Time & Attendance Tutorial

By: Brian Rhodes, Published on Jul 18, 2013

Access Control is useful for more than unlocking doors. One of the best features is also rarely used: Time and Attendance logging. However, selecting the 'same old' door readers for can open several vulnerabilities to abuse. In this note, we look at Time & Attendance Readers for Access Control, describe what features they should have, and what problems arise if they are not properly implemented.

Time Logging is Central

One of the most powerful features of EAC is the time/date stamp associated with every event in a system. Not only do systems log when door opens, they also record whose credential was used to open them, typically down to the second.

Time Logging makes it possible to 'track' a user's movement through a system, and provide a concrete record of where a person was at a given time. These logs have even been used to solve murders and otherwise establish presence at certain times with high precision.

Time Clock Function

With relatively minor adjustments, most EAC systems can use 'time logging' with time clocks

Many workers are paid an hourly wage. Clearly establishing when they start their job and when they stop working is crucial, as 'time' is indeed 'money'. Capturing this time has traditionally been the function of precise clocks, where workers insert cards to have a the time indelibly punched out on a given day. Indeed, "punching the timeclock" is a common saying.

However, the method is not problem free. First and foremost, abuse is a risk, where an employee punches more than only his/her card. This type of fraud is at the forefront of many HR and Corporate issues. Many seek to eliminate this risk/temptation entirely. While time clocks are primarily intended to protect the employer, the employee also benefits from having a clear record of attendance to lean on when calculating paid vacation days, sick days, or overtime pay.

Using the EAC system for Time & Attendance often means setting aside separate readers for the sole purpose of recording 'In' and 'Out' entries in the system. Once a pay period closes, a report is created listing activity on these two readers, summing the 'In' periods and subtracting the 'Out' intervals leaving an accurate record of attendance.

Get Notified of Video Surveillance Breaking News
Get Notified of Video Surveillance Breaking News

Multi Factor Makes Sense

In order to avoid the pitfall of 'buddy punching' (a risk EAC systems normally call 'passback'), Time and Attendance readers should feature multiple authentication factors, including fingerprint or palm readers. This 'extra authentication' ensures that no one can casually misrepresent themselves as another person.

Most modern EAC Time & Attendance readers feature biometrics, typically resembling the examples below:

These style of readers are sometimes sold as 'standalone' timeclock systems that require no EAC system interface, but this increases cost when connecting them with access headends. EAC systems simply need an interface to collect this data. General biometric access readers can be used in this role successfully (e.g., see our 3M/Cogent's MiY Touch note for example).

Payroll Integration

When EAC platforms market 'time and attendance' function, this is frequently more than generating custom reports. Many EAC systems will format data so it can be manually exported into payroll systems like Kronos or Sage. However, this is typically a manual process, and accounting or payroll staff require instruction on the access platform to collect reports. The screenshot below show shows Paxton's default export screen of Time and Attendance data:

In other cases, 'Time & Attendance' function may be based in the Access Platform, but an additional 'payroll module' is added to the platform for direct integration. This additional software becomes the default payroll platform, so adoption in large systems may need approval from 'non-security' stakeholders.

Common enterprise-grade platforms offer additional 'software module' solutions, including:

Costs

Readers: You could simply use a regular card reader but if you want to avoid buddy punching, time and attendance biometric readers range between ~$300 and ~$2000 each, with high-accuracy optical fingerprint readers costing around $700 each. (See our report on fingerprint readers for more detail.) Multiple readers may be required for large sites, and expanding the EAC system often includes adding controllers or interfaces to support those readers.

Basic Software: General costs to add a Time and Attendance module range from 'free' upwards of ~$3000. Many platforms offer a 'no additional cost' timeclock functionality to their basic system, but the data must be manually incorporated into a payroll platform. 

Advanced Software: 3rd Party software / integration module provides more automated interface, but typically costs between ~$500 and ~$3000, generally depending on the size of a company's employee roster and number of sites data is collected. For most enterprise access systems, these modules cost about ~$1,000 each.

What are the Risks?

While using EAC to host time clock function can be advantageous, it is not without risks:

  • Clock Drift: In effect, the EAC system clock serves as the payroll clock. While a variety of solutions for syncronizing/standardizing time exist, such as NTP Servers and central data clocks, differences between EAC and other timepieces can create significant problems. When EAC is used for Time and Attendance, keeping system time in sync with the local standard time is vital.
  • Single System Breakage: Or rather 'Putting all your Eggs in One Basket'. As a matter of redundancy, if your EAC system drops offline, so does your Time Clock. Why hiccups in granting access through offline doors can often be solved by issuing mechanical keys, no simple solution exists for Time and Attendance failover. You might want to have an older manual timeclock as a backup, just in case, and for the time the system is offline, manually reconcile the timeclock entries.
  • Passback Conflicts: For access systems using 'Anti-Passback' controls, logic discrepancies can cause low-level conflicts with Time Clock readers. If an employee 'scans In' to the timeclock, and then immediately 'scans In' to a normally secured door, the EAC system may generate an alarm or deny access unless the timeclock reader is isolated from passback rules. Given the large number or doors across multiple sites, or large populations of employees in a single system, these sort of errors can be common and hard to troubleshoot.

