Favorite Access Control Credentials 2020

By Brian Rhodes, Published Sep 15, 2020, 09:14am EDT (Info+)

Credential choice is more debated than ever, with hacking risk for 125kHz and coronavirus driving demand for touchless solutions, what credentials would be the favorite?

IPVM Image

More than 150 integrators told us their preferred credential format, their answers from options including:

  • 125 kHz
  • 13.56 Mhz
  • Biometrics
  • The Cheapest Option
  • Mobile
  • Others (e.g. PINs, QR Codes, Magatripes, etc.)

Inside we break down the results, comparing the market changes to our 2018, 2016, and 2014 results.

Credential ******

*** **** ********* **** **.***** ** a *********:

IPVM Image

****** **** *** **** * ***** are ***** ** *** ***** *****:

IPVM Image

Summary ** *** ********

  • ****** *********** ******* ** *** '*********' list **** **** *% ** *** votes, ****** ******* ********** ***** *** been ******* *** **** **** * decade.
  • *** *** ******* *******, ****** **% of ******** *****, **** **% ** now **% ** ****.
  • **.** *** ***** ****** ****** ** 63.5%, ***** ******** *** *** ******** even *******.
  • ********** ****** ** *******, ********** ******** to *%, *** ************* ****** **** in ****.

Preference *** *********** *********** *******

**** **** **% ** *****, *********** credentials***** **.** *** *** *** *** RFID ***** ****** *** ********* ******** type.

***** ********** ** *** ***** ********* exist ***** ****** *****, *** **** common *** **** ******* *** ****** 125 *** ** **.** ***. *** reference, *** **** *****-********* ******* ****** names *** *** ********* **** ***:

IPVM Image

*** ****, ********* ** *********** ** how ***** ******* *******, ***** ******** weaknesses, *** *********, *** ************** ****** *********** *****.

13.56 *** ******* *** ********* ** "******"

*** **** ****** ******* ****** **.** MHz *******, ***** ************ ********* ** their '****** ********' ******** ** *** kHz.

***** *** **** ** ******* *** cloning ***** ***** *******, ************ ** our**** **** ****** ******* **** **** $30 *** ****** **** ******, **** *********** *** **** **.** MHz **** *****, **** ******* ****** they ** ** ***********:

