and Standards 2020 on Sep 03, 2020
Finding applicable codes for security work can be a costly task, with printed...
Verkada Disruptive Embedded Live Help on Sep 24, 2020
Call up your integrator? Have someone come by the next day? Verkada is...
Mobile Access Control Usage Statistics 2020 on Sep 21, 2020
Most smartphones can be used as access control credentials, but how...
Add Door Operators To Fight Coronavirus on Mar 31, 2020
IPVM recommends that integrators advocate and end-users consider adding door...
Remote Network Access for Video Surveillance Guide on Jul 27, 2020
Remotely accessing surveillance systems is key in 2020, with more and more...
Help Security End Users Facing Coronavirus Improve Remote Access on Mar 24, 2020
Many end-users and integrators are struggling with the impact of coronavirus...
Verkada Access Control Tested on Sep 09, 2020
Verkada raised $80 million earlier in 2020, expanding from video into access...

Recent Reports

OnTech Smart Services Partners With Google and Amazon To Compete With Integrators on Sep 25, 2020
A pain point for many homeowners to use consumer security and surveillance is...
The Future of Metalens For Video Surveillance Cameras - MIT / UMass / Immervision on Sep 25, 2020
Panoramic cameras using 'fisheye' lens have become commonplace in video...
Hikvision Sues Over Brazilian Airport Loss on Sep 24, 2020
Hikvision was excluded from a Brazilian airport project because it is owned...
China General Chamber of Commerce Calls Out US Politics on Sep 24, 2020
While US-China relations are at an all-time low, optimism about relations...
Verkada Disruptive Embedded Live Help on Sep 24, 2020
Call up your integrator? Have someone come by the next day? Verkada is...
IP Networking Course Fall 2020 - Last Chance - Register Now on Sep 23, 2020
Today is the last chance to register for the only IP networking course...
Drain Wire For Access Control Reader Tutorial on Sep 23, 2020
An easy-to-miss cabling specification plays a key role in access control, yet...
Norway Council of Ethics Finds Hikvision Human Rights Abuses "Ongoing" on Sep 23, 2020
Hikvision's involvement in "serious human rights abuse" in Xinjiang is...
IPVM Camera Calculator User Manual / Guide on Sep 23, 2020
Learn how to use the IPVM Camera Calculator (updated for Version 3.1). The...
Installation Course Fall 2020 - Save $50 - Last Chance on Sep 22, 2020
This is a unique installation course in a market where little practical...
SimpliSafe Business Security Launched Examined on Sep 22, 2020
SimpliSafe has launched "SimpliSafe Business Security" that the company...
FLIR CEO: Many New Fever Entrants "Making Claims That The Science Just Won't Support" on Sep 22, 2020
FLIR's CEO joins a growing number calling out risks with fever / screening...
China Bems Temperature Measurement Terminal Tested on Sep 22, 2020
Guangzhou Bems (brand Benshi) is the manufacturer behind temperature...
Axis Exports To China Police Criticized By Amnesty International on Sep 21, 2020
Axis Communications and other EU surveillance providers are under fire from...
Milestone XProtect on AWS Tested on Sep 21, 2020
Milestone finally launched multiple cloud solutions in 2020, taking a...