Access control has never been the most glamorous facet of the security industry, at least when compared to ubiquitous surveillance cameras or sophisticated sensors. But with the dawn of cloud technology and AI tools, and shifts in how people work and play, all of that has changed.
Jake Leichtling, director of product management for access control at Verkada, says AI and automation are shaping the access landscape as they unlock new capabilities, especially predictive analytics and anomaly detection.
Security systems that leverage AI can, for example, bring together data and information from across an organization – such as camera motion or a door held open -- to identify unusual patterns of behavior and trigger alerts, helping to prevent or drastically improve response time to an incident, he says.
“This ties more broadly into the shift we’re seeing in security from a reactive to a proactive role,” Leichtling says.
Here are five of the hottest trends in access control technology in 2024 as told through the eyes of integrators and manufacturers we interviewed.
1) Cloud Brings New Possibilities
Leichtling says cloud-based solutions have become the industry standard for access control and other physical security technologies. Still, there’s a shift in how the solutions are being sought out now.
“We’re seeing a shift from transitioning to the cloud to finding the right cloud solution that brings the customer the best qualities of the cloud – security, scalability, continuous improvement and updates,” he says. “And also, finding the solution that best integrates elements of on-prem technology that have worked well for their specific use cases in the past – like performance and edge computing.”
Peter Boriskin, Chief Technology Officer at Assa Abloy, says much of the security market is still being retrofitted. Still, customers who cannot construct new environments can take advantage of the infrastructure they have with cloud and mobile technology.
“We see offline locks that are connected to mobile devices. So, the lock itself might not be connected to anything. But for a few moments, the mobile phone is connected to it, and that lock is online,” he says. “Whatever’s happening at the lock -- whether I was allowed in or I was rejected, or ‘here’s the state of the battery’ -- those transactions are being sent to the cloud. So, it’s almost like an infrastructure-as-a-service type of application.
“I can have all kinds of different entities or devices sending information to the same place. Once I get data, I can start doing meaningful things and make intelligence from it.”
Steve Lucas, Vice President of HID and Mercury, says the drive to mobile access and cloud programs is increasing the reliance on controllers to support edge-computing types of architectures.
“As historical on-premises solutions are driven to the cloud, it impacts how IT departments make decisions about access control systems and how these systems fit within their organizations and infrastructure,” Lucas says. “Cloud-friendly environments are preferred by IT, and there are certainly many overall system-management advantages of these environments from an end-customer perspective.
“For HID and Mercury, controllers become much more important to users as these trends evolve. Cloud connectivity, edge computing and cybersecurity increasingly drive value in solution architectures as systems move to the cloud. Controllers add infrastructure resilience, enabling local integration of complementary devices and autonomous operation should connectivity issues with the cloud arise.”
2) All About the Data
Troves of data available from modern devices are also being utilized to help security professionals and property managers make more informed decisions about their physical structures.
Dan Krumme, President of Kansas City, Mo.-based Cam-Dex Security Corp., says end users—especially in the commercial office space environment—are utilizing data more and more to make intelligent business decisions, such as managing employee meeting spaces post-COVID or improving space utilization to save the company money.
“We've done a lot of custom data reporting, writing scripts within some of the access control brands that we work with just to help our customers make those types of decisions,” he says.
Boriskin says the security industry needs to make the data available in a cyber-secure manner to assist end users with utilizing it.
“The cybersecurity of physical security is becoming increasingly important, and we're seeing the physical and critical infrastructure being targeted more by all kinds of threat actors in a way that they haven't been in the past,” Boriskin notes.
“We need to get data into a central repository where you can store it, securely deliver it, and mine it. The cloud is a perfect way to do that because you can have all kinds of different entities or devices sending information to the same place.”
3) Mobile Credentials as ‘Table Stakes’
Leichtling believes the use of mobile credentials is primed for growth.
“There will always be a need for physical access cards or credentials, but with the rise of digital wallets and consumers becoming more comfortable with digital credentials in other parts of their daily lives, we’re seeing a massive shift toward mobile credentials,” he says.
“I see this as a step forward across the board. It’s more sustainable, more scalable and more secure to have a digital credential vs. a physical credential that may be lost, stolen or otherwise need replacing.
“One customer put it to me this way: If their employee leaves their badge at home or misplaces it on the subway, they’re not likely to double back to retrieve it before they arrive at the office or report it as lost or stolen. But their employees wouldn’t think of leaving anywhere without their phone or they would immediately report it as stolen. Another added benefit of mobile access credentials is additional security layers like biometric authentication and remote management capabilities.”
Krumme says he’s seen more adoption of mobile credentials in the last few years, even with larger end users.
“One of the biggest reasons is they're tired of purchasing cards,” he says. “And many of these companies have written policies around employees paying for lost cards. Today, they know most of their workforce has a smartphone. They can automate that process if they don't require traditional badges with photos and names. They can automate that process electronically right out of the software and push that straight to that individual.”
4) Biometrics Catching On?
Biometrics is another trend that is ripe for growth, although progress has occurred more quickly overseas than in the U.S. due to privacy concerns.
Krumme says the technology's accuracy wasn’t very good initially, but as more manufacturers have entered the market, prices have come down, and more end users are becoming interested.
“We’re seeing a big shift to facial recognition with access control when discussing friction versus frictionless entry into a building. We’re seeing a lot more interest in and adaptation of biometrics across the board in many different markets,” Krumme says.
Boriskin says biometrics haven’t been a big driver in the industry, but that may change soon.
“As people have become sort of habituated to looking at the mobile phone and unlocking it, that ease of use and frictionless environment provides a user experience driving people to seek out biometrics now in a different way,” he says. “Again, it's secure, it's convenient, and you can do it at a distance.”
Multifamily structures, for example, aren’t high-security applications but they’re high-convenience applications, Boriskin says.
“So, you’re coming back to your apartment, you've got two bags of groceries under your arms. Wouldn't it be nice if you didn’t have to set them down or juggle them to get into the building? So now you can walk up, the building knows you are, it unlocks, the door automatically opens and in you go. Those kinds of friction-free experiences are enabled by biometrics.”
5) Flexibility Wins
Leichtling says more customers are looking for flexible access control solutions that integrate with other systems, such as video security, alarms, analytics, security operations, and others.
“Especially with cloud-based solutions, there’s no reason integrators and customers need to remain frustrated with access control systems that either don’t scale easily or don’t work well with the other products and systems they use for security,” he says.
“End users especially are looking for a more complete view of their security operations to help them shift from a reactive to a proactive posture. Flexible and interoperable solutions are table stakes for making that shift.”
When it comes to what customers are demanding from access control systems, Lucas identified four key themes:
- Open architecture: “The focus here is choice and flexibility for the customer across a variety of options when it comes to the system and devices they deploy within their facility,” he says.
- Cybersecurity protections: While access products are used for physical security, “they absolutely must deliver very robust cybersecurity protection,” Lucas says. “Users want products that meet the highest standards, using the highest level of encryption, which are designed from the ground up with a security mindset that permeates all engineering and design principles.
- Reliability: “Reliability cannot be taken for granted in the access control world. These systems must work and be extremely reliable and stable.”
- Integration: Lucas emphasizes that products must be able to adapt, evolve, and work with a multitude of other products from many different access control device manufacturers. They also must be able to work with as many systems and devices as possible that are complementary to access control and can be leveraged through a common application and interface.