What are the Benefits?

However, it makes good business sense to use EAC to host 'Time and Attendance' function, including:

  • Less to Buy, Maintain: While a single system can be a weakness, it can also be efficient. Many facilities prioritize the upkeep of facility access systems, and issuing a credential for access also means it can be used for payroll. The investment in one facility system can be leverage by another.
  • Expanded Security Controls: In normal use, if an employee has a security credential revoked in an EAC system, they immediately become invalid in the payroll system. In addition, tying the two systems together can prevent an unauthorized employee from gaining access to an 'Time In' reader before an allotted shift and help manage overtime payouts, and payroll hour allocations are enforceable by physical access controls. 
Comments (7) : PRO Members only. Login. or Join.

Related Reports on Tutorials

Lens Focal Length Tutorial on Jul 10, 2019
3mm, 6mm, 2.8 - 9mm, 5 - 50mm, etc. Camera specifications often list lens lengths but what do they mean? These metrics are important in...
Subnetting for Video Surveillance on Apr 30, 2019
This guide explains when subnetting is used on security networks, and how it works. We explain how to add or remove IP addresses to your range,...
Door Operators Access Control Tutorial on Apr 17, 2019
Doors equipped with door operators, specialty devices that automate opening and closing, tend to be quite complex. The mechanisms needed to...
Pole Mount Camera Installation Guide on Apr 11, 2019
Poles are a popular but challenging choice for deploying surveillance cameras outdoors. Poles are indispensable for putting cameras at the right...
ONVIF Video Surveillance Tutorial on Jan 29, 2019
ONVIF is well known within the surveillance industry as an interface to connect IP cameras and VMS systems. However, new users may find it...
Access Control Turnstiles Guide on Jan 28, 2019
Turnstiles control pedestrian access to secured areas, essentially becoming moving portions of fences, walls, or barricades for physically stop...
Cable Trenching for Surveillance on Jan 21, 2019
Trenching cable for surveillance is surprisingly complex. While using shovels, picks, and hoes is not advanced technology, the proper planning,...
H.265 / HEVC Codec Tutorial on Jan 08, 2019
H.265 support improved significantly in 2018, with H.265 camera/VMS compatibility increased compared to only a year ago, and most manufacturers...
Building Occupancy Codes and Access Control Tutorial on Nov 01, 2018
A building or room's classification can greatly impact which building codes must be followed. In terms of access control, these 'occupancy codes'...
AHJ / Authority Having Jurisdiction Tutorial on Sep 27, 2018
One of the most powerful yet often underappreciated characters in all of physical security is the Authority Having Jurisdiction (AHJ). Often,...

Most Recent Industry Reports

Dahua 4K Camera Shootout on Aug 20, 2019
Dahua's new Pro Series 4K N85CL5Z claims to "deliver superior images in all lighting and environmental conditions", but how does this compare to...
ZK Teco Atlas Access Control Tested on Aug 20, 2019
Who needs access specialists? China-based ZKTeco claims its newest access panel 'makes it very easy for anyone to learn and install access control...
Uniview Beats Intel In Trademark Lawsuit on Aug 19, 2019
Uniview has won a long-running trademark lawsuit brought by Intel, with Beijing's highest court reversing an earlier Intel win, centered on...
Verkada People And Face Analytics Tested on Aug 16, 2019
This week, Verkada released "People Analytics", including face analytics that they describe is a "game-changing feature" that "pushes the...
Dahua OEM Directory 2019 on Aug 16, 2019
US Government banned Dahua OEMs for dozens of companies. The following directory includes 40+ of those companies with a graphic and links to...
Installation Course - Register Now on Aug 15, 2019
Register Now for the September 2019 Video Surveillance Install Course. This is a unique installation course in a market where little practical...
Axis Suffers Outage, Provides Postmortem on Aug 15, 2019
This week, Axis suffered an outage impacting their website and cloud services. Inside this note, we examined what happened, what was impacted...
Hikvision Scrutinized In The Netherlands on Aug 15, 2019
Hikvision is facing unprecedented scrutiny in the Netherlands, at the same time the US government ban has taken effect. This week, a Dutch...
Axis 4K Camera Shootout 2019 on Aug 14, 2019
Axis' 4K Q3518-LVE claims the "best video quality possible", with Lightfinder super low light performance, Axis' high end Forensic WDR, and...

The world's leading video surveillance information source, IPVM provides the best reporting, testing and training for 10,000+ members globally. Dedicated to independent and objective information, we uniquely refuse any and all advertisements, sponsorship and consulting from manufacturers.

About | FAQ | Contact