Skip to main content

Anti-passback: Are you letting revenue walk out the door?

Have you ever asked yourself if your gym buddy who's always asking to be let in with your key card actually has a gym membership?

'Passback' - the act of passing back your card or fob to someone, like a co-worker or gym buddy, who forgot theirs. It’s fairly common and often seen as the polite thing to do, but the act of 'passback' is not only a security risk, it's potentially leaving money at the door for struggling small businesses.

To mitigate this risk, we highly recommend setting up anti-passback.

What is anti-passback?

If passback is passing back a credential, then anti-passback stops this from happening. It's a programmable function in Protege WX and GX that tracks which area each user is in, and can be set for the whole building or just some areas.

When a user requests access to an area, the system checks whether the area they were last in matches the area they’re trying to enter or exit. So, if they’re trying to access a storeroom off the lobby, they must have last badged into the lobby.

If the user meets the criteria, then they’re granted access. If the credential is used to try and enter the same area twice, or to an area not directly linked with their last logged area, then anti-passback rules start.

Anti-passback is available with ICT's proximity and smart cards, fobs, and mobile credentials.

 

There are two types of responses that you can configure for an anti-passback violation:

Soft anti-passback

The user is granted access through the door, but an event is recorded in the log. This allows managers to deal with the violation without interrupting the normal flow of traffic making it a good option for common interior doors or low security areas.

Hard anti-passback

The user is denied access through the door and cannot gain access until they reset their status in their current area – the user would have to badge into the area they’re currently in. An event will be logged showing they were denied access because of an anti-passback violation. This option prevents people from accessing areas they shouldn’t be and is a good option for high security, hazardous, or even exclusive areas, like a pool and sauna area that requires a higher paid membership.

 

Why use anti-passback?

Sharing credentials is such a prevalent problem that a recent study by IPVM found that over 80% of companies surveyed use multiple methods such as using cameras and having guards monitor the entrances. 15% of companies don’t do anything because they believe the problem is too widespread or the solution is too difficult and costly.

Unlike other solutions, ICT’s anti-passback is a free, programmable function, meaning you don’t need extra software*. Simply configure it for the relevant areas and begin to see the benefits for your business. Since there’s only one system to manage, reports are made easy as well.

Key Benefits

Here are a few ways that anti passback can benefit you:

Keep restricted areas secure

Mitigate the inherent risk of restricted areas, such as labs or computer server rooms. Hard anti-passback rules ensure that only users with the right credentials can access these areas.

Know who’s in the building and where they are during an emergency

Using an access card or mobile credentials not only keeps the building perimeter secure, but it also helps track where people are in the building. In an emergency, this helps responders save time and focus on areas where people may need help.

Accurate attendance keeping

Locations such as car parks, fitness facilities, and even holiday parks can all benefit from anti-passback. Accurate reporting on who is where is crucial for everyone’s safety and legal liability.

Additionally, from gyms to volunteer groups, how many people are actually attending can make a big difference in how much funding you receive or even your bottom line. If your numbers of visitors are off at the gym because 25% of people are passing back their credentials, this can have a serious impact on business revenue. Protege enables native anti-passback to effectively cull the practice of sharing gym memberships, leaving you with more money in your pocket.

How to set up anti-passback

Anti-passback is easily configured in 9 steps. Check out the written instructions below.

  1. Navigate to programming | doors and select the door you want to have anti-passback settings
  2. Ensure each door has an area inside door and area outside door set.
    1. These are both required for anti-passback programming to operate correctly as they tell the system which areas are physically adjacent to the door
      1. We recommend you create an ‘offsite’ area for the outside of external doors to keep track of which users aren’t in the facility. If there is no outside area set, the users’ current area will be set to ‘unknown’ when they leave. 
  3. Navigate to programming | door types and add a new door type. This can be used for multiple doors, or you can create a new door type for each door.
  4. Anti-passback is set separately for the doors entry and exit directions. Enable entry anti-passback to control access to the area inside the door and enable exit anti-passback to control access to the area outside the door. To enable, set the entry/exit passback mode as required for each direction:
    1. None: Anti-passback is not enabled in this direction. When the user passes through the door in this direction the system won’t update the user’s current area
    2. Soft passback: Anti-passback is enabled in this direction. When there is a violation, the door will generate an event but allow access
    3. Hard passback: Anti-passback is enabled in this direction. When there is a violation, the door will deny access and generate an event.
  5. Set the entry/exit reading mode as card only, or card and PIN
  6. Click save
  7. Return to programming | doors and select the door that the anti-passback applies to
  8. Set the door type to the one created in step 3
  9. Click save

To learn more about anti-passback, head to our anti-passback solution page. To see how to set it up, please see application note AN-337: Configuring Anti-passback in Protege GX.

For Protege WX, please enable ‘advanced mode’ and follow the instructions in the AN-337 application note. Enabling advanced mode is as simple as completing your Protege WX certification training.

Target Applications

Industries and places that could benefit from anti-passback, include but are not limited to:

  • Airports and transport hubs
  • Gyms and fitness centers
  • Retail
  • Industrial
  • Freeports and storage facilities
  • Warehouses
  • Prisons
  • Hospitals
  • Pharmaceuticals
  • High-security areas
  • Logistics
  • Theme parks
  • Non-government organizations
  • Hotels and hostels

For high-security industries such as airports, prisons, and pharmaceuticals companies you can learn how to how to extend your access control security further with our suite of integrations.

Additional features

To get the most out of anti-passback, we suggest you use it in conjunction with these features:

  • Mobile credentials: People are a lot less likely to share their phone with someone. With mobile credentials, you can lessen credential passing and implement native multi-factor authentication.
  • Dual authentication: Keep high security areas, such as vaults, safe by requiring 2 user’s credentials to unlock an area.
  • Two factor authentication: Users must input a PIN along with their card or fob, ensuring high-security areas stay secure
  • Loiter areas: Use together with anti-passback to track who is loitering and discourage users from staying too long in an area, such as a carpark or transitional zone.

Conclusion

Anti-passback is easy to configure and use, at no extra cost. With this feature, the risk of users sharing credentials becomes less of an issue, resulting in safer environments and more accurate reporting.

*Anti-passback in Protege WX requires advanced mode to be enabled, which is as simple as completing your Protege WX certification. Good news: Protege WX training is now free! Head over to the certification page to get started on becoming a Protege WXpert and gaining the benefits of anti-passback!

Discover the benefits of an integrated solution

Like most websites, we use cookies and similar tools to improve your experience. By continuing to browse this site or by clicking 'Accept' you agree to the use of this technology as outlined in our privacy policy