  • "** **** ***** ** ****** *** our *** ******** ** *** **.*****. The **** ****** ** *** ******* security."
  • "**% *** *** **.** *** ** better ********"
  • "**.** ** **** ****** *** ***'* prone ** ******* **** * $** Amazon ******."
  • "**** **** ***** ***** ** ****** as * **** ****** **** **********. About **% ** *** ******** *** iClass."
  • "**.***** - **% *** ** ******** concern ***** ********* *** ** ******."
  • "***% ** **.** *** ** *************."
  • "*** ******** * **** ********** ** I ***** *********** **% *** *** / **% **.** ***."
  • "** *** *** **** **** **** Prox *** ** ***** ******* ** be ******."
  • "*** ******, ** *** ********* ********** new *******, *** ****** ** *** ones, *** *** ******** ****** **** Prox *** ***********."
  • " **.** *** -***% ** ********* purchase ****** ******* ** ** **** secure *** **** ****** ** ********* credentials."
  • "**% ******"
  • "**** *** *** ***; **** *** 13.56; ** ** **** ******"
  • "*** *** *** ***** **** **.*****. No ****** ****** *** ** *********** being ****** ******"
  • "** ****** **.** *** *** ** security *******"
  • "*** ** *** ******** *** ******. We ******* ** ** *** ******** a *** ***** ***. ** ***** to ********* ****** ********* ***** **** security."
  • "**% **.** ***. *** **** ***** specified *** **** **** ******."
  • "prox."
  • "** ****** ** *** **.***** ****** as ** ** ****** ** ** more ******."
  • "******* *** ******** *******."
  • "**% *** **.** ***** *** **** secure."
  • "**% ** ****** *** ** ******* security *** *** ******'* *************"
  • *** *** ****** *** ********
  • "***** ******* ***** *** ******, ***** have * ***** ****** ***** ******"
  • ">*% *** ******, ******** ** ***** and ***'* **** * **** ** change"
  • "** **** **** ******* *** ****** on ****** *** *** *** ******** are **.**."
  • "*** *** ******** *** ***** **.**; only ********* ** ********, ***** ******* are ***** ***** *** ****."
  • "**** ******** *** ***** ***** ******, but ** *** ** ***** ** smart ***** ** ***** ** ********."
  • "***** *** ***** * ******* ** legacy ********* *** **** *** ******** to ***** ***********."
  • "** **** **** *** *** *********** for *** *******."
  • "**** ** *** ******* **** ****** systems. ** ***** ** **** **** to *** **** ****** *******."
  • "* *** ** ********* ******* **** a **** **** ** ***. ** always ********* ********* ** *-***** ** MiFare *** ********* *** *********** ********** of ********* ******** ** *** *****."
  • "*** **** ******* ** **** **** use **** *** ********* **** **** too **** ******* ** ****** **** at **** *** ** *** ****** phasing **** ***."
  • "** ******* ******* ******* **** **** can **** ******, ******* *** ******** requests **. **** ******* ** ******* their ***** ***** **** ***** ******* that **** *** ******** ***** * card ***."
  • "all *** ****** *** *** ********* who ****** **, ***** ***** ******** of *** ******** *****."
  • " *** ********* ******* **** ****** or **** * ****** ***** ********** with *** ******* (*** ******* *** station, ******** ****** ******* ...)"
  • "**** *** ******, *** ****** ****** and **** **** ***** ****...."
  • "*% ******, **% **.*****. **'* ****** due ** ******** ********'* *** ******* to ** ******* *** ********* ******* since * ******** ******* **** ****** prox *******."

Cost ** ******* *********** ******

**** *********** ***** *** ******** *********** in ****** **** **** *** *** comes ** * *****.

** ******* *****, *** ****** **** discourages ***** **.** *** (** ***** credentials) ****** ******* ** *** ****** in ****** *** *******, ******-****** *****, and *** *********** ****** ** ********* groups ****:

  • "***** ** * ********* **** ** ROI ** ***** **** ** ****** in *** ******* *** ***********. **** do *** **** ***** ** * significant ******** **** ** "**** *** course"."
  • "***% ******. ***** ** ****** ** too ****"
  • "***% **** ** *** **** * customer ****** **** ** *** *** cheapest."
  • "**/** **** ** ********* *** ********* readers ** *** **** *** *** existing *******."
  • "** ***'* *** ** **** ****** credentials ** ***. ** ******* **** for ****, * ******* **** **** an ****** **** ** ********* *** selling **** ** *** **** ***** as **."
  • "**% ****** - **% **.***** *** to ****, **** ********* ***'* **** to *** *** *** ****** ********."
  • "************* **** ** ******* * ****** in ******* **** ******** ****."
  • "**/** **** ****** ***** ****** ***** a ******* **** ** *******."
  • "********* *** **** ***** ** *** flaws ** ****** (****** ******, ***.) but **** **** ********* ** *** costly *** ************."
  • "**% *** ******, *** ** *** aiming ** ** **** **** ****** formats ** ****** ****. **** ** the ******* ******."
  • "**** *** ****** ******* ******* *** averse ** *** ***** ** **.*** and ***'* *** ** ** * big ******."
  • "**/**. **** ****** ********* *****."

*** * ****** ************* ** *** options ** ****** ********** *******, *** the ***** ******** ** **** ******, see******* ****** ****** ******* ********* *****.

Biometrics **********/ ***** ******

** *** '***********' ***, ***** ****** tech **** ****** *** ********** *** gains, ********** ************* ****** **** ******** levels **** **** ***** ******, ** to *% ******* ** '********' ** 2020 **** *% ** ****.

***********, *** *********** *** **** ********* methods ** ******* ********** ******** * reader ** ***** ** ** **** creates * **** *********** ***** *** many, ********* ******** ************ *** ****** operational ***** ** * ******.

******, *** **** ** ****** ** discussions, *.*.,**** *********** **** *********** *******?, ******** ** *********** *** **** risky ********** *****.

Where ** **** ***********?

******* ********** ***** *********, ********* **** recognition ******* * ****** ********** **** is ******* *** * ********* **** used ** ***********.

******* *** ** ******** ********, ******** concerns,************* **** *****, ** **** ****, **** *** just *** *********** **** ****** *********** in ****.

Mobile ******

****** ****** ** *******, ********** ***** worries ** *********** ************, '*********' ****** solutions **** ******** *** ******** ** many ******* *** ********* **** ******** contact ****.

** ******* ********* ********** *** ***** for ***********, ****** **** ********* ****** resellers ********* ******* / *** **** traditional *****, ****, *** '***-******' ******* do ***:

  • "** **** *** **** *** **** requests *** ****** *************, ***** **** offers ****** ****** ** ********. ****** also ***** ** ** *********** ** gain **** *** ** * ****, so ** ** *********."
  • "** *** ********* ********* ******** ******* to **.***** *** ****** ****** ** we *** **** ** ****** ***** exercise."
  • "** *** ** **** ** *********** grade *** ***** *** **** **** Bluetooth *** *** ****, **** ****** MiFare ** ********* *** ****** ****** used"
  • "******* *** ** *** ******** *** also ********* ****** ***********."
  • "*** ** ********* ***** ** ******** systems. ******** *** ** **.** ** Mobile."

*** ****'******* ****** ******* ************** ****** ******* *********** **** ** **** *******.

** **** ******* *** ****** ** mobile ****** ** ******* ****** ** an ******** ****** ********* '** *** past ****, **** ********** ** *** openings/doors *** ****** *********** *** ***?'

Comments (6)

  • "<1% Friends don't let friends use prox."

Is this saying 99% of token holders share their credential?

Agree
Disagree
Informative
Unhelpful
Funny: 2

The issue as mentioned in a few points above is that for the majority of clients there is no real world risk even if someone does clone a card & at the end of the day you can probably tailgate all day in those institutions if you really wanted to.

Someone clones a card and can now get into your building - why would they want to do that ? what does it matter if they do ? - thats the decision process for those clients when faced with substantial costs to change from 125Khz

If your the type of institution where that would be an issue, then you're probably not using 125Khz anyway?

Agree
Disagree
Informative
Unhelpful
Funny

Someone clones a card and can now get into your building - why would they want to do that ? what does it matter if they do ? - thats the decision process for those clients when faced with substantial costs to change from 125Khz

Considering there has already been (perhaps significant) money spent to put access control on the door, using a tech so easily exploitable seems to render it a waste of money.

Agree/Disagree?

Agree: 1
Disagree
Informative
Unhelpful
Funny

Hi Brian - I would agree, but my point was more that if you have legacy 125Khz - its a commitment to change it and the actual risk / consequences would be part of the decision process. No one in their right mind would install 125 Khz on a new install.

Also as distributor #3 notes - just going to higher frequency doesn't automatically give you a lot more security if the client is only using for example single DES encryption which has been deemed insecure since 1999 & triple DES is now hackable - albeit only with some significant investment in technology.

Agree
Disagree
Informative
Unhelpful
Funny

Hi Guys, great post but the format table is mostly a list of card technologies or proprietary technologies, not card formats.

Formats exists on the card as data and the technology is used to transmit this information to the reader.

Agree
Disagree
Informative
Unhelpful
Funny

We did not specifically ask which formats are being used, but categorially which type of credential they prefer. This chart was included to help the casual reader to 'make the jump' between tech frequency and card/credential formats:

IPVM Image

Agree
Disagree
Informative
Unhelpful
Funny
Login to read this IPVM report.
Why do I need to log in?
IPVM conducts reporting, tutorials and software funded by subscriber's payments enabling us to offer the most independent, accurate and in-depth information.
Loading Related Reports