In the same way that video surveillance has been dramatically transformed by technology advancements, access control has also seen its fair share of evolution in recent years. While the guiding principles remain the same – restricting access to a facility or parts of a facility to only authorized users – the methodologies by which organizations can verify identities have changed by leaps and bounds. No longer are organizations confined to using keys and proximity cards to restrict and grant access to employees but they can now leverage a whole host of innovative solutions ranging from iris and fingerprint readers to mobile credentials. Even access control hardware has undergone a significant transformation more recently as an increasing number of end-users have opted to deploy wireless and IP-enabled locks as part of an effort to increase efficiencies in their security infrastructure.
So, what does 2017 hold in store for the access control market? SecurityInfoWatch.com recently convened a panel of experts to get their take on the technology and business trends that stand poised to impact the industry the most in the New Year and beyond.
Meet the Panel
- Blake Kozak, principal analyst, IHS Markit
- Mitchell Kane, president, Vanderbilt
- Robert Laughlin, president, Galaxy Control Systems
- Kurt Takahashi, senior vice president of sales, AMAG Technology
- Peter Boriskin, vice president of commercial product management, ASSA ABLOY
When it comes to the access control industry as a whole, how do you think the market for both manufacturers and installers will evolve in 2017?
Kozak: Despite a sharp decline in Brazil in 2016, the American region, as a whole, is projected to increase by 6.7 percent in 2017. The American region expanded by 5.9 percent in 2016. This growth is being driven by advancements in technology and requirements from access control solutions. Technology developments in biometrics, cloud-based software solutions and the growth of 13.56 MHz smart cards, and greater uptake of wireless locks will mean the Americas is one of the most technologically advanced regions globally. The evolution of security requirements within buildings will mean new business opportunities for access control.
Kane: Data vulnerability and integrity has always been critical territory for the security space, but this will continue to advance in 2017 for both manufacturers and installers. The growing use of edge devices and the emergence of the Internet of Things (IoT) require security teams to work more closely with IT to maintain prudence in new system design and implementation, as well as revisit and confirm compliance on systems that are already in place within an organization.
Laughlin: Continued advancements in access control software will continue to drive its implementation as the core control platform for a variety of systems including video surveillance, identity management and more. As the industry continues to migrate to more powerful software platforms, the mindset will also continue to shift from physical to data-driven solutions with centralized intelligence at the head-end. Consequently, we can expect to see more advanced access control platforms being used for a wide range of business intelligence applications including compliance, risk mitigation and predictive analysis.
Takahashi: Manufacturers and installers need to listen to their customers and understand their business as a whole, beyond the typical security challenges. Having a complete understanding of security and operational goals will allow manufacturers and installers to provide a unified solution that can mitigate risk, as well as streamline operations by improving internal processes and help companies save money.
Boriskin: Manufacturers and the security dealers/integrators they serve have a tremendous opportunity in growing market segments, such as multi-family and small business. We also see potential in new trends throughout the security industry, such as sustainable design and mobile access. The increase in security concerns in existing and new segments as well as lower cost security alternatives will help the security industry advance into new areas and markets.
What strides do you think will be made in 2017 when it comes to mobile access control solutions?
Kozak: Only 1.6 million credentials were downloaded in 2015. The uptake of credentials is forecast to grow rapidly to reach 136 million credentials downloaded in 2020. The 136 million mobile credentials downloaded in 2020 will equal 23 percent of the total number of smart cards in 2020. The reason for the strong growth is two-fold. First and foremost, mobile credentials have the ability to unlock a more integrated and better value system for the end-user while also allowing providers new avenues of services that can support additional revenues streams going forward. Secondly, mobile credentials are not competing against the traditional physical card at the present time and therefore have a potential market equal to that of smart cards.
Kane: Mobile- and cloud-based systems will make a huge impact in 2017 as these solutions are already being adopted at an incredible rate globally. Cloud-based access control, in particular, offers security leaders the benefit of remote command and mobile access over their systems, resulting in flexible monitoring and a more integrated approach to security, which is beneficial in today’s global, mobile society.
Laughlin: Mobile access control solutions are ideal for applications such as lockdowns, weather-related emergencies and other spontaneous events, as well as quickly activating or deactivating users’ access cards and/or privileges. These expanded capabilities and the range of applications enabled by mobile access solutions will continue to expand in 2017 with innovation only limited by manufacturers’ and integrators’ imaginations.
Takahashi: We will continue to see improvements in both the technology and the delivery of mobile access solutions. More manufacturers will release solutions that will increase competition, improve affordability and ease of use.
Boriskin: We expect increased adoption of mobile access in 2017 as more people become comfortable with the technology. The proliferation of mobile access in the hospitality and residential markets where people are using mobile keys at home or on vacation will help push the commercial marketplace towards swift adoption. Additionally, barrier to entry has already been reduced in the commercial marketplace thanks to the abundance of mobile ready locks and readers that are currently deployed in the field—the end user will only need a credential. As the adoption of mobile technology increases we will see a reduction in order quantities, management costs, and increased integration across platforms.
As the lines between physical and logical security continue to blur, what does the industry need to do to ensure that it can continue to meet the access control demands of the private and public sector in 2017 and beyond?
Kozak: Logical and physical access control integration has long been promoted as the next major step in the development of the security industry; however, we have yet to see major progress on this front. There are developments in hardware and software for access control that may suggest that an integrated solution is becoming feasible. Recent developments include the agreement between Lenel and AlertEnterprise as well as the acquisition of Quantum Secure by HID. The access control industry needs to continue to invest in end-to-end identity management while tailoring to more advanced requirements for compliance and risk management.
The primary barrier to the development of a joint system is that migration of access control from human resources to IT is still slow. A secondary issue, which is also slowing the market, is that there has been little database integration between the logical and physical access control systems. The final issue concerns the credential to use. At the moment, a physical card or badge and card combination is most suited to the physical access control market; it can easy be placed against a reader and can be carried around the neck allowing for both electronic verification and visible verification by a security officer. The physical card performs poorly in the logical access system as many computers do not have the hardware to read a contact smart card, as required by many high-security projects.
Kane: One of the main factors that organizations must consider with the merging of physical and logical access is the security of sensitive data being transmitted. Combining the two spheres enhances protection in the event of a breach, taking security one step further to alert officials of an incident. Network integrity and how it relates to redefining credential requirements must be considered, and organizations must develop a positive working relationship between security directors and IT leaders, both of whom must collaborate to implement this type of strategy successfully.
Laughlin: Without question, the IoT, continued integration of previously disparate systems, the shift towards data-driven security on the enterprise level, and the implementation of business intelligence applications are the most significant trends in the professional security industry. Naturally, these developments increase the number and variety of entry points for hackers to breach networks. The key will be for integrators to work closely with their customers to carefully evaluate and assess their network security and policies. However, this requires new levels of expertise that may come from outside traditional security providers. In the meantime, software and hardware providers alike need to look at better ways of encrypting data and means of detecting network intrusions.
Takahashi: The industry must continue to produce products that meet demanding regulations to help the market meet compliance requirements. Integrations will always be important as more organizations are using diverse technologies to secure their premises, people and assets. This goes beyond access control and video to include biometrics, building management, mass notifications systems, etc.
Boriskin: Looking ahead to 2017 and the years to come, our industry must seriously consider the logical security of our physical security systems as we leverage the power of our networks with the rapid proliferation of network devices. While this reduces costs and complexity, we need to have a new level of investment in the logical security of physical systems. The public sector, such as the National Institute of Standards and Technology (NIST), has published guidelines and tools around critical infrastructure protection and cybersecurity. These tools are now publicly available and can be leveraged by the private sector to improve protection and standards for data security.
What kind of impact are biometrics, particularly iris and fingerprint, going to have on access control solutions in the future?
Kozak: Representing 90 percent of biometric reader shipments in 2016, fingerprint biometrics are projected to remain the largest biometric type for access control through 2020. In North America, end-user confidence in biometric systems has changed. In 2011, deployment of biometrics was extremely limited. The limited deployment caused a lag in the biometrics market and led to limited knowledge, experience and expectations of the technology. Since 2011, there has been a big change in the market as greater adoption of biometrics in smartphones and public deployments of biometrics in passports highlights how usable the technology is.
Although fingerprint remains the industry standard for biometrics, end-users are now deciding between facial recognition and iris recognition as the second most used type. Iris recognition is more accurate and better suited for its niche role than facial recognition but facial recognition is easier to install and does not have (unfounded) health concerns. The market for facial recognition is predicted to see fast growth in the second half of the forecast (2015 to 2020) and although it will not overtake iris recognition in revenue or shipments, it will have momentum.
Kane: Solutions that utilize multi-level authentication are taking hold – combining biometrics with password- and card-protected access control. More organizations are going to move toward a multi-faceted approach with regards to access control in the coming years to avoid risks that are detrimental to their businesses' bottom lines.
Laughlin: The availability of more affordably priced biometric technologies is making these solutions more cost-effective for a growing number of mainstream security applications in lieu of traditional card readers and keypads. The fastest-growing and most reliable biometric technology for identity management is iris recognition. The availability of more versatile and affordable iris recognition readers will increase security levels, as they are virtually impossible to circumvent. As a result, biometrics in general, and iris recognition, in particular, will continue to gain traction and adoption for access control applications in 2017 and beyond.
Takahashi: Biometrics will continue to gain in popularity as the technology improves and is more affordable. It has seen tremendous growth this past year as more companies are using the technology to secure more sensitive areas.
Boriskin: Every year since 2008, biometrics has been predicted to breakthrough with mass adoption. This has yet to come to fruition due to the limited budget of the commercial consumer. However, biometric security today is now more widely available than at any time in the past due to the consumer electronics industry. If the security industry can leverage the proliferation of biometric authentication on mobile devices for access control then we will see mass adoption sooner rather than later.
Are there any other trends or technologies that you think will make a significant impact on the industry in the New Year?
Kozak: Mobile credentials will make a significant impact in 2017 and into 2018. With the advent of IoT proliferation and the saturation of smartphones, mobile credentials will begin to gain more traction throughout enterprise, government and education sectors. "Mobility" is also driving change across the technology sector as end-users demand more control over their service regardless of where they are. Mobility means access control software suppliers can no longer assume that security personnel will be behind a desk monitoring a system; this is changing how software is presented and how it is delivered. This uptake is being driven through IP-enabled panels with web-browser features as well as the continued adoption of access control-as-a-service (ACaaS), e.g. cloud-based services.
Laughlin: Predictive analysis continues to gain traction as a powerful tool that takes full advantage of the massive amounts of data generated by more intelligent software control platforms and the wealth of networked devices connected to them. Today’s more advanced access control platforms will continue to play a prominent role in predictive analysis, which has the power to significantly improve overall business operations, security planning and threat mitigation.
Additionally, cloud-based managed access control solutions are also trending, as end-users see the operational and economic advantages of not having to maintain software and servers on-site. Cloud-based access control solutions allow providers to deliver fully-functional, cost-effective turnkey systems for deployments of all sizes.
Takahashi: Emerging hosted solutions for visitor management will provide easier deployment and a better user experience. Applying a data-centric approach to security and operations will provide insight to make better business decisions while improving overall security.
Boriskin: With the continued proliferation of intelligent devices and the growth of IoT in physical security, there is significant opportunity to leverage direct communication between devices and eliminate the need for integration between various systems. Additionally, the developments in wireless technology that are enabling near real-time communication will allow us to serve more comprehensive security solutions to markets that previously lacked the infrastructure to do so, such as the K-12 education market.